RIT places third in cyber defense competition
Future leaders of U.S. cybersecurity practice defending electric grid and critical systems
Rochester Institute of Technology’s cyber defense team took home third place at the 2015 National Collegiate Cyber Defense Competition held April 24-26 in San Antonio. This is the third consecutive year that RIT has been among the top contenders, placing second in 2014 and winning the national title in 2013.
During the two-day competition, 10 of the best student teams in the nation worked to fend off cyber attacks from a team of industry professionals, known as the red team. Defending NCCDC champions University of Central Florida took home the first-place trophy, while University of California–Berkeley placed second.
In the real-world scenario, student teams learned to defend against cyber attacks that could threaten to shut down the U.S. electric grid. Students were “hired” as a replacement IT team for a mock power grid company named Stark Energy and were tasked to maintain all of its administrative and protective services.
“In my three years on the team competing at the national competition, this year was the most difficult year yet,” said Bryan Harmat, a fourth-year computing security student and captain of the RIT team. “We were given a large topology and had to manage devices that we had never touched before.”
Teams were scored based on their ability to detect and respond to outside threats and to maintain availability of existing services, such as email servers, Web servers and file servers. They also had to manage the devices that control the electrical grid, gas grid and other core infrastructure systems, known as the SCADA systems. In 2014, the director of the National Security Agency and head of U.S. Cyber Command noted that China and “one or two” other countries are capable of mounting cyberattacks that would shut down the electric grid.
The RIT team also took the third-place trophy in the Panoply event, a capture-the-flag-style network attack and defense competition. In the optional Panoply event, a team of four members attacked multiple networks, scoring points for how many systems they could successfully secure and protect.
The competition also stands as an opportunity for students to meet industry professionals and sponsors in hopes of getting jobs with these organizations.
“Throughout the entirety of the competition, representatives from companies such as Raytheon, Amazon, Facebook and Hershey’s were in and out of our room watching us work as a team,” said Tyler Fornes, a computing security graduate student. “We received many compliments on the way we handled incidents and worked together.”
The RIT student team is made up of Harmat, who is from Worcester, Mass.; Fornes, who is from Springville, N.Y.; Ian Flournoy, a third-year applied networking and systems administration student from Rochester, N.Y.; Michael Salsone, a fourth-year computing security student from Rockville Centre, N.Y.; Scott Vincent, a fourth-year computing security student from Schenectady, N.Y.; Jaime Geiger, a fourth-year computing security student from Sterling, Mass.; Edward Mead, a fourth-year computing security student from Rochester, N.Y.; Jared Stroud, a fourth-year computing security student from Pike, N.Y.; Tommy Chin, a computing security graduate student from Scarborough, Maine; Stanley Chan, a fourth-year computing security student from Brooklyn, N.Y.; Corinne Smith, a third-year computing security major from Elverson, Pa.; and Benjamin Bornholm, a second-year computing security major from Royersford, Pa.
The RIT team is coached by Bill Stackpole, associate professor of computing security, and Bo Yuan, associate professor and chair of RIT’s Department of Computing Security.
Other participants in the national competition included Southern Utah University, University of Nebraska Kearney, University of Alaska Fairbanks, University of Texas at San Antonio, ITT Tech Boise, University of California–Berkeley, University of Maryland–Baltimore County, DePaul University and University of Central Florida.