Register for S4x17 now! Ticket Block 151 – 200 on sale now for $1,395.

First – Reid provided me with the official Killer Robots, Inc logo.

Second – My thoughts on who should consider participating in the S4 ICS CTF.

  1. A person with hacking skills, but little experience in ICS. The flags will give you guidance on what an attacker would actually try to do once they can get to an ICS.
  2. A person responsible for defending an ICS. Even if you just spend time understanding the flags you will learn many of the end goals and techniques that will be used against your ICS if an attacker can gain access to it.
  3. A person with great ICS hacking skills. You will find this a challenge and perhaps you can win the S4 Black Badge.

Third – Some tips from Reid for CTF participants:

A successful team will need a variety of skills, including the ability to analyze industrial controls, to basic network scanning, to lockpicking, as well as solving more traditional CTF problems.

Some challenges are purely control systems focused, such as identifying configuration items in controllers or analyzing oddities in ICS protocols.  Some of these control systems challenges will have a cyberphysical element — as teams solve the problems, they may want to watch process control equipment to see how their finding helped attack a process.  A few of these will involve ICS Foreverday vulnerabilities.

Other challenges involve incident response: analyzing traffic from compromised systems.  Bring your traffic analysis hats for these. We even have RF analysis flags. We will have a handful of SDR receivers and will provide hints for how to search for these flags; players want to familiarize themselves with the RTL-SDR prior to coming.

There will also be lockpicking challenges.  We will have a few lockpick sets onsite as well as a practice lock. Players might want to see this tweet ( https://twitter.com/S4CTF/status/796779068628828160 ) for a hint about one of the lock challenges.

Finally there will be a few more traditional CTF challenges that have a basis on real ICS implementation issues. For example, custom cryptographic implementations that have some interesting issues.