Cyber Battle of Nordic-Baltics 2022 was held together with Cyber Battle of Estonia 2022 on 29 October 2022. These two competitions formulated the biggest students’ ethical hacking event in the Nordic-Baltic region which aimed to raise awareness of young people and educational institutions on cyber security. It’s goal was to teach cyber security fundamentals in practical, realistic, and ethical manner in order to improve the cyber security skills in the region and thus make it more stable and secure
RiskSight attended the event as a contributor, being one of the special task providers. Our task was called “On the Line”. Competitors received a file containing scanned network traffic with the intent of finding malicious mail traffic. The concept was simple, only needing slight understanding of networks. After finding the suspicious e-mail, the competitors found a suspicious link in the body of the letter. The link directs them to a fictitious e-mail service called Neutronmail. This was a spoofed landing page, with the goal of stealing user credentials. After further analysis of the landing page, the competitors found a link to GoPhish’s Admin Interface. The only thing missing was a password. Further scanning of Neutronmails login service reveals a log folder containing documentation of GoPhish as well as the Administrator password. After logging in to GoPhish with the authorized credentials, the task was solved.
The completion of this task was rewarded with a special reward – a personal Experience Day with RiskSight, where the fastest team was able to spend time with the company, learning new things and also competing in fun challenges with exciting prizes.