The 2018 Codebreaker Challenge consists of a series of tasks that are worth a varying amount of points based upon their difficulty. In previous years, tasks had to be solved in order to unlock the next task and rankings were based upon the quantity of solvers that progressed the furthest from each school. This way of ranking heavily weighted progression above participation and did not allow for skipping ahead if a particular task became a stumbling block. So to address these issues, ALL tasks will be available immediately upon registration and can be solved in any order. The point value associated with each task is based on relative difficulty and schools will be ranked according to total number of points accumulated by their students. It is still recommended to solve tasks in order since the tasks flow with the storyline, but that is no longer a requirement.
DISCLAIMER - The following is a fictitious story meant for providing realistic context for the Codebreaker Challenge and is not tied in any way to actual events.
A new strain of ransomware has managed to penetrate several critical government networks and NSA has been called upon to assist in remediating the infection to prevent massive data losses. For each infected machine, an encrypted copy of the key needed to decrypt the ransomed files has been stored in a smart contract on the Ethereum blockchain* and is set to only be unlocked upon receipt of the ransom payment. Your mission is to ultimately (1) find a way to unlock the ransomware without giving in to the attacker’s demands and (2) figure out a way to recover all of the funds already paid by other victims. Are YOU up to the challenge?
The Codebreaker Challenge was developed by the National Security Agency.
* - for the purposes of this challenge, a private blockchain has been created with no real monetary value associated with the Ether. See http://www.ethdocs.org/en/latest/ for more information about Ethereum.
The NICE Challenge Project develops real world cybersecurity challenges within virtualized business environments that bring students the workforce experience before the workforce. Our goal is to bring the most realistic experiences to students, at scale year round, while also generating useful assessment data about their knowledge, skills, and abilities for educators.
The NICE Challenges are the actual content of our project. While challenges appear to be very similar to labs they have some very important differences. Challenges emphasize real world problem solving over step-by-step instructions. To do this our challenges are written as business scenarios which have many different technical solutions. Step-by-step labs provide the illusion that there is only one way to complete a task, while also having very limited real world value. Along with each challenge we provide documentation for the educator or administrator that has multi-tier evaluation support while continuing to leave the true evaluation to them.
The NICE Challenge Environments are what contain the NICE Challenges. These environments are styled after the categories from the NICE Cybersecurity Workforce Framework and are always highly diverse when it comes to operating systems and services. At the simplest level a Challenge Environment is a semi-isolated set of virtual machines and networks that are hosted in our private cloud. Each player gets their own Challenge Environment and each Challenge Environment can host hundreds of challenges.
The NICE Challenge Platform is made up of our proprietary virtual appliances and the services they host. It allows us to dynamically modify the Challenge Environments on the fly to meet the conditions of any challenge, this is how one environment can house hundreds of challenges. Currently our virtual appliances also host three other support services. The first support service provides live feedback on a player’s progress through a challenge for the player and their administrator. The second is a trouble ticket system that provides the player with a place to document their solution and real world context provided through the observations of fictitious users. And the last is a portal that allows for players to browse the currently available challenges and start them.
Students have 7 challenges available to compete:
When all the modules are completed, you will be able to print a certificate signed with official NSA seal as well as build a Cybersecurity resume!
To start the NSA Day of Cyber challenge, using your Walden issued email address, go to https://prod.lifejourney.us and use registration key: xohi0tp .
Good luck and let me know if you have any questions.