Palmetto Cyber Defense Competition 2016 Enterprise Meeting 11 February 2016 Jeff Sweeney PCDC Director Space and Naval Warfare Systems Center Atlantic (SSC Atlantic) Information Assurance Policy & Risk Management For PCDC Planning Purposes Only 1 2 PCDC Conf Code: PCDC will be at Trident Technical College On 9/10/11 April 2016 Enterprise Meeting Schedule: (every other Thursday at 10 AM at SRC) 25 February: Cooper I 10 March: Cooper I 24 March: Cooper I 7 April: Cooper I 2016 Participating Schools Collegiate Sunday, 10 April High School Saturday, 9 April Qualified through CyberPatriot: Blythewood Wando Ashley Ridge 2 nd place 2015 Home School Network South Aiken Palmetto Scholars Academy North Charleston - 1 st place 2015 Stratford Goose Creek Porter Gaud- Charleston Charleston Southern University 2 nd place 2015 South Carolina State University The Citadel ECPI University Trident Technical College College of Charleston 3 rd place 2015 South Carolina 1st place 2015 Clemson 3 2016 Pro Day Participants Corporate all confirmed Government- all confirmed Cyber National Mission Force NCDOC 33 rd Network Warfare Squadron-561 st Network Operations Squadron: Yes 4 PCDC 2016 Updates Gold Team Continues to work on images and injects Will move to CSRA on Aviation this month. Remaining equipment delivered by Dell. Supplementing laptops Not looking to utilize Blue Coat this year Info on network and virtual firewall will be included in Preparation Guide that will be released around mid-March High School Blue Team Mentors Mentors/high schools will again have access to NETLAB training environment hosted at TTC Most schools already have corporate mentors. Will have SPAWAR mentor day of competition. High School advisors can be called upon by SPAWAR mentors on a case by case basis Kick off mentor meeting held last week. Mentoring has started for all high schools 5 PCDC 2016 Updates Sunday VIP invite to Secretary of the Air Force Deborah Lee James was drafted and being hand delivered by Bob Miller Monday VIP invite to General Brock has been delivered and tentatively accepted. Working with his staff Invite to SSC Lant CO delivered and tentatively accepted unless emergency takes him out of town. Andy Green will again act as CIO/improvise Red Team will still make deals/improvise PCDC logo swag (POC: Paul Wilbur) Purple koozie cost, sponsor? T-shirt color: Purple (81C), should have order numbers/sizes by 26 Feb Red Team has requested: Antique Cherry Red (246C) will this be a problem? Registration packets to be distributed next week. They are due on 26 Feb. Need to go ahead and order 360 challenge coins (350 last year?) 6 PCDC 2016 Status/Updates Need one pagers from sponsors for scrolling display Collegiate Q&A sessions started on 10 Feb. Also planning sessions on 9 Mar and 6 April. Need to schedule a Pro Day Q&A Will get supplies list to CSRA next week Facility meeting with Trident Tech scheduled for 29 Feb. Invites have gone out National Anthem and Honor Guard updates - Linda 1 imbed from each College for Pro Day and one from TTC for each Pro Team. Alternates list from TTC Briefed retired Admiral Bachmann last week on PCDC Invited to participate on National Level NICE working group on STEM National Guard classes update Dave Coldren AFCEA Updates Ken Dilks : Brochures, sponsors, etc. 7 8 PCDC 2016 Updates Checking to see if Pearson will be providing table, course info and free vouchers- still playing phone tag Hotel update? Asked colleges to let us know if they need help Bags and bottles SPAWAR, looking for other items for goody bags Need to coordinate with Pro-2-Serve to get updated plates on Challenge cup by Sunday night. Status of 5 plaques and lanyards? Need music coordinator (Spotify-A. Osti) and social media coordinator Still need to set up meeting with HR New This Year Cyber Forensics Challenge with tablet as first prize. Sentar has agreed to provide Samsung Galaxy tablet as first prize. Cyber forensics will also be integrated into injects Medical Information network is new scenario Free Security+ test vouchers from COMPTIA We will allow collegiate teams the option of having their advisors provide 15 minutes hands-off advice once during the morning of the competition for X points Updated scoring engine, more points deducted as downtime increases Will provide network diagram No VOIPs Switches also virtualized No physical firewall (ASA). Firewall will be virtualized this year 9 SPAWAR Blue Team Mentors Wando: Scott Beman, (Dennis Wilson, Alt) Ashley Ridge: Dave Wallick (Bill Littleton, Alt) Palmetto Scholars Academy: Scott West Stratford: Harvey Washington, Dennis Wilson Porter Gaud: Scott Bell Home School Network: Hank Osborne South Aiken: Russ Barnes Blythewood: Alan Deyoe Jason Weatherly will again be a roving Linux mentor 10 High School Blue Team Mentoring Curriculum 11 Great site for Linux images:NETLABs hosted at TTC. Sessions available 24x7 Will meet for at least hrs. per week A lot of material is posted on the pcdc-sc.com/mentor section (need PW) Will get details on remote mentoring to the schools Intro to IT Security Windows Security How to Mitigate Networking Fundamentals/Password Security Linux/CentOS/Ubuntu Forensics Business practices/injects/scoring Reviewing Blue Team and Preparation Packets with schools Review of Critical areas (optional) Virtual Firewalls Saturday, April 9, 2016 High School Competition Schedule 7:00 am 7:30 am:Registration 7:15 am 7:20 am: Team location drawing 7:20 am 7:30 am:Blue Teams Briefing 7:30 am 7:45 am:Opening Ceremony 7:45 am 9:15 am:Initial Injects / Secure the Network 9:15 am 3:30 pm:Operate Network Under Hacker Attacks 10:00 am 11:00 pm:National Guard Presentation: 12:00 pm 1:00 pm : National Guard Presentation: 3:30 pm 4:00 pm:Red Team members visit Blue Teams 4:00 pm 4:30 pm:Break/View Sponsor Booths 4:30 pm 5:00 pm:Blue Team Presentations 5:00 pm 5:15 pm:Red/Gold Team Debrief: Common Mistakes 5:15 pm 5:20 pm: SPAWARSYSCEN Atlantic Executive Director and/or CO? 5:20 pm 5:55 pm: Awards / Closing Ceremony 12 Sunday, April 10, 2016 Collegiate Competition Schedule 7:00 am 7:30 am:Registration 7:15 am 7:20 am: Team location drawing 7:20 am 7:30 am:Blue Teams Briefing 7:30 am 7:45 am:Opening Ceremony 7:45 am 8:15 am:Initial Injects / Secure the Network 8:15 am 4:15 pm:Operate Network Under Hacker Attacks 10:00 am 11:00 pm: National Guard Presentation: (Rm507) 12:00 pm 1:00 pm: National Guard Presentation: (Rm 507) 4:15 pm - 4:30 pm:Red Team members visit Blue Teams 4:30 pm 5:00 pm:Break/View Sponsor Booths 5:00 pm 5:30 pm:Blue Team Presentations 5:30 pm 5:45 pm:Red/Gold Team Debrief: Common Mistakes 5:45 pm 6:40 pm:Keynote Speaker / Awards / Closing Ceremony 13 Monday, April 11, 2016 Pro Day Competition Schedule (Tentative) 7:00 am 7:30 am:Registration 7:15 am 7:20 am: Team location drawing 7:20 am 7:30 am:Blue Teams Briefing 7:30 am 7:50 am:Opening Ceremony Senator Graham? 7:50 am 4:30 pm:Operate Network Under Hacker Attacks 4:30 pm - 4:45 pm:Red Team members visit Blue Teams 4:45 pm 5:00 pm:Break/View Sponsor Booths/Networking 5:00 pm 5:15 pm: Red/Gold Team Debrief: Common Mistakes 5:15 pm 5:35 pm: VIP General Brock? 5:35 pm 5:55 pm: Awards / Closing Ceremony 14 Cyber Forensic Challenge Objective: Solve as many forensic scenarios as possible within the allotted time and accumulate the most points possible 1 st place: Samsung Galaxy? Participants will be provided access to a forensic scenario exercises ranging in difficulty. Each exercise will require the participant to utilize different forensic techniques to uncover a designated flag. Flags will be unique to each scenario which can range from date/time stamps, hashes, passwords, etc. Discovered flags will be submitted for grading and will be rewarded with the appropriate point value if the correct flag was provided Challenge examples: Hidden data: Find a specific Key word Hashing: Identify the correct hash of a file Metadata: Identify a particular embedded metadata element Data Recovery:Recover a specific filename Password Cracking: Crack a password representation to discover the plaintext password Malware Analysis PCAP Analysis Memory Analysis Any attendee at the PCDC event may compete Excludes SPAWAR Employees and High School PCDC team members Must be completed within the day of the competition Individual participation only: Cannot receive help from others Disqualification: Hacking the competition equipment, attacking other competitors or cheating (i.e. teaming, copying from other competitors, etc) 15 SetupSetup Server 1)Access to challenges 2)Instructions 3)Submissions 4)Scoring Engine/Leaderboard [Webserver, File Server, DHCP Server 1)Access to challenges 2)Instructions 3)Submissions 4)Scoring Engine/Leaderboard [Webserver, File Server, DHCP Admin BYOD 5 systems provided (SIFT) 16 PCDC 2016 Team Leads Director Jeff Sweeney Gold Josh Lewis Red Sam Cappella/Bryan Rhodes ( ) White Andrew Osti ( ) Blue/High School Coordinator Dennis Wilson Collegiate Coordinator Vince Van Houten, (Deputy Director) Pro Day Coordinator Bob Miller, (Deputy Director) AFCEA POC Ken Dilks AFCEA President Don Pearsall 17 Thanks to our 2016 Corporate Sponsors !. 18 Thanks to our 2016 Corporate Sponsors. 19 Dilks - Simone, Inc 20 Important Links PCDC Website: pcdc-sc.com PCDC Facebook : https://www.facebook.com/PalmettoCyberDefenseCompetition https://www.facebook.com/PalmettoCyberDefenseCompetition PCDC Twitter : https://twitter.com/PalmettoCyber Cyber Patriot : AFCEA : #PCDC PCDC Primary POCs Jeff Sweeney, SSC Atlantic, PCDC Director , Bob Miller, SSC Atlantic, PCDC Deputy Director , Vince Van Houten, SSC Atlantic, PCDC Facilitator, Collegiate Coordinator , Josh Lewis, SSC Atlantic, PCDC Gold Team Tech Lead , Whitney Bridges, AFCEA Treasurer, Alutiiq , Ken Dilks, AFCEA PCDC Lead, Dilks-Simone, Inc , Tonya Davis, Trident Technical College , Don Pearsall, AFCEA President , Dennis Wilson, SPAWAR, Blue Team Mentor Lead, High School Coordinator , 21 22 Wrap Up Thoughts? Big Ideas? Innovations? Questions?