Students defend against hackers in Cyber Defense Competition

With the click of a keyboard, an entire city is left in the dark without access to power or water, all at the hands of a few computer savvy criminals.

The company behind these systems, The Careless Distribution of Currents, was just one victim of the many hundreds of cyber attacks that affect businesses, homes and individual consumers every day.

Despite the resemblance to a modern day news story, the company does not exist and the attacks that left citizens unable to turn on their lights never occurred.

Instead, this story is the foundation for the 2016 ISEAGE ISU Cyber Defense Competition, a day-long, team-based event challenging students to secure vulnerable computer systems while fending off malicious hackers.

Using the real world as a template for the competition, a scenario is created each year for the competing teams, which must complete specified objectives in order to secure valuable digital information.

The event is divided into three teams: the blue team, student-led groups; the red team, security professionals within the industry whose sole focus is to disrupt the blue team’s progress; and the green team, members of “The Careles Distribution Center” who test the functionality of each team’s servers.

The teams work in tandem to create a tug of war effect as each play an integral role in either the destruction of a team’s infrastructure or propel them into first place.

New to this year’s ISEAGE event, which took place Saturday, was the addition of new cyber-physical challenges in the form of power and water systems that require constant attention from competitors.

“Normally at ISEAGE you have a fake company and their website and services, which it provides to employees and customers,” said Keane O’Kelley, graduate in electrical and computer engineering and ISEAGE event director. ”With cyber-physical, the scenario is a power and water company, so not only are there website and file services, but in addition there’s pump stations, power relays, etc., which are all virtual in which students must secure.”

O’Kelley sees these changes as integral toward teaching students the ins and outs of information assurance and creating the most accurate representation of a real-life scenario.

“This is important because nowadays everything is so connected in the real world — all of our water systems, power supplies and scada control systems are all on the internet,” O’Kelley said. ”This is not very safe usually, so this kind of emulates that and shows students that these things are horribly insecure by default and makes them go out of their way to make them safe.”

In order to mirror this valued information and system control that entices hackers, virtual flags are created within each team’s services and network. Those who can protect their “flags” from being compromised and keep access to the web and other services online gain points, while those who lose flags to the red team hackers lose their points.

To prepare for the continuous eight-hour cyber attack on competition day, teams are given three weeks to create and secure their networks.

During this time, many teams take advantage of weekly “lab jams,” where student experts can offer help to lingering questions that may be affecting a team’s progress.

In a small room, soft electronic music drowns out the sound of hundreds of clicks and scrolls as teams prepare their systems and divide tasks among teammates.

Among the 20 teams that competed at this years ISEAGE, Team Eleven and the Pink Unicorns had high hopes for their team’s chances at victory as each team had returning competitors as well as new teammates.

Thomas Kirby, junior in software engineering and member of Team Eleven, recalls his team’s focus on individual tasks a week from competition day while also helping a new member learn the ropes of cyber security.

“At that point, we were working on a general setup, which was actually making the servers themselves, as well as creating firewalls and adding users,” Kirby said. ”Our new member, Jake, didn’t know exactly what he was doing but was asking questions on how things work and we were helping him through that.”

Team Eleven’s newest member, Jake Helgerson, senior in agronomy, competed in his first ever ISEAGE competition this year, which was an experience he found challenging but rewarding.

“The actual competition was a blast but confusing, as I’ve never had any experience with cyber security,” Helgerson said. ”However, the group itself did an excellent job in teaching me. It’s a lot like throwing you in the deep end and forcing you to swim, but they give you many opportunities to fail before the event date.”

Isaac Tegeler, sophomore in computer engineering and member of the Pink Unicorns, had a much different experience during his team’s lab jam sessions.

“The hardest part is having no idea what’s going on the whole time, which is the beginning of learning the stuff,” Tegeler said. ”I understand the networking aspect, but I don’t know how to secure the machines. It’s pretty hard to learn how to start building the website. I haven’t had a formal class in this so it’s been difficult to jump right in.”

Kirby sees the changes made toward the cyber-physical aspects of the competition as an important focus but not one that will radically change the way his team approaches the event.

“That’s not as important but creates a slight change in the scoring system,” Kirby said. ”As the scada systems, which are water and electricity, if they are ever turned off we will start to lose serious points. Obviously this is because if you don’t have water or power, bad things happen, and because they are referencing a physical thing, there’s a significantly different way of securing them.”

As for competition day, the process is anything but conventional, as real world simulated events demand students to be concentrated and alert for the entire day.

Students in real time can check the status of their waves and other team’s servers, as waves of destructive “scripts,” files containing commands that can be read by the computer, are sent to each network by the red team throughout.

“The day starts off calm as teams servers are up, but you can soon tell when those waves of scripts are coming as like five teams will go from green to all red,” Kirby said. ”It gets a little bit intense.”

Randomized tasks, coined anomalies, also affect teams in unique ways from deciphering a message to managing the company’s website.

“These anomalies are tasks throughout the day that might be something like a user was just added to the company and must be added to the system or got fired, which all form together toward the scoring of the team as well,” O’Kelley said.

Much like a real company, fire drills are routinely used to get students away from their computers while also testing their ability to secure their information effectively. It also forces competitors to question every move made by anyone not related to their team.

“In year’s past, they’ve had fire drills where everyone has to leave their computers, then the red team would walk in and anyone who didn’t lock their computer would have all their information stolen from it,” Kirby said.

Given the attention to detail toward creating a realistic environment for students to participate in, many see ISEAGE as an opportunity to learn as well build experience toward a future job.

Alumni who have worked within or a part of the ISEAGE competition have been seen working with companies such as Google, Microsoft and Boeing. O’Kelley sees that many students treat the occasion as a way to build their résumé and own personal cyber security knowledge.

“Even though we do things such as prank calling the white team, it is something we do take seriously,” Kirby said. ”Because if you do well, there have been situations where people have been waiting in line at career fairs, and due to them doing well at ISEAGE, higher level companies will know who they are and pull them out of line.

“Regardless of where you are doing in software, knowing how to secure something properly has no downside.”

Security professionals and businesses looking to hire new talent also make their way to the event.

“There’s people from many companies at the event such as Rockwell-Collins and Union Pacific who try to recruit you while you’re there,” Helgerson said.”They talk to everyone, and just given the fact that you showed up means a lot to these companies.”

Tegeler, of the Pink Unicorns, also enjoys the educational side of ISEAGE.

“I really enjoy building the network and deciding how that will work along with the location of firewalls and the different machines, I find it very interesting,” Tegeler said.

At its core, however, ISEAGE is still about engaging software engineers in an intense but fun competitive atmosphere.

“Many people do this for a hobby,” O’Kelley said. “I know some don’t want to go into software engineering as a career but love the competitions and love to compete.”

After the dust settled Saturday and eight hours worth of hacking and defending had passed, the Pink Unicorns and Team Eleven placed sixth and seventh overall, respectively.

Although his team made mistakes, the experience Helgerson gained was enough for him to plan to return next year for more cyber defense action.

“I was thankful to be on the team because they were accepting of it being a learning experience for me, and more importantly, not getting upset while I was trying to learn,” Helgerson said. “I plan on returning next year.”


Leave a Reply