The Badge Archive

Games – Hacker Scramble

Fulfills Step 5 of GSUSA Cadette Cybersecurity Investigator badge requirements.

Info Needed for badge requirements: Hackers use various techniques to steal information or access private data. Scouts should be aware of these attack types:

  • Phishing: Hackers trick people through fake emails or messages with harmful links, attachments, or requests for personal information.
  • Spoofing: Hackers pretend to be someone trustworthy, like a friend or company, to access your details.
  • Malware: Malicious software damages devices or steals information.
  • Spyware: Software secretly gathers private information from your device.
  • Ransomware: Hackers lock your files and demand payment to restore access.
  • SMS Phishing (Smishing): Hackers send fake text messages to steal data.
  • Man-in-the-Middle: Hackers intercept messages to spy or steal information.
  • Data Breach: Sensitive information is stolen or exposed by targeting organizations.

Scouts can protect themselves online using these strategies:

  • Strong Passwords: Create unique and hard-to-guess passwords for your accounts.
  • Back Up Your Data: Save important files in secure locations like external drives or cloud storage.
  • Anti-Virus Software: Install programs to block harmful software and monitor activity.
  • Software Updates: Keep devices updated to close security gaps. Updates protect devices from hackers exploiting older systems.
  • Pop-Up Blockers: Stop accidental clicks on harmful ads or links.
  • Think before you click: Avoid links in emails or messages from unknown senders. Always verify the source before clicking links in emails or texts.
  • Verify sources: Always check if the person or organization contacting you is real.

What Information Should Scouts Protect?
Personal information is valuable to hackers. Scouts should keep the following private:

  • Name
  • Birthday
  • Home Address
  • Email Address
  • Bank Account Number
  • Phone Number
  • Password
  • Driver’s License Number
  • Credit Card Number

Items Needed

  • VTK Scramble Cards by GSUSA Cut out ahead of time. You’ll need:
    • 10 green ID cards per scout.
    • One deck of the remaining 38 cards for every group of 4-6 scouts.
  • (Optional) Extra cards if you have fewer than 4 scouts in a group.

Instructions

  1. Share the required information needed for the badge.
  2. Divide scouts into groups of 4-6. Give each scout a set of 8 green ID cards. Provide each group with one deck of the remaining 38 Cyber Scramble Cards.
  3. Ensure everyone knowns what the different colors of cards mean:
    • “Attack” (Red): Players skip a turn or discard one or more ID cards into the “Dark Web” discard pile.
    • “Clean Slate” (Green): Players draw one or more cards back from the “Dark Web” discard pile.
    • “Chaos” (Orange): Players swap cards with one another.
    • “Protection” (Purple): Cards can be kept until needed and used to protect ID cards from being discarded.
  4. Each scout will hold onto their ID cards. The group shuffles the deck of remaining cards.
  5. On their turn, each scout draws a card and follows the instructions written on it.
  6. Continue playing until all cards in the deck have been drawn.
  7. The scout with the most ID cards left at the end of the game is the winner.

Sample Attacks:

  1. Phishing:
    A hacker sends an email with bad links, harmful attachments, or requests for money.
  2. Malware:
    Software designed to cause damage to your computer or network.
  3. Phishing:
    A hacker sends an email pretending to be legitimate to trick you into clicking harmful links.
  4. Spoofing:
    A hacker pretends to be someone you know or trust (e.g., a friend or organization) to access your information.
  5. Phishing:
    A hacker includes fake requests for personal details or payments in emails.
  6. Spoofing:
    A hacker pretends to be from a trusted company to obtain your private information.
  7. Phishing:
    A hacker tricks you with an urgent email prompting you to click on a malicious link.
  8. Spoofing:
    A hacker mimics someone close to you to deceive you into sharing sensitive data.
  9. Phishing:
    Emails lure you with too-good-to-be-true offers, containing malicious links.
  10. Phishing:
    A hacker deceives you with an email warning about fake account issues, urging a response.
  11. Man-in-the-Middle:
    A hacker intercepts a message between two people to spy on or steal data.
  12. Spoofing:
    A fake email appears from your bank, tricking you into providing login credentials.
  13. Man-in-the-Middle:
    Hackers listen in on your messages to steal private details or track activities.
  14. Spoofing:
    A scammer impersonates a customer service rep, asking for your account details.
  15. SMS Phishing (Smishing):
    A hacker sends a text message to steal your personal information.
  16. Malware:
    Malicious software infects your device and disrupts its functionality.
  17. SMS Phishing (Smishing):
    Texts with links claim you’ve won a prize, leading to data theft.
  18. Spyware:
    Software secretly installed on your device collects your private information.
  19. SMS Phishing (Smishing):
    A text appears to be from a delivery service, asking for payment or personal details.
  20. Malware:
    A hacker plants harmful software that damages your files or tracks your activity.
  21. Spyware:
    Software runs in the background, stealing data like passwords or browsing history.
  22. Ransomware:
    A hacker locks you out of your data and demands payment to regain access.
  23. Ransomware:
    Malicious software encrypts your files, forcing you to pay a ransom to unlock them.
  24. Data Breach:
    Confidential information is stolen, leaked, or lost, often from an organization.

Sample Protection:

  1. Strong Password:
    Use unique and complex passwords to secure your accounts against unauthorized access.
  2. Back Up Your Data:
    Regularly save important files to a secure location (like an external hard drive or cloud storage) to prevent loss in case of an attack.
  3. Anti-Virus Software:
    Install and update anti-virus programs to detect and block malicious software.
  4. Back Up Your Data:
    Create multiple backups to ensure critical information is safe and retrievable even after a hacking attempt.
  5. Anti-Virus Software:
    Use reputable anti-virus tools to monitor your system and protect against malware attacks.
  6. Software Update:
    Keep your device’s software and apps updated to close security loopholes and prevent exploitation.
  7. Pop-Up Blocker:
    Enable pop-up blockers in your browser to avoid accidental clicks on harmful ads or links.
  8. Don’t Click the Link:
    Always verify the source of an email or message before clicking any links to avoid phishing attempts.

ID Cards

This is the list of ID Cards every scout starts with. It does not matter what is listed on the ID Cards, the number of green cards they have at the end matters. They do not need to worry about which ID cards they discard or gather.

Here is a list of the ID card types:

  1. Name
  2. Birthday
  3. Home Address
  4. Email Address
  5. Bank Account Number
  6. Phone Number
  7. Password
  8. Driver’s License Number
  9. Credit Card Number
  10. Phone Number (duplicate)
Tia Kennard