Test Your Purple Teaming Skills with the Intrusion Room: An Immersive First-Person Cyber Attack Simulation
Many young professionals or aspiring college graduates have a hard time determining the right path for their career. This can be a daunting task, especially in an industry like cybersecurity where there’s not a hands-on environment that exposes them to different real-world security challenges. That’s why I stepped in.
As security professionals, I believe we have an obligation to help younger generations understand what cybersecurity really entails. Earlier this year, I wrote a book called Three Little Hackers to introduce young children to the industry and help parents educate on social engineering attacks and online privacy. And now, realizing the gap in hands-on educational materials on cyberattacks and security, I again decided to take matters into my own hands.
The result? A virtual, immersive environment, similar to an escape room, that gamifies realistic security challenges. This virtual experience, called the Intrusion Room™, evolved over three days in my home office. It was created with the objective to allow anyone – from seasoned professionals to young adults trying to determine a career path – the opportunity to test their knowledge and learn more about cybersecurity, hands-on, with only an Internet connection.
The Intrusion Room is based on a series of red team exercises, or exercises designed to test security programs by imitating a cyber-attack, in a manner of capture the flag. In this case, you are the ‘attacker’ and the ‘flag’, or objective, is to access a USB thumb drive with a bitcoin wallet in it.
What security obstacles can you expect to encounter in the Intrusion Room? For starters, those that choose to take on this challenge will have five minutes to unlock a back door, turn off the alarm, find the WIFI password and much more. I’ll take you through some of these challenges, but rest assured we won’t give away the secrets.
- Back door: An exercise in permutations; a permutation is the possibilities in which a set of numbers can be arranged. In the back-door example there’s four keys – what’s the code to get in?
- Alarm System: This is an example of leveraging default passwords. In this exercise, make sure to do your research on the most common passwords.
- Conference room: Typically, conference rooms try to make it easy for their visitors to access the Wi-Fi- pay close attention to your surroundings here.
- CEO Office: The CEO isn’t the best at picking passwords. Determine what the most common computer password could be.
- Finally, you’ve made it to the safe. What’s the safe combination?
You can take as many tries as you need to complete the Intrusion Room – you’ll even be able to reference back to your previous attempts. In fact, every action you take is tracked in a series of generated logs. This part of the Intrusion Room is designed to mimic blue team exercises, or exercises that put internal teams, processes, and technologies to the test. Internal security teams are responsible for sifting through logs of data and alerts in order to investigate and remediate threats. But the logs generated from the Intrusion Room reflect only one person’s logs. Now imagine the number of logs that a security team at a large company would need to sort through and correlate in order to find malicious activity!
This helps illustrate a few different perspectives on the cybersecurity industry: a hacker’s point of view, and a security team’s perspective. By gamifying real-world security problems, those interested in this career path can test their purple team skills (a combination of both red and blue team skills) while learning more about the industry.