Capture The Flag

Something smells off at YMMV Industrial … and it’s not just burnt chips! 

Tri-mode, trifecta, triumvirate or the ever present “try harder”, this year’s BSides Calgary CTF offers different challenge modes to test your technical and reasoning skills.  

After years of running duct-taped “security monitoring” and hand-cranked ticket systems, YMMV is finally ready to modernize. Their plan? Move to Google SecOps and free up their security team to focus on what they love—hacking robots, tweaking firmware, and chasing RF ghosts. As third-party supplier of automation integration services YMMV CEO Raven Lefebvre is becoming increasingly worried about her company being used to attack their customers, many having large industrial control systems.  

YMMV wants to start using threat intelligence, artificial intelligence and since many of their own business services are now cloud, they need to go beyond syslog, grep and an on-prem database. Google SecOps has given the YMMV team access to a prepopulated system, your job is to put it through the paces and advise the CEO on how SecOps could fit into YMMV operations. 

YMMV also has number of cyber physical artifacts around the BSides, starting with the badge you get when you walk in. Yes, you can and should try hacking your badge, it’s just the beginning of a game played across the entire conference space. Don’t forget your phone, as YMMV is chasing a new market vertical with mobile, and if you want to attempt some of the most advanced challenges including a simulation of supply chain ICS attacks like Stuxnet or Solar Winds, you’ll need to bring a computer.  

The BSides Calgary CTF mission continues to be providing both cyber defenders and attackers hands on interaction with technology in a safe and supportive way with chance to win great prizes. Watch the Google leaderboard throughout the conference or sign in and get on the board yourself, challenges range from newbie to next level nerd.

As a perk for assisting the CEO in the Sec Ops assessment, the vendor’s sales team is offering some special Google gifts for the first blue teamers to capture select flags.