This is the second entry in the RvB series.
Red versus Blue, more commonly referred to as RvB, is an event held by SWIFT every semester. During this competition, you, the player, can sign up with up to 3 other people to form a squad of 4. With your squad, you are given a network of X amount of boxes to secure and defend as an active red team attempts to break in and take down your services. Meanwhile all of this chaos is brewing, the manager of the event is also handing out tasks called injects. It’s pretty fun and I recommend people to take part in it if they ever get the chance.
No Longer Competing
Spring RvB was not my first time competing as I might’ve mentioned previously, but rather that was my 4th RvB event and 2nd “official” one. Going into my 5th one, rather than using my experience to come out on top, I was recruited into the Red Team to operate as an adversary against 20 teams. This would also come in handy for the upcoming CPTC Western Regionals event.
Structural Changes
Fall RvB presents the competitors with a few new unexpected aspects to the event. There is now a mail server to send injects through. The biggest change they implemented was that social engineering was now in scope. This means that authorized organizers of the event can attempt to ask for passwords from teams and pass it on to the red team.
Messy Things Happen
With so many new changes, it is not an understatement to call this event experimental. After the event has commenced, I was allowed to begin operating about 30 minutes to allow the teams to setup. For some reason, despite being told ahead of time that there were so many teams, I forgot to scale my attacks appropriately leading me to do everything manually. I lost a lot of time doing this but at least I had my team cover my back. The social engineering was also somewhat weird in it’s implementation. Anyone from red team as well as even the director of the event was able to attempt to get credentials through any means from the participants. Juggling so many tasks already on their plate while also not knowing how to react during a social engineering attempt only adds to their stress. Needless to say, it was pretty messy.
Some Notable Events
Some notable events that are more live more in infamy than with pride:
- Event took place during the same time as CCDC
- Purpose of badges not explained
- Red team environment got reset
- Some team’s boxes got reset unintentionally
- Too many injects Hopefully we don’t run into this list again in the future. I learned my lesson from my first time time operating as a red teamer. I will be making sure not to repeat the mistakes on my end in the future.