The University of Central Florida Knights are cyber champions once again.
After dominating the National Collegiate Cyber Defense Competition for three years in a row – then finishing for three as runners-up – the team has taken top honors at the 2021 competition, presented by Raytheon Intelligence & Space, a Raytheon Technologies business.
The team was “on a mission – absolutely focused on winning,” said NCCDC Director Dwayne Williams.
“Nothing tripped them up. Nothing bothered them,” Williams said. “They weren’t harried, and they never got distracted from their game plan.”
NCCDC, the nation's largest competition of its kind, gives cybersecurity students from across the country a chance to test their skills. In its 16th season, the 2021 tournament brought together grads and undergrads from more than 168 colleges and universities to compete for the annual Alamo Cup. Qualifying and state rounds lead to nine regional competitions across the nation.
For this year’s competition, participants responded to a simulated attack on a fictional solar power company called Malachor. The 10 eight-member teams were responsible for business IT operations, keeping all services, in the cloud and at remote locations, up and running like company websites, email servers, e-commerce fulfillment systems, and HR and timekeeping systems.
They also had to respond to a host of requests from management, employees and customers. All the while, they fended off attacks from the white-hat hackers who are trying to steal intellectual property, customer data and employee records as well as plant malware, tamper with systems, shut down critical services and generally wreak havoc on their networks.
Key to winning: practice, practice, practice
The UCF team practically ran away with this year’s finals, Williams said.
They swept nearly every scoring category, thanks in no small part to their work ethic.
“They have a culture of constantly training,” he said. “They do research, reviewing a history of the red team’s past after-action reports.”
More than four months before the finals, the team began practicing twice a week and holding a scrimmage once a week. And those were just the scheduled sessions.
“We put in so much more time than that,” said Michael Roberts, UCF team captain. “We’re constantly practicing as well as constantly competing. We realized that the more we practice, the better we're going to be able to keep out the red team, the better we're going to keep our businesses running, our critical services up, and the better we're going to complete our [business] tasks.”
Roberts’ twin brother, Martin, is also a member of the winning UCF team. Both are graduate students in digital forensics. The team’s coach, Dr. Thomas Nedorost, recruited the brothers after meeting them at a cyber summer camp in 2015.
“I later visited them at their high school in Winter Springs, Florida, and invited them to attend our security club meetings at the university on Friday afternoons,” Nedorost said. “Michael and Martin would show up pretty much every week, bringing along several of their classmates. They were very focused and dedicated from the start.”
That focus pays off, particularly at the start of the national competition, Martin Roberts said. He compared it to the opening moves in a game of chess.
The team employs what they call their “30-minute strategy,” locking down their network at a furious pace.
“It lays the groundwork for the entire competition,” Martin said. “We need to secure all the virtual servers, and if we don't do that fast enough, the professional penetration testers will get in, and they will stay in.”
Like any other adversary, once the red team gains access to a team’s network, they plant malware on the systems and establish a foothold in the network, all while remaining undetected.
“Once they’re in, we just won't be able to kick them out,” Martin said. “So, it’s a real race, and we want to cover as many security flaws as we can on every virtual server. Then over the next two days, we're kind of hunting for the processes that they might’ve laid and looking for extra security flaws that we might have missed.”
Like last year’s competition, this year’s National Collegiate Cyber Defense Competition was held virtually, with team members competing from homes and dorm rooms. This year’s competition began with one large Zoom call with all the teams, and then the 10 teams went into their own breakout rooms, each one having a remote judge scoring their tasks and actions.
“It sort of simulates today’s real-world environment, where people are working through Zoom, getting on conference calls and collaborating remotely,” Michael said.
Why Raytheon Technologies supports cyber competitions
According to one Raytheon Technologies cyber expert, hackers are enjoying a field day because of the pandemic and the dramatic increase of employees working remotely.
“Even with widely deployed solutions like VPN, the attack surface has increased exponentially because there are so many people working from home,” said Jon Check, senior director, Cyber Protection Solutions for Raytheon Intelligence & Space. “Someone’s home router connection can be an easy entry point and adding to that problem are all the business devices now connected to that home router. We’ve seen a huge increase in threats and attacks, and we need even more cyber professionals to protect us.”
According to Check, the unemployment rate for those in cybersecurity career fields is about “zero percent.” Students who compete in cyber competitions like NCCDC are ideal candidates for companies like Raytheon Technologies, he said, and the competition among employers vying for their services is “fierce.”
The NCCDC competitors simply “have a passion for it,” Check said. “They understand you can’t do anything without a team. They have a continuous thirst for knowledge; they’re continuously learning. They stay relevant because the threats are always evolving.”
Another quality these students share is a common goal: “Defending our way of life,” Check said.
“They’re solving the same problem, and it just helps us as a nation,” he said. “That’s what drives me. The work that we do is important, and that’s not lost on these students.”