Undergraduate Computer Science and Engineering (CSE) students at the University of New South Wales have won the Cyber Defence University Challenge, an Australian competition run by the Department of Prime Minister and Cabinet.
The team of students took part in the 24 hour competition against fourteen teams nationwide, with the goal of identifying vulnerabilities in a makeshift business network created specifically for the competition. Students were given access to the public website, and then asked to exploit the network.
When vulnerabilities were found, students would then seek to access private information such as database entries, and private server side information. According to competitor Theo Julienne, the UNSW team managed to get complete access to the company's e-mail history and create administrator accounts, giving them broad access to confidential files.
Julienne commented, “For businesses with internet-facing software, this means attackers can compromise their systems from outside.”
E-mail phishing attempts were also assessed, a task that the UNSW team excelled in. But not everything was focused around penetrating the system. The team was assessed on designing a better network to combat the attacks that they performed.
The team was trained by Richard Buckland, a popular lecturer at UNSW who teaches computer security and cyber crime, among other core computer science courses. His comments describe the current landscape of information security, “We have an intuition for security and safety in the real world, but we haven’t yet developed one for the virtual world, and the threats are quickly evolving”
“It used to be the realm of teenage hackers, but is now dominated by corporate hacking, organised
crime syndicates, and the military and intelligence e-communities.”
This year marks the first time that this competition has run, making for a promising start for UNSW going forward. The team will attend the Black Hat security conference in Las Vegas, courtesy of Telstra.
