The CyberPatriot Program, co-founded by the Air Force Association and CIAS, inspires students nationwide to pursue careers in cybersecurity or other science, technology, engineering and mathematics (STEM) disciplines.
The CyberPatriot Booster pack showcases some of the lessons that the competition’s participants learn in the competition. The deck’s rare “CyberPatriot” card enables a player to remove targeted attack cards.
You have taken on a contract with popular entertainment outlets to store archives of all kinds of digital media, while still remaining accessible if network demand for that content increases.
Select an Asset – Server that you have in play and attach this card to it. You receive 1 point each round this card is in play.
Your opponent clicked on a link which ran a program that encrypted all of their files and left a message demanding payment to get those files encrypted.
Select an Asset – System card that your opponent has in play. They receive no points from that Asset – System for 3 rounds. Remove this card from play after 3 rounds.
An unauthorized user on one of your opponent’s machines is transferring sensitive data to an external network, compromising the confidentiality of that data and damaging their reputation.
Select an Asset – Server that an opponent has in play. That opponent loses 4 points at the end of this round for each Asset – Data card attached to the target server. Remove this card from play at the end of this round.
You participated in the CyberPatriot National Youth Cyber Defense Competition, which teaches both middle and high school students basic cybersecurity principles and practices.
Select any number of Password Cracked, Phishing and Forgot to Patch OS cards currently in play and affecting you. Discard all target Attack cards and remove this card when played.
Your opponent’s company was targeted by a special phishing attack known as Spear Phishing. They received emails created specifically to look more convincing to fool them into revealing sensitive information.
Select an opponent. That opponent loses 2 points per round for 3 rounds. Remove this card from play after 3 rounds.
Reports of server unresponsiveness and failures have forced your opponent to take one of their servers offline for maintenance.
Select an Asset – Server that an opponent has in play. That Asset – Server and all cards attached to it do not generate any points this round.
Your opponent responded to an email asking for their security/login information. The attacker can now access your opponent’s account and system.
Select an opponent. That opponent loses two (2) points each round for two (2) rounds. Remove this card from play after two rounds.
You attended a special security training course that taught you all about popular email scams so that you don’t fall victim to those attacks.
Select a Phishing or Spear Phishing attack card that is in play and affecting you. Both this card and the target card are discarded.
Your opponent chose a very poor wireless encryption key which allowed an attacker to crack or break it, thus gaining the ability to monitor their wireless traffic.
Select an Encryption card that your opponent has in play. Both this card and the target Encryption card are discarded.
Your opponent has forgotten to update their firewall rules, which will allow attackers to penetrate it using newer exploits.
Select a Firewall card that an opponent has in play and discard that card. Your opponent loses two (2) points this round. Remove this card from play after one (1) round.
You create a honeypot which is intended to detect unauthorized activity on your network. This closely monitored data appears to contain vulnerable, valuable and useful information, but it is designed as bait for network intrusion detection.
Attach this to an Asset – Server that you have in play. If this Asset – Server is the target of an Attack – Data Breach, you may choose to prevent that attack; if so, discard this Honeypot card.
A server is more powerful than a desktop or laptop, has more memory, and is dedicated to running the services you need for your network.
Select 1 Asset – System that you have in play. Discard that Asset – System and put this card in play. You receive 2 points each round this card is in play.
The CIAS was established at UTSA in June of 2001 as part of UTSA’s creation of a cybersecurity program. The CIAS delivers quality research, training, K-12 education, and competition and exercise programs to advance organizational and community cybersecurity capabilities and collaboration.