NSA's 'Codebreaker Challenge' Features Exploiting Blockchain To Steal Ethereum

"The National Security Agency's 2018 Codebreaker Challenge kicked off on Friday, 9/21, and runs through 12/31," writes Slashdot reader eatvegetables. Each year's challenge -- which is open to U.S. students -- comes with its own (fictitious) backstory which the organizers say is "meant for providing realistic context."

This year's story? A new strain of ransomware has managed to penetrate several critical government networks and NSA has been called upon to assist in remediating the infection to prevent massive data losses. For each infected machine, an encrypted copy of the key needed to decrypt the ransomed files has been stored in a smart contract on the Ethereum blockchain* and is set to only be unlocked upon receipt of the ransom payment. Your mission is to ultimately (1) find a way to unlock the ransomware without giving in to the attacker's demands and (2) figure out a way to recover all of the funds already paid by other victims.

* For the purposes of this challenge, a private blockchain has been created with no real monetary value associated with the Ether.
"The first half focuses on network protocol analysis and binary reverse-engineering," writes eatvegetables, while "The second half is all about attempting to exploit the blockchain."

An email address from "a recognized U.S. school or university" is required, and the original submission notes that America's college students "are already hard at work trying to push their school to the top of the leaderboard."

I have the solution!

[Gravis+Zero]

A new strain of ransomware has managed to penetrate several critical government networks and NSA has been called upon to assist in remediating the infection to prevent massive data losses.

Restore from backups! No backups? Let's start with who we're going to fire for not having backups and work our way up to indictments for gross negligence. ;)

Re:I have the solution!

[tepples]

How would cloud backups survive deletion by the same attacker? Wiki hosting service Orain died when a malicious intruder deleted all of its hosted backups.

Re:I have the solution!

[Gravis+Zero]

If your backups are also online then you have failed to make backups.

Re:I have the solution!

[manu0601]

Restore from backups! No backups?

Of course they have backups. This is US government, they can always ask Wikileaks for copies of their documents.

Re:I have the solution!

[rtb61]

It's called a 1 ton safe, can be onsite and yet for all intents and purposes it is offsite protected by thick steel walls and insulation as a final layer. Don't forget to shut the safe door when you put the backups in.

Now if you want to be sure you are really backing up, then you have to take the really radical step of erasing your system and actually trying to restore it, to see what you have really got. If you are concerned, that you might be backup numbnuts, create a parrallel small empty network and to try restore it as if it was the real thing, not forgeting to erase everything once you have finished.

I can assure you, if you have never attempted restoring major elements of your system, then your backups are likely to be unreliable.