Table of Contents
The Competition
TryHackMe’s Industrial Intrusion CTF was one of the biggest cybersecurity competitions I’ve participated in. Over 50,000 student teams globally, a $45,000 prize pool, and challenges that tested everything from network forensics to ICS/SCADA security.
Industrial cybersecurity is a different beast from your typical web app pentesting. You’re dealing with protocols like Modbus, DNP3, and OPC UA. The stakes in real life are physical — power grids, water treatment plants, manufacturing lines.
Our Approach
We divided the challenges into categories and played to each team member’s strengths. I focused primarily on the network analysis and forensics challenges, which involved parsing packet captures from simulated industrial networks and identifying indicators of compromise.
The key insight that pushed us into the top ranks was treating the challenges as a connected narrative rather than isolated puzzles. The attackers in the simulation followed a realistic kill chain, and once we mapped that out, the remaining flags fell into place.
Key Takeaways
ICS security is critically understaffed. The challenges highlighted just how vulnerable industrial systems are. Most organizations still run legacy protocols with zero authentication.
Forensics is underrated. While everyone was rushing to exploit boxes, we spent time carefully analyzing logs and network traffic. That patience paid off in points.
Team coordination matters more than individual skill. We weren’t the most experienced team, but we communicated well and avoided duplicating effort.
What This Means Going Forward
This result validated my interest in cybersecurity beyond just CTFs. I’m now working toward CompTIA Security+, CompTIA PenTest+, and ISC2 CC certifications. The goal is to build real-world expertise, not just CTF skills.
If you’re getting into cybersecurity, my advice: don’t just do boxes. Learn forensics, study protocols, and understand how real attacks unfold. The best hackers think like defenders.