On Thursday, April 28 at 18:00, the teams of the Cyber Fortress League competed in the 2nd tournament. Official partner of this event – ISSA Polska, funded special awards for the best teams. First, however, it was necessary to deal with two specially prepared scenarios.
The first scenario concerned the recent activity of FIN7 group to distribute ransomware using a specific attack vector – FIN7 USB delivered ransomware. In the first scenario, cards from the Data Sources category were not included.
The second scenario concerned the latest NSA and FBI warnings about APT groups, which developed their own tools to attack ICS / SCADA devices, including: Schneider Electric MODICON and MODICON Nano PLCs, OMRON Sysmac NJ and NX PLCs, and OPC Unified Architecture (OPC UA). These tools enable them to scan, compromise, and control compromised devices after gaining initial access to an operational technology (OT) network. Additionally, they can attack Windows-based engineering stations that may be present in IT or OT environments by using an exploit that targets ASRock’s motherboard driver with known vulnerabilities.
The first three teams received free ISSA membership, plus:
- Cybertajniacy team – PLN 1500
- Ogóry team – PLN 1000
- elkarze team – PLN 500
In the Cyber Fortress League: Season 2 Ranking tab, you can find out how many points the teams have after two tournaments.