The Badge Archive

GSUSA Life-sized Minesweeper

Fulfills Step 5 of GSUSA Senior Cybersecurity Investigator badge requirements.

Items Needed

  • 64 Squares from VTK Minesweeper by GSUSA (printed and cut out).
  • Map Diagram from VTK Minesweeper by GSUSA for reference.
  • (Optional) Painter’s tape, chalk, or floor tiles to create an 8×8 grid

Before the Meeting

  1. Set Up the Grid:
    • Option 1: Use painter’s tape to mark an 8×8 grid on the floor.
    • Option 2: Use existing floor tiles to define grid squares.
    • Option 3: Use sidewalk chalk if meeting outdoors.
    • Option 4: Simply place the cards in an 8×8 formation on the floor.
  2. Arrange the Cards:
    • Place the START card face-up at one edge of the grid.
    • Use the Map Diagram to lay out a safe path using SAFE cards, face down. You don’t need to use all the SAFE cards, and the path can include horizontal, vertical, or diagonal connections.
    • Fill the remaining spaces on the grid with other Minesweeper cards (e.g., landmine and defense cards).

Instructions

  1. Scouts represent employees of a company and must guide their team safely across the minefield, avoiding cybersecurity threats.
  2. Divide scouts into teams of around 6. If there’s a large group, either create two minefields or have teams take turns.
  3. Line up on the edge of the minefield where the START card is located.
  4. The first scout steps onto the START card and moves one square in any direction (forward, backward, sideways, or diagonal).
  5. Pick up the card from the new square to reveal its type:
    • SAFE Card: Place it face-up in the square, step in, and continue.
    • Landmine: Read it aloud to the team, put it back face-down, and return to the line. The next scout then enters the grid.
    • Defense Card: Hold onto the card to defuse one future landmine. At the end of the turn, put it back face-up in the same square so others can pass safely. Defense cards cannot be reused.
  6. Continue the game until the entire team makes it safely across the minefield.

(Optional) Group Discussion:

  • What challenges did you face during the game?
  • What strategies worked best to navigate safely?
  • How could your team prevent stepping on the same landmine repeatedly?
  • What kinds of threats or attacks were surprising to you?
  • Why do you think people sometimes ignore cybersecurity advice, such as avoiding suspicious links?

Key Takeaways:

  • Even after solving a cybercrime, organizations need to protect against future attacks.
  • Insider threats, like employees accidentally or intentionally exposing sensitive data, pose significant risks to companies.
  • Good cybersecurity practices—strong passwords, data backups, and reporting suspicious emails—can protect entire organizations.
Tia Kennard