UTSA pits college-age whiz kids against faux hackers to determine the best of the online sentries
Seven or eight kids, each gifted with specific computing skills and abilities, team up to build and maintain highly advanced technology and defend Earth from evil would-be conquerors, all the while teaching us the importance of working together to solve our problems. It sounds like any Saturday-morning cartoon you might’ve watched in the ’80s, but the fantastic becomes real when young men and women from across the country convene this week in San Antonio to perform those very same feats of derring-cyber-defensive-do.
|Clockwise from front: Ashley Price, Andrew Benton, Jacob Silva, Jacob Hammack, Gabriel Cornyn, Dylan Kulesza, John Panozik, and Jeremy Teale. (Photos by Mark Greenberg)|
OK, maybe “defending Earth from evil would-be conquerors” is a bit dramatic, but the skills displayed at the first-annual Collegiate Cyber Defense Competition, April 21-23 at the San Antonio Airport Hilton, could very well save a business or government from ruin at the hands of cyber-invaders. The competition, hosted by UTSA’s Center for Infrastructure Assurance and Security, will drop student teams from UTSA, the University of North Carolina-Charlotte, Southern Illinois University at Carbondale, Pennsylvania’s Millersville University, and a team of military-service cadets into the middle of a realistic business-network scenario and require them to keep the network running while completing various business tasks and warding off attacks from a “red team” made up of cyber-security professionals. Points are awarded based on the team’s success with each task. The top-scoring team at the close of the three-day event will be the first national cyber-defense champions.
The CCDC began life two years ago when CIAS answered the call of representatives from the political, educational, and industrial spheres for a means of encouraging and showcasing college-age cyber-security talent. And while there were several universities and organizations that supported the CIAS plan, most were resistant to involvement in the project without a guarantee that the time and effort would pay off.
“Other groups were telling us, ‘Yeah, this sounds great, but will it work?’ So we had to try it out here before we sent the model to anyone else,” says Dwayne Williams, assistant director for information security systems with CIAS.
Following the success of the first regional competition, restricted to Texas teams and held in April 2005, CIAS forwarded the implementation model and results to interested parties in the original four regions — the Midwest, Southeast, Southwest, and Mid-Atlantic — who used them as the prototype for their own programs or, in some cases, copied the UTSA plan outright.
In a tantalizing coincidence, UTSA’s own cyber-defense team is representing the Southwest region at this year’s competition. Gabriel Cornyn, a junior at UTSA and the team’s spokesman, smiles sheepishly at the suggestion of favoritism, and offers proof that he and his teammates earned their spot in the big show honestly. “Last year, at the regionals, we came in dead last,” says Cornyn. “We had negative points after the first day. This year I felt like we were consistently on top of our game, we didn’t miss anything. By the second day we were in first, and we just stayed there.”
For Cornyn and teammates Dylan Kulesza, Ashley Price, Andrew Benson, Jacob Hammack, Jacob Silva, and John Pandzik, staying on top of their game for nationals means spending night and day in front of humming electronics, buried face-deep in manuals. And even though the contest is scheduled with specific beginning and end times each day, the students will spend much of their downtime practicing and trying to anticipate what tasks or attacks might pop up the following day. In case willpower isn’t enough to keep team members awake, Think Geek, one of the CDCC’s sponsors, has donated a box of caffeinated soap — four-ounce translucent bars that smell like Big Red gum by way of Barry Bonds’ pharmacist and pack a 2.4-gram caffeine punch that’s absorbed through the skin.
Other sponsors are less interested in turning students into shower addicts than in monitoring the capabilities of tomorrow’s employees. The Department of Homeland Security, Cisco Systems, Northrop Gruman, and others have donated money and equipment to CIAS to keep the competition level with current technology and provide transportation to San Antonio for the regional champions. Quid pro quo, Homeland Security and National Security Agency officials will be in attendance, scouting each team for future wire-tappers and privacy warriors. Pessimism aside, Cornyn is eager to attract the positive (i.e. legal) attention of the NSA. “They’re having trouble right now,” Cornyn admits, “but the work they usually do, info gathering, etc., is really interesting.”
Perhaps the NSA will learn something from the students and the competition while they’re at it. Williams emphasized that, despite the “cyber defense” moniker, at least half of the competition concerns business practices and, to an extent, ethics. “We monitor the network at all times,” says Williams, “to make sure that their equipment is running, but also to make sure they aren’t doing anything they aren’t supposed to.” Perhaps the team members that go on to careers in the defense and security industries will bring with them the CCDC competition’s lesson: that efficiency and protection don’t have to come at the cost of the soul.
And if not, at least they’ll all be squeaky, tweak-y clean.