Hospital Under Siege

BHV_CTF_Final (1)_edited.png

Join us at the BHV Loft!

BHV_Primary_Horizontal-Transparent-2.png

Adversaries have gained a foothold in your local hospital and are increasing control over clinical systems and medical devices. They soon make it clear they’re not after patient records or financial information, but instead hope to disrupt care delivery, putting patients lives at risk. Your team received an urgent request to use your blue, red, and purple team skills to defend against the escalating attacks, attempt to unmask the adversary and, above all else, protect patient lives.

A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and  a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital.

 

Challenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.

  • Twitter
  • LinkedIn
  • Instagram

Capture the

FLAG

Adversaries have gained a foothold in your local hospital and are increasing control over clinical systems and medical devices. They soon make it clear they’re not after patient records or financial information, but instead hope to disrupt care delivery, putting patients lives at risk. Your team received an urgent request to use your blue, red, and purple team skills to defend against the escalating attacks, attempt to unmask the adversary and, above all else, protect patient lives.

ScenariO-Based 
Learning

You will compete against your BHV colleagues in the fully immersive Biohacking Village: Device Lab, a simulated working hospital on real and simulated medical devices. Teams of any size are welcome, as are players from all backgrounds and skill levels. Challenges are tailored for all skill levels crafted with experts in forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.

CTF Tools

radare2.png
sqlmap.png
metasploit.png
binwalk.png.jpeg
nmap.png
ghidra.png
Unknown-19.png
gdb.png
gc1CWg37_400x400.jpg
wireshark.png
johntheripper.png.jpeg
8af9dcf94805de5546cff3e97bcc88f6.jpg

Rules

REGISTRATION

  • Participants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified

  • By registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.

  • Participants must agree to and abide by the Code of Conduct while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever

TEAMS

  • After participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)

  • The maximum number of team members is five (5).

  • All teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.

  • Each member of the team must be a registered participant in the CTF.

  • If participants choose to join a team, then they may not simultaneously participate as an individual or another team. 

CHALLENGE SUBMISSIONS

  • All submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.

  • Participants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.

CHALLENGE SCORING

  • Each submission has set value known beforehand in the challenge description

  • The winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.

CHALLENGE DISQUALIFICATION

  • Whole team gets disqualified if any of the following applies:

    • One or multiple team members have registered more than once

    • One or multiple team members will not follow Code of Conduct (applies to any of the Biohacking village platforms or social media)

    • Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment

PRIVACY

  • Unless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the https://bhv.ctfd.io/ main site