the executive's dilemma.
can you save the day?
We’re in a bit of a pickle.
The CEO of Foogle (definitely not Google) has been hit with a ransomware attack. Uh-oh!
The CEO has done some investigation already but seems to have given up and gone into hiding, so you've been left in charge of sorting this thing out. The only things left behind were a locked briefcase, phone, wallet and a notebook.
You have one hour before the attacker releases our sensitive information to Rupert Murdoch and his cronies, damaging our reputation with clients beyond repair. Good luck!
Alongside more 'technical' learning outcomes, like those listed below, our escape rooms all help to develop players' core skills. Working in groups, participants can expect to build on their teamwork, problem solving, and communication skills whilst learning about information security. It's kind of a package deal.
Players should be able to easily identify the password used for the laptop.
The notes about password complexity within the notebook can be used as a learning tool to share with players and start a discussion about whether their own passwords comply with these recommendations.
Passwords, or specific elements of people's passwords, should not be discoverable on social media.
Ask players to consider what info they might share on social media that forms a part of their own passwords. Recommend to players that they review their privacy settings.
Password reuse is one of the attack vectors used by real life threat actors to compromise accounts.
Talk to players about how password reuse has helped them be successful in this game and discuss how attackers can use the same method in their endeavours.
It will be easy for players to identify how the ransomware attack happened in the first place.
Discuss with players about how to identify phishing attacks, what they should do if they think they've been the subject of one, and how to prevent this in the future.