Fun and Games: Lock Picking, Capture the Flag Contests, Simulations, and More

8th Layer Insights - A podcast by Perry Carpenter | N2K Networks - Tuesdays

Categories:

What images come to mind when you see or hear the word 'Cybersecurity?' That word probably evokes mental images of people hunched over keyboards launching cyberattacks at each other. Or maybe you picture someone picking a lock or stealing a badge to slip into a building. In other words, most people picture the battle... or what some might think of as "the fun parts." But, here's the thing. Not everyone gets to participate in these aspects of cybersecurity and, in many cases, finding safe and legal ways to practice these skills can be challenging. So where can curious minds turn? That's where gamification can really help. There are a ton of really fun and engaging ways to learn these skills without fear of being arrested or breaking something. These are also great ways to level-up cybersecurity skills and help bring new people into the field. In this episode, we explore the "fun and games" of cybersecurity: lock picking, (CTFs) capture the flag competitions, simulations, and even pickpocketing and magical (sleight of hand and misdirection) thinking. Perry's guests are Alethe Denis (social engineer and DefCon 2019 Social Engineering CTF winner), Deviant Ollam (penetration tester, lock picking guru, and Board Member of The Open Organization of Lockpickers), Chris Kirsch (Co-Founder and CEO of Rumble, DefCon 2017 Social Engineering CTF winner) , and Gerald Auger (Founder of Simply Cyber, Director of Cybersecurity Education & Cybersecurity Program Manager at ThreatGEN). Guests: Alethe Denis (LinkedIn) (Twitter) (Website) Deviant Ollam (Twitter) (YouTube) (Website) Chris Kirsch (LinkedIn) (Twitter) Gerald Auger (LinkedIn) (Twitter) (YouTube) Resources & Books: What is Gamification? Lockpicking Resources from Deviant Ollam Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks, by Deviant Ollam Practical Lock Picking: A Physical Penetration Tester's Training Guide, by Deviant Ollam TOOOL US -- The Open Organization of Lockpickers TOOOL US instructional videos on YouTube The Official TOOOL Slides The Lockpicking Lawyer on YouTube Bump Keys in the News - San Francisco #3 -- YouTube clip TraceLabs OSINT Capture the Flags 50 CTF (Capture the Flag) & Pentesting Websites to Practice Your Hacking & Cybersecurity Skills in 2021 Hands-on Hacking Demo | CTF - Capture the Flag in 15 Minutes!, YouTube video by ITProTV Capture the Flag? Change Your Life, YouTube video by John Hammond Don’t Wait for the Perfect Time for a Tabletop Exercise, National Law Review ThreatGEN's Red & Blue Game Gerald Auger's Simply Cyber Discord Server Chris Krisch's pickpocketing talk at Layer8 Security Conference Production Credits: Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks. Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com. 8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/ Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: hello [at] 8thLayerInsights [dot] com