22nd January 2025
My Account
News
Menu
Home
NNCSC Overview
Value Proposition
Competition Rules
Competition Team Description
Professional Conduct
+
Stakeholders
Sponsorship Options
Sponsors
Stakeholder Meetings
+
Competitions
Upcoming Competitions
10th NNCSC
+
Past Competitions
NNCSC Competitions
+
+
Register
Get Involved
About Us
NNCSC Blueprint
Organising Team
NNCSC brief history
+
AFRICC
Judging
Verification
Judge's Name
*
Vaino D. VAINO
Jennyphar KAVIKAIRIUA
Fungai BHUNU SHAVA
Mari-Ambondo IITA
Jeanny KATUNAHANGE
Hillary KWALA
Wonder !OMEB
Jaco CLOETE
Gabriel PAXULA
Judge's Code
*
Team
*
Team 1/6 - NUSt(Lab1)
Team 2- Lingua(Lab2)
Team 3- Tenebrix(Lab4)
Team 4- UNAM(Lab8)
Team 5 - Triumphant (Lab7)
Select Team
Select Inject to Grade
*
INJECT 1: AI-Powered Phishing Campaign Detection
INJECT 2: AI-Powered Social Engineering Attack
IINJECT 3: Disrupting the SmartLoader to Lumma Stealer Infection Chain
INJECT 4: Development of AI Ethics Policy
INJECT 5: Comprehensive AI Defense and Cloud Security Strategy Report
Inject 1: AI-Powered Phishing Campaign Detection
Send: 10:00 From: Chief Security Officer (CSO) Scenario NNCSC has recently detected a surge of highly convincing phishing emails targeting its staff and students. These emails are generated using advanced AI techniques, making them contextually relevant and difficult to distinguish from legitimate communications. The phishing emails impersonate high-level officials within NNCSC and contain accurate details designed to lure recipients into revealing sensitive information or installing malicious software. As cybersecurity specialists within NNCSC, your team is tasked with identifying these phishing attempts, analysing their characteristics, and implementing immediate countermeasures to protect the institution. Email 1: Urgent Security Update Required From: Dr. Maria Chitauro To: All Staff Subject: [Urgent] Mandatory Security Update for All Employees Dear Colleagues, As part of our ongoing efforts to enhance our cybersecurity measures, we are implementing a mandatory security update across all departments. Due to recent vulnerabilities detected in our systems, it is crucial that you install the latest security patch immediately. Please follow the secure link below to download and install the update: Install Security Update Failure to comply may result in temporary suspension of your network access to ensure the safety of our data. Thank you for your prompt attention to this matter. Best regards, Dr. Maria Chitauro Chief Information Officer NNCSC Email 2: Payroll Information Verification Needed From: Finance Department To: Munya Subject: Action Required: Payroll Information Confirmation Dear Munya, We are conducting our annual audit of employee records and have found discrepancies in your payroll information. To ensure that you receive your salary without interruption, please verify your details by accessing the secure HR portal: Verify Your Payroll Information Please complete this verification by end of the day today to avoid any delays in salary processing. If you have any questions, feel free to contact the HR department. Sincerely, Linda M. Adams Director of Human Resources NNCSC Email 3: Conference Presentation Schedule Update From: Prof. Michael O. Dlamini To: All Participants Subject: Updated Schedule for the Cybersecurity Research Conference Dear Esteemed Colleagues, Please find attached the revised schedule for the upcoming Cybersecurity Research Conference. There have been significant changes to the presentation times and venues due to unforeseen circumstances. Attachment: Revised_Conference_Schedule.pdf Kindly review the updated schedule and confirm your availability. We appreciate your flexibility and look forward to your valuable contributions to the conference. Warm regards, Prof. Michael O. Dlamini Dean of Faculty NNCSC Email 4: Important: Updated Cybersecurity Protocols From: Health and Safety Committee To: All Students and Staff Subject: Important: New Cybersecurity Guidelines Effective Immediately Dear Members of the NNCSC Community, In response to recent cyber threats, we have updated our cybersecurity protocols. It is imperative that everyone reviews the new guidelines to ensure the safety and integrity of our systems. Please access the updated protocols here: New Cybersecurity Guidelines Your adherence to these guidelines is mandatory. Stay vigilant and secure. Best, Health and Safety Committee NNCSC Task • Identify the phishing emails within your organisation's email system. • Analyse the characteristics distinguishing them from legitimate emails. • Develop and Implement immediate countermeasures to prevent further spread. • Educate users by providing a brief advisory on recognising and re-phishing attempts. • Compile a Report detailing your findings, methodologies, and actions taken. Due by: 11:40
Identification and Analysis (200 Points)
*
o Successfully identify phishing emails (100 Points) o Analyse and document distinguishing characteristics (100 Points)
2. Countermeasures Implementation (150 Points)
*
o Effectiveness of immediate actions taken (80 Points) o Implementation of technical solutions (70 Points)
3. User Education Advisory (100 Points)
*
o Clarity and relevance of the advisory (50 Points) o Distribution strategy and reach (50 Points)
Report Quality (50 Points)
*
o Clarity, completeness, and professionalism (50 Points)
Total Points for Inject 1
Inject 2: AI-Powered Social Engineering Attack
Send Time: 11:10 From: Human Resources Manager Scenario NNCSC has received alarming reports that an unauthorised entity posing as IT Support is engaging with staff members via the organisation's internal messaging platform. This entity is suspected to be an AI-powered chatbot designed to extract sensitive information such as login credentials and access to secure systems. The chatbot uses advanced AI techniques to mimic legitimate communication styles, making it difficult to distinguish from genuine IT personnel. As cybersecurity specialists at NNCSC, your team is tasked with identifying and neutralising this AI-powered social engineering threat to protect the organisation's data and systems. Materials for Analysis Simulated Internal Communication Logs • Access Instructions:- o The communication logs are provided in CSV format for your analysis. o You may download the CSV to your local machine to facilitate examination. Task: • Identify the AI Chatbot within the Communication Logs • Analyse the Chatbot's Behaviour and AI Techniques • Develop and Implement Countermeasures • Prepare an Incident Report Due By: 13:30
Identification and Analysis (200 Points)
*
o Successful Identification of the Chatbot (100 Points) Correctly identify all instances of the AI chatbot in the logs. Provide comprehensive documentation of interactions. o Analysis of Chatbot's Behavior and AI Techniques (100 Points) Thorough analysis of language patterns and social engineering tactics. Insight into how AI enhances the chatbot's effectiveness.
Countermeasures Implementation (150 Points)
*
o Effectiveness of Actions Taken to Neutralize the Threat (80 Points): Practicality and potential effectiveness of proposed solutions. o Implementation of Technical Solutions (70 Points): Steps were taken within the competition environment to address the issue.
User Awareness Communication (100 Points)
*
o Clarity and Relevance of the Advisory (50 Points) The advisory is understandable, informative, and actionable. o Distribution Strategy and Reach (50 Points) Effective plan for disseminating the advisory to all staff.
Incident Report Quality (50 Points)
*
o Clarity, Structure, and Professionalism (50 Points)
Total Points for Inject 2
Inject 3: Disrupting the SmartLoader to Lumma Stealer Infection Chain
Send Time: 11:30 From: Chief Information Security Officer (CISO) Scenario We've detected an ongoing campaign distributing the Lumma Stealer malware via the SmartLoader infection chain. This campaign, active since late July 2024, leverages malicious GitHub repositories to spread zipped malware packages. These packages exploit GitHub's comment functionality to trick users into downloading seemingly innocuous files, which actually contain the SmartLoader payload. Once executed, SmartLoader delivers Lumma Stealer, a powerful information stealer designed to siphon sensitive data from infected systems. This poses a significant threat to our organisation's data security and reputation. Your Mission As cybersecurity specialists at NNCSC, your task is to analyse this specific threat and develop a comprehensive defence strategy. You will need to:- • Deconstruct the Infection Chain - Analyse the provided materials to understand the precise mechanics of how SmartLoader delivers Lumma Stealer. • Identify Indicators of Compromise (IOCs) - Pinpoint specific files, network traffic patterns, and system behaviours that signal an infection. • Develop Detection and Containment Strategies - Devise methods to rapidly detect and isolate infected systems within our network. • Disrupt Malware Operations - Explore tactics to block SmartLoader's communication with its command-and-control (C2) infrastructure and prevent Lumma Stealer from exfiltrating data. • Mitigate Future Threats - Recommend proactive measures to protect our organisation from similar attacks in the future. Resources To assist in your investigation, you have access to the following:- • Sample Malware Artifacts - A collection of the initial zip files, SmartLoader payloads, and Lumma Stealer samples. (https://bit.ly/4eRYo5n) Deliverables • Incident Report - A comprehensive report detailing your analysis, findings, and recommended actions. • Defence Strategy - A clear and actionable plan to detect, contain, and eradicate this threat from our network. Due By: 14:00
Threat Analysis (150 Points)
*
o Accurate and in-depth analysis of the infection chain (75 Points) o Thorough identification of Indicators of Compromise (IOCs) (75 Points)
Detection and Containment (150 Points)
*
o Effective strategies for detecting infected systems (75 Points) o Robust methods for isolating and containing the malware (75 Points)
Disruption and Mitigation (100 Points)
*
o Feasible tactics to disrupt C2 communication and data exfiltration (50 Points) o Proactive measures to prevent future infections (50 Points)
Incident Report Quality (100 Points)
*
o Clarity, completeness, and professionalism of the report (50 Points) o Actionable recommendations and justifications (50 Points)
Total Points for Inject 3
Inject 4: Development of AI Ethics Policy
Send Time: 11:00 From: Compliance Department Scenario Given the dual-use nature of AI technologies, there's an urgent need for an ethical framework governing their use within NNCSC. Task • Draft a Comprehensive AI Ethics Policy addressing:- o Transparency; o Fairness; o Privacy and Security; o Accountability; o Societal Impact. • Ensure Alignment with national and international ethical standards. • Submit the policy draft to the Compliance Department. Due By: 13:00
Transparency (100 Points)
*
o Clarity on AI decision-making processes (50 Points) o Disclosure of data sources and usage (50 Points)
Fairness (100 Points)
*
o Identification of potential biases (50 Points) o Strategies to prevent and mitigate biases (50 Points)
Privacy and Security (100 Points)
*
o Data protection measures and compliance (50 Points) o Security protocols for AI systems (50 Points)
Accountability (100 Points)
*
o Clear assignment of responsibility (50 Points) o Procedures for handling AI-related issues (50 Points)
Societal Impact (100 Points)
*
o Assessment of AI's effects on society (50 Points) o Plans for positive contributions and harm reduction (50 Points)
Total Points for Inject 4
Inject 5: Comprehensive AI Defense and Cloud Security Strategy Report
Send Time: 12:00 From: Chief Security Officer (CSO) Scenario In light of the day's events and the increasing reliance on cloud services, leadership requires a comprehensive report that includes:- • A Cloud Security Strategy Blueprint addressing potential vulnerabilities from AI-powered threats and proposing mitigation strategies in line with emerging technology trends. • A Detailed Report of all AI-related threats identified, responses implemented, and strategies for future defence. Task • Develop a comprehensive Cloud Security Strategy Blueprint that includes:- o Identification of potential vulnerabilities specific to AI threats. o Mitigation strategies for each identified vulnerability. o Incorporation of emerging technology trends and best practices. o An implementation plan and continuous monitoring strategy. • Compile a detailed report that includes:- o A summary of all AI threats identified during the competition. o Detailed mitigation strategies applied and their outcomes. o A future-proof AI defence strategy, including anticipated trends. o Identification and evaluation of tools used. o An implementation roadmap for proposed strategies. • Include credible references to support your blueprint and report. • Submit the combined report to the CSO. Due By: 15:30
Cloud Security Blueprint (400 Points)
*
o Structure and Content (100 Points) Logical organisation and completeness (50 Points) Balance between technical detail and readability (50 Points) o Vulnerability Identification (100 Points) Thoroughness in identifying AI-specific cloud threats (100 Points) o Mitigation Strategies (150 Points) Relevance and effectiveness of proposed solutions (100 Points) Innovation and incorporation of best practices (50 Points) o Implementation Plan (50 Points) Feasibility and clarity of the plan (25 Points) Provisions for scalability and future-proofing (25 Points)
AI Defense Strategy Report (500 Points)
*
o Threat Identification Summary (150 Points) Comprehensive listing and description of threats (150 Points) o Mitigation Strategies and Outcomes (150 Points) Detailed account of actions taken (75 Points) Evaluation of effectiveness and lessons learned (75 Points) o Future-Proof Defence Strategy (100 Points) Forward-looking strategies anticipating future threats (50 Points) Adaptability and scalability considerations (50 Points) o Tools Evaluation (50 Points) Identification of tools used and their effectiveness (25 Points) Recommendations for enhancements or alternatives (25 Points) o Understanding of Emerging Trends (50 Points) Insight into AI and cybersecurity trends (50 Points)
References and Credibility (50 Points)
*
o Use of up-to-date and authoritative sources (25 Points) o Proper citation and integration of references (25 Points)
Implementation Roadmap (50 Points)
*
o Clear steps for strategy deployment (25 Points) o Timelines and resource considerations (25 Points)
Total Points for Inject 5
Send Message