Your mission – should you choose to accept it – is to solve clues and be the first to discover the whereabouts of the infamous cyber-criminal, Carmen CIRT-Diego. You will work in groups to solves a series of riddles, signals, and conundrums that have been left behind by Carmen and her criminal syndicate. Each clue will lead to another, and the group that can solve the clues fastest in order to apprehend Carmen CIRT-Diego will be declared “awesomesauce.
For three sallies, CIRT came together in detective groups to chase and capture the notorious cyber-criminal, Carmen CIRT-Diego. Groups worked through series of riddles, signals, and conundrums left behind by Carmen and her delinquent crew. Each clue led to another, and groups who worked fastest were declared the day’s winner.
Sally One: “Saltwater Shenanigans”
Solved in 32 Minutes
Detective Group #2 tracked Carmen to Wildwood, NJ. They did so by cracking a password on an encrypted PDF, then solving a scramble puzzle:
After solving the scramble, the detectives were led to a shared folder containing a cassette recording of Bobby Rydell’s Wildwood Days. Wikipedia confirmed that this song was written about Wildwood, NJ.
Sally Two: “Play Acting”
Solved in 30 Minutes
After a bit of globe-hopping, Detective Group #3 tracked Carmen to New York City. They did so by close reading a screenshot of an ad that Carmen had posted on Craigslist. The screenshot itself had an embedded message using steganography.
The message embedded in the screenshot guided the detectives to a shared folder containing a list of actors and actresses (all from Thailand). It also contained a link to another encrypted file. By using a reverse image search engine, the group was able to identify all the actors and use letters from their names to crack another password: “Bangkok.”
After tracking Carmen to Bangkok, Thailand, the detectives found a left-behind bill. While many were able to identify the bill as Russian, Group #3 found the following clue by looking at the alt-text of the image.
Now in Russia, detectives were able to quickly solve the next clue (concerning the most populous city in Europe). Entering “Moscow” into a password protected zip drive and then running another reverse image search on a photo of a city street, the detectives learned that Carmen had escaped to Tokyo.
In Tokyo, Japan, the detectives were asked to solve a final puzzle. A gigantic word search with no clue words. It seemed like an impossible task.
Sally Three: “Cruel Coda”
Solved in 51 Minutes
The hardest of the three Sallies proved no problem for Detective Group #3. This Sally began in New York and ended atop Willis Tower in Chicago; it started with a password-protected jump drive and a music-inspired crossword.
It took a bit of Googling and a lot of teamwork to figure out the password to the jump drive: “rickstley” (Oh no, Carmen was Rickrolling us!). Inside the zip file was a video of the song “Never Gonna Give You Up,” but the video had been altered to include a subliminal message. A single frame in the video pointed to bit.ly address where detectives grabbed a shot of Carmen’s iPhone.
That crazy blue image proved to be a “magic eye puzzle” (or an autosterogram – the kind that used to be populaor at mall kiosks in the 1980s). While many groups were busy crossing their eyes to see the hidden image, the fastest were those that used an online tool to do the work for them.
The hidden image of a Buddha provided the next clue, yet another word scramble – this time of the forest districts in Lumbini, Nepal. Not long after reading the Wikipedia page on Nepal, detectives found themselves on an airplane headed for Dubai, where they found another song clue.
This song stumped a lot of detectives. Was the Arabic club music a clue that Carmen was indeed in Dubai? Was she in the home country of the songwriter himself? As it turned out, after the file was inspected a bit closer, another clue was found in the properties!
The email address listed in the song properties then had an automated reply, which led to the final clue, hosted on a white webpage with white text. By highlighting the page, the groups were presented with a phone number – which they called – and which featured the voice of Carmen herself (taunting CIRT from the tallest building in Chicago).
Postmortem
Everyone at CIRT had a blast working in their groups to solve Carmen’s clues. Overall, we were impressed with our teamwork and our ability to work quickly in a digital environment. Some clues that proved extremely difficult at first were easily solved when we put our brains together.
