Student Updates VIA ITP Club

Below are the emails that have been sent to the IT student body and ITP Club members. This page is for historical records. Emails were sent and Announcements were posted via Blackboard. (LMS)


Hello everyone!

I wanted to share some updates from the ITP Club. We have a few capture-the-flag competitions right around the corner and plan to attend the Skills USA competitions.

  • The first is Tracer Fire and will be held at A&T University Feb. 16-18. We have two teams comprised of IT Support, Computer Programming and Software Development, System Security, and Cybersecurity students. We will be competing with several other local universities and community colleges. Students have been busy training over the past few weeks with applications such as Arkime, Velociraptor, Kibana, Autopsy, and more! You can check out their platform here: https://ctf11.tracerfire.net/ Tracer Fire is sponsored by Sandia National Laboratories, a Department of Energy contractor. 

We have two teams consisting of students from various program areas registered for this event, but I just found out that we can register more!! It’s a virtual event taking place March 11-14 sponsored by The National Centers of Academic Excellence in Cybersecurity (NCAE-C) with the University of Alabama in Huntsville, Augusta University, University of Arizona, and Florida International University. This competition is open to all CAE-designated schools. The top 15 teams will compete in the live event to continue the competition at the CAE Annual Colloquium in October 2024. There is more info on that competition at the bottom of this email.

  • The third cyber competition is the NCAE Cyber Games in March. I’m attending a virtual meeting next week to learn more details. https://www.ncaecybergames.org/

I’ll need your help coordinating the Skills USA competitions! I am unfamiliar with all they offer. Please let me know if you want to join forces. 

If you know any students who would like to participate in these events, please have them email me!! I added everyone to the ITP Club Teams site so you can see all the action.


Thanks for all you do! 

Victoria


Hello Everyone!

We have two Capture-the-Flag competitions coming up: NCAE-C VIVID and Tracer Fire. 

Here is the link to sign up for Tracer Fire:  https://forms.office.com/r/b99RH33e8i?origin=lprLink It is also posted on our Teams page. Our next training is scheduled for this Wednesday. 

The deadline for the VIVID competition is this Tuesday, Jan. 30. I will register us as a team once I know who wants to participate. Please use this link to sign up for the VIVID competition. The information I’m gathering reflects the information I must enter when registering our team(s). https://forms.office.com/r/jiwaKi0jUq

Information about NCAE-C VIVID Competition is below. 

The National Centers of Academic Excellence in Cybersecurity (NCAE-C) are sponsoring a Cyber Competition through the Virtual Internship and Varied Innovative Demonstrations (VIVID) consortium of University of Alabama in Huntsville, Augusta University, University of Arizona, and Florida International University. This competition is open to all CAE designated schools. 

Selected teams will be notified by 31 January. The first phase of the competition is a virtual event taking place from 11-14 March 2024. The top 15 teams based on results from the virtual event will compete in the live event to continue the competition at the CAE Annual Colloquium in October/November 2024. 

 Travel stipends will be provided to offset travel costs for those teams competing in the live event. A virtual bootcamp/preparation will be available in February to assist teams preparing for the competition. A list of tasks will be provided at that time, but the general tasks the competition will target are penetration testing (Red Team) and incident response (Blue Team). 

A virtual platform will be used for both the virtual and live competitions. All machines used by the teams will be part of the virtual platform environment. 

Phase 1 is completely online and will follow this schedule:

11 March: (Day 0) Introduction to the competition environment 

12 March: (Day 1) Jeopardy-style CTF (preview of Red/Blue Team tasks seen on Days 2 and 3) 13 March: (Day 2) Red Team Tasks 

14 March: (Day 3) Blue Team Tasks 

Phase 2 is a live event at the CAE Annual Colloquium (date TBD) and will follow this schedule: 

(Day 0) Introduction to the competition environment 

(Day 1) Jeopardy-style CTF (preview of Red/Blue Team tasks seen on Days 2 and 3) 

(Day 2) Red Team Tasks (Day 3) Blue Team Tasks 

(Day 4) King of the Hill Top prize for the winning team at the live event is a gaming system for each team member! 

The scenario for the 2024 event is below. 

News flash! Apex University (AU) announces their new artificial intelligence (AI) research system, Overlord! Professor Rosie Meebs, head of the project, declares “this is a new generation of AI that will reach heights never reached before. Our new code is faster and learns better than anything in existence. We project that in less than 8 months, Overlord will reach singularity and be a true intelligence. We expect once that happens, our AI will be able to solve any number of problems from creating fusion to solving the climate change crisis. Any negative comments are just jealousy, and we know there will be no problems once Overlord comes online. We will turn on Overlord on 1 March 2024 and change the world!”

Red Team The hubris of mankind knows no end. How a group of academics think creating machine intelligence is a good thing is beyond belief. The danger of artificial intelligence is well known. Just look at the Forbes article1 that tells us the risks or even Scientific American2 which describes the menace of our digital overlords. They even had the audacity to call it “Overlord”; we must stop them! Fortunately for us, a member of the AU research team that created this monstrosity sees the danger and has told us there is a hidden backdoor to their system that allows remote access. It’s great having an insider that shares our beliefs! Additionally, the creators were at least smart enough to build in an “off switch” but it is protected by an authentication system that needs a digital key. With this knowledge, we can enter the Overlord system and steal the key. Once we have it, we can shut down this monstrosity. Unfortunately, our inside person does not have the credentials to get to the key, so we must break into their system. 

Our tasks: 

• Recon the Apex University network 

• Identify the systems that hosts Overlord 

• Distract the security operations center analysts to cover your attack 

• Infiltrate the system 

• Gain access to the command & control computer 

• Find the digital key 

• Exfiltrate the key 

Blue Team You and your team are lucky enough to gain experience at Apex University’s (AU) Security Operations Center (SOC). For the last semester you’ve been working three days a week learning the job roles in SOC and expanding your cybersecurity knowledge. While today is usually not a workday, the SOC director called all of you to work and explained the university network was under attack and all the full-time analysts were swamped. The director needs you to work within the network and identify any artifacts in the system indicating threat activity and indicators of compromise. 

Our incident response tasks: 

• Find artifacts in the system indicating threat activity and indicators of compromise 

• Detect the threat actors 

• Respond to any malicious activity 

• Mitigate threats 

• Report what you find  


Hello All!

We had a great meeting yesterday with Matthew Trotter from Sandia National Laboratories. We learned about their upcoming Tracer Fire competition, which will be held Feb 16-18 at A&T University. Over the next few weeks, they will train us on their platform so we are well prepared to crush it at the event. 

This is the opportunity you are looking for!! These events are resume-builders.  Employers see it as experience, and they will recognize Tracer Fire!!! 

No worries if you didn’t make the first meeting. You can watch the meeting recording on the ITP Club Teams channel. Our next meeting is Wednesday, January 31 at 2:00 in the Tech Skills Lab and on Teams.

Thank you, Cassie, for taking notes about the demo! See below:

Matthew Trotter – from Asheboro with SANDIA NATIONAL LABS (Nuclear and Security Labs || Fed. Funded)

– They chose to partner with us for this lab

– learning about the 11th gen and will be running this comp. W/12th gen

– https://ctf11.tracerfire.net/ (website) 

– Arkime is what we will be working with during the challenge (similar to Wireshark)

– Feb 16th = Virtual @ 6pm for 1.5hrs*** (SPEAKING ABOUT INTERNSHIPS)

– Feb 17th-18th @ A&T Campus!!!!

– WORK ON DEMO {

                Base 64 – 

        – Ex: The alphabet has 26 letters and are both capitalized and non; the computer interprets the data differently than we (humans) do. 

         – It will take binary data, compress it, then send it over to base 64 where it translates the data into the original file that was sent without distorting it.} When you “un-Base 64 it” it automatically translates this data!

-Filter out the traffic for the results. = Search the queries for the IP address = ip.src ==  20.3.96.140

– SPI VIEW =  Simple Mail Transfer Protocol (SMPT) Port 587 sometimes use port 465 NOT port 25

– DNS port 53 can be used to narrow down the vectors to anyone who has clicked on bad links/phishing scams. DNS SERVERS LISTEN TO PORT 53 (BOTH UDP AND TCP)

– SPI Graph (no use really but filters out the source)

– Connections –  The wider the line is = the more packets that are being sent across those series of computers. 

   – This tells me what computers are communicating with other computers and which ones could be affected.

– Hunt –  Filters through all of the data online or offline. If I do have the info downloaded, I can uploaded here to access the data.

– Sessions – You can click Sessions and download PCAP onto the device and then access it through Wireshark again. 


Hello All!

It’s competition season! We are excited to share several opportunities lined up for the Spring. We will meet next Wednesday, January 24, at 2:00 in the Tech Skills Lab. I’ll send an invite so you can join virtually if needed. 

We are jumping right in with a Capture the Flag competition called Tracer Fire. It’s sponsored by Sandia, a Department of Energy  Research and Development Center, February 16-18, 2024. The Tracer Fire folks will join us at the meeting next week to share more information about the event.

I am looking forward to seeing everyone! 


Announcements for September 2023


Results of the Cyber Collegiate Challenge. (Forsyth Tech came in first place.)


Hello All!

We completed the executive portion of the Crisis Management exercise with Cyberbit last week. It prompted some great conversations! My big takeaway was that there are not always “right” answers, and decisions will vary based on the structure and resources of the business. 

This week, we will meet in person on Tuesday at 2:00 in the Tech Skills lab and go over details for the Cyber Challenge and practice for the event using Cyberbit. Remember to attend the Participant Training you signed up for. 

o    Tuesday, September 12, 2023 from 4:00 PM ET – 5:00 PM ET

or

o    Wednesday, September 13, 2023 from 11:00 AM ET – 12:00 PM ET.


Thursday’s event is from 4:00-7:00, so we will meet remotely via our Teams page at 3:30. We can join the Challenge around 3:45. So essentially, we will be able to chat via Teams while completing the event online.

See you tomorrow!

Victoria Ferrell

Program Coordinator/Instructor, Cybersecurity and Systems Security
Forsyth Technical Community College
Main Campus, Technology Building
2100 Silas Creek Parkway | Winston-Salem, NC 27103
 336.757.3693| m 336.462.8830
forsythtech.edu


Here are the notes and reminders from the meeting yesterday.

  • Congratulations to the following club officers:
    • President – Matthew D’Allura
    • Vice President – Gardy Poirier
    • Secretary – Cassie Malin
  • Reply to the SecureUS email no later than Friday, September 8 at 5 p.m.
  • Complete the Cyberbit Onboarding and Prep for Sept. 7 modules prior to our meeting tomorrow
  • Next meeting is tomorrow, Sept. 7 – 2:00-3:30 

Our Teams site is ready to roll! You can access it by opening Microsoft Teams, clicking on Teams, and selecting the Information Technology Professionals group. We will use the Meet option in the upper right corner for our virtual meetings. https://teams.microsoft.com/l/team/19%3af07f43a32a12409c9e9b2130ca195a56%40thread.skype/conversations?groupId=1119e9b3-ad6f-4118-a8e8-ac557ce50c9d&tenantId=5f0bf8a8-7cde-4ba0-8d7a-13c380a001b5

I am super excited about our Crisis Management exercise tomorrow! If you need to join us virtually, please use the button on our Teams page.

Thanks, everyone!

Victoria Ferrell

Program Coordinator/Instructor, Cybersecurity and Systems Security
Forsyth Technical Community College
Main Campus, Technology Building
2100 Silas Creek Parkway | Winston-Salem, NC 27103
 336.757.3693| m 336.462.8830
forsythtech.edu