Cybersecurity challenge down to an elite eight
Finalists advance to next month’s final round of National Collegiate Cyber Defense Competition
- By William Jackson
- Mar 30, 2009
It wasn’t all bad news for the University of Pittsburgh over the weekend.
“I’m happy to say Pittsburgh fared far better in the Regional Collegiate Cyber Defense Competition than they did against Villanova in [men's] basketball,” said Ron Knode, one of the organizers of the Mid-Atlantic regional contest.
Pittsburgh’s cyber defense team will be advancing to the national competition next month at the University of Texas at San Antonio, beating out George Washington University, James Madison University and the defending regional champ, and the Community College of Baltimore County.
Pittsburgh’s number-one ranked men's basketball team fell over the weekend to No. 3 Villanova, 78-76. Villanova advances to the men's basketaball Final Four.
The National Collegiate Cyber Defense Competition (NCCDC) is March Madness for geeks, with teams in eight regional competitions vying for the right to go to the NCCDC, a three-day event hosted by the UT- San Antonio’s Center for Infrastructure Assurance and Security. This year’s finals will be held April 17-19.
The NCCDC bills itself as the first competition focused on the operational aspects of managing and protecting an existing commercial network infrastructure. Under the contest scenario, teams “inherit” a small existing network that they must administer and secure against a hostile red team. They have one hour to familiarize themselves with it and begin bringing it up-to-date with security patches and configurations before the attacks begin. During the contest they are scored on their ability to continue providing network services, including e-mail, Web sites and data access to end users.
The competition is intended to duplicate security and operational challenges the students will face as they enter the job market.
Other regional champs advancing to the nationals include last year’s national winner, Baker College of Flint, Mich., from the Midwest region; Dakota State University from the North Central; Northeastern University of Boston from the Northeast; University of North Carolina, Charlotte, from the Southeast; Texas A&M from the Southwest and California State Polytechnic University, Pomona, from the West Coast. The Northwest regional has not yet named a winner.
All participating teams went through a qualifying round in January to participate in the regionals. The Mid-Atlantic regional was held March 27-29 in Hunt Valley, Md. Last year’s winner, Community College of Baltimore County, came in fourth this year. This was a rebuilding year for Baltimore, most of last year’s team having graduated, said Knode, director of Global Security Solutions for CSC, and a member of the advisory board of CyberWATCH, the Washington Area Technician and Consortium Headquarters, which organized the regional competition. The competition was administered by White Wolf Security of Lancaster, Pa.
Each team has a maximum of eight students, although some teams are not completely filled out. This year’s four Mid-Atlantic teams had a total of 29 students. The red team, which in the past has included the Secret Service, this year was drawn from a number of aerospace and defense companies, seasoned with a few graduates of the contest.
“This probably was the most complex competition we’ve run,” Knode said. Each team had 14 computers plus networking gear to maintain and defend, and a System Control and Data Acquisition (SCADA) network was thrown in, along with Voice Over IP.
None of the teams performed badly, Knode said, but Pittsburgh did not make mistakes.
“You can’t afford to have a bad day,” Knode said. “Pittsburgh had no bad day. All of the other teams had one bad day.”
William Jackson is freelance writer and the author of the CyberEye blog.