A Holiday Tale of Two Teams: The Blue Team Barbie & Red Team Elf on the Shelf saga

Staff // Thanks to everyone for all the good ideas! We had so much fun with this, and hopefully it made you laugh as much as we did.

Happy December! Follow along for some BHIS Christmas Fun with Blue Team Barbie vs. Red Team Elf on the Shelf!

Red Team Elf on the Shelf snuck into his gifts a little early this year. Who knows what mischief will follow…

After reading about Mike and Beau’s Google calendar exploits Blue Team Barbie implemented Yubikeys for herself and her entire team.

Red Team Elf on the Shelf just won’t stop! Looks like Blue Team Barbie has installed NoScript throughout the office, though!

On the 4th day of Christmas Red Team Elf on the Shelf tried to use… four lock picks, three fake badges, and two cover stories that STILL didn’t get past Blue Team Barbie, who takes physical security very seriously.

Red Team Elf on the Shelf decided to take a break and do a little reading over the weekend. It will be an interesting week for Blue Team Barbie, I’m sure!

Blue Team Barbie caught the flu… and is stuck in bed, but she can still read up. Surely her team can handle a day without her… right?

Someone from Blue Team Barbie’s company was kind enough to hold the door for Red Team Elf on the Shelf, and he was in! Timing is everything! Now to sneak away… (He decided it was best to stay incognito, since Blue Team Barbie had already spotted him on the security camera so he fashioned a hacker bandit mask for minimal detection).

Red Team Elf on the Shelf found the server room… This can’t be good!

After KonBooting he also left behind a dropbox. Which of Blue Team Barbie’s active defenses will catch it?

Port based security kept Red Team Elf on the Shelf contained. It looks like that nasty elf used a drop box that sent multiple DNS requests to untrusted hosts. This triggered alerts and sure enough, when Blue Team Barbie was back from sick leave she checked her RITA console and found it had flagged beacon behavior.

Blue Team Barbie always finds time to educate her team about basic best practices through weekly brown bag lunches. This week Blue Team Barbie decided a refresher about good password usage might be useful, which especially important since she suspects their company is under attack.

Red Team Elf on the Shelf has dropped various USB sticks with malware on them in the parking lot, hoping that someone will be curious enough to plug them in. Blue Team Barbie knows the best plan of attack is to destroy them on site!

Red Team Elf on the Shelf has finished the pentest of Blue Team Barbie’s company. They did great! After going over the report to show some ways they could stay strong (remind people about tailgating and suspicious looking characters in bandit masks) the company was awarded the coveted Honey Badger Award for excellent security posture!

Now that the pentest is over Blue Team is at home starting her holiday break and Red Team Elf on the Shelf is excited to finally get to play the Holiday Hack challenge. What fun things you going to do over your holiday?

Thanks for following Blue Team Barbie and Red Team Elf on the Shelf’s holiday shenanigans! Tune in again next December!