Recently I found myself playing red cell at Computer Sciences Corporation’s Cyber Defense Competition. By the time I heard about it, the competition was well underway, students were crying and vomiting all over the competition room (I exaggerate) and Meterpreter shells on every student network. I quickly ran into Tim Rosenberg from White Wolf Security and found some space at the red cell table for me and my Backtrack netbook. I spent the rest of the day harassing my former team from James Madison University, as well as 3 other school teams from the Virginia/D.C./Maryland area.

Rarely as a pentester will you find a gig where the scope includes defacing websites with lolcats, chatting with employees through Nuclear RAT, and just plain bringing the network down. At a cyber defense competition anything goes, from social engineering to DDOS within the last hour of competition. As a junior penetration tester, cyber defense competitions are a good place to practice your craft experimenting with new techniques outside of your home lab environment. It’s also a good time to watch the more experienced red team members at work picking up tips to improve both at play and back at work.

White Wolf Security has added an additional element to the game since I last played in one of their competitions in 2009. In addition to wreaking as much havoc as possible and inducing vomiting among the student teams, this time the red cell had specific tasks to complete like competitors in a capture the flag event. Individual red team members scored points for completing tasks as well as being the first person to “phone home” from a penetrated student machine.

There was a mixed bag of machines in the student networks. In a one day competition, you won’t see as much patching and other vulnerability solutions cropping up as at longer competitions. Having spent two years on the student side I know it is a hard enough task to keep the networks up and abreast of business injects. The boxes ranged from vulnerable to ms08_067_netapi or a default xammp install, to boxes with no outward facing vulnerabilities. On the whole the flags were challenging for a one day competition, residing on boxes without any vulnerabilities with publicly available exploits. I look forward to another try at it at the Collegiate Cyber Defense Competition Mid-Atlantic Regionals this spring.

My only criticism of the new setup is that I would hate to lose the camaraderie of the red team by turning it into an individual competition. The most fun I had all afternoon at the competition was teaching a couple of CSC employees who had joined in the fun how to use Metasploit. Working together and sharing techniques is the best part of playing red team. Perhaps in the future the red cell should break into small teams like the student teams. Then we can move forward with the challenges for red cell without losing the mentoring and teamwork among red cell members.

Thanks to Computer Sciences Corporation, White Wolf Security, all the sponsors, and student teams, for another great competition. If it wasn’t for you guys I wouldn’t be lucky enough to be in this industry.

One thought on “Cyber Defense Competitions: Still Good After Graduation

Comments are closed.