BHV_CTF_Final (1)_edited.png

Hospital Under Siege

Adversaries have gained a foothold in your local hospital and are increasing control over clinical systems and medical devices. They soon make it clear they’re not after patient records or financial information, but instead hope to disrupt care delivery, putting patients lives at risk. Your team received an urgent request to use your blue, red, and purple team skills to defend against the escalating attacks, attempt to unmask the adversary and, above all else, protect patient lives.

A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and  a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital.

 

Challenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.

  • Twitter
  • LinkedIn
  • Instagram

Biohacking Village worked together with

BioBright and Pacific Northwest National Laboratory to bring their bio economy focused hackathon to the village as a side quest if you are up for the challenge!

CTI-League to explore the world of ransomware and the *magic* therein...

Let the games begin! CTF Schedule:

Pre-qual:  Thursday, 5August2021: 1000-1400 PST

Game on: Friday, 6August2021: 1000-1800 PST

                  Saturday, 7August2021:1000-1800 PST

                  Sunday, 8August2021: 1000-1300 PST

Rules

REGISTRATION

  • Participants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified

  • By registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.

  • Participants must agree to and abide by the DEF CON Code of Conduct while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever

TEAMS

  • After participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)

  • The maximum number of team members is five (5).

  • All teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.

  • Each member of the team must be a registered participant in the CTF.

  • If participants choose to join a team, then they may not simultaneously participate as an individual or another team. 

CHALLENGE SUBMISSIONS

  • All submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.

  • Participants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.

CHALLENGE SCORING

  • Each submission has set value known beforehand in the challenge description

  • The winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.

CHALLENGE DISQUALIFICATION

  • Whole team gets disqualified if any of the following applies:

    • One or multiple team members have registered more than once

    • One or multiple team members will not follow DEF CON Code of Conduct (applies to any of the Biohacking village platforms or social media)

    • Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment

PRIVACY

  • Unless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the https://bhv.ctfd.io/ main site