Drone-Illustration
CSC2018

Congratulations to everyone who participated in the 5th NZ Cyber Security Challenge. Well Done!



Feeling proud to announce the Grand Winner of the Challenge

Team Elliptic Curveballs(Logan Krippner, Michael Jang and Jacob Cheatley) of Tertiary Category

Round 1 & 2 Winner of Secondary Category

Team PHP Pirates(Josh Hogan and Sam Hogan)

Round 1 & 2 Winner of Tertiary Category

Team Password Inspectors(Jamie McClymont and Rhys Davies)

Round 1 & 2 Winner of Industry Category

Team Dark Arts from Endace (Deepak Ramaprasad, L Liu and Andreas Lof)
they donated their prize to the next level
Team Arcton(Jeremy Symon and Grady Hooker)

Round 1 & 2 Runner ups of Secondary Category

Team Arrays Start at 1 (Ethyn Gillies, Paul Bouda and James Voss)

Round 1 & 2 Runner ups of Tertiary Category

Elliptic Curveballs (Logan Krippner, Michael Jang and Jacob Cheatly)

Round 1 & 2 Runner ups of Industry Category

Purple (James Donaldson and Tom Crisp)

Top 3 Winners of Drone Challenge

Banana Bread (Praneet Castelino, Dylan Amyes and Yek Tham) of Industry Category
Spectre(James Fyfe, Aoran Isaacs and Leon Bowie) of Secondary Category
UniHack(Arnav Gogia and Rajat Rokhade) of Tertiary Category

PLATINUM SPONSORS


Endance-Logo Deloitte-logo

Datacom-logo InternetNZ-logo

GOLD SPONSORS

NZ-Police-logo Aura-logo Insomnia-logo Gallagher-logo ASB-logo ZX-logo

SILVER SPONSORS

DTA-logo Quantum-logo

ORGANISERS

University-Of-Waikato-logo Crow-logo


Stratus=logo

SUPPORTERS

CS3-logo Connect-Smart-logo NICT-logo GCSB-logo CERTnz-logo

The Schedule

! The Organizers have right to modify the agenda


July 13th

Registration

9:00am - 4:00pm

Location : L Block

Training sessions On-Demand

(available whole day)

you have time to sit for them at 9am-12pm

Location : L.G.04

  • Linux 101
  • Python 101
  • Cryptography 101
  • Steganography
  • Digital Forensics
  • Advanced SQL Injections
  • Policy round training
  • Web Goat

Participants can prepare for training sessions via :

  • OWASP Top 10
  • Basic HTML, CSS, PHP and JavaScript
  • LAMP and WAMP stack
  • Linux system administration
  • http://hackthissite.org/
  • Hypertext Transfer Protocol (HTTP)
  • Basic scripting in a platform-agnostic environment (e.g. Python, Java)

Job fair

11:00am - 4:00pm

location: L Block foyer


Official Opening of 5th NZCSC

11:45pm - 12:00pm

location: L.G.04


Speaker 01 - Paul Ash, Director National cyber Policy Office, Department of the Prime Minister and Cabinet.

12:00pm - 12:30pm

location: L.G.04


LUNCH!

12:30pm - 1:30pm

location: L Block


Drone Challenge and Prize Giving

12:30pm - 2:30pm

location: L.G.04


Speaker 02 - Stephen Coates, Gallagher Information Security Manager

2:30pm - 3:00pm

TOPIC - CISSP and why it matters to your career

location: L.G.04


Speaker 03 - Andreas Löf, Endace SOftware Engineer

3:00pm - 3:30pm

TOPIC - TBD

location: L.G.04


Speaker 04 - Matthew Daley, Senior Security Consultant, Aura Information

3:30pm - 4:00pm

location: L.G.04


Women in Cyber Security Workshop

4:15pm - 6:30pm

TOPIC - Technical Competition & Prize Giving & Panel Discussion

location: R.1,2



July 14th

Registration

8:00am - 10:00am

location: L block foyer, in R Block after 9.30am


Welcome by Vice Chancellor, The University Of Waikato

8:50am - 9:00am

loaction: L block


Guest of Honour Talk: Rob Pope, CERT NZ Director

9:00am - 9:30am

Topic - TBD

loation: L.G.04


Teams setup in labs and air horn

9:30am - 10:00am

loacation : R block


Round 1 (CTF)

10:00am - 12:00pm

location: R block


Lunch

12:00pm - 12:45pm

location: outside R block


Teams setup in labs and air horn

12:45pm to 1:00pm

location: R block


Round 2 (Policy round)

1:00pm - 2:00pm

location: R block


Break / Scoring of Round 1,2

2:00pm - 2:40pm

location: outside R Block


Top-5 participants nomination

2:40pm - 2:50pm

location: R block


Teams setup in labs and air horn

2:50pm - 3:00pm

location: R block


Round 3 (Attack/Defend)

3:00pm - 5:00pm

location: R block


For the rest of participants: Round 1 solutions presentation & Drone Challenge and Prize Giving

3:00pm - 6:00pm

location: R block


Dinner

5:00pm - 6:00pm

location: Outside R block


Prize Giving

6:00pm - 7:00pm

location: r block




DOWNLOAD TIMETABLE pdf

CSC 17



FIRST PLACE

2017 challenge known for Challenge Winner Repeat Performance .
It was a repeat performance by the overall champions team Arcton, Nathaniel Watson, Jeremy Symon and Grady Hooker took out last year's Challenge.

Representing industry, they walked away with a cheque for $2500 and NetHui fellowships. Jeremy is currently doing a Masters of Computer Science at Waikato and working at Gallagher, and Grady and Nathaniel are former Waikato Computer Science students now working in the computer science industry.

Arcton-claiming-their-price

RUNNERS UP

overall runners-up 418ShortAndStout - Michael Robertson and Brent Vollebregt - placed top in the tertiary division and took home $1800.

Top performers in the high school division after Rounds 1 and 2, SQL Sharks twins Sam and Josh Hogan also took out first place in the new Policy Round. Contestants were tested on responsible disclosures, asked to critique a really badly-written cyber policy, and suggest incident response next steps for a fictitious event.

The winning team from the industry division after Rounds 1 and 2 were Jack Haystead, Daniel Tebbutt and Declan ter Veer-Burke. They took home a cheque for $1800.



WHAT HAPPENED?

nZCSC'17 hit all the right keys with VIPs from the Government Communications Security Bureau (GCSB) and INTERPOL attending. GCSB director Andrew Hampton told the Challengers it wasn't long ago that people were saying cyber security should be on the agenda but now the agenda is cyber security.

although, In this year's Challenge CROW collaborated with Japan's National Institute of Communications and Information Technology ( NICT ) to up the ante in the visualisation of the attack and defend networks of the competition. CROW member Cameron Brown worked with Koei Suzuki to customise the NIRVANA Kai visualisation to show network traffic between the Round 3 servers. The collaboration is mutually beneficial as NICT will utilise CROW technology in the future. NICT supply the visualisations for Japan's largest cyber security competition SECCON.


competition-software

CSC 2016



FIRST PLACE

team Name: Hodor (462,250 points)
team Members: Sjoerd de Feijter, Matthew Stringer, Vladimir Petko
industry category team, representing Gallagher Group

RUNNERS UP

First Runner-Up

Team Name: Solo Team(406,160 points)
Team Members: Michael Robertson, 17 years old,
Secondary School Category team, representing Cambridge High School.

Second Runner-Up

Team Name: Arcton(386,300 points)
Team members: jeremy Symon, Nathaniel Watson, Grady Hooker
Tertiary category team, representing University of Waikato Faculty of Computing And Mathematical Sciences



WHAT HAPPENED?

due to the popularity of the competition in 2015, we introduced an online qualifying round, Round Zero. 267 participants registered for Round Zero and attempted the challenges between the 17 June - 1st July, after which the Top 150 were chosen to attend the competition on the 14 and 15 July.

participants competed in two rounds: Round One, a capture-the-flag style challenge and Round Two, a Red team vs. Blue team game where the Blue teams had to defend their vulnerable servers from attacks from the Red teams, which consisted of an Industry Professional from Gallagher and two CROW members.


CSC 2015

FIRST PLACE

team Name: ter B

RUNNERS UP

First Runner-Up

Team Name: DoubleMC

Second Runner-Up

Team Name: Kanye4Prez



WHAT HAPPENED?

nZCSC'15 was open to all of New Zealand and participants were split into 3 categories: Secondary, Tertiary, and Industry/Open.

the competition had 2 rounds: Round 1 was a capture-the-flag style challenge. Round 2, open to the top 5 teams of Round 1, was a Red team vs. Blue team style challenge where 5 Blue teams defended their systems against the Red team, which included Industry professionals from Insomnia Security and PWC Digital.


CSC 2014

the first instalment of the Cyber Security Challenge was open to University of Waikato students only.

cSC'14 had a single round - a capture-the-flag style challenge where the students participants solved challenges to acquire flags. The event served its purpose: to gauge students' interest in a Cyber Security-themed competition. Over 70 students registered, attended the training and paticipated in the competition, which encouraged the organisers to plan the next CSC.


CHALLENGE OVERVIEW





EVENTS

TRAINING SESSIONS

JULY 13

location: UNIVERSITY OF WAIKATO CAMPUS

an introduction into the cyber security technologies used today. learn the ins and outs of security, and what you will need to know for the competition.


JOB FAIR

JULY 13

location: UNIVERSITY OF WAIKATO CAMPUS

at tap you will have access to companies from the cybersecurity. Come and network with leading companies and government agencies.


DRONE CHALLENGE

JULY 13

location: UNIVERSITY OF WAIKATO CAMPUS

ever flown a drone?
or are you a self-proclaimed, pro drone-pilot?
come on down for the drone side challenge. guaranteed a good time.


PRESENTATIONS

JULY 13

location: UNIVERSITY OF WAIKATO CAMPUS

a bunch of speakers from the cyber security industry talking about what's relevant today.
what better way than to learn from the experts.


WOMEN IN CYBER SECURITY WORKSHOP

JULY 13

location: UNIVERSITY OF WAIKATO CAMPUS

According to data from the 2017 Global Information Security Workforce Study (GISWS), women comprise only 11% of the information security workforce – a number that has remained steady since 2013. The study also found that women in cybersecurity have higher levels of education than men, but fewer hold senior-level positions, and they receive less pay (Ref: Women in Cybersecurity Report).

To address this, the organising team of the NZCSC organize a “Women in Cyber Security Workshop" as a side event this year. A workshop by women for women, including technical challenges, career panel discussion and prizes!

Panel Details

We have invited women across sectors, and across levels of experience

Panel Moderator: Eileen Cameron(Media and PR Manager, University Of Waikato)
Organizer: Harpreet Kaur(Assistant Research Programmer, CROW)
Panelists:
Erica Anderson(Senior Incident Manager, CERT NZ / Director, BSides)
GCSB Representative
Rebecca Trapani(Penetration Tester, Assurance(Austarlia))
Sai Honig(Senior Security Advisor, Xero) will join us on Video Conferencing
Meenakshi Mungro(Senior Software Engineer, Endace)

Topic:  The Future Of Women In Cyber Security

COMPETITION

ROUND 0 (QUALIFYING ROUND)

JUNE 18 - 29

location : ONLINE

round zero is a qualifying one of capture-the-flag. After the round closes the top 150 participants will be invites to rounds one and two.
details will be sent to registered participants on the 18th.

round zero will be avaliable for the full two weeks (18th - 29th June).



ROUNDS 01, 02, 03

JULY 14th

location : UNIVERSITY OF WAIKATO CAMPUS

ROUND 01
after qualifying, the top 150 participants will compete at the UoW campus.
each participants will have 10+ capture-the-flag challenges with a 2hour time limit.
round one is worth 90% of your final score.

ROUND 02
cyber security policy challenge.
prizes for top teams in three categories (highschool, university, industry) for rounds 1 and 2.
worth 10% of your final score.

ROUND 03
top five teams (Blue Teams) from Rounds 1 and 2, take turns defending their server from attackers (Red Team).

PRIZES

GRAND WINNER

WINNER OF THE COMPETITION AFTER ROUND 3

$2550


ROUNDS 01 AND 02

WINNER FOR ROUNDS 01 AND 02 IN EVERY CATEGORY: SECONDARY, TERTIARY, INDUSTRY/OPEN

$2100


RUNNERS UP

RUNNER-UP FOR ROUNDS 01 AND 02 IN EVERY CATEGORY: SECONDARY, TERTIARY, INDUSTRY/OPEN

$810


CHALLENGE REWARDS

easy and medium complexity challenge

$20 per challenge in cash

hard challenges

$50 per challenge in cash


WOMENROUND 0 IN CYBERSECURITY WORKSHOP TECHNICAL COMPETITION

WINNER IN EVERY CATEGORY: SECONDARY, TERTIARY, INDUSTRY/OPEN

$700

RUNNER-UP IN EVERY CATEGORY: SECONDARY, TERTIARY, INDUSTRY/OPEN

$270


DRONE CHALLENGE

Please read below files for participating in Drone Challenge:

Drone Challenge Requirements

Physical Drone Preparation

Virtual Drone Preparation

REGULATIONS

ELIGIBILITY CRITERIA AND RULES

COVERS ELIGIBILITY CRITERIA AND RULES TO FOLLOW FOR THE NZCSC

ELIGIBILITY CRITERIA AND RULES pdf


ETHICS AGREEMENT

COVERS ETHICAL BEHAVIOUR DURING THE TECHNICAL COMPETITION

ETHICS AGREEMENT pdf


CODE OF CONDUCT

COVERS ETHICAL BEHAVIOUR AT THE UNIVERSITY CAMPUS

CODE OF CONDUCT pdf

CROW-NZ's First Cyber Security Lab

crow-team

Established in 2012, CROW is a research group located in the Department of Computer Science at The University of Waikato.

With the emergence of cloud computing technologies and prevalent mobile device usage, we are witnessing the diminishing effectiveness of traditional cyber security approaches such as perimeter defence, intrusion detection and infrastructure hardening.

To address this, CROW focuses on six major themes: Provenance, User-Centricity, Visualisation, Economics, Hardware, and Tools & Datasets. Together, these six themes enable the return of control of data to users, thereby reducing reliance on third-party vendors or trust relationships commonly found in most cyber security contracts today

crow.org.nz

Contact CROW

Cryptography

Forensics Part 1

Forensics Part 2

Linux And Python for beginners

Steganography

Debugging

Round 2 Policy Round Training