DSU's Cyber Defense Team takes 2nd in the nation despite long journey
This year’s Dakota State University Collegiate Cyber Defense Competition (CCDC) team came home with second place from the eighth annual National Collegiate Cyber Defense Competition (NCCDC – http://www.nationalccdc.org), held April 19-21 at the St. Anthony Hotel in San Antonio, Texas.
The Dakota State University team received first place in the North Central Region Collegiate Cyber Defense Competition held in Madison, S.D. at the end of March, which qualified them for the NCCDC event which is organized by the Center for Infrastructure Assurance and Security (CIAS) at The University of Texas at San Antonio (UTSA). There they competed in the three day event against other top network security students from institutions around the nation, including the University of Alaska Fairbanks, Millersville University, Rose-Hulman Institute of Technology, Rochester Institute of Technology, University of Washington, US Air Force Academy, University of Central Florida, Oklahoma State University and California State Polytechnic University, Pomona.
The NCCDC event starts with a scenario that each team is newly hired as the network and security administration at a small fictitious company. Each team is responsible for taking administrative control of all the information systems for the company. Because this is all new for each team, they have little time to learn the ropes about the network, the security level that’s been maintained or what software is installed currently. They have to work quickly to begin security updates and patches before the red team starts actively attacking their company’s network. In between the network attacks, participants must keep up with the needs of the business and user demands while maintaining service levels agreements for all critical internet services.
Not only do students get a chance to test their knowledge in an operational environment, they will also get a chance to network with industry professionals who are always on the lookout for up and coming engineers. CCDC provides a unique opportunity for students and industry professionals to interact and discuss many of the security and operational challenges the students will soon face as they enter the job market.
"We developed the National Collegiate Cyber Defense Competition to help develop the nation's cyber workforce, improve IA curriculums, and provide students with a way to hone both technical and soft skills," said Dwayne Williams, NCCDC Director. "In just eight years, CCDC competitions have become an excellent recruiting ground for companies who want to hire the best talent colleges have to offer. Past competitors have collectively received thousands of job offers."
The DSU team members include Chris Paschen, Brian Berg, Kevin Haubris, Jeremiah Klumb, Steve Secker, Jesse Mendez, Jack Stromberg and Cody Welu along with Kyle Cronin, Tom Halverson, and Rob Honomichl as the coaches that served various roles with the team.
Little did the team know as they departed for their competition on April 18, that the NCCDC would not be their only battle that weekend.
Because of a late season snow storm that bombarded the Midwest, travel was quite trying for the CCDC team on their departure day. “The trip was interesting. I flew separate from the kids, and after several re-arrangements, I ended up to be the first to arrive in San Antonio,” explains Cronin. “Three kids, Chris, Kevin and Jack all made it later on the same day. They had to fly on standby flights from Chicago, and luckily at their final boarding, three seats were open for them. Everyone else had to spend a night outside of Chicago.”
On Friday, the competition kicked off at 10:00 a.m. and the DSU team only had three of its members present to start the competition. “I was volunteering to help out with the competition so I wasn't allowed to be around my team during the event,” said Cronin. “At around noon the other 5 kids and Rob landed in San Antonio. I stepped out from my job on the White Team, which is basically a competition helper, to meet up with the rest of the team. They made it to the hotel at around 12:45 p.m., left their bags and went straight into their competition room. They were there until the competition paused for the day, at 6:30 p.m. Needless to say, they were fairly stressed.”
During the competition, there were 18 different systems the DSU team was charged with defending, which is no small task for eight students, let alone for the three that started the competition. “It was especially frustrating since the first few hours of the competition are the most critical. It’s during that window that their systems are most vulnerable and the Red Team, who are penetration testing professionals simulating external hackers attempting to gain unauthorized access to competition teams’ systems, is actively trying to attack them,” explained Cronin.
After a good night’s sleep, spirits were higher on day two. The DSU team got together and talked about their new objective for the competition: to be happy they were at the NCCDC and to just have fun. “Placing in the top three was basically out of the picture since we missed a critical portion of the event. With that, day two of the competition was fairly uneventful from my perspective. Everyone had a good time. Day two's competition ran from 9:00 a.m. to 6:30 p.m., which was the end of the actual competition portion of the event,” continued Cronin.
At the end the day there was a mixer with all of the teams, sponsors, and hackers in attendance. Cronin was really surprised as the sponsors and hackers remarked at how well the DSU team held things together despite their set-backs. DSU's team became known during the NCCDC event as the calm and collected team but was still having fun.
Day three was the post-competition with several presentations in the morning on various security resources. The Red Team of hackers also gave everyone a list of the top 10 things the competitors did wrong. The list was a snarky, in your face presentation; everyone was able to laugh at the silly mistakes that were made throughout the event.
Finally when the results were called, the DSU team figured that they maybe had a chance at third place. “But, after the third place team was called, we glanced at each other and did the 'we had a good run' conversation. Needless to say, everyone was really surprised when Dakota State was called in second place! We had a lot of congratulations and other good conversations with everyone at the event. DSU was certainly the underdog!” stated Cronin.
The other top teams of the event were Rose-Hulman Institute of Technology that placed third while Rochester Institute of Technology earned first place and took home the Alamo Cup.
During the competition, each competing team is assigned two Red Team attackers. After the competition, the teams find out who their attackers were. The DSU team was excited to find out that their attackers, who refer to themselves as Egypt and Mubix, are the authors of one of the most popular penetration testing software programs, Metasploit.
“Dakota State University has always been known for its high level of cyber security excellence,” said Paschen, the DSU team captain. “Despite this fact, DSU has had problems in the past when it came to organizing a team for the CCDC. This year our team decided that instead of trying to do really complex things with securing our system, we would go back to basics, that is, turn on the firewall, disable any unused services and change passwords. Also, we went in with no ego or idea that we deserved to be there. We could lose just as easy as any other team, so when it came to crunch time we tried our best; all the while however, we didn't give up the idea that we were competing at a national level event and should enjoy the time we were spending. When one of our machines was attacked and "owned" (slang for taken over by the red team) we would typically laugh, recover the machine from a backup and try again. Overall it was a fun competition and I was very proud of our team, how we handled ourselves, and the level of excitement for trying again next year.”
The mission of the CCDC system is to provide institutions with an information assurance or computer security curriculum, a controlled, competitive environment to assess their student's depth of understanding and operational competency in managing the challenges involved in protecting a corporate network infrastructure and business information systems. CCDC Events are designed to build a meaningful mechanism by which institutions of higher education may evaluate their programs. The events also provide an educational venue in which students are able to apply the theory and practical skills they have learned in their course work, and foster a spirit of teamwork, ethical behavior, and effective communication both within and across teams.