WiCyS-CI

Hack the

Power

Isometric Geometric 3d Objects And Lines

Team Signal-9

Team Busmikus

Team Electric Blue

About Hack the Power

Hack the Power is presented by Women in Cybersecurity - Critical Infrastructure (WiCyS-CI) in close partnership with Percival Engineering, Maryland Innovation and Security Institute (MISI), and Cybersecurity Association of Maryland (CAMI). This is a two-day hybrid event including critical infrastructure (ICS/SCADA) training followed by a Capture the Flag (CTF). This will be an offensive exercise demonstrating the impact of cyber attacks against electric power systems and critical mission operations ranging from data theft to a potentially catastrophic infrastructure failure.

Day One Nov 2: Pre-CTF Training

Day Two Nov 3: Hack the Power CTF Event

Day One Pre-CTF Training

WED | Nov 2 | 8am - 4pm | Virtual

Virtual pre-event training focusing on tactics, techniques, and tools in effecting the electrical sector by exploiting an electrical power system

Time	Topic	Description	Facilitator
8:00	Intro	Welcome to Hack the Power!	WiCyS-CI
8:30	Electric Power 101	Topics include: intro to electric power (EP), generation, transmission and distribution of electrical power, systems and devices found within each, and redundancy and safeguards within local electrical systems.	Percival Engineering: Kayla Hoffman
9:45	DNP3 Application & Usage	Topics include: overview of DNP3 protocol, protocol structure and OSI layers, general use in ICS/SCADA environments, and how protocol applies to the SEL-351 Protection System.	Schweitzer Engineering (SEL): David Lowe & Joe Ferguson
10:30	Cyber Risk Management in OT Environment	Topics include: how to begin conversations on Industrial Cyber Risk, measuring and tracking with the Dragos ICRM equation, and leveraging consequence-driven, scenario-based risk discussion.	Dragos: Shelby Brooks & Miriam Lorbert
11:15	Modbus Protocol	Topics include: overview of Modbus protocol, the practical application of Modbus in EP environments, protocol structure and OSI layers, and reading and writing to Modbus holding, input, and coil registries.	Percival Engineering: William Lucas
12:15	Preparing Binaries for Reverse Engineering	Topics include: preparing firmware for Ghidra analysis, preparing raw binaries or memory dump for import into Ghidra (or other RE tools), and tools used to identify common scenarios such as byte swapping, endianness, and hardware-specific headers.	Percival Engineering: David Pocratsky
1:00	Password Cracking	Topics include: cryptographic hashing fundamentals, how to identify hash types, how passwords are hashed, how to programmatically crack passwords using consumer grade hardware, and how to protect yourself from password cracking attacks.	Cyber Skyline: Toby Lin
1:45	SCADA Honeypot Development	Topics include: overview of development of a SCADA Honeypot, accomplishments and lessons learned during development process, protocol and network connectivity within not only a single honeypot but a series of multiple interconnected instances to resemble a much larger network.	Schweitzer Engineering: Tracy Young
2:45	Triangle MicroWorks (TMW) Tool 101	Topics in include: TMW Test Harness, a powerful tool for testing DNP3, IEC 60870-5, and Modbus devices. Hack the Power will utilize Test Harness during some challenges. This training is designed to familiarize you with basic functionality so you can easily use the tool during event.	Triangle MicroWorks: Matthew Green
3:45	Wrap-Up	Closing Remarks	WiCyS - CI
5:00	Pre-Event Social	Network with WiCyS, Sponsors, & Participants	Percival Engineering

Post-Event Social

Percival | 6220 Old Dobbin Ln | Suite 100 | Columbia MD 21045

Day Two CTF

THU | Nov 3 | 9am - 4:30pm | Virtual & In-person

Time	Topic
9:00	Intro/Welcome
9:30	CTF Phase One
12:00	Lunch & Networking
1:00	CTF Phase Two
4:00	Break & Wrap-UP
4:30	Awards
5:00	Post-Event Social at DreamPort

**agenda subject to change

In-Person @ DreamPort

7000 Columbia Gateway Dr | Columbia MD 21046

**If attending in-person you must bring your own laptop

Sponsors

Travel

Accommodations

While we are not partnered with any specific hotels for this event we can provide some recommendations based on proximity to event locations:

Event Locations

Pre-Event Social:

Percival Engineering

6220 Old Dobbin Lane Suite 100

Columbia, MD 21045

CTF & Post-Event Social:

DreamPort

7000 Columbia Gateway Drive

Columbia, MD 21046

frequently asked questions

If I registered but haven't received any emails or communications who do I contact?

Email wicys.cic@gmail.com

Do I need specific tools or programs installed before the event?

No, all you need is a modern web browser and access to the internet
If attending in-person at DreamPort you must bring your own laptop

Is Pre-CTF Training completely virtual?

Yes, however if you are traveling in for the CTF you are welcome to attend the virtual training at Percival Engineering (limited seats available)
If you would like to attend training at Percival email merri.mcnamara@percivaleng.com

Are there other training resources available or recommended prior to the CTF?

Yes, there are resources posted on the Hack the Power Discord Channel

Is Hack the Power only for women since it is sponsored by Women in Cybersecurity?

No, this event is open to everyone

WiCyS Mission

Women in CyberSecurity (WiCyS) is a global community that is dedicated to bringing talented women together to celebrate and foster their passion and drive for cybersecurity. WiCyS Critical Infrastructure was formed to empower women in cyber across the critical infrastructure community and create a safe community for women to flourish, explore, and learn. We unite local, national, and international communities across academia, research, and industry to empower women through knowledge, experience, networking, and mentorship.

Stay updated

HACK the power CONTACT information

WiCyS-CI Email - w icys.cic@gmail.com

Follow WiCyS - Critical Infrastructure for Updates