CTD Card Game

2020 Starter Deck

The Cyber Threat Defender Starter Deck (2020) is available in both English and Spanish. This decks includes 54 cards, which is the minimum number of cards needed to play. Booster packs can be added to this starter deck to encourage more strategic defensive or offensive play. Specific card types may be featured multiple times in the Starter Deck.

Released May 20th, 2020

Order Deck
Phishing card
Password Cracked card
I Love You Virus card
Denial of Service (Dos) card
Advanced Persistent DoS card
Security Training card
Power Outage card
Poor Encryption Key card
Hardware Failure card
Forgot to Patch OS card
Firewall Rules Not Updated card
Budget Increased card
Anti-Malware Not Updated card
OS Update Patch card
Host-based Firewall card
Encryption card
Backup Power Generator card
Anti-Malware Virus card
Laptop Computer card
ISP Connection card
Desktop Computer card
Dedicated Server card

Wireless Sniffing

An attacker has been listening to the wireless transmissions of your opponent. The attacker has collected critical files and login data and can now access your opponent’s systems.

Select a Wireless Network card that your opponent has in play. Your opponent loses two (2) points each round for two (2) rounds. Remove this card from play after two rounds.

Trojan Horse

Your opponent has downloaded a game which is actually a Trojan Horse, a type of malicious software (malware). While the game is played, the program is also sending copies of files to an attacker.

Select an opponent. That opponent loses one (1) point per round until this card is countered.

Phishing card

Phishing

Your opponent responded to an email asking for their security/login information. The attacker can now access your opponent’s account and system.

Select an opponent. That opponent loses two (2) points each round for two (2) rounds. Remove this card from play after two rounds.

Password Cracked card

Password Cracked

Your opponent picked a bad or weak password. An attacker was able to guess the password and has accessed their accounts and system.

Select an opponent. That opponent loses one (1) point each round for two (2) rounds. Remove this card from play after two rounds.

I Love You Virus card

“I Love You” Virus

Your opponent is hit by the “I Love You” email virus. It appeared to be an email from a friend with the subject “I Love You” but contained an attachment that destroyed system files when opened.

Select an opponent. That opponent loses one (1) point per round until this card is countered and removed from play.

Denial of Service (Dos) card

Denial of Service (DoS)

An attacker has launched a Denial of Service (DoS) attack against your opponent’s systems. One system is now not functioning and no work can be accomplished on it.

Select an Asset – System card that your opponent has in play. That Asset – System cannot generate any points for one (1) round. Remove this card from play after one (1) round.

Advanced Persistent DoS card

Advanced Persistent DoS

These attacks use a variety of methods to attack a target and disrupt their activities. This can last for weeks and is capable of creating diversions to elude security defenses.

Your opponent loses two (2) points per round while this card is in play.

Security Training card

Security Training

You attended a security training course to learn about ways you can improve your security.

Select either a Password Cracked or a Phishing card that an opponent has in play. When played, both this card and the target card are discarded.

Power Outage card

Power Outage

Your opponent experiences a loss of electrical power. This means that no work can be accomplished.

Select an opponent. That opponent loses their turn and receives no points during that round for any of their Asset cards.

Poor Encryption Key card

Poor Encryption Key

Your opponent chose a very poor wireless encryption key which allowed an attacker to crack or break it, thus gaining the ability to monitor their wireless traffic.

Select an Encryption card that your opponent has in play. Both this card and the target Encryption card are discarded.

Hardware Failure card

Hardware Failure

The failure of critical computer and network equipment causes your opponent to lose the use of an asset.

Select an Asset – System card that an opponent has in play. Both the target card and this card are discarded.

Forgot to Patch OS card

Forgot To Patch OS

Your opponent forgot to install a critical security update to their operating system (OS). Their system is now vulnerable to attack.

Select an opponent. If they do not have an OS Update/Patch card in play, choose at random one (1) card from their hand to discard. Otherwise, if they have an OS Update/Patch card in play, remove that card from play. This card is removed from play after use.

Firewall Rules Not Updated card

Firewall Rules Not Updated

Your opponent has forgotten to update their firewall rules, which will allow attackers to penetrate it using newer exploits.

Select a Firewall card that an opponent has in play and discard that card. Your opponent loses two (2) points this round. Remove this card from play after one (1) round.

Budget Increased card

Budget Increased

You received an increase to your security budget and purchased newer and more powerful equipment.

Attach this card to an Asset – System card that you have in play. While the attached Asset – System is in play, it generates one (1) additional point each round.

Anti-Malware Not Updated card

Anti-Malware Not Updated

Your opponent did not update their virus and malware signature database. This means they are vulnerable to recent virus and malware attacks.

Select one (1) Anti-Malware/Virus card that your opponent has in play. Both this card and the target card are discarded.

OS Update Patch card

OS Update/Patch

You have received a notification that there is a critical update to your operation system (OS). It patches a security vulnerability that would allow attackers to take over your computer.

This card will prevent one (1) “Forgot to Patch OS” event card, but this card must be in play before the Forgot to Patch OS event card is in play. You may only have one of this card in play.

Host-based Firewall card

Host-based Firewall

You configure host-based firewalls on all of your systems and servers. Firewalls typically establish a barrier between a trusted internal network and untrusted external network, such as the Internet.

While in play, this card counters and prevents Attack – Denial cards targeting you. You may only have one of this card in play.

Encryption card

Encryption

You activate encryption on your wireless device. This scrambles the signal so that attackers can’t listen to your wireless traffic.

Select a Wireless Network card that you have in play and attach this card to it. That Wireless Network is now encrypted. While encrypted, it cannot be the target of Wireless Sniffing cards. Remove from play any Wireless Sniffing cards that affect the encrypted Wireless Network.

Backup Power Generator card

Backup Power Generator

You recently acquired a backup generator to keep your systems functioning in case of an electrical failure. Once this detects a loss of electricity, the generator immediately begins providing power until the electrical failure is fixed.

You may prevent one (1) Power Outage from affecting you. If you choose to do so, put this card at the bottom of your draw pile. You may only have one of this card in play.

Anti-Malware Virus card

Anti-Malware/Virus

You install or update anti-malware and anti-virus software on your computer systems. This prevents known viruses and other malicious software (malware), but needs to be updated periodically.

This card removes all Attack – Malware cards targeting you and remains in play. While this card is in play, you cannot be the target of Attack – Malware cards. You may only have one of this card in play.

Wireless Router

This wireless router allows laptop computers and other wireless systems to be connected to the Internet through an Internet Service Provider (ISP).

This card allows unlimited Wireless type cards to be put into play.

Laptop Computer card

Laptop Computer

A typical laptop computer that can be used to connect to the Internet via a Wireless Router.

You must have a Wireless Network type card in play before playing this card. You receive 1 point each round this card is in play.

ISP Connection card

ISP Connection

Establishes a connection to the Internet through an Internet Service Provider (ISP).

This card allows you to put 2 Desktop or Server cards into play. You cannot gain points unless you have at least 1 ISP Connection in play.

Desktop Computer card

Desktop Computer

A typical desktop computer that can be used to connect to the internet through an Internet Service Provider (ISP).

You receive 1 point each round this card is in play.

Dedicated Server card

Dedicated Server

A server is more powerful than a desktop or laptop, has more memory, and is dedicated to running the services you need for your network.

Select 1 Asset – System that you have in play. Discard that Asset – System and put this card in play. You receive 2 points each round this card is in play.

Get Updates And Stay Connected Subscribe To Our Newsletter

Subscribe

The CIAS was established at UTSA in June of 2001 as part of UTSA’s creation of a cybersecurity program. The CIAS delivers quality research, training, K-12 education, and competition and exercise programs to advance organizational and community cybersecurity capabilities and collaboration.

Contact

Facebook Youtube Linkedin
© 2024 The Center for Infrastructure Assurance and Security. This work is licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License

CIAS in the news

arrow