Wahoo winning streak

University of Virginia earns third consecutive cyber championship

Maggie Gates, University of Virginia cyber defense team captain, works with the BLUESPAWN tool.

Maggie Gates, University of Virginia cyber defense team captain, works with the BLUESPAWN tool, which helped identify and mitigate “red team” malware. The tool, created by her teammates, helped UVA win its third consecutive National Collegiate Cyber Defense Competition championship.

The reigning National Collegiate Cyber Defense Competition champions from the University of Virginia almost didn’t make it to this year’s finals. They lost their regional, finishing as the runner up. Fortunately the competition introduced a new “wild card” category, and UVA beat out eight other second place teams to earn a spot in the championships. Thanks to that momentum, they sailed through the championships, held May 22-23, winning the top spot for a third time in a row.

“The regionals were challenging; we had issues with our firewall that we were unable to recover from,” said Maggie Gates, University of Virginia cyber defense team captain. “We were still a little bitter about losing the regionals, so we needed to redeem ourselves in the wild card round and in the championships.”

For the past seven years Raytheon Intelligence & Space, one of the four businesses that form Raytheon Technologies, has presented NCCDC, the first collegiate competition to test cyber defense skills modeled after real-world attack scenarios. The company has seen how the practical application of cyber defense skills encourages more students to pursue cybersecurity careers. Because of the global pandemic, this is the first time the championship and most of the regionals were held virtually.

“One of the greatest aspects about the competition is the ability to network with all the awesome people in the industry – the sponsors, the red team, the other teams,” Gates said. “It’s great to be able to hang out with the red team and learn what they did and how they did it.”

The University of Virginia team successfully protected the network of a fictional automotive parts corporation specializing in performance parts designed with proprietary research and development. A “red team” of ethical hackers carried out multiple attacks on the 10 teams using the same tactics and techniques as real-world bad actors.

Not only did the teams need to detect and protect their company’s intellectual property, customer data and employee records, they had to keep their network up, which included cloud and remote office systems, and keep online critical services available for users like web access, email servers and e-commerce sites. And they had to conduct business remotely because of the COVID-19 pandemic.

“Usually, we’re all huddled in a room together, looking over each other’s shoulders, passing notes back and forth, because communication is key in the competition,” Gates said. “We were still able to communicate, but we just had to use an app – Discord. While the virtual aspect was harder, it was made easier since we all trust each other’s skills and abilities, and if one of us says, ‘I got this,’ then we move onto something else.”

Dwayne Williams, NCCDC director, credits consistency as one of the reasons the University of Virginia has built a digital dynasty with its three-year winning streak as champions.

“Every year, they’re consistently good in all aspects of the competition,” Williams said. “Some teams will be great in one area but weak in others…not UVA. In the past three years, they’ve been at the top across the board, maybe not the best in some categories, but this year, they were dominant. Plus, they have several superstars on their team.”

One of those team members is Jake Smith, Virginia’s Windows lead who was also a Raytheon Intelligence & Space intern for the past year. Together with teammates Jack McDowell, Calvin Krist, and Will Mayes, he developed an open source cyber defense tool, called BLUESPAWN, which detects, identifies and eliminates malicious activity and malware across a network. In fact, several of the other NCCDC teams used the software to help fend off the “Red Team.”

“We were really happy that the other teams were using it,” Smith said. “By equipping the defenders with better tools, we made it more difficult for the red team to infiltrate our systems. It raises the playing field for everyone.”

Williams said that it became an “arms race,” of sorts, with the red team developing its own tool, REDSPAWN, to counteract the blue teams. So was the red team successful in defeating BLUESPAWN?

“We won, didn’t we?” Gates said.

University of Virginia came out as the top finisher capturing the Alamo Cup in the 15th annual competition, which began with a field of 240 teams. The University of Central Florida came in second, and Stanford University placed third. The top 10 schools that competed in NCCDC, winning their regionals include:

  • At-Large: University of Central Florida
  • Mid-Atlantic: University of Maryland, Baltimore County
  • Mid-West: DePaul University
  • Northeast: Rochester Institute of Technology
  • Pacific Rim: University of Washington, Seattle
  • Rocky Mountain: Red Rocks Community College
  • Southeast: Kennesaw State University
  • Southwest: University of Tulsa
  • Western: Stanford University
  • Wildcard: University of Virginia

Sponsors of NCCDC include government agencies, colleges and commercial companies.

“We need cyber defenders who have practical experience and not just book learning,” said Jon Check, Raytheon Intelligence & Space Cyber Protection Solutions senior director and a University of Virginia graduate. “NCCDC allows us direct contact with colleges and universities that teach their students to tackle real-world scenarios, preparing them for careers in cyber. It not only benefits us; it really benefits our way of life.”

Published On: 06/01/2020