With over 150 students competing, as well as industry professionals participating alongside, the environment was electric at the Active Learning Center in Coover Hall as the world's largest cyber defense competition took place at Iowa State.
Doug Jacobson, university professor of electrical and computer engineering and co-organizer for the ISU Cyber Defense Competition on Sept. 25, described the happenings as “a sort of celebration or party.” Two weeks of hard work and preparation went into this much-anticipated event, culminating in both an exciting, as well as educational, night from the caffeine-infused teams.
Brian Reber, senior in computer engineering and captain of Team QWERTY, the winning team in the competition, describes what goes into preparing for such an event.
“When preparing for a cyber defense competition, the first goal is to get all of the [user-oriented] services working properly," Reber said. "If a service isn't running at all, the team will lose a lot of points throughout the competition."
Jacobson elaborated on this point.
“They’re also given things [systems] that are already existing," Jacobson said. "These are not necessarily the most secure things, so they have to, within the parameters, figure out how to secure some of the stuff they’re given. That’s what they have to do in the two weeks [leading] up to it.”
Once these services are set up, security is the next priority, something that bears plenty of importance.
“Our team spent a fair amount of time examining the services for potential security problems” Reber said.
While the process of setting up and securing services may not appear to lend itself well to team competition, there is a twist. A team of professionals, called the Red Team, penetrates and exposes weaknesses in the teams’ (collectively known as the Blue Team) services. This forces each team to adapt on the fly, a la a security breach that could very well occur in their profession.
This whole process is overseen by the Green Team, who observes the functionality and usability of the Blue Team’s systems. Ultimately, the team that has the most secure system and can adapt best to the Red Team onslaught, wins.
While this event certainly has a technical aspect to it, all are welcome to join, regardless of prior expertise.
“The main 'skill' needed to participate is a desire to learn," Reber said. "It is a learning experience for everyone involved — even the people that are returning for a second or third year.”
Adding to this point, Jacobson said: “There’s a lot of learning done on the fly. We even have freshmen that participate.”
Reber said the event is affiliated with a student group called the Information Assurance Student Group. If one does not want to throw themselves right into the throes of competition initially, Reber said the club hosts “weekly meetings where they talk about different security/network related topics.” These topics range from “setting up servers, Wi-Fi security, social engineering and much more.”
This club can serve as a platform to spark interest in cyber defense, as well as give a student a basis for the knowledge they will need to be successful in both competition as well as in the professional industry.
This competition was the world’s largest cyber defense competition and Jacobson only sees more growth for the event in the future.
“I think it’s going to continue to grow," Jacobson said. "The demand for security professionals is way larger than the supply. We see this as a great opportunity for students, and as more students become interested to participate in the future.”