Standoff
13
MAY 22–25, 2024
MOSCOW, LUZHNIKI SPORTS COMPLEX
MOSCOW, LUZHNIKI SPORTS COMPLEX
Cyberbattle of the year: don’t miss out!
₽7,5 mln
A jackpot the red teams will really fight for
Upgraded mechanics
Now featuring a whole new country, new security events, roles for the blues, and rules for the reds
36 hours
A four-day long cyber exercise with breaks overnight
Greater hacking horizons
500+ software and hardware units you can must hack
Come to Moscow's Luzhniki sports complex on May 23–25 to see the cyberbattle Standoff 13 with your own eyes
Blue team application form
for Standoff 13
Fill out the form, and we'll contact you within five days
to discuss the terms and price of participation
Red teams in Standoff 13
Based on Standoff 12 results
Place
Team
1
DreamTeam
2
True0xA3
3
RHTxF13xSHD
4
Cult
5
Jet_infosystems
6
Wetox
7
DeteAct x SPbCTF
8
TSARKA
9
Kibers
10
GISCYBERTEAM
11
EvilBunnyWrote
Based on qualifier results
Place
Team
1
cR4.sh
2
only_f4st
3
Radiant0x2A
4
5HM3L
5
MG.RT
6
Data
7
Crypto Apes
8
Wardagen
9
SecWare
13
Baguette2Pain
14
Invuls
17
T.H.R.E.A.T
18
4ak4ak
Spots reserved for international teams
Team
Pr1m3d
Bulba_Hackers
Red team state assignments will be published by May 7
Some reshuffling may happen right up until the cyberbattle kicks off
The Standoff cyberbattle is...
A cyber exercise where infosec specialists test the defenses of company systems from various economic sectors using virtual states as their testing ground
During the battle, the red teams, acting as hackers, split into two clans and attack the systems of virtual states, State F and State S. For example, they might try to steal bank customer data, hack the traffic light control system, or halt the operation of an oil refinery. Teams earn points for successful attacks, with the top four teams of the winning clan battling it out for the first place.
Meanwhile, the blue teams — cybersecurity specialists — are tasked to detect and investigate attacks, as well as to respond to these threats.
Meanwhile, the blue teams — cybersecurity specialists — are tasked to detect and investigate attacks, as well as to respond to these threats.
Cybersecurity is crucial for protecting users, companies, and entire countries as it helps to ensure continuous operation of all economic sectors.
The Standoff cyberbattle demonstrates how insufficient protection of high-profile businesses and critical facilities can lead to catastrophic consequences.
Cyberbattle participants can get a feel for the infrastructure of various industries, test their ability to discover security flaws, and experience the intensity of lifelike cyberattacks.
The Standoff cyberbattle demonstrates how insufficient protection of high-profile businesses and critical facilities can lead to catastrophic consequences.
Cyberbattle participants can get a feel for the infrastructure of various industries, test their ability to discover security flaws, and experience the intensity of lifelike cyberattacks.
The infrastructure of the virtual states is represented by 3D models. Each industry has its own 3D model with buildings and facilities that suffer the consequences of attacks much like they would in real life: luggage piles up on the conveyor belt at the airport, trains derail, blackouts occur, and oil tanks overflow.
A bit of cyberbattle lore
How all this comes together can be discovered at Moscow's Luzhniki sports complex on May 22–25.
Standoff 13 features some noticeable changes: besides the well-known State F, a new powerful infrastructure has emerged on the international cyberarena—State S.
Although State S was formed recently, its rapid economic growth has sparked interest from neighboring countries, and its unprecedented rate of technological development has attracted hackers. As a result, hackers now have an expanded array of targets, while defenders face a substantial increase in their protective duties.
Although State S was formed recently, its rapid economic growth has sparked interest from neighboring countries, and its unprecedented rate of technological development has attracted hackers. As a result, hackers now have an expanded array of targets, while defenders face a substantial increase in their protective duties.
So what else is new?
Since 2016, we've been preparing a complex infrastructure for each battle so that the bravest pros can put their skills to the test
At Standoff 13, there will be two virtual states: the well-known State F and the absolutely new State S with its own infrastructure and industries including oil and gas, metallurgy, energy, and more
State S
For the red teams, the cyberbattle will take place in two stages.
In the first stage, we'll divide hacker teams by state to form two opposing clans. Each clan will have its own objectives in the rival state, and the clan that accomplishes the most objectives wins.
Rankings within the clans will be based on points that each team earns for triggering security events and discovering vulnerabilities. The top four teams from the winning clan will move on to the second stage, the playoffs, and will battle it out for the top spot.
In the first stage, we'll divide hacker teams by state to form two opposing clans. Each clan will have its own objectives in the rival state, and the clan that accomplishes the most objectives wins.
Rankings within the clans will be based on points that each team earns for triggering security events and discovering vulnerabilities. The top four teams from the winning clan will move on to the second stage, the playoffs, and will battle it out for the top spot.
Mechanics for red teams
The blue teams won't be tied to either state and will be able to protect their respective sectors in one of two modes: investigation (monitoring) or defense (response).
In monitoring mode, the blue teams' task is to document as many incidents as possible and investigate all attacks.
In response mode, the teams can additionally prevent and repel attacks to protect their sector.
In monitoring mode, the blue teams' task is to document as many incidents as possible and investigate all attacks.
In response mode, the teams can additionally prevent and repel attacks to protect their sector.
Opportunities for blue teams
A grand prize pool of ₽7,5 mln
- ₽2,5 mlnTo be shared among the top 10 red teams
- ₽5 mlnFor completing a special task from Positive Technologies
On the chopping hacking block
What's coming up in the playoffs
The top four teams from the winning clan will take on special tasks to battle it out for the jackpot.
Who is this all for
Security researchers
(red teams)
(red teams)
Red teams compete with each other and attempt to pull off as many attacks as possible. They can then use this experience to excel in real-world pentesting and bug hunting.
Guests
Anyone can come to the cyberbattle to see how hackers break security systems and what impact their attacks have.
Blue teams test their detection, investigation, and response skills to level up their abilities to protect real companies.
Cybersecurity specialists
(blue teams)
(blue teams)
What's happening when
March 20–April 10
Qualifying round for the red teams
April 15
Announcement of the results of the qualifying round for the red teams
May 22
10:00–20:00
First day of the cyberbattle
First day of the cyberbattle
May 23
10:00–20:00
Second day of the cyberbattle
Second day of the cyberbattle
May 24
10:00–18:00
Third day of the cyberbattle
Third day of the cyberbattle
May 25
10:00–18:00
Grand finale: cyberbattle playoffs
18:30–19:00
Awards ceremony
Grand finale: cyberbattle playoffs
18:30–19:00
Awards ceremony
How to participate
Sign-ups for Standoff 13 are now closed
If you want to set up your own cyberbattle, contact us at hello@standoff365.com, and we’ll come up with something exciting together.
Follow us on Telegram so that you don't miss out on the next cyberbattle.
Standoff 12 gallery
If you're a student...
Keep track of the Russian student cyberbattle, also taking place at Moscow's Luzhniki sports complex on May 23–25.
The battle is held exclusively for students and postgraduates of Russian universities, but anyone can tune in.
Glossary
These are events that can cause severe damage to the company, disrupting its core activities or even leading to a shutdown. Each company defines its own list of non-tolerable events depending on its size, risk level, and the industry it belongs to.
Attackers participating in the cyberbattle can realize 15 non-tolerable event scenarios. For example, they can bring trains to a standstill, shut down all electrical substations, and cause an oil pipeline leak.
Attackers participating in the cyberbattle can realize 15 non-tolerable event scenarios. For example, they can bring trains to a standstill, shut down all electrical substations, and cause an oil pipeline leak.
Such events inflict financial and reputational damage on organizations, can temporarily disrupt the operation of a business or individual departments, lead to human casualties, create health threats, or cause environmental damage.
At Standoff 13, attackers can trigger about 150 unique critical events. For instance, they can cause a breakdown in the passenger check-in system, leak employees' personal data, or intercept CCTV feeds.
At Standoff 13, attackers can trigger about 150 unique critical events. For instance, they can cause a breakdown in the passenger check-in system, leak employees' personal data, or intercept CCTV feeds.
Attacker teams, aka the reds, attackers, or white hat hackers. Their goal is to find security flaws in companies' systems and conduct successful attacks. At Standoff, red teams compete with each other, and the winners get prizes.
These are teams of cybersecurity specialists who detect and investigate attacks. They’re also known as defenders. Blue teams do not compete with red teams or each other. Participating in Standoff enables them to understand attackers' way of thinking better and test their own skills, gaining valuable experience that will help them in their real job.
A virtual state model that emulates all key industries (including industry-specific workflows and systems) and is used for holding cyber exercises. This enables specialists participating in cyber exercises to get to know different security tools, identify infrastructure flaws, or get hands-on experience with investigating attacks.
The virtual states are cyberspaces that emulate infrastructure and security systems of real-world companies and facilities that ensure the viability of entire countries. This includes power plants, an oil refinery, banks, a mission control center, and much more.
All systems in these states are deployed by means of virtual machines and software that are made to be as realistic as possible.
All systems in these states are deployed by means of virtual machines and software that are made to be as realistic as possible.
To conduct an attack and earn points for it, red team members must obtain access to the virtual machines and software of an organization located in either state.
For example, they can send a phishing email with a malicious attachment to an employee. If the organization uses outdated software, the hackers can gain persistence in the system and steal data or take control over the operations center.
For example, they can send a phishing email with a malicious attachment to an employee. If the organization uses outdated software, the hackers can gain persistence in the system and steal data or take control over the operations center.
