Categories
Department of Computer and Mathematical Sciences

Lewis Cyber Defense Club places third in the Cyber 9/12 competition

By Nadia Beidas

    The Lewis University Cyber Defense Club took part in the Cyber 9/12 competition in Austin, Texas on January 16 and 17. Overall the team placed third out of 19 university teams. The team placed ahead of Harvard University, but lost the final round to West Point.

     The students attending were Jocelyn Murray, a freshman majoring in computer science with a concentration in cyber security, Andrew Milligan, a sophomore double majoring in business administration and information security management, David Mendez, a senior majoring in computer science and Puneet Singh, who is studying for his master’s in Information Security.

     The mentor of the Cyber Defense Club 9/12 group is Matthew Kwiatkowski, adjunct professor.

Matthew Kwiatkowski mentored students David Mendez, Jocelyn Murray, Andrew Milligan and Puneet Singh for the Cyber 9/12 competition.

     “Cyber 9/12 is a cyber-security and policy based competition,” Murray said, “The competition deals with large scale cyber events with geopolitical issues.” Murray added the competition focuses on how countries should have an immediate response as well as take long term actions to deter future interference. An example of this would be the situation of large scale attacks on the financial industry, Murray said.

     The competition is run by the Atlantic Council, which is a political think tank.

     Kwiatkowski said this competition is unique. “There’s a cyber-technological component, but it’s a backdrop to international and domestic policies,” he said. “This challenge is built upon preparing collegiate level students to be policy makers and ambassadors to the U.S.”

Students Andrew Milligan, Puneet Singh, Jocelyn Murray and David Mendez look over materials in preparation for the competition.

     Murray said the team is given a scenario brief with news reports, government reports, and social media reports. Their task is to construct the situation and write a brief. Then they must write the decision and deliver an oral brief. In the oral brief they deal with policy options and deal with domestic and international political issues dealing with these large scale hacks.

     The team also looks at private business and government communication regulating vulnerability and how to mitigate the damage, Murray said.

     Every round of competition requires a 10-minute oral brief. In the first round of competition, the team receives material and is given a month to prepare a decision document and an oral brief, Murray said. During the second round of the competition, the team has one night to prepare a decision document and an oral brief. In the last round, the team has 15 minutes to prepare an oral brief and cannot use technology to look up information or ask their mentor for assistance.

The Lewis team qualifies for the final round.

     Kwiatkowski said that one of the sample scenarios is for the teams to play the role of the National Security Council [NSC] and be given an issue of national security concern to brief the U.S. president about. The team reports on options for the solutions to the president outlining the potential outcomes and risks, Kwiatkowski said.

The team members were very excited about their placement as semi-finalists.

     Milligan mentioned there were several keynote speakers. One was Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA), who stressed the importance of taking steps in securing electoral process as well as the threat ransomware poses as a national emergency, Milligan said. Additionally, another guest speaker was James Smith, assistant special agent in charge for the San Antonio FBI, who spoke about the role the FBI takes in cooperating with the private sector to mitigate the damage of the attacks, Milligan said.

     Singh said there was a workshop about social engineering given by Rachel Tobac, CEO of SocialProof Security. Tobac went over the dangers of the cyber world and the importance of not releasing personal information, Singh said. The Lewis team were given a task to find out the details of a company, similar to capture the flag, and took first prize.

The Lewis Cyber 9/12 team with Rachel Tobac, CEO of SocialProof Security.

     One of the challenges the team faced was a lack of expertise in the international relations policy sector, Murray said. In order to prepare for this challenge, the team sought advice from professors in the political science department, including Dr. Laurette Liesen, Dr. Steven Nawara and Dr. Justin Delacour.

     Murray said the cyber defense team is the reason she came to study at Lewis University.     

     Ryan Meeker, cyber security graduate assistant for CaMS [Computer and Mathematical Science department], said the cyber defense team as a whole is open to all students. Meeker added the team goes to several competitions each year, including Argonne. “We like to have a rounded experience,” Meeker said.

     Meetings are held weekly on Thursdays from 3-5 p.m.in room AS-101-S, Meeker said. Additionally, there are open lab hours in the Sentinel lab, AS-101-A, for those who cannot attend meetings, or would like to work on projects, Meeker said.

     Murray added that at weekly meetings the team comes up with plans and delegates the preparatory work for the competitions. Meeker added at the meetings, the group processes draw on everyone’s collective experience and knowledge and consistently work on solutions to existing issues.

     “We as a club, we’re open to anyone no matter the major, experiences, or prior knowledge,” Meeker said. He advises students not to be afraid of not understanding something that would be unknown to them before, as the field of computer science always involves learning something new.  

The team poses in front of the first round room assignments.

     Meeker and Murray said one of the classes that prepared them for competitions was Intro to Unix. Meeker added that the class Programming for Penetration Testing also helped him. Murray added the class Cyber Security and Forensics Tools also prepared her for competitions.

     The Cyber 9/12 competition differs from other cyber security competitions, Meeker said. The Cyber 9/12 focuses more on the theoretical aspect of cyber security, while other competitions focus on cyber security as a whole, Meeker said.

     In the general competitions, the team is given a network of machines, and the team will have to discover the existing issues, such as vulnerability, Meeker said.

     One of the upcoming competitions is the Midwest CCDC at Moraine Valley Community College in March. Murray said the team also hopes to go to Cyber 9/12 in Washington D.C. this March.

The team places third at the Cyber 9/12 Strategy Challenge Austin Regionals.

Leave a Reply

Your email address will not be published. Required fields are marked *