Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:25 PM
Connect Directly

Vegas To Host Next U.S. Cyber Challenge 'NetWars'

Multilevel, multidisciplinary hacking competition simulates real-world attacks, attackers

More than 100 security professionals next month will compete in a two-day cybersecurity competition that simulates real-world attackers and attacks.

The SANS NetWars contest -- part of the U.S. Cyber Challenge program -- will be held as part of the SANS Network Security 2011 conference at Caesars Palace in Las Vegas. The contest is for both new and seasoned hackers.

Capture-the-flag (CTF) type hacking contests are nothing new in cybersecurity. What makes NetWars different than say, DefCon's CTF, is that it's aimed at all levels of hacking skills and all competitors have to begin at level one of the contest, says Ed Skoudis, director of NetWars for SANS. The more advanced players can then quickly advance to higher levels -- up to level four, then five, where the participant gets access to a system at the root level, he says. "Level five is for people who really know their stuff. There's castle-on-castle combat," Skoudis says.

"DefCon is a big-team CTF focused on binary analysis and exploit development. That's cool and a fantastic skill," Skoudis says. "That's not what NetWars is focused on. Ours includes this, too, but it's multilevel and multidisciplinary."

While other hacking contests are either targeted at newbies or "grand masters," he says, NetWars runs the gamut of security expertise.

Skoudis says the competition includes events that security pros could encounter in their everyday jobs. "We spent a lot of time making sure every challenge is real-world," he says. "We want to make sure they are using their analytical skills to solve them, and it's not just dumb luck."

Competitors test their analysis, defensive, and offensive skills by fighting off attackers and taking over targeted systems and networks. Among the skills they have to employ at various levels are digital forensics, packet and malware analysis, vulnerability testing, and penetration testing.

“The best way to defend against cyber attacks is to understand the mind of a cyber attacker, to know their abilities and predict their moves,” said Eric Bassel, director of the SANS Institute. “NetWars provides a forum for security professionals to test and perfect their cyber security skills in a manner that is legal and ethical, facing challenges derived from real-world environments and actual attacks that businesses, governments, and military organizations must deal with every day.”

The competition, called NetWars Tournament, will operate over two days during the SANS conference. Skoudis says SANS is working on adding two new levels of the competition for future tournaments. The typical contestant has three to five years of cybersecurity experience, he says.

SANs also runs NetWars Continuous, an ongoing competition akin to online gaming, which spans four months. "It's the same structure, but a [deeper] and longer challenge," Skoudis says. The scenario and theme of Continuous is finding an operating system image and analyzing it, he says. There are currently 15 players competing, and the scoreboard is available here to watch their progress.

Meanwhile, levels one and two of the NetWars Tournament are aimed at pros with up to three years' experience; level three, three to five years' experience; and level four, five to 10 years' experience. Level three focuses on analyzing DMZ hacks, and level four moves to a fully patched intranet.

Players in next month's competition compete for free if they take a class at the SANS conference. Otherwise, the entry fee is $999. The winner gets an Apple iPad2.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Dan Blum, Cybersecurity & Risk Management Strategist,  5/20/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-05-25
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
PUBLISHED: 2020-05-25
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.
PUBLISHED: 2020-05-25
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
PUBLISHED: 2020-05-25
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
PUBLISHED: 2020-05-25
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action.