This is part 1 of a 2 part blog. Check back soon for part 2.

Where and when did the program take place?

Hacktober took place throughout October 2023  to coincide with Cybersecurity Awareness Month. It was a hybrid event, with participants connecting from 15 hub locations across Switzerland. It was full of security talks, virtual and on-site workshops, and Cyber Escape Rooms to stimulate the mind. Swisscom utilized Immersive Labs to run a multistage hackathon throughout Hacktober.

Hacktober Stats:

• 15 partners
• 925 participants
• 34 security sessions and workshops

What did Swisscom hope to achieve with the hackathon?

The hackathon was designed to sharpen participants’ skills, apply their knowledge, and enhance problem-solving abilities in real-world scenarios. Swisscom also sought to benchmark cybersecurity skills, identify hidden talent, and foster collaboration and teamwork to improve situational awareness and decision-making.

Apart from the technical cybersecurity aspects, the event also aimed to test participants' decision-making and judgment in simulated crisis situations. Through all these initiatives, Swisscom aimed to develop deeper relationships between team members and strengthen the cybersecurity capability of individuals, teams, organizations, and the entire nation of Switzerland!

How was the hackathon structured?

The Hackathon was structured as follows:

 

Communication

Successful event promotion drove engagement and participation. A series of marketing emails created excitement and emphasized collaborative learning. The launch email, in particular, sparked curiosity about cybersecurity and offered a sneak peek at the agenda. Opening the event to Swisscom’s partners encouraged collaboration and networking across Switzerland, broadening the event’s reach and inclusivity.

Registration

Upon registration, participants could choose their own adventure:

1. Participate as an individual in the Experience Labs or,
2. Participate as a team in the Main Event

Experience Labs

The Experience Labs encompassed a series of exercises and challenges as follows:

Side Hustle

The Side Hustle track was designed to familiarize participants with the Immersive Labs platform and its user interface before diving into the core event challenges. These tasks were aimed at participants who opted to engage only in this challenge from the start or those who didn’t make it to the event finals. The Side Hustle track didn’t contribute to any scores or leaderboards, but rather served as a preparatory stage for participants, ensuring they were comfortable navigating the event platform before facing the main challenges.

Swisscom chose a selection of beginner difficulty Hands-on Labs, Crisis Simulations and Workforce Exercises with a focus on effective decision-making, situational awareness, communication skills and supply chain security.

Lab Challenges

The Lab Challenges were a set of exercises assigned to participants who didn’t wish to participate in the Main Event. They were also available to participants who had chosen to participate in the Main Event, but didn't succeed to the finals.

The results of these challenges were collected in an Experience Labs leaderboard – a mini-competition for participants who didn’t want to participate in the main event.

For this challenge, Swisscom chose a selection of beginner and intermediate difficulty Hands-on Labs from a range of different disciplines including Fundamentals, Defensive Security, Offensive Security, Cloud Security, Application Security, AI and IT-OT.

The Main Event

Qualification rounds

During qualification, all teams competed in tasks of varying difficulty to showcase their skills. Beginner tasks focused on incident response, while expert tasks required advanced offensive and defensive skills. The top ten teams from each track advanced to the finals, ensuring that the most skilled teams faced the more intensive final challenges, creating a competitive and engaging event.

For the qualification round, Swisscom chose a small number of expert difficulty Hands-on Labs from the Incident Response, Offensive Security and Defensive Security collections.

Final round

The Hacktober final saw the top ten teams tackling advanced challenges to win the title. Beginner teams faced the defensive scenario “Operation Kobold”. Expert teams faced either “The Heist” for offensive tracks or “Detecting Silver” for defensive tracks. Success was measured by the number of tasks completed in the least amount of time, crowning a winner in each track and culminating the event.

For the final round, Swisscom chose a small number of expert difficulty Hands-on Labs and Team Simulations from the Incident Response, Offensive, Security, and Defensive Security collections.

Event structure diagram

What were the results?

• 351 participants from 15 Swiss organizations improved their situational awareness and decision-making abilities.
• 66 Teams attempted four different CTF challenges:

• • CTF Beginner (3 teams)
  • CTF Defensive (2 teams)
  • CTF Offensive (10 teams)
  • CTF Experience (51 teams)

• 225 users spent an average of 6 hours in labs
• 97 users spent an average of 5.7 hours in technical labs

As a result, Swisscom turned their MITRE ATT&CK Framework blue in a single day:

Do you have any thoughts or questions about the Hacktober event? Have you ever run a similar event using Immersive Labs? Please let us know in the comments below.