HOW TO PLAY

Defend your infrastructure against cyber attacks

OVERVIEW

You are a Security Operations Center (SOC) analyst defending your organization's infrastructure against an AI-driven cyber attack.

The game is turn-based. Each turn represents 4 hours of real-time crisis management.

You have 30 seconds per turn to decide your action. If time runs out, the attacker gets a free move!

OBJECTIVES

VICTORY CONDITIONS

  • Neutralize all compromised assets
  • Survive until the attacker gives up (18 turns = 72 hours)
  • Maintain critical systems operational

DEFEAT CONDITIONS

  • Budget reaches $0K (bankruptcy)
  • Reputation drops to 0% (public relations disaster)
  • All backup systems are destroyed
  • Critical infrastructure is fully compromised

METRICS

BUDGET

Your available funds for defensive actions. Each action has a cost. Running out means game over!

REPUTATION

Public trust in your organization. Drops when attacks succeed or data is leaked.

AVAILABILITY

System uptime percentage. Affected when services go down or assets are isolated.

INTEGRITY

Data integrity score. Drops when attackers encrypt, corrupt, or exfiltrate data.

AVAILABLE ACTIONS

Skip/Wait $0K

Do nothing this turn. Sometimes waiting for more intel is wise.

Isolate Asset $5K

Disconnect an asset from the network. Stops spread but reduces availability.

Emergency Patch $8K

Apply emergency security patches. Can prevent further exploitation.

Restore Backup $15K

Restore a compromised asset from backup. Returns it to healthy state.

Call CERT $25K

Call in the Computer Emergency Response Team. Powerful but expensive.

Crisis Comms $10K

Issue public communications to manage reputation damage.

Kill Switch $0K

Emergency shutdown. Drastic but can stop an active attack.

Analyze Logs $3K

Review system logs. May reveal attacker's next target.

Forensic Analysis $12K

Deep forensic investigation. Reveals attack patterns.

Alert Staff $5K

Send security awareness alert. Reduces phishing success.

SCORING

Your final score is calculated based on:

  • Remaining budget
  • Final reputation percentage
  • System availability maintained
  • Data integrity preserved
  • Number of turns survived
S Master Defender (90%+)
A Expert Response (80-89%)
B Solid Defense (70-79%)
C Adequate Response (60-69%)
F Critical Failure (<60%)

PRO TIPS

  • Don't panic! Attackers want you to make hasty decisions.
  • Isolating assets early can prevent spread, but hurts availability.
  • Keep some budget in reserve for emergencies.
  • Watch the attacker's patterns - they often follow predictable sequences.
  • Protecting backups is crucial - without them, recovery is impossible.