July 31, 2016 By Aidan Knowles 2 min read

Cyber defenders need to think on their feet and keep calm when managing serious incidents. A unique, interactive game at this year’s Black Hat USA event will put participants’ cool to the test.

The attraction utilizes 3-D printed models, cheap electronic motors, four Arduinos and repurposed components from the popular board games Hungry Hungry Hippos and Mind Flex. Jason Flood and John Clarke, two cybersecurity specialists from the IBM Ireland Lab, are behind the DIY project.

“As a child, the most frantic of all games was Hungry Hungry Hippos. As an adult, it’s cyberattack management,” Flood remarked.

One of the goals when creating the project was to make it affordable, accessible and reproducible.

“We used open source and low-tech solutions wherever possible. Almost everything is 3-D printed,” explained Clarke.

The pair have spent many hours constructing their project for the highly anticipated annual Black Hat security conference, and it will be on display as part of IBM’s exhibitor space during the two-day main event, happening Aug. 3 to 4.

Passersby to the IBM booth will be invited to don a headset equipped with brain wave sensors. These hackable headsets, repurposed from the Mind Flex board game, are powered by interconnected Arduino microcontrollers. The Arduino-improvised network will communicate via APIs to generate brain wave charts, displaying and comparing rival players’ data against each other in real time.

This brain activity will directly determine the responsiveness and speed of the corresponding player’s hippo. The lower their brain activity, the quicker the participants’ hippos will move. The player who can manage to stay the most focused will drive his or her hippos the fastest, thereby capturing the most balls and being crowned the winner.

“This project represents the franticness of a cyber incident and the need to find your balance. The winning objective is to be calm. It’s a gamified way of controlling your reactions,” Flood revealed.

Think you have what it takes to stay calm in crisis and manage a major cyberattack? Test your mettle with a game of mind-controlled Hungry Hungry Hippos at Black Hat USA Booth No. 908.

More from X-Force

Ongoing ITG05 operations leverage evolving malware arsenal in global campaigns

13 min read - As of March 2024, X-Force is tracking multiple ongoing ITG05 phishing campaigns featuring lure documents crafted to imitate authentic documents of government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production. Beginning in November 2023, X-Force observed ITG05…

Why federal agencies need a mission-centered cyber response

4 min read - Cybersecurity continues to be a top focus for government agencies with new cybersecurity requirements. Threats in recent years have crossed from the digital world to the physical and even involved critical infrastructure, such as the cyberattack on SolarWinds and the Colonial Pipeline ransomware attack. According to the IBM Cost of a Data Breach 2023 Report, a breach in the public sector, which includes government agencies, is up to $2.6 million from $2.07 million in 2022. Government agencies need to move…

CVE-2023-20078 technical analysis: Identifying and triggering a command injection vulnerability in Cisco IP phones

7 min read - CVE-2023-20078 catalogs an unauthenticated command injection vulnerability in the web-based management interface of Cisco 6800, 7800, and 8800 Series IP Phones with Multiplatform Firmware installed; however, limited technical analysis is publicly available. This article presents my findings while researching this vulnerability. In the end, the reader should be equipped with the information necessary to understand and trigger this vulnerability.Vulnerability detailsThe following Cisco Security Advisory (Cisco IP Phone 6800, 7800, and 8800 Series Web UI Vulnerabilities - Cisco) details CVE-2023-20078 and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today