Cyber Defense Competition Has A New Champion

lisah writes "Several colleges across the country went head-to-head in San Antonio, Texas last weekend at the National Collegiate Cyber Defense Competition to see which team could best protect their networks against attacks. In a modern day version of Steal the Flag, the teams duked it out using identical network setups that included a Cisco router and five servers. In the end, Baker College took the champion's title from last year's winner, Texas A & M University."

Cyber war-gaming

[BWJones]

This is going to become more critical not just in terms of servers and informational or command based attacks, but also in terms of actual combat systems as we start to integrate more robots and remote networked combat platforms. For instance, my last visit [utah.edu] to Creech AFB was very informative, but also illustrated a number of potential weaknesses in the system that controls remotely operated unmanned aerial vehicles actively engaging in combat.

Exercises such as these are critically important to war-game any networked system, particularly when that system is using commercial off the shelf solutions and commodity hardware that is accessible and easy to explore outside the realm of cyber warfare. i.e. war-gaming your attacks before going live...

Re:Not sure what this proves

[Anonymous Coward]

A friend of mine, who knew the pros -- at least for the regionals that I *almost* got to compete in (not bitter, nope, not me) -- said they were Serious Business. The point is to go into a new system, figure out what's broken (because the systems the blue teams were provided were broken, sploitwise), and fix it. Changing your conf files as fast as possible means you have to know which files to change in which ways. I don't think the game is entirely realistic either, but it is important to know the methods. Between the in-depth study of a competitor's assigned system and the actual experience of an attack, you get a pretty good grasp of what it's like.

Re:Not sure what this proves

[ja1217]

I also participated in the competition, but due to issues with our Firewall (the stupid scanner the provided with us didn't work and we ended up taking our network down several times for unecessary reasons) we didn't pass the qualifying rounds. However, I went along to one of the later rounds and was allowed to sit in with the hackers. But as Anonymous said, the goal is mainly to fix a machine that already has holes as fast as possible. In my competition, we had two linux boxes (Red Hat 7 for DNS and Fedora 8 for web), a FreeBSD box for sendmail, a Win2k back up DNS, 2003 server for LDAP, and two Windows XP desktops. While the hackers weren't allowed to use 0 day vulnerabilities, they did have tools like CORE Impact at their disposal and within the first 5 minutes of the competition had owned every windows box. The only time I remember a *nix box getting owned was my groups. We were two busy fixing the LDAP server and forgot to change the default password of the BSD box from "password" because they were on the same machine (we had a virtual machine set up for our competition. This had its annoyances, but we could quickly recover from hacks by doind a revert to snapshot with VM ware. They probably disabled the revert feature in later competitions as in a real business environment, which they were trying to simulate, reverting could cause massive data loss.) Towards the end when things were winding down, one team had gotten owned really hard and wasn't about to recover, so they started doing trick programs on them. At one point, they had a screen cast of one of the competitors computers running on their own so they could see exactly what that school was doing. So they ran a trick program that made it look like it was running the Vista install process. We quick ran over and saw them frantically trying to cancel it with no effect. And then they ran a delete all on that computer. Even though my team lost, we had lots of fun and I was able to learn a lot. We'll be back next year (Millersville University) and hope to regain our position of at least 2nd place at Nationals, which we had for the 2 previous years.