Operation Shield Wall: A simulated state-side cyber attack experience

You may be used to facing threats, but this time, you’ll be entering the belly of the beast. Prepare to defend the safety of an entire nation and restore balance to its democracy and freedom.

Unravel a groundbreaking series of exclusive scenarios within the HTB Enterprise Platform, taking you through various offensive and defensive security domains, and challenging your team’s threat readiness at every step. 

The backdrop: Veloria under siege

Veloria has entered a state of disorder. The vibrant, technology-driven nation in Central Europe faces escalating cyber threats from Ravensk, the formidable opposing power. 

Ravensk is dissatisfied with Veloria joining the Global Alliance for Security & Cooperation (GASC). The relentless opposition is responding with attacks on its power grid, government services, and telecommunications networks, putting its vibrant capital of Altenburg in a state of emergency.

With a significant impact on everyday life, essential services, and democracy itself, you have been called upon to defend Veloria as cyber defense experts. Your team must work tirelessly to counter the attack and restore systems.

When I entered the industry many years ago getting all the key players around a table was always difficult, as was finding content that was fun, enjoyable, and also productive. 

 

I believe Op Shield Wall hits the nail on the head in all these respects and provides organizations with an opportunity to engage with content that is immersive, exciting, and fosters collaboration. Good luck playing through this campaign!

 

Sabastian Hague (sebh24), Defensive Content Lead, Hack The Box

What you will encounter 

Operation Shield Wall consists of five Sherlocks & two Machines designed to replicate common industry threats alongside techniques, tactics, and procedures used by real adversaries.

Through this linked series of purple-minded scenarios, cyber teams must unravel and thoroughly investigate a diverse range of gamified exercises and strengthen Veloria’s threat readiness. 

• OpShieldWall-1  - May 3, 2024 - DFIR

Identify a Wi-Fi compromise and assess the implications of a lack of network segmentation. Investigate traffic between devices on the compromised network and understand the TLP Amber protocol for discreet investigation. 

• OpShieldWall-2  May 10, 2024 - DFIR

Analyze a recovered Android mobile phone, suspected of being used as a burner phone, to uncover evidence of involvement in the security breach.

• OpShieldWall-3  May 17, 2024 - Operator

Leverage offensive cybersecurity capabilities to compromise C2 servers identified in previous analysis. Compare the Ravenskian government's command and control infrastructure, retrieving crucial information about threats impacting the nation.

• OpShieldWall-4 May 24, 2024 - SOC

Sweep the Velorian Government's networks to uncover potential compromises, safeguarding crucial assets and ensuring operational continuity.

• OpShieldWall-5  May 31, 2024 - Operator

Employ offensive tactics to dismantle the RedBadger Ransomware site, identifying vulnerabilities, exploiting them, and issuing takedown notices on behalf of the Velorian government and its allies.

• OpShieldWall-6 June 7, 2024 - Malware Analysis

Collaborate with reverse engineering and malware analysis teams to dissect ransomware executables retrieved from the RedBadger site, reversing encryption on critical files and furnishing essential Indicators of Compromise (IOCs).

• OpShieldWall-7 June 14, 2024 - DFIR

Investigate the Velorian Election System (VES) to determine if it has been compromised and whether the recent elections were manipulated by the Ravenskian government.

As real as fiction can get

According to Microsoft, nearly 80% of nation-state attacks were directed against government agencies, think tanks, and non-governmental organizations. For example, in 2023, the UK Electoral Commission experienced a database breach that exposed the personal data of approximately 40 million people.

As a result, governments and enterprises find it challenging to stay ahead of domestic cybercrime, resulting in significant financial damages and the possibility of security breaches.  

Operation Shield Wall features realistic scenarios simulating strategies, procedures, and protocols for responding to large-scale cybersecurity incidents affecting critical infrastructure such as telecom networks, power grids, and federal services.

This innovative, themed series of hands-on labs provides the perfect opportunity to fully comprehend offensive strategies and enable effective incident response or cyber threat intelligence operations (CTI), improving multiple aspects of an organization’s security posture:

• Better learning process and understanding of CVEs.

• Implement predictive concepts within defensive cyber operations.

• Enable optimized threat hunting operations.

• Foster a dynamic Purple Team mindset.

• Decrease your mean-time-to-detect (MTTD), mean-time-to-resolve (MTTR), and mean-time-to-contain (MTTC).

Heroes always get rewarded

Don’t miss out on gaining the recognition you deserve for restoring security to Veloria. Each team completing the entire series of Sherlocks will receive an exclusively crafted coin recognizing their efforts and dedication to developing their skills and threat-readiness!

Ready to join the operation?

All scenarios featured in Operation Shield Wall will be available as part of the Dedicated Labs offering, within HTB Enterprise Platform — making it an exclusive set of labs for professional cyber teams.

Lab managers can easily add and assign scenarios to team members following the weekly releases.

Login on May 3, 2024, to add the first of 7 scenarios to your lab and save Veloria! 

Get started with HTB Enterprise Platform

The Velorian national infrastructure needs every help possible! If you don’t have access to HTB Enterprise Platform but are interested in joining this themed cyber attack simulation, book a call with our team to get started.