CyberForce
Written January 11th, 2024
In September 2023, I took part in an intense, 3-week cybersecurity program hosted by the Department of Energy called CyberForce. In this team-based competition, I led my collegiate team in navigating a unique cyber scenario where we not only had to secure critical energy infrastructure provided by the DoE, but also defend our infrasture from red-team professionals. The experience was both terrifying and amazing at the same time. I had never participated in such a competition before, let alone lead a team in one, but in experiencing the unknown I had learned so much. I will now share some highlights and lessons it has brought me.
Server hardening isn't "everything". I shortly realized this after my team's website had been defaced, thinking "there's no way this was possible", but evidently, it was. At that point, the hardest part was figuring out "how did this happen and why". I think that's where incident response comes into play. My team and I were so busy on trying to make everything secure, that we had not developed a plan to respond appropriately to the attacks. Rookie mistake. That being said, if your team or organization hasn't adopted a IR framework (NIST, SANS), you probably should... ASAP!
Documentation is key. Early on in the competition, my team agreed that we needed to document everything: the major changes, snapshots, failures, etc. This would be crucial given that we had to take completely vulnerable machines to a non-vulnerable state. I believe too many of us in the info-sec field overlook the value that documentation has to offer, but the truth is that it has nothing BUT value. I will admit, having "good" documentation isn't easy, but if you can document at the very least one thing... that's certainly a start.
Be a team player. Look, I'm not going to lie to you. My team wasn't in the top 10, 25, or even 30. Early on we realized that most of us were going into this competition blind. In fact, it was everyone's first time competing in something like Cyberforce. Regardless, we all had a similar goal: to learn more. I'm happy to say that we certainly met that goal, and we are happy with the result. There's a lot of value in asking questions to your team and building off of one-another's thoughts. I encourage everyone to be a team player, set a goal, and go for it together. It will make the journey a lot more enjoyable.