For the second consecutive year, the University of Washington has been crowned champion of the National Collegiate Cyber Defense Competition (NCCDC). The seventh annual contest was held April 20-22 at the St. Anthony Riverwalk Wyndham Hotel in San Antonio, Texas.
The 10 competing teams were assigned an operational network for a fictional Web service hosting company. Those networks would then be scanned and probed by a “Red Team” of hackers that attempted to infiltrate and take down the networks. Teams would score and lose points based on how well they defended those networks and kept services up and running.
Sponsored by Deloitte, and organized by the Center for Infrastructure Assurance and Security (CIAS) at the University of Texas at San Antonio, the NCCDC is regarded as a “recruiting ground” for companies looking to hire the best and brightest young cybersecurity talent, according to competition officials.
The U.S. Air Force Academy and Texas A&M University, took second and third place, respectively, in this year’s event. The 10 participating squads represented the winners from several qualifying and regional cyberdefense events.
Greg White, director of CIAS, said in addition to keeping the Red Team — comprised of individuals representing government, academia and industry professionals — at bay, the top teams at the 2012 NCCDC did a good job completing a number of business tasks in the drill called “injects.”
For example, if the hacker group did compromise a team’s network, competitors could write up a report on the incident, its severity and steps taken to mitigate it to submit to their company’s fictional CEO. The team could then earn back some of the points it lost due to the intrusion.
“Some of the teams just don’t pay attention to the injects,” White said. “The competition was close enough this year that if you missed a couple of injects or were late getting them in, it could make the difference between second and third place. It was really close. The lead changed a number of times.”
Although White didn’t have the actual point numbers separating the top winners available, he explained that the competition this year featured virtual systems that played a key roll in the outcome. While students had to protect the usual computing hardware located onsite, competitors also had to secure cloud-based systems.
Unlike in years past, the on-site servers were locked down pretty well this year from a security standpoint. But the systems in the cloud environment were extremely vulnerable to cyberattacks, which may have surprised a number of the students.
“The teams that did better were the ones that noticed those systems were wide open,” White said regarding the virtual systems. “Some other teams concentrated on the hardware in front of them and making sure that was secure. Well, those systems were already pretty secure and they kind of neglected the other ones.”
Another curve ball to competitors in this year’s cyberdefense national championship was the type of hardware used. In years past, Cisco equipment was used. But the 2012 competition featured hardware from Juniper Networks.
White observed that some of the competitors who specifically trained on Cisco hardware for the competition were rattled when they encountered something different. Some teams that dwelled on the hardware differences got sidetracked, giving others an advantage.
“Other teams looked at it and said, ‘A firewall is a firewall on some basic level, I just have to very quickly learn and adapt,’” White said. “The ones that could keep that in focus, that it was still just a firewall or network device [did better].”