The ACSC has released a simulated cyber incident challenge so anyone can test or improve their cyber response ability and forensic skills.
Organisations may wish to use the challenge as a group training exercise for cyber security staff.
The challenge was originally run at the BSides Canberra conference in April 2021.
The challenge scenario
The Australian Logic and Interstellar Exploration Network (ALIEN) needs your help!
An unknown cyber actor has blackmailed ALIEN claiming that they will release their research unless they are paid a hefty sum.
ALIEN believe that the information must have been stolen through a cyber intrusion, and have enlisted your help to work alongside the ACSC to investigate what has happened.
To investigate the simulated incident, you will be presented with questions to gather the key findings.
All questions can be answered using common open source tools, or you can use your favourite suite of forensics tools to complete the challenge.
The questions are designed to increase in difficulty throughout the challenge. Some existing knowledge of incident response and forensics is recommended.
No assistance from the ACSC can be provided in completing the incident response challenge.
The challenge materials zip file contains:
- various evidence files and a memory dump collected from a number of hosts
- challenge questions
- setup instructions for an interactive scoring platform (optional)
- a solution walkthrough, demonstrating how the answers for each question can be found.
Download the zip file [ZIP 1.7GB]
Read the license and copyright details.