The details you need to stay in the know.

New Scenarios JUST ADDED : November 9 2020

Download : Hack The Building 2020 Playbook Version 1.07

Please visit the BCR Industries (BCR) website here to learn more about the fictitious digital manufacturing and engineering company featured in the Hack the Building exercise. BCR produces a variety of physical components and software for a variety of customers, including their chief customer the U.S. Government.

Download : Hack The Building Red Team Overview

Download : Hack The Building Rules of Engagement (RoE)

HTB’s Rules of Engagement must be signed and completed by every individual participating in the HTB Exercise by 11/15.

Event Dates & Schedule
November 16 – 19

November 16: Offense

November 17: 2nd day of Offensive exercise- ends at 3:00pm
November 18: Offense versus Defense
November 19: Offense versus Defense

Event Location:

The HTB site address is 2500 Riva Rd Annapolis, MD 21401.

The event is a hybrid event with both physical and virtual participation. We are limiting onsite participation to only 2 individuals per team. Once your registration is confirmed you will be asked to provide your participation plan either full virtual or opt to have 2 individuals onsite.

HTB Roster

Hack the Building 2020 Participants FROM INDUSTRY, GOVERNMENT & ACADEMIA


Event Format

The  event is designed to highlight the importance of critical infrastructure cybersecurity for commercial and government facilities.  Government and commercial are two of the critical infrastructure pillars in the Cybersecurity Infrastructure Security Agency (CISA) list of critical infrastructure. 
The event will act as a showcase for offensive and defensive cyber skills centered on critical infrastructure cyber such as building automation systems (BAS), industrial control cyber (ICS), IoT devices used in typical commercial and government office buildings and related information technology (IT) that these systems utilize or communicate with. 
The concept is to allow offensive teams to utilize their tactics and techniques to target the various facility systems including networks and software in the same manner as any adversary would for day one – day two of the event. 
Day 3 and day 4 of the event will be an offense on defense event where cyber threat detection solutions and defensive teams will attempt to defend the building’s systems using skill and technology. 
The event plan includes live streaming and filming various aspects of the event.  Footage will be part of an event documentary. 
The network design for the event will allow for remote and onsite team participation.  
The following systems will be in play: surveillance cameras, building access control, wireless access points and network, building automation system, HVAC, fire suppression systems and alarms.  This list represents the current attack surfaces in play.  
The building is an empty building consisting of 155,000 SQFT across two floors and a basement and a large parking lot.  

HTB Documentary

The event documentary footage will be split between the Title sponsors and event footage.

The plan includes a pre-event filmed sizzle reel and a post event filmed sizzle reel.  
Title sponsors will be featured in the event documentary and provided time to highlight their company, skills and solutions and to discuss the importance of their capabilities to critical infrastructure cybersecurity for facilities, IT, OT and IoT devices and networks.  
Title sponsors will have their own splash page on the event website and a link to their corporate website. Also HTB’s social media platforms will feature title sponsor branding.  


IS HTB2020 virtual or physical?

HTB2020 is a hybrid event, virtual and physical.  There will be certain parts of the exercise that are only available onsite. The plan is to create a tented and climate controlled tent on the parking lot that will act at our cyber cafe.  We will limit the number of onsite team members to two.  

You can have off site and onsite team members.

HTB2020 Event MAnagement Solution

HTB2020 will use Twitch as our event management and presentation solution

Attack Vectors

The event will include building systems and network systems based attack vectors to include IT, IoT and control systems.

How many team members are permitted?

Teams can have up to 20 virtual team members. We will limit the number of onsite team members to two. Teams can have two onsite and the rest of the team virtual or have all team members virtual.

How do I confirm registration?

Registration is confirmed once your provide our team with a valid team name, team lead, team members and submission of payment (if necessary). Please be sure to submit a valid email address if registering as military, government or academia.

Can I register as an “observer”?

We do not have space to allow observers to come onsite at this time. HTB2020 will use Twitch as our event management and presentation solution. Observers can tune into the live stream of the event virtually. Observers are still required to register.