Protect Financial Institution-Operation Wounded Bear-Mission 5
Scenario Overview: 
A new virus has been detected and is spreading globally through financial institutions. The International Cyber Defense Organization (ICDO) has been deployed to all major banks to eradicate this infection. This virus has been designed to infiltrate the banking systems, take over financial applications and collect credentials from unsuspecting users. You are being sent to see if their environment has been infected.
How to be Successful:
The learner will be provided access to all workstations and must use the bank's intrusion detection system to find the infection and create rules to prevent future infections. Once they have set up the rules, they will need to kill the malicious processes and remove it from infected machines. Obviously, the bank is still operating so they must not do anything which could impact their users negatively.
What should you know prior:
Learners should be familiar with basic malware analysis, containment and eradication. Also, Snort rules development within intrusion detection and prevention.| Load Time |
Easy: 5 min Medium: 15 min |
| Time Limit | 8 hrs |
| # of Tasks | 6 |
| Hints | Yes |
| Save Session | Yes |
| Team Based | Yes |
Scenario Overview:
A new virus has been detected and is spreading globally through financial institutions. The International Cyber Defense Organization (ICDO) has been deployed to all major banks to eradicate this infection. This virus has been designed to infiltrate the banking systems, take over financial applications and collect credentials from unsuspecting users. You are being sent to see if their environment has been infected.
How to be Successful:
The learner will be provided access to all workstations and must use the bank's intrusion detection system to find the infection and create rules to prevent future infections. Once they have set up the rules, they will need to kill the malicious processes and remove it from infected machines. Obviously, the bank is still operating so they must not do anything which could impact their users negatively.
What should you know prior:
Learners should be familiar with basic malware analysis, containment and eradication. Also, Snort rules development within intrusion detection and prevention.| Load Time |
Easy: 5 min Medium: 15 min |
| Time Limit | 8 hrs |
| # of Tasks | 6 |
| Hints | Yes |
| Save Session | Yes |
| Team Based | Yes |
