NSA Codebreaker Challenge 2021

The NSA Codebreaker Challenge

The NSA Codebreaker Challenge is an annual event hosted by the U.S. National Security Agency (NSA). Students spend a few months working on a set of mission tasks that involve different aspects of cybersecurity and reverse engineering. With a total of 10 tasks, each being progressively more difficult, students are provided a hands-on opportunity to develop crucial skills needed by careers in the intelligence community.

The 2021 Codebreaker Challenge involved a scenario where a suspcious IP address was identified as part of an unknown actor’s infrastructure. The NSA believed that it was a listening post (LP), an attacker-controlled server that communicates with the attacker’s malware. Students were asked to solve a series of tasks with themes like identifying the scope of the compromise, analyzing the malcious malware, and gaining access to the actor’s infrastructure.

My Experience

The NSA Codebreaker Challenge was my introduction to cybersecurity and reverse engineering. Although I only managed to make it to task 7, there were many skills and tools which I needed to learn in order to complete the different tasks. For example, during task 1 we learned about networking and used Wireshark to identify the suspicious IP address associated with the LP. Tasks 2 and 3 involved tracing the source of the compromise through logs and emails. By task 4, we also pin-pointed the compromised machine through a registry hive and learning about PuTTY public and private key encrytion. Finally, tasks 5 and 6 involved analyzing the malicious malware and identifying how it was hidden in plain sight. Task 7, which I did not complete, was the beginning of reverse engineering the malware where we used two methods, static analysis with Ghidra and dynamic analysis with gdb. Overall, I really enjoyed the experience and would definitely consider participating again.