CyberForce 2018

December 17, 2018
inl group photo

Students from CEDAR and DATDA recently traveled to Idaho National Lab in Idaho Falls to compete in the Department of Energy CyberForce Competition, a national cyber security competition hosted across several national labs across the nation. The focus of this competition was on securing Industrial Control Systems(ICS), the electronic systems that control and monitor the critical infrastructure of our nation. Using a combination of both hardware and cloud based systems, competitors were tasked with securing a set of services provided to them to create a secure and usable work environment for a fictitious company given in the competition scenario. Unlike many of the lab's previous competitions which were structured as a 'Jeopardy' style game, this competition was an Attack and Defense style competition where systems are actively being attacked by outside hackers. Student competitors were assigned as the ‘Blue Team’, and all while being attacked by ‘Red Team’ hackers were expected to keep their systems operational and usable to members of the ‘Green Team’ who would test the many services that should be present in the system. The competition not only consisted of working with virtual machines in the cloud but also gave students real-world feedback into their systems by providing teams with a physical control system. The physical system consisted of four raspberry pis and a basic solenoid controlled water pump to simulate some critical cyber-physical system that is common in many manufacturing and energy plants.

The group of CEDAR and DATDA students from the University of Wyoming all agree with the fact that this was an immensely informative experience and learned a great deal of knowledge including:

  • How to configure and secure many new system components that students had not had previous hands on experience with
  • Integrate multiple various system components into one cohesive system
  • Learn how many different system services need to be properly configured and how those configurations may still fail
  • Learn how to behave in an active hostile environment, where the hackers are already in your system and you know that fact
  • Best common practices for dealing with system elements that are inherently insecure

The students performed admirably for most of the challenge before finally succumbing to the power of the Red Team members and finishing 39th out of a total of 70 teams nationwide. However, at the end of the competition students were able to sit down with the members of the Red Team that were attacking their systems and gained valuable insight into exactly how the hackers were able to penetrate their systems so that they may better configure and secure them in the future.

CEDAR and DATDA are always looking for new challenges and competitions and have several planned for the rest of the fall. If you are interested in joining CEDAR or have any questions about the lab please visit here. If you interested in joining the cybersecurity RSO(DATDA) please visit datda.tk.

 

Find us on Instagram (Link opens a new window)Find us on Facebook (Link opens a new window)Find us on Twitter (Link opens a new window)Find us on LinkedIn (Link opens a new window)Find us on YouTube (Link opens a new window)