A team of undergraduate engineering students from UC Riverside placed first in the 2021 Collegiate Cyber Defense Competition Regional Qualifiers and will move on to the regional competition. In Collegiate Cyber Defense Competition events, teams compete in a cyber defense scenario designed to test their information technology mettle against a live team of professional industry penetration testers, while maintaining critical business infrastructure.
“The variety of information covered in the competition gives us a real opportunity to learn an incredible amount about many different technologies. We only have a small window of time to figure out what is wrong and fix it. The stress combined with the large workload provides a really fun and engaging learning environment,” said team captain Anthony Hallak.
The competition consists of three rounds: a qualifier, a regional, and the final national round. Teams placing in the top eight in the qualifying round move onto the regional round. If the UCR team places first in the regionals, it will move on to the final national round.
The UC Riverside team dramatically improved upon its fifth-place ranking in 2020’s competition. The basic premise of the competition is: “You have just been hired as the network and security administrators at a small company and will be taking administrative control of all information systems. You know very little about the network, what security level has been maintained, or what software has been installed. You have one hour to familiarize yourself with the network and systems and to begin the security updates and patches before the red team starts actively attacking your company. In the midst of all the commotion, you have to keep up with the needs of the business and user demands while maintaining service level agreements for all critical Internet services.”
This year, the competitors had to figure out why a company’s POP3 and IMAP were down, preventing users from sending emails, and fix the problem. The UCR team looked at logs and configuration of the email server. After a few minutes of trying to diagnose the problem, they found that server was properly running but the service was still down. The team figured out the problem was a compromised database on a separate machine that the email server relied on to find users. By restoring a backup of the database and filing an incident response form, the UCR team got the POP3 and IMAP services back up and running.
“The possibility of being attacked at any moment and from anywhere kept us on our toes,” said team member Kobe Braga.
Co-captain Elise Lin and teammate Nathan Melwani enjoyed getting to know the business side of technology. They were impressed with the effort the organizers put into creating realistic business scenarios, a complicated environment with both popular and custom technologies.
Team members Saul Gonzalez, Kanin Liang, Kunal Mittal, and Jino Sirivatanarat appreciated the dynamic, stressful environment that demanded adaptability and on-the-spot learning.
“Half of the time you’re trying to figure out what’s wrong with the systems, the other half you’re wondering why the systems are still somehow up. There’s barely any time to think about anything else,” said Mittal.
Eight finalists from 18 university and college teams in California, Arizona, and Nevada will move on to the regional competition.
To prepare for the regional competition, the team is practicing previous scenarios. Some scenarios include infrastructure requests, policy forming, and cyber investigations.
“Each team member is a piece in a machine. One person’s mistake is everyone’s mistake and we have to work well together to properly coordinate responses to incidents as they happen,” Hallak said. “The captain makes sure the machine is running smoothly. Delegation, helping business requests, answering questions, and keeping track of progress during the competition is the crucial key gluing our team together and keeping everyone moving forward.”