United States Government Hacking
Why is the government so lol?
US Cyber Challenge
The US Cyber Challenge is a website that seems to have a list of available cyber challenges available. It seems that the site spawned recently to be a main starting point in finding out about the US cyber challenges.
Security Treasure Hunt
The security treasure hunt at the moment seems to have two hunts that use the same engine: http://questionengine.securitytreasurehunt.com/
One is titled Navy Security Treasure Hunt and the other is titled Security Treasure Hunt
CyberPatriot Defense Competition
This is an Air Force Accociation HS competition. Located here.
This coming school year we are going to Full National Deployment, with up to 500 slots reserved in the “All-Service” Division for JROTC units of all the services and the Civil Air Patrol. In a separate, parallel competition we will have an “Open” Division available to up to 500 non-JROTC high schools nationwide. Both competitions will culminate at an in-person Championship at the Gaylord National Resort to be held on 1-2 April 2011 in conjunction with the new CyberFutures Symposium and Technology Exposition.
The competition is only for HS students. I can't find how to register though.
A quote from cyberchallenge pdf:
CyberPatriot, The High School Cyber Defense Competition conducted by the Air Force Association: a competition in computer system and network defense ‐ where the competitors attempt to analyze the security state of the competition network and then must secure the systems while maintaining services and responding to attacks by a hostile Red Team. This is a preparatory program that encourages students to continue their security training in college and to compete in the National Collegiate Cyber Defense Competition.
DC3 Digital Forensics Challenge
I found the DC3 challenge a few years ago and it interested me. This is the first year that I have been able to register and login. I cannot find team members. I have my own team. It is located | here.
Once you get an account you login and get files. That is as far as I got because I then was having problems with my servers (Unrelated). The challenge seems to be along the lines of getting information out of something. Which is data forensics.
- Get Data Again
A quote from same pdf:
The DC3 Digital Forensics Challenge conducted by the DoD Cyber Crime Center (DC3): a competition in digital forensics where, in increasingly challenging scenarios, contestants attempt to uncover evidence on digital media, just like you see on all of the crime scene investigative shows on TV. Whether it is an intrusion by a nation state or a child pornography investigation, digital forensics is the key to answering the who, what, where, when, why, and how questions.
Only reason this is here cause the gov recruits from it :)
Netwars is an offensive contest that tests your Red Level hacking skills. You can find out more buy going to the The Netwars Site or joining #netwars on irc.freenode.net (IRC). I am participating in the latest contest but slowly as my Red Level skills have yet to really be honed. I have managed to get into the first airlock and setup some automation. The fact that the contest I am in is a beta contest is nice. Its not really a real competition (as real as I make it) and I can understand how the challenge works.
You download an ISO and start hacking. The ISO has hints and stuff that you can hack to get into the main virtual network (I picture a bunch of virtual servers on a virtual network but who knows).
NetWars seems like the most interesting to me. Acclaimed as "A SANS Institute challenge testing mastery of vulnerabilities" it seems like it would be fun. They seem to have problems with scheduling though...or something.
I contacted the people that run it and they said to watch: http://tinyurl.com/netwarscal. That seems to be the Google calendar that they coordinate their efforts with.
The two people that replied to my emails sent to firstname.lastname@example.org where: email@example.com and firstname.lastname@example.org
One asked about my GPA.
The link they post to look for information about the challenge in the official PDF is www.sans.org/uscc it redirects to http://www.uscyberchallenge.org/ so it seems like I was right. They have created a new site to bring all these competitions together.
Apparently you can email USCC@sans.org too.
Again PDF Quote:
The Network Attack Competition conducted by the SANS Institute: a competition in network vulnerability discovery and exploitation. This program will include substantial ethical and legal instruction. An essential tenet of the emerging US national strategy for cyber security is that offense must inform defense. Perhaps the single most important reason that America’s computers are so easily exploited is that the government and the companies in the critical infrastructure relied for security guidance on individuals who were not intimately familiar with how cyber attacks work.
Promising candidates will be immediately recognized and will be invited to attend regional “camps” at local colleges, run jointly by college faculty and cyber security experts from the community, where they will develop their skills more fully and participate in additional competitions. The students who rise to the top in these regional programs will be invited to live national challenges like those conducted by schools coordinated by the University of Texas at San Antonio and NYU Polytechnic.
Greatly promising candidates from these programs will be given either Federal Service grants or SANS Institute scholarships to study advanced cyber security programs and may earn scholarships to colleges and graduate programs at participating schools.
Finally, the best of the candidates will be brought into federal agencies like the National Security Agency, the FBI, DoD DC3, US‐CERT, and US Department of Energy Laboratories, all of which are helping to make this program effective.
To enable employers to find promising candidates, the program will include a web site where outstanding candidates from this challenge and other related challenges are illuminated with profiles in common, easy‐to‐assess formats. No names will be provided to ensure candidate privacy, but when reputable employers find candidates they want, the candidates will be given the opportunity to connect with the employer.