52 cards and a 20-sided die. This, and a complete lack of creativity or capability is what is standing between you and total victory for your team. Backdoors and Breaches has gained widespread adoption amongst information security professionals as a fun game to play, but still has a large barrier to entry when it comes to being a fun game to lead. That is because being a successful Incident Captain requires a bit of creativity and quick thinking to keep the game flowing. Backdoors and Breaches, when played properly, is a fun game to teach information security professionals about the tactics, methods, and tools used in cyber attacks and defense. Released in 2019 by Black Hills Information Security, the game is designed to be played with at least 2 people, and typical gameplay lasts between 30 and 60 minutes per game. One of the nice things about Backdoors and Breaches is that you can create custom scenarios to have a nearly endless ability to spawn new scenarios and games for the participants (“the defenders”).
Yesterday, a small but determined group of professionals banded together with the purpose of creating a guide for would-be incident captains on how to effectively manage and facilitate games of Backdoors and Breaches. While still in the ideation phase, the book currently sits at 18 chapters and counting. The guide takes the Incident Captain through the mechanics of the game and getting the most out of the experience. Then the guide describes each card in the deck, suggesting pairings and related cards that can be used to shift a scenario a specific way of the Incident Captain’s choosing. Finally, the book provides several example scenarios and handy reference material that you can use during your Backdoors and Breaches scenarios. Here is a tentative, and likely incomplete listing of chapters and topics for the guide:
Part 1: The Basics of Backdoors and Breaches
- Chapter 1: All About Backdoors and Breaches
- Chapter 2: Participant Roles in Gameplay
- Chapter 3: Anatomy of a Backdoors and Breaches Procedure Card
Part 2: The Playing Cards
- Chapter 4: Attack Cards
- Chapter 5: Initial Compromise Cards
- Chapter 6: Pivot and Escalate Cards
- Chapter 7: C2 and Exfil Cards
- Chapter 8: Persistence Cards
- Chapter 9: Inject Cards
- Chapter 10: Consultant Cards
- Chapter 11: Expansion Set Cards
Part 3: Building a Scenario in Backdoors and Breaches
- Chapter 12: Defining Your Initial Scenario
- Chapter 13: Selecting Your Attack Cards
- Chapter 14: Selecting Your Procedure Cards
- Chapter 15: What Makes for a Good Scenario?
- Chapter 16: What to Avoid in Your Scenarios
Part 4: Example Scenarios and Reference Material
- Chapter 17: Example Scenarios
- Chapter 18: Reference Material
It is our hope that this guide will encourage other practitioners to pick up Backdoors and Breaches and host a game in their respective area or organization. In a business world that attempts to squeeze every penny of investment into their information technology budgets, Backdoors and Breaches is a no-brainer for organizations to practice their incident response capabilities and collaboration skills. Unfortunately, there are simply too many people that enjoy the game that do not possess the skills to serve as Incident Captain. For those of you that have played, or attempted to play the game, we need your input! This guide will only be as useful as the people that are looking to read it; therefore, we would like to capture as many diverse opinions and techniques as possible. I am also looking for writers, an editor, and technical reviewers. Our guiding principles are as follows:
1. The guide must be free to all readers. This isn’t about profit; rather about giving back to the community.
2. Black Hills Information Security must approve of what we are writing.
3. The guide must, at a minimum, teach potential incident coordinators on how to launch and facilitate a game of Backdoors and Breaches.
Sound like something you can get behind? Reach out to me on LinkedIn or contact me via email and I will add you to our band of brothers and sisters!