Teams of the world's strongest white hat hackers and defenders will come together at the year's main cyberbattle.

cyber_battle

International Standoff 17 Cyberbattle

IZOLENTA

D0br03 utr0

Threat Nuggets

Energy

akPots

When communication disappears in State F, people first check their phone. Then they reboot it. And only when they go to the window in search of the coveted signal bars do they realise: the problem is not on their end.

Veleron Telecom is the country’s largest operator. In normal operation, its infrastructure is absolutely invisible. Base stations on rooftops, humming billing server rooms, traffic filtering systems, satellite dishes outside the city — all of this is woven into a colossal IT artery. Through it flows half the state’s economy: from mobile internet and home TV to corporate clouds.

Under Veleron’s hood is an immensely complex technical landscape: rating modules, mobile core management systems, eSIM generation platforms, and IPTV broadcasting balancers. For the operator’s engineers, it is heavy daily routine to support the hardware and software. And for malefactors — a luxurious attack surface with thousands of potential entry points.

There are no isolated failures here. An error or a successful breach inside this network instantly strikes across the whole of State F.

The billing system goes down — and millions of subscribers are left without communication, while payment terminals in shops stop working. IPTV servers are compromised — meaning that right in the middle of prime time, fake emergency alerts can be broadcast onto screens. An attack on a cloud cluster drags CRM systems, shops, and delivery services down with it. And if hackers manage to reach the call detail logs, they obtain a ready-made map of social connections, before which any classical wiretapping pales.

Communication long ago ceased to be just a sector. It is now the load-bearing structure of the entire State.

That is precisely why any major incident in Veleron Telecom instantly mutates from a technical fault into a political, economic, or social crisis.

Telecom

Grep_Tribe

The rhythm of the City never falls silent for a second. Whether it’s early morning or deep into the night, couriers dart through the streets, self-checkout counters hum in 24-hour markets, and pickup-point doors swing open for yet another customer. The retail market in State F is controlled by RetailSTF Group. It has built its trading empire so that a purchase feels entirely natural: no one stops to think about the computing power behind the delivery of an evening pizza or a new pair of sneakers.

Behind the invisible convenience lies a vast digital infrastructure: a network of online stores and pickup points, fast-food restaurants, and large-scale warehouse complexes with automated security and video surveillance. The company’s unique asset is the YeastCraft platform: it grew out of the craft-beer segment and turned into a marketplace for live cultures, where microbiologists sell strains directly to breweries, and the breweries then select a genetic composition tailored to a specific request.

All the systems work as a single circuit: ordering, payment, delivery and handover are compressed into minutes. But where business sees flawless connectivity, hackers see an ideal attack surface.

Tamper with the video feed — and the security system goes blind while uninvited guests move through the warehouse. Find a vulnerability in the self-checkout logic — and bonus points flow in an endless stream into somebody else’s pockets. Release a fake barcode — and “18+” goods end up in hands without a single age check. And if they get to YeastCraft and alter the order data, diastatic yeast will be shipped to the plant instead of the required strains, turning an entire product batch into a defect.

For State F these are not abstract threats. The company’s infrastructure is stitched too deeply into daily life, and if it collapses, everyone will feel the consequences — from the lover of an evening pizza to the owner of a large-scale production facility.

Retail

ReKad Team

The railway of State F is rarely noticed — as long as it works. The endless freight trains hauling coal and metal, the packed morning commuter trains, and the express trains hurtling through the night are all governed by a single schedule. Logistics here is calibrated to the minute, and every switch, signal, and dispatcher’s console is tied into a unified digital system on which the life of the entire State F depends.

The industry monopolist is the Heavy Logistics corporation. It manages stations, marshalling yards, depots, as well as its own training centres and departmental polyclinics. For attackers, a multitude of vectors opens up here: targets include both conventional corporate networks and the closed industrial loop.

Tampering with the timetable on station displays will create chaos on the platforms. Interference with dispatching centres can alter routes and provoke a large-scale accident. But the most interesting things lie on the periphery. For example, hackers can reach the databases of departmental polyclinics to pull a healthy crew off the line or, conversely, send a driver with an expired medical clearance out on a run. It is possible to go even more subtle: infiltrate the training LMS systems and quietly substitute the regulations. Trainees will cram distorted safety rules without ever suspecting it and, with their own hands, will prepare a future catastrophe.

The peculiarity of the railway is that the consequences of an attack always extend beyond a single company. The delay of one train triggers a chain reaction: passengers run late, deliveries are disrupted, factories stand idle, and motorways choke from overload.

Residents of the City have grown accustomed to thinking of trains as the most reliable part of State F’s infrastructure. That is precisely why every failure here is felt especially acutely. When a dispatcher sees an order on the screen that they never gave, the whole country understands: a successful cyberattack here is not just a defaced website. It is interference in the physical movement of thousands of tonnes of metal hurtling through the night at 120 kilometres per hour.

Railway sector

Жаным }|{aHblm

The heavy industry of State F rests on a single steel backbone — the Steelhill corporation. It is an enormous production ecosystem that unites a coal-mining and ore-dressing combine with the metallurgical giant MetalliKO.

In the north, Steelhill bites into the largest coal basin. What is extracted here is not merely raw material, but literally energy for the entire region: the local coal supplies both metallurgical furnaces and regional thermal power plants. Underground mines, haulage drifts, and beneficiation plants work as a single mechanism. Right at the combine, the company’s own coke-chemical plant smokes — the pride of the company, enabling it to abandon external coke suppliers. It is precisely from here that an uninterrupted flow of fuel for the steelmaking cycle comes. Let the mine hoists freeze — and the whole region will start to run a fever.

Further south sprawls MetalliKO — the flagship combine of State F. It is divided into two autonomous worlds. The first is classical metallurgy: the roar of blast furnaces, converters, and rolling mills. The second is a titanium shop, with its own raw materials and unique process technologies. Both steel and titanium sponge flow out from here across the entire country: from large-scale railway construction projects to the luxury skyscrapers of the City.

All production activity rests on a developed digital infrastructure. Corporate IT systems here are tightly interwoven with industrial ICS networks. Environmental monitoring sensors, safety controls in the mines, and hundreds of PLCs that directly command the rolling mills and furnaces — all of this is the unified digital framework of Steelhill.

For hackers, an immense field of attack opens up here: from the operator consoles at the coal beneficiation plant to the corporate IT servers. And the most dangerous thing is that attackers do not need to break everything in succession. It is enough to strike a single vulnerable point to set off a chain reaction.

For instance, stopping the water supply pump in the quenching tower of the coke-chemical plant — at first glance, a local failure. But without cooling, the incandescent coke not only loses its commercial properties — it begins to burn.

A fire on the coke-sorting platform forces a halt to the unloading of the coke-oven batteries; the product builds up, and the entire coke-chemical section comes to a standstill. Without coke, MetalliKO reduces steel output, and within a few days construction contractors in the City face a shortage of rolled metal and a rise in prices for infrastructure projects.

The stoppage of the main ventilation fan looks no more frightening, but in practice it means an emergency evacuation of the mine and a complete halt of extraction. If the downtime drags on, fuel stops reaching the regional thermal power plants — and power engineers are forced to switch the stations to reserve stocks or restrict the supply of capacity to industrial consumers.

Mining and metallurgy

BSOD Squad

Behind the glass facades of the City, uninterrupted digital life seethes. Every second, terabits of traffic fly through the backbone fibre-optic channels. In the humming halls of data centres, server indicators wink at each other, while cloud platforms non-stop route payments, video calls, and the data of thousands of companies.

The IT sector is the fundamental framework of State F, upon which banks, telecoms, logistics, and city services are tied. As long as everything works, residents take it for granted. But knock out a couple of digital pillars, and the rhythm of the metropolis collapses minute by minute.

The heart of this ecosystem is the Staforix corporation. This technological giant has subjugated the clouds, the telecom infrastructure, educational platforms, and corporate software. On its capacities runs the better half of the State F economy.

For attackers, Staforix’s infrastructure presents a colossal and tempting attack surface. In the crosshairs are virtualisation systems and reverse proxies, internal CI/CD pipelines, and the file storage of head offices. And alongside them — hardcore industrial targets: cooling and power management systems for data centres, billing systems for exhibition centres, and the workstations of dispatchers at critical facilities.

It is here that cybersecurity breaches directly affect the physical world. Take down the air-conditioning system in a data centre — the servers overheat and the clouds fall in cascades. Hack the UPS — the infrastructure goes dark with irreversible loss of customer data. And a successful attack on the supply chain of a development company means that a fresh update will spread malicious code across dozens of corporations.

But failures hit hardest at ordinary people whose lives are tied to Staforix. A hacked educational portal wipes out exam results. Cyber sabotage disrupts the opening of a prestigious exhibition. An activated automatic irrigation system floods the pitch in the middle of a stadium match. An intercepted control system accelerates the gondolas of a cableway over the city to critical speed. Businesses lose contracts, investors lose money, and residents learn State F’s harsh lesson: any digital system is only as reliable as its ability to withstand a real strike.

IT sector

SeeLion

Banks in State F long ago ceased to be simply a place where money is kept. Here, people pay for purchases by QR code, arrange loans in a matter of minutes, open accounts without visiting an office, and transfer digital rubles between organisations.

The financial landscape is shaped by three major players. Global Digital Bank develops digital services and serves clients entirely online. First Partner Bank bets on a partnership ecosystem, QR payments, and the digital ruble platform. And Commercial Bank of Standoff is responsible for the corporate segment, interbank settlements, and business lending.

Attackers have access both to the banks’ external services and to their internal infrastructure: web portals, Kubernetes clusters, interbank transfer systems, customer databases, operators’ workstations, and digital ruble interfaces. The compromise of a single vulnerable system here rarely remains a local problem. The takeover of a container can lead to an attack on the entire cluster; hacking an internal portal can halt the connection of partners to the instant payment system; and data tampering on the digital ruble platform can cause panic among businesses and regulators.

The consequences of successful attacks quickly extend beyond a single company. Leaks of passport data trigger a wave of fraud and lawsuits. Disruption of interbank transfers hits supplies, salaries, and settlements between enterprises. The compromise of digital ruble systems endangers trust in the state’s new financial infrastructure.

When financial services work invisibly, hardly anyone thinks about them. But the moment the ability to pay for a purchase, receive a salary, or transfer money to a supplier disappears, digital comfort instantly turns to chaos.

International Standoff 17 Cyberbattle

Banking

Results