I had a cool conversarion with Alex Chaveriat on Adversary Wars: Adversary Village CTF at DEF CON 31. We have talked about the Adversary Village community in general and about the Adversary Wars CTF we were hosting at DEF CON 31 hacker convention at Las Vegas. Alex was interviewing content creators at DEF CON, being a part of the amazing photo/video goon team. Here is the URL to his YouTube channel: https://www.youtube.com/alexchaveriat
Adversary Village proudly hosted "Adversary Wars CTF," a cutting-edge capture the flag competition that revolves around adversary attack simulation, adversary-threat actor emulation, purple team tactics and adversary tradecraft. This unique competition was designed to replicate enterprise infrastructure and present participants with challenges that encourage the adoption of various techniques, tactics, and procedures (TTPs) employed by real adversaries and threat actors, all within a defined time frame. We were excited to be back at DEF CON as an official contest this year. Adversary Wars CTF was located in the main contest area for DEF CON 31.
As part of the Adversary Wars Capture-the-Flag competition a fictional city was be hosted virtually as a target for the participants. Like all cities, the Adversary city too would comprise of various infrastructure components including a hospital, bank, police station, fire station, army camp, city apartments, IT companies, university, government buildings, power plant, etc. Each building has a complex and realistic network infrastructure that includes a wide variety of components, including Windows/Linux systems, applications, industrial systems, Active directory, cloud environments, hybrid environments, and numerous other technology systems. A complex network of interconnected organizations, assumed to have been working properly, protected by cyber defense systems, supposed to be hackproof, until it was not.
One fine day, the adversary city was breached by an imaginary threat actor named "Rice Tusker aka Ari Komban". A wide variety of attacks were carried out by the threat actor, in the end they decided to shut the city for good and infected the remaining systems with ransomware. CTF participants required to rely on cyber threat intelligence to gather more information on the threat-actor, understand and collect various attack tactics, tools, and exploits used by the adversary group. The participants had to devise possible attack paths used by the threat actor, then simulate these activities against the target city's various components to recreate and understand how deeply the threat actor group breached the city's infrastructure and computer systems.
To visualize the CTF environment, the contest area featured a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings were physically marked in the city model as the CTF progresses. This model was there to assist visitors and observers in understanding the contest's progress and gaining insight into what is happening behind targeted cyber-attacks, cyberwar, etc.
Adversary Wars: Adversary Village CTF at DEF CON 31: https://adversaryvillage.org/adversary-events/DEFCON-31/ DEF CON Forum: https://forum.defcon.org/node/245458 Adversary Wars CTF Write-up: Adversary-Wars-CTF-at-DEFCON-31-writeup.pdf Alex Chaveriat's website: https://alexchaveriat.com/ Previous editions of Adversary Wars CTF at DEF CON: https://adversaryvillage.org/adversary-wars-ctf/
Special shout-out goes to all DEF CON goons, Jeff Moss, Nikita, Contest leads, CTF players and all CTF sponsors.
Last updated on 01 Dec 2023
Go back to Talks and Webcast