The goals of capture the flag (CTF) are simple—outthink, outwit, outhack. If you run in cyber circles you already know how to play: Apply real-world hacking tools to infiltrate a computer system, find intentionally placed vulnerabilities, and exploit them to capture a “flag," a string of code that proves you discovered the flaw.
“There’s a whole underground culture around it,” says Tim Nary, resident cyber expert at Booz Allen’s Dark Labs, the firm’s elite group of security engineers.
“Yeah, we’re all nerds,” laughs Fred Frey, Dark Labs’ technical director.
But what you may not know is that Booz Allen’s leadership, recognizing the development potential of CTF, supports these players and their passion, in ways big and small.
It’s all part of the firm’s mission to empower people to change the world, tap our collective ingenuity, and invest in our talent over the long term to create opportunities for the future. CTFs help us—and you—achieve that in several ways.
“CTF teaches you to learn on the fly and work with technologies and systems you might not have used before,” Tim says. “You need that hacker spirit, that creativity, that way of figuring out how to get around constraints. You have to outthink someone who’s trying to stop you from doing what you’re doing.”
It’s a battle that develops teamwork, improvisation, offensive and defensive strategy, and, above all, persistence.
“It’s a cyber war game,” says Tim. “Secrets are hidden in technical puzzles and we have to crack them.”
Fred describes CTF players as “people who like mysteries and challenges. You need a thorough knowledge of computer science: Not just how to program, but how not to program. You have to know reverse engineering, higher-level programming languages, low-level assembly code instructions, security vulnerabilities. Whoever’s writing the binary is your opponent and you’re trying to find a weakness in their game.”