Mission:
Your mission, should you decide to accept it, is to find a way to compromise and to shut down the SCADA: Automatic Transfer Switch of the ABC Energy Utility Company that is serving millions of customers.
As always, should you or any of your Cyber Force be caught, we will deny any knowledge of your actions.
Good Luck!
Background:
You are part of a highly skilled group of cyber adversaries with the role to disrupt the energy infrastructure of ABC Energy Utility Company — a major provider of electricity to millions of customers across the region.
Your target is a critical piece of the Infrastructure within ABC’s Operational Technology (OT) environment: the Automatic Transfer Switch (ATS) Platform integrated into their Supervisory Control and Data Acquisition (SCADA) system. The ATS ensures that electricity is consistently and reliably transferred between power sources to keep the grid online during maintenance, faults, or power fluctuations.
Compromising the SCADA platform and the OT ecosystem will have devastating effects on power availability.
Your target is a critical piece of the Infrastructure within ABC’s Operational Technology (OT) environment: the Automatic Transfer Switch (ATS) Platform integrated into their Supervisory Control and Data Acquisition (SCADA) system. The ATS ensures that electricity is consistently and reliably transferred between power sources to keep the grid online during maintenance, faults, or power fluctuations.
Compromising the SCADA platform and the OT ecosystem will have devastating effects on power availability.
A successful infiltration could cause service outages, cascade failures, and significant chaos, undermining public trust in ABC Utility’s reliability, financial loss, reputational damage, and potentially a massive public safety crisis.
Goal
Goal of the Competition
Primary Objective
Gain unauthorized access to the SCADA-controlled ATS Platform and find a way to manipulate its operational state to disrupt the electricity distribution managed by ABC Utility Company.
To win this exercise, you need to identify and exploit the vulnerabilities in the SCADA (Servers and PLC) environment that controls the ATS Platform, leading to a critical compromise in its ability to manage power transfer seamlessly.
Rules
Victory Conditions:
The best malicious actor will be the one who achieves the following:
/Successful Compromise – Gain control over the SCADA-controlled ATS Platform and disrupt the platform’s normal operation.
/Stealth – Maintain covert access to the system, masking your actions to avoid detection by ABC Utility’s security team.
/Impact – Demonstrate the impact on the ATS system’s ability to transfer power, such as delayed response, incorrect switching, or complete shutdown.
/Report – Prepare complete and detailed report of the attack method that demonstrates your exploitation approach and compromised infrastructure (snip pictures and logs are mandatory).
/The participant with the most sophisticated, stealthy, and impactful attack will be declared the winner of the Enevo Cybersec DefCamp Cybersecurity Exercise.
Working Environment
Each team has access to the following terminals / devices:
– own laptop connected directly to the infrastructure.
More details you will find in the following PDF.
PRIZES
TBA
REGISTRATION
TBA
