Modern field guide to security and privacy

Meet the winners of the Passcode Cup

After a four-hour hacking competition organized by Passcode on Friday, October 21, the team from the University of Virginia emerged as the winners.

Passcode, the cybersecurity project of the Christian Science Monitor, is pleased to announce the team CNSUVA as the winners of the first ever Passcode Cup, a digital capture the flag (CTF) challenge co-hosted by Passcode and Cal Poly Pomona.

Cyrus Malekpour, Collin Berman, Ellis Tsung, and Reid Bixler from the University of Virginia won the 4-hour hacking challenge — narrowly beating teams from Carnegie-Mellon and Tenable, a cybersecurity company based in Columbia, Md.

Michael Bonfigli
Dr. Dan Manson of Cal Poly Pomona (far left) and the Monitor’s David Grant (far right) present NCSUVA with their prizes at the Passcode Cup on October 21, 2016.

Hacking competitions like the Passcode Cup help train the next generation of cyberdefenders, developing both teamwork and technical skills. They also serve as networking opportunities and recruiting grounds for companies looking for new talent.

At this event, about a half-dozen information security professionals volunteered their afternoon to help students go through the challenges.

"I think the great thing about competitions like this, is that it really helps to get that next generation of talent in [the pipeline]," said Dan Waddell, managing director, North America for (ISC)², one of the event's sponsors. Waddell cited an (ISC)² study that projected a shortage of 1.5 million cybersecurity professionals by the year 2020.

This competition included a unique feature: a physical challenge present in the room that the competitors could manipulate. In this case, students from Cal Poly Pomona developed a mock water treatment facility that competitors could manipulate by breaking into the sensors controlling its pumps.

The idea behind the competition? Clever attackers will make savvy defenders.

“People don’t just attack straight on, they move laterally, they move in all directions,” said Susan Wilson, head of cyber solutions at Northrop Grumman, another one of the event’s sponsors. “The better skills you have in hacking and being able to get into that mode, the easier it is to think like an attacker and defend against it.”

Michael Bonfigli
Uber’s Alex Levinson explains the rules of the Passcode Cup capture the flag competition to a group of participants on October 21, 2016.

Capture the flag competitions are played on closed networks, allowing competitors to hack them without damaging the larger Internet.

Passcode used Facebook’s open-source CTF platform, which visualizes player’s movements on a map of the world and allows teams to keep track of their points and progress.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.