Last weekend I participated in my first Pacific Rim Collegiate Cyber Defense Competition. PRCCDC is an annual two-day event held at Highline Community College. Competing teams representing colleges from Washington, Oregon, and Idaho are charged with maintaining a notional company’s network. The winning team from this regional competition moves on the the National CCDC. University of Washington has won the past six years in a row.
While these student “blue teams” are administrating their networks, various other teams are at work. These teams simulate what can generally be thought of as the worst two days work ever for them. White team is made up of the judges and event coordinators. They created the networks, keep score, and track our performance throughout the weekend. This year saw an orange team who make phone calls to blue teams with variously ridiculous commentary and requests. Most notoriously, red team are the “hackers” who spend the weekend trying to compromise the teams’ systems as best they can.
Scoring was based on five main factors: attacks, incident response, injects, phone calls, and uptime. Successful attacks made by the red team deducted points from a team’s score. Submitting incident responses regained some of these points. Throughout the weekend, tasks and deadlines were delivered to teams as injects. Successful completion of injects earned more points. Team responses to orange team’s phone calls were rated and scored. Finally, the percentage of uptime was weighed into scoring.
A mix of students from our Information Technology and Systems program and from the Grey Hat Group made up our team. Though UWT has traditionally participated in PRCCDC, we did not have a team last year. Thus, only one member of our team had ever been to a CCDC event and most of us had little idea of what to expect. Here is a breakdown of each area of the competition and how the team and myself personally succeeded and failed. Read More…