Basic Chess Tactics for Fun and Bragging Rights

blue team engagement and in your daily life as a cyber security practitioner because some of the skills that it builds uh who am i i'm a cyber security practice lead for appalachian technologies which is probably a made-up title um i do a lot of different things i do a lot of red teaming penetration testing uh blue teaming been on both sides of the fence adjunct adjunct professor for harrisburg university and university of phoenix takes up a lot of my extra free time because i love teaching i think it's a big thing in this industry to help the peers and mentors to each other to help increase the level of understanding education in our environment i do have a master's degree that cost me

way too much money but too late now so moving moving along and i've been a long time chess teacher and player i play chess in high school it's been a big a passion of mine for a long time so this is going to be fun we're going to bridge the gap between these two worlds so what is yes absolutely that's true i did found b-sides harrisburg and it is a fun event if you didn't get to it this year come to it next year it's going to be at the end of august next year and more information will be incoming about that so love to see everyone who's here there too and vice versa uh so what is chess this is an ancient

board game uh one of the first strategy board games it's over 1500 years old and they can't really pin the the exact date on it the thing that's interesting about chess is unlike a lot of things especially in cyber security the rules of chess don't really change like at all the the last rule change was you know somewhere in the 1900s and for the most part they're small rule changes uh for tournament games but the basic rules of the game have not changed in a very long time so it's very stable so if you read a book about chess from the 1900s it would still be very applicable today how many people can say you know they have a cyber security book

that's 90 years old that's still viable right very few right so how many people here have ever played chess before show of hands awesome so most people here so here's a quick reminder of some of the ways the different pieces move we have the pawn which is the lowest level that's our foot soldiers but they can promote to any potential piece that you want once they get to the other end of the board and in most circumstances you'll promote to a queen uh you have your knight and your bishop your knight moves in an l shape your bishop moves diagonally your rook can move horizontally or vertically and your queen is she's the all-powerful person she's the one really running the

show right and she's just really powerful and moving anywhere diagonally or horizontally or vertically and then the king if you lose the king you lose the game but he can move one square in any direction so how many people are familiar with the points system has ever used a point system in chess why not a lot of people but when you start getting into competitive chess you have to figure out a way to know how you're doing in the game even though the game's objective is to get checkmate you have to kind of know how you're doing while you're playing the game there's a numerical system that's often used in chess tournaments and by players

to figure out how you're doing and it all starts with points or one pawn every pawn is worth one point a bishop and a knight are worth about three a rook is five and a queen is nine the king doesn't have a specific point you can't sacrifice the king that doesn't work in this game but if we were to give it a power level so to speak we would probably give it a three because of his ability to move in any direction at least one space now another thing to consider is certain players will rate certain things a little bit more powerful in raiding than others it's generally advised if you have both your bishops they consider

that almost like half a point an advantage because you can cover more squares with two bishops and rather than two nights the situation of the game may change but this is a good idea as you're playing to know whether you're doing well in the game or if you're down by a lot and it's going to take a lot of strategy in order to try and win come back from a loss so some basic opening principles of the game of chess one of the things you want to do is control the center a good example of this if we look at a knight there's this old expression called a knight on the rim is grim that's often used by uh chess players

and the reason that is is a knight that is near the center of the board can move eight squares as he gets to the very edge of the board if he's in and one any of the corners he can only move two and in general that's practice for every single chess piece you have the more central control you have or the closer they are to the center the more options and possibilities you have during world war ii there was this concept known as no man's land right if you went out into no man's land you would get shot no one controlled the center of the battlefield when you're talking about strategy and tactics one of the things is you want control of the

center of the battlefield if you have control of it you're going to have an advantage against your opponent versus if you don't so central control in the game is very important another uh two other basic opening strategies you don't want to move your queen out too early a lot of people tend to do that you don't want to move the same piece twice and the reason you don't want to move the same piece twice is this thing that we call tempo in chess and tempo is basically the advantage when one player makes a move another player has to react and we'll talk about that more because this happens a lot in cyber security when a red teamer makes a move and blue team

has to react we'll talk about the parallels a little bit but we'll see that a lot so you don't want to move the same piece twice because you're losing time and potentially losing an advantage you could have the other thing you want to do is castle early you want to defend your king or your valuables just like in an organization you want to defend the data that's important to an organization the same way so chess tactics 101 we're going to talk about the skewer so the first one we're going to talk about is the skewer which is attacking a powerful piece to obtain another piece so we're attacking a piece through a different piece so for example here in our diagram we're

moving the bishop to c4 and we're attacking the queen the queen can move but in the direction of the queen the rook is placed on g8 now if we do the math on that if we were to lose a rook and the queen then takes the bishop we lost two points so the advantage then goes to white so by using skewers you can pick up additional points and attack through different obstacles when we're talking about cyber security often we have to look at things a little differently and sometimes our adversaries especially when we're in charge of defending an organization we'll attack it using methods that we don't really think about they'll go through an intermediary

to attack right what's the what's the newest way that a lot of bad guys get into systems well they attack the the user right the social engineering or they find some other way to attack maybe it's via physical access maybe it's pretending to be a pizza guy there's different ways that people can get in this is a very but the tactic for this is not an old tactic i mean not a new tactic that's that reversal it's an old tactic made new in cyber security this is a basic tactic can you take advantage of something that's defending or blocking and attack that to get to something else a recent cyber security attack from a year ago that i heard that someone was

actually employing was they would ddos the main computer systems the force backup systems on an organization to come online those backup systems weren't as patched as the standard operating uh their normal everyday system so in in essence this was a skewer attack they were attacking through a different piece to get the data they were trying to get to this is how some of these tactics even though we don't see them they still apply in a lot of interesting ways so what's the next tactic we have in chess is the fork which is attacking more than one piece at once because you can't be everywhere at once even though in cyber security it always seems like we're pulled in a lot of different

directions all the time this is a tactic often employed in chess when you're splitting the ability for your opponent to react in this case we're attacking both the king and the bishop at the same time white's only going to be able to move the king and it's going to lose the bishop there is no way the king can get to protecting the bishop so we can see this causing a distraction potentially and confusing an opponent can potentially work when you're talking about a compromise another chest tactic is the pin so making a pin is when you take a piece and it is unable to move because it's protecting another piece so in this example we have we moved our knight as black

white is unable to move the bishop because the rook can then take the king and they'll lose so the pin is ensuring that the piece is stuck because it's defending a higher piece what are certain systems that could be potentially pinned or stuck to other systems or attached to other systems oftentimes when we talk about attacking a web application what's connected to a web application normally there's a database when you look at these things well maybe we can't attack the the web application but we know there's a database behind it where we can attack the database and then get to the web application a couple different ways you can look at that now this is probably one of my favorite

tactics which is called remove the defender and the idea here is as black i'm going to attack the the knight and remove that and then check the king so the king has to the pawn has to take the knight and then the queen will be undefended on d5 so if i'm going to trade a bishop for the knight then i'm going to get the queen for free that's nine points right that's going to give me a significant advantage but before this move the queen was defended by the knight so if the queen took the queen it would be okay because i would be nine for nine what we've done is remove the defender who can think of in cyber

security the tactic of removing the defender well maybe disable antivirus maybe stop logs from getting to where they need to be intercepting logs or stopping the log files from going to the the sem or poisoning laws there's lots of examples we see in cyber security where the defender the defensive mechanisms are removed on a device all right so let's let's look at some live demos because that's much more fun i see a lot of people when they first play a chess game they're often going to be tempted to do something like this if you've ever done this you don't need to feel bad about doing this but in general you see a lot of people do this

and the reason they do that is because they think by getting this out because the rook is powerful it can move a lot of different spaces and cause a lot of havoc here but normally what ends up happening is if you see this move black will just move here and then when you move your rook up it's just going to take it with the bishop and now i'm not a math wizard but five minus three i just lost two points um and i tend to like to keep my rocks so that's not a bad that's not a good strategy and in general when we're talking about chess we want to control the center so this

does not attack or control the center so a more ideal position when you start as white is you want to do a move that's going to give you more central control and often in games if you look at what a lot of chess professionals because there are some people that actually make money off this they will start by moving and doing a move more like this and the reason for that is because the center of the board these four pieces right here is generally where you want to have more control of the board because here this piece is in the center it's now attacking this this spot so it's giving me some central control the other thing is now these

pieces the bishop and the queen are now free to move throughout the board so now i've developed my pieces because now i have more freedom in what i'm able to do and normally black will return in kind and they'll tend to do this move because they don't want you to be able to do something like if they went here this would be a very beautiful move to do because then you have a very nice opening and control here of the board that can prevent a lot of options for black the typical opening you might see and i see quite often is something along the lines of this the reason the knights come out again is

because when they're in this square right here they can move eight bases but more particularly because they move in an l the knight attacks this spot and this spot which is central control right so if i'm moving the knight here that's attacking this pawn the reason black then moves here is because it's defending that pawn so you see how white is moving black is reacting so when the game first starts and in general this is true white actually starts with the advantage they get to go first until they potentially mess up or do a move that allows black to counter attack very similar when we're talking in cyber security are when we're cyber security professionals are we white or black

we're definitely black right because we have to react to what the bad guys are doing and in some cases we're not really allowed to counter attack either we can defend but we can't actually attack back right at least they didn't pass that law to hack back which will be a mess if they do but as we see here there's a lot of back and forth reacting uh so what so what would white's next move be well white might try and remove the defender right so it might attack here and then if black maybe wanted to force white to do something white could go here black could go here and what happened well white removed the defender

now this isn't an actually ideal opening because there's a little trick here but as you can see if we look at the the pieces um white's actually now up a pawn now black will get back the pawn because this isn't a great example of remove defender but that's the basic concept is we removed the defender and we've also done what's known as doubled up pawns this reduces maneuverability and is dangerous as the game goes on because now you can't move this pawn at all the only saving grace to this doubled up pawns is at least you're still attacking the center but in general it's going to be very difficult for you to move these pieces

because now they're doubled up even worse would have been if black were to have done potentially this well actually that that might be better because then what black can do is move this out here and this is in the center and defended by the pawn

so back to our example here the reason this isn't ideal for white is because when the queen goes here what are white's options because white could do this to defend the knight but that doesn't look too good because then black can move here

this isn't so bad because you can do here but now you're kind of over stretch with your pawn structure and it could cause some issues if white moves back though now white loses a pawn in check so then what is then white has to move here black can't move because what has happened to black's queen so she is and do the cane she can't move so now as black the only real option unless you want to do something like just defending it is really to take the the queen so then you end up with kind of an interesting opening like this and notice a lot of the pieces are all coming out through the center

when you're playing a chess game unless you have a good reason to these three pieces over here and these three over here you don't have to move a whole lot unless you have a specific strategy for why you need to move almost all your pieces can come out through the two center spots and if you employ this strategy in a lot of the chess games you play for people who aren't pro chess players or study this stuff just employing some of these tactics you'll find you'll win a lot more games because in general you'll have central control and you'll be able to use this to your advantage to quickly pick up points and win your games then brag about it

yes actually you have the and one of the ideas we'll go back here and do a different example is this is typical and you might hear this called sometimes if anyone here plays chess there's certain openings for example this opening here is known as the roy lopez and they name it because that was the first guy who did it and then took no credit for it so they're named after famous chess players who use these openings but basically an opening is a set of really good moves or the best moves in a certain situation so you hear people on chess talk about what's your opening strategy and people were like well i don't play with the strategy i just kind of play

and it's not so much a strategy when you're talking about openings as just a set of probably the best moves from a given situation and we can know that a little bit because if you notice here on the side this little computer algorithm here this is an analysis board from chess.com will actually go back and tell me how good my moves were based off what the computer said ah this would be a better move because 400 moves down you know you could have disadvantage if you would have made this move over that mode we have that ability now with computing it'll tell you how good your moves are so a lot of people who do professional

participating professional chess tournaments they use tools like this to analyze um but for our example this is fine so this is what a typical opening would look like and then the game would pretty much proceed from uh here after castling it's very likely black will do something like this white will likely go here and you end up with something like this so notice that both kings are now castled there's a lot of back and forth regarding central control white is likely to do something like either this or they might go for for this although likely they could also try bringing out the bishop and pin this knight to the queen potentially potentially forcing black to kind of want to kick him out of

there and change the pawn structure a little bit there's a lot of things that can happen from just this setup and this is just very common um you'll see

all right so what can chess teach us about cyber security i've tried to make some parallels as we went through the presentation but in general it's about thinking creatively when we think about adversaries and attackers that's what they're doing nowadays is they come up with a lot of creative ways to get into systems as defenders we're doing our best to do a better job to cover the basics right we've gotten to the point where we even have something as vast as the miter attack framework that is detailing each and every dirty tactic that's being used to get into systems and exfiltrate data but one of the things because we're defending right we're black we kind of have to be

ready for whatever white's going to do just like in a chess game so we need to be prepared for what the next thing the bad guys are going to do and kind of think creatively are there things in our environments that we work in that they may be able to take advantage of that we haven't really thought about before and another thing to look at is look for some of those similar tactics via the skewer fork and pins what are things that if a coordinated or combinat combination attack was done on the organization you know maybe you're defending really well on this end but if these two things lined up with an adversary be able to do

potentially a combination attack against the system and cause issues and removing the defender i mean we think about this i think about when i'm pen testing systems and i disable av i've removed the defender right now my disable live protection now my malware will run because av won't detect it and the best part is then if i disable their av i don't have to worry about av evasion because it just disabled it and if they aren't tracking when it's enabled or disabled they wouldn't know but there's lots of cases where we could potentially remove the defender and environment whether it's confusing the laws the racing logs a lot of things that could happen from a red team blue team perspective

oh and that was it any questions

what can cyber security teach us about chess um great question i think as i do a lot with cyber security it helps me to continue to think creatively especially when i do a lot of pen testing engagements and that can help me when i'm doing chess games too because i think of things just like when i'm like gee this is my nmap scan what's here that i could attack or how could i get in well then i have to think back oh well this company maybe i'll use crunch and make a word list based off a bunch of keywords off this company's website and i'll try it against this ssh server and see if i can get in i have to think

kind of what can i do here and some of that thinking parallels back to chess and when you're in a weird situation part of the game is knowing strat strategy and chess strategy but the other part of the game is getting into the head of your opponent and knowing what they're gonna do if you can predict what moves they're gonna do you can set up traps and ways to make them fall into different avenues i think we see that becoming very popular in cyber security we're setting up a lot more honey pots a lot of honey traps and now the new term that i see is now we got honey tokens and honey accounts we have fake accounts in company

networks because if someone does you know an ldap query on this fake account we know that this device has been compromised because no one should use that account ever so we see some creative ways that it's it's going back and forth uh in that way but i think in general chess is a fun game i enjoy playing it and it can definitely help with your creative thinking skills and analytical skills

favorite opening it probably has to be either roy lopez of the four nights game which it just provides a very open game with a lot of different tactics and strategies versus a closed game there's generally two kinds of games because you can have an open game or a closed game if you have a closed game it means kind of all your pawns are locked together so it might look like a vertical across the board when you have a closed game it means your bishops and your queens don't have as much power because from a diagonal perspective they're locked in they can't do anything so the knight becomes incredibly important um i play style i tend to be a more

assertive player so i tend to like open games where i can do a lot of tactics and set up a lot of traps for my opponent when i'm playing

all right thank you so much [Applause]

i'll be here