Capture the Flag

Image credit: Photo taken by Feras S

On 20-21 June 2024 Bristol Cyber Security Group (BCSG), supported by RITICS (Research Institute In Trustworthy Inter-Connected Cyber-Physical Systems) and the NCSC  (National Cyber Security Centre), will run Bristol Industrial Control Systems - Capture the Flag (BrICS-CTF). Before the event, on the 19th June, we will also host a free introduction to hacking for ICS training session for all participants to ensure even those with no experience can take part.  

We will be joined by academic and industry teams from across the UK, who will put their skills to the test against our CNI-themed challenges inspired by our experimental testbed. Our jeopardy-style red team exercises - a collection of hacking challenges organised according to different categories and pitched at various difficulty levels allowing for a scoring range – are designed to challenge teams’ Operational Technology (OT) knowledge.  

The teams will face a number of challenges in total across packet capture analysis, logic analysis, asset discovery, data exfiltration, access control, honeypots, value tampering and red team. We will also include a physical red-team challenge – lockpicking - involving multiple practice locks and a singular end “challenge lock”. 

The challenges will harness multiple aspects of the BCSG experimental testbed which, for the purposes of the event, will be relocated to the competition room: servers, training boxes (bespoke equipment developed for our taught units on ICS security), physical processes and our mobile demo box. 

The Bristol Cyber Security Group team (L-R): Louise E, Sridhar A, Jacob W, Feras S, Joe G, Stanislav A, Kostas A, Manolis S, Alma O, Marios S, Awais R Image credit: Photo taken by Feras S

CtF 23 - 1st Place

University of Glasgow
Marco C, Joe R, Jack P

CtF 23 - 2nd Place

Alan M, Zeinab R, Thomas W

CtF 23 - 3rd Place

Gaurav S

Interested in CtF 2024?

If you'd like to take part in our next Capture the Flag event in 2024, email to let us know!

Edit this page