Security News #0x6C: The MACCDC Edition
If you have never had a chance to go down to down to a local or national collegiate cyber defense competition (CCDC) then you are missing out. If you are a faculty member or a student, get a team together and compete! If you are a community member then come out and volunteer. Help out as Red Team or White Team, or just come down to show everyone your support.
This past weekend my students participated in the Mid-Atlantic Collegiate Cyber Defense Competition, and as always we all had a great time! The theme of this year’s event was that the team was supporting state emergency management responding to a major state-wide blizzard. Let’s be honest, after this winter, this scenario is not all that far-fetched either! My team got into the theme; here are some, fully prepared, at the start of day 2
The action in the pit was fast and furious this year. In keeping with the scenario, it was split into two locations. The students had a headquarters unit which was set up at the start of the event; they also had a remote site with equipment simply in boxes. To emphasize the storm, students were restricted from passing between sites.
Once the action starts, the folks from Red Team took them apart. This year’s Red Team was one of the best I have seen in nine years of coaching teams that participated in the mid-Atlantic CCDC. These folks are all volunteers who take time (and money) to help the students and pwn them unmercifully.
Sometimes Red Team would come out to the pit to play a little “let’s make a deal”, and promise not to inflict more damage in exchange for one or more attacker flags.
Other times, they just came out to see how many Nyan Cats they could see crawling across screens. Generally, if you reboot a system and all you see is Nyan Cat crawling across the screen, then, well, the student team is not having a good day.
One of the cool features in this year’s event was the programmable badges. These were set up to act as aircraft radio transponders, though so as not to confuse real aircraft, they used the 2.4 GHz band. These were then scanned and recorded as part of the exercise. The students got their badges in a small kit that had to be assembled before they could be used, and so even before the competition officially started, they had work to do.
There were a number of notables at the event; the folks from Paul’s Security Weekly were there with a full set doing a live podcast of the event.
The local hacker space Unallocated Space was also there with a table. They brought along a number of cool things, including a plasma speaker, a MAME system in what appeared to be a MS. Pac-Man console form, and a contest for those who could re-program their sign. Most cool.
All in all, it was a great time. To top it all off, my student team won the event; they are now headed out to San Antonio for the National CCDC next month.
Now a lot happened in the world of security this past week as well and I hope to talk about that stuff later in the week. Spending three days at CCDC was great, but it did leave a pile of work to do at the office!