On May 21-22, 2019, an international forum on practical security “Positive Hack Days” was held in Moscow, which was attended by employees of the RSE “State Technical Service” of the National Security Committee of the Republic of Kazakhstan.
Positive Hack Days is a unique international event where the most pressing issues of information security are raised. Two days in non-stop mode, hackers, security experts and developers, business and government representatives, scientists and journalists discussed real cyber threats and ways to counter them. “PHDays9” this year was devoted to the topic “Breaking a Constant”.
In parallel with the business part of the forum, there was a large-scale program and hacker competition of the year - The Standoff 30-hour cyber battle. For two days in a row, the participants divided into teams of “hackers”, “defenders” and SOC teams (security expert centers) selflessly fought among themselves. The competition format is as close as possible to reality, where the goal of the game was to show in practice real threats to information security.
The team of RSE "STS" for the first time participated in the cyber battle. The duties of the defenders were to ensure the security of the offices of the City City F. The team was entrusted with the office segment of the insurance company Behealthy together with SOC ACRC (Angara Profeccional Assistance, Russia). The team as defenders deftly overcame all potential problems and security threats and held the leading position for 29 hours.
- According to the scenario of the organizers, an anonymous source compromised the domain accounts of ordinary users of Behealthy and sold them on the black market. The attacking team used them to successfully break through the perimeter of the Behealthy office, after which they were able to raise privileges and subsequently gain access to the domain administrator's account. ACRC analysts failed to identify the attack on time, as a result of which defenders of the team of the RSE STS were awarded penalty points, ”said team captain Dauren Moldakhmetov.
According to the results of The Standoff cyber battle, the team of defenders of the RSE STS showed excellent results and confirmed its high qualification, taking an honorable third place.