UVA’s Blue Team Makes Strides Up National Cyberdefense Rankings
Agood cyberdefense is, well, a good defense.
The University of Virginia’s student cyberdefense team took first in the Mid-Atlantic Collegiate Cyber Defense Challenge competition, held March 22-23 at Prince George’s Community College in Largo, Maryland. The team advances to the national finals, to be held April 25-27 in San Antonio.
In a role it’s played before, the UVA team was the Blue Team, defending its “business” against Red Team hackers to make sure the business continued to operate by repairing flaws in data systems and defending against an incursion.
Drawn from members of UVA’s Computer and Network Security Club, the squad consisted of Chris Marotta, captain; Alek Schultz, business lead; Austin Tran, networking lead; Chase Hildebrand, Linux lead; Lulu Han, Windows; Charlotte Miller, Windows; Shreyas Mayya, Linux; and Nick Winschel, Linux. The team defended the network of the fictional firm of Teile and Stücke. The system they were defending was twice the size of previous networks with which the team worked, and they had to fight off more hack attempts.
“At the end of the day, we have two goals for these competitions: to defend our systems and complete the tasks that we have been assigned to the best of our ability,” team captain Chris Marotta said. “While in theory it sounds simple, the fact that our systems are being actively attacked by the Red Team makes things difficult. Being able to effectively manage our time and prioritize tasks is really important in competitions. I personally think we did a really good job at trying to handle all of the things going on.”
The team worked at three tables amid a cluster of cables, setting up for a 9 a.m. Saturday morning start.
“We had enough space for our laptops, a couple monitors to follow the status of our services and our keyboards,” Marotta said. “We had to keep our printed documentation in our laps. Aside from being a lot more cramped than usual, the other change we made was the order people sat around the table.”
The team changed its approach because it was a one-day competition.
“Our team has always been a strong day-two team because our strategies prioritize lower point values early on in the competition in order to properly secure our systems, which usually pays off in the second day when the attackers are being more active with taking down services,” Marotta said. “This year we focused on making sure that we maximized service uptime for the entirety of the competition.”
Marotta said there was a lot of focus on the team’s firewall. If the firewall is not working, neither are the services behind it. The team lost a 2,000-point lead because some services went down.
“I was really impressed how well the team handled things not going our way during the competition,” Marotta said. “There were multiple points where the Red Team did some unexpected attacks on us, things we practiced beforehand that didn’t work as expected in the competition environment, or even some very critical things like backups got corrupted.
“However, during all of these events, everyone kept their cool and gave their all to fix things with the tools we had.”