UNI finishes top 30 percent at CyberForce

ANNA FLANDERS, Staff Writer

Six UNI students competed in the U.S. Department of Energy’s CyberForce™ competition at Argonne National Laboratory in Lemont, Ill. last weekend. It was UNI’s third time competing. They placed 18th out of 64 schools located in seven different places nationwide. 

“I think the average school size is around 22,000 with some really big schools like [University of Central Florida] who won it, and they’re the largest on-campus student body,” said assistant professor of computer science Andrew Berns, who served as a mentor for competing UNI students and accompanied them to the Argonne Lab. “I was really happy with our top 30 percent finish, considering we’re a small school of 11,000 students.”

The UNI team was comprised of Matthew Eltze, Joseph Gaiser, Steven Hodges, Sheriff Jorkey, Chanlika Parker and Michael Riesberg-Timmer. To qualify for the competition, the team had to write an essay about creative cyber defense strategies that they would use in the competition. 

The students were supposed to act like the system administrator for a small business network. About three weeks before the competition, the UNI team was given virtual machines that they could access over the Internet. The team used this time to secure the machines before the competition. They were not explicitly told the purpose of each machine or how they operated. 

“So, the first step was to actually tinker around with all the machines, see what they were trying to do, see where they were broken — what kind of fixes we needed to make just to get to operational status,” said Riesberg-Timmer, a senior majoring in computer science. “Then from there, we moved into the hardening phase. So that’s when we start doing the security stuff, locking everything down. Making sure things are in tiptop secure shape, so people can’t get in and steal stuff. And then the final step was coming up with creative ideas, trying to think outside of the box.”

The team arrived at the Argonne Lab on Friday, Nov. 30, the day before the actual competition. Argonne provided the team with physical devices, including a water pump that their servers needed to be able to switch on and off. They worked late into the night — one group member stayed up until 4 a.m.

The competition started at 10 a.m. on Saturday. Each of the teams competing at Argonne had a different role and a color to represent that role.

 “In one room, there’s a Red Team which is people that are trying to break into our servers,” explained Gaiser, a senior majoring in computer science. “Then our team is the Blue Team, so our team has secured our servers and all of our machines and services. And then there’s the White Team, which was the staff at the event, and then there was the Green Team which was users that were gonna be using our services. So, we set up a webpage for the company to have internally for their employees, and then the Green Team was supposed to use that based on some documentation we made for it. And while they were using it, the Red Team was trying to prevent them from using it.”

The team was scored on criteria that included how long their services were up, how well their servers were secured, if they were able to catch the Red Team and how quickly they were able to kick the Red Team out of their servers. The Red Team was made up of real-life cybersecurity employees. 

Another way to gain points was by solving anomalies similar to puzzles. If the teams got the answer correct, they were given points. 

“Every two hours, we had a report due where we’d have to write about an instance where someone got in where they shouldn’t have or someone went in where they shouldn’t have and then talk about what we did to fix it and how we’re gonna prevent it from happening in the future,” Riesberg-Timmer said. “So, it was a lot of things happening in real time, and you have to make quick, snappy decision like how we were gonna respond. Because if we didn’t get them out, they were just gonna completely take everything down.”

The hackers would deface websites by replacing them with GIFs or funny videos with music. Defaced websites were displayed on a projector, along with a live tally of points earned. Although the Red Team was able to get into the Blue Team’s system, their website never got defaced.

“I was kind of shocked by how many schools had their sites completely taken down,” Riesberg-Timmer said. “The Red Team was a lot stronger than I anticipated. They created a lot of stressful situations even for our team [. . .] We had a lot of situations where someone was in and we had to find a way to kick them out in real time. And before they got back in, we had to find a way to keep them from coming back. It was a lot of in-the-moment problem solving that in the real world usually you just can’t get that kind of experience, unless you’re either in a competition or a major company that’s actively being attacked. It’s completely different than any kind of thing you would normally do.”

Berns believes that students often learn more in the few weeks of preparation and competition than they do in a semester of class.

“I really don’t do a ton as a mentor. It’s a testament to the students that went and how strong our UNI students are that they got 18th [place],” Berns said. “I’m really proud of the way they work together and on short notice came together.”

 

EDITOR’S NOTE: Sheriff Jorkey’s surname was misspelled as “Jorkeh.” The article has been updated to reflect this correction.