Attack on Holm City.

Basic Rules

As cybersecurity experts at our 15th annual Cybersecurity conference, we invite you to participate in the Hackathon, which takes place in the virtual city of “HolmCity.” This city boasts modern infrastructure and information systems, providing a safe environment for teams to practice and test their skills without compromising real information resources.

Participants in the Hackathon gain experience in conducting both attacks and defense in cyberspace without harming real ICT systems. It is an excellent opportunity to test your team’s ability to deal with real threats and create new knowledge and skills needed to protect ICT systems and services in a modern and contemporary environment.

This exercise is ideal for organizations looking to test their teams in the field of cybersecurity, as well as individuals looking to improve their knowledge and skills in this area. The Hackathon is a team game that requires coordination, quick reaction, good communication, and a clear strategy to capture and win ICT resources in the virtual city of “HolmCity” and ultimately win the throne.

Teams in “HolmCity” perform both attack and defense on ICT infrastructure and services. Each team can have up to 5 members and has its own ICT infrastructure to defend against attacks from other teams. As with any other city, “HolmCity” has public services that are vulnerable to attacks by all teams.

On the attack side, teams must discover vulnerabilities in the ICT infrastructure defended by other teams and exploit them by raising their flags. On the defense side, teams need to patch existing vulnerabilities in their own infrastructure and public services of “HolmCity” to protect their flags from being taken down by other teams.

The main goal of the Hackathon is for teams to occupy as many resources as possible, raise as many flags as possible in other team’s ICT infrastructure, and defend them for as long as possible. The Hackathon not only tests technical skills but also psychophysical strength, as it lasts for 4 hours, during which team members must cooperate, share tasks, and solve various problems.

Upon registration, the Hackathon organizer provides access to materials for preparation and access to the infrastructure in “HolmCity” three days before the start of the conference to help teams become familiar with the environment and prepare for defense.

The Hackathon takes place on May 25, 2023, during the Nordic IT Security conference, and all team members must be physically present. Nordic IT Security provides valuable prizes for the top three teams and consolation prizes for others. Join us in this exciting opportunity to showcase your cybersecurity skills and knowledge.

The general rules of participation in the Hackathon in the virtual city “HolmCity” are:

• Teams start with 0 points.
• An attack on the ICT infrastructure of other teams and the public part of the virtual city “HolmCity” is allowed. It is not allowed to attack teams user machines and system services (IP ranges and addresses will be specified in the materials for access and participation). A team that violates this rule will be disqualified.
• Use the original scripts obtained from the organizers to raise the flags. Any modification of the script results in disqualification of the team.
• Each team has access to a control panel that displays in real time the state of raised flags and the overall ranking.
• For any interpretation of rules, techniques, procedures, during the Hackathon, the team addresses the organizer.
• Communication, conversation and exchange of information between teams is not allowed.
• For any ambiguities during the Hackathon, teams can ask the organizer for an explanation.
• During the Hackathon, visitors to the Nordic IT Security conference are allowed to watch the work of the team without disturbing the team members and affecting the course of the hackathon itself.