By Morgan Taylor
A team of Lewis & Clark computer science majors will be tormented by hackers for 25 hours at the Pacific Rim Collegiate Cyber Defense Competition (PRCCDC). The competition is sponsored by Raytheon, the biggest weapons contractor for the government, and Boeing, an engineering company. Several government agencies host the competition, including the NSA, CIA and FBI.
These agencies participate in the game and use the event as an opportunity to recruit bright young computer scientists. This annual event is taking place from March 23 to March 25.
The rules of the competition are relatively simple: the blue team is trying to complete normal computer tasks, and a red team is assigned to hack the blue. A score is given to each blue team based their performance to determine a winner.
A scenario is provided to the blue team. Last year, the blue team was asked to imagine they were the last IT department in the world following an apocalypse. The blue teams are made up of eight students, while the red teams are comprised of actual hackers recruited from government agencies and private corporations. Since the goal for the blue team is to protect themselves from the hacking red team, there is no contact between blue teams.
The teams are given a packet with information about the situation, what operating systems and hardware they have access to, and 30 minutes before they have to rush back to secure their systems before the bombardment of cyber attacks begin. The goal is to complete normal IT tasks as the red team does everything they can to stop it.
“During the second day, the hackers don’t hold back at all,” Pim Trouerbach ’18 said. “After five hours, every machine will be completely inoperable and we will have to ask the game administrators to reset our machines so that we can continue the competition.”
By the end of the third day, teams are lucky if one or two of their computers are functional at all. In order to stay in the competition, they must go to a game administrator to have a computer reset. The blue teams come in disadvantaged, which makes things even harder, and to let the red teams have more fun.
Ben Green ’20 described the different tactics the red teams can use on the blue teams.
“Someone has to be able to answer a phone,” Green said. “They will call asking about weird IT requests. Sometimes they’re angry.” These are purely for distraction, and add a playful note to the stressful situation.
Although it sounds like some intense programming, PRCCDC requires no programming skills. It does require a deep knowledge of the Windows operating system, network protocols and the signs of an infiltration. The objective is to close holes in a system that would allow a hacker access to the machine by changing settings in the computer. Each team member has a different job.
This year’s competition will be Tristan Saldanha’s ’21 first.
“I’m assigned to learn ADDS, which is software that allows me to make changes to lots of machines at once,” Saldanha said. “That’s really helpful because speed is key. The red team will attack anything we leave open to them.”
Since the blue teams are not allowed to hack the red teams in this competition, being able to protect a system is more important than being able to hack one.
This event is not hosted by the Computer Science Club. Trouerbach started the team on his own time in 2016. His team placed fourth in the competition in 2016 and moved up to third place in 2017.
With his work experience at GoDaddy, an internet domain registrar, Trouerbach is hoping for first place this year, which would give him a chance to go to the national tournament in Florida. The winners of the national tournament have the opportunity to be trained in cybersecurity by the Department of Defense as well as by Raytheon’s private security group.
The network environment of the competition mirrors an enterprise network that a student would not see unless they worked for a large corporation. With the huge shortage of cyber security professionals, Trouerbach is hoping that having this team and winning the competition will inspire others to take on the exciting field of cybersecurity.