2016 was the 4th year the NSA ran its Codebreaker Challenge. It’s targeted at US college students, but anyone with a .edu email address at their disposal can join in the fun. Each year they have a series of challenges based on a unique scenario. This year the challenges revolved around remotely controlled IEDs.

Terrorists have recently developed a new type of remotely controlled Improvised Explosive Device (IED), making it harder for the U.S. Armed Forces to detect and ultimately prevent roadside bomb attacks against troops deployed overseas. The National Security Agency (NSA), in accordance with its support to military operations mission, has been asked to develop capabilities for use against this new threat. This will consist of six tasks of increasing difficulty, with the ultimate goals of being able to disarm the IEDs remotely and permanently render them inoperable without the risk of civilian casualties.

To accomplish this, there were six different tasks to be completed. The tasks were progressively harder and built upon the techniques discovered in the previous tasks:

• Task 1: Compute a hash and identify IED network ports
• Task 2: Refine IED network traffic signature
• Task 3: Decrypt IED key file
• Task 4: Disarm an IED with the key
• Task 5: Disarm any IED without a key
• Task 6: Permanently disable any IED – Part 1
• Task 6: Permanently disable any IED – Part 2

This was the first year I competed in this challenge and was able to work through five of the six tasks. The sixth task was quite difficult, with only 15 people successfully completing it. I think I came close on it, but ran out of time at the end.

The above items will go to breakdowns of each task once they’re live, including what worked and, just as importantly, what didn’t. For Task 6, I’ll detail what I had discovered thus far and will update that with an explanation of the solution once they post it in the coming weeks.