How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?

Pages

Thursday, July 9, 2015

Hot Cyberwar. Hackers and Missile Launchers


The most spectacular contest during PHDays V was the one organized by Advantech. The contest's participants must gain control over an industrial system that controlled a missile launcher and to hit a certain secret object.

Wednesday, July 8, 2015

Writeup: Competitive Intelligence Contest at PHDays V

This year among the participants of Competitive Intelligence were not only the contest’s usual fans but also CTF teams, so we adjusted difficulty levels accordingly. In addition, we allowed team play on one condition: a person couldn’t participate both individually and as part of a CTF team. That is why we reached a mutual agreement to disqualify the player who scored most — azrael.

All the contests were revolving around the fictional state — United States of Soviet Unions. The Competitive Intelligence participants had to look for info about company employees with the USSU citizenship. Meantime the players were free to answer five various questions regarding five different organizations. Within one block, you could open new questions after answering the previous ones. (One team even managed to find the right answer using a brute force method, but failed to advance after that – they just didn’t have enough info.)

Friday, July 3, 2015

The MiTM Mobile Contest: GSM Network Down at PHDays V


Although we have published several research works on cell phone tapping, SMS interception, subscriber tracking, and SIM card cracking, lots of our readers still regard those stories as some kind of magic used only by intelligence agencies. The MiTM Mobile contest was held at PHDays for the first time, and it let the participants realize how easily an attacker can conduct the above-mentioned attacks having only a 10$ cell phone with some hacker freeware.