Rochester Hosts Ethical Hacking Contest
- By Dian Schaffhauser
- 11/03/16
College teams will face off in the second annual Collegiate Penetration Testing Competition, taking place this week at Rochester Institute of Technology (RIT) in New York. Teams of three to six members from 10 institutions will test their "offensive" hacking skills against a mock physical infrastructure to vie for cash prizes.
The goal is to gain access to the network, escalate that privilege to gain additional access, track down personally identifiable information or other valuable data, assess vulnerabilities and report back to the "client" about how to fix the systems. The event is structured to mimic how penetration testing consulting happens in the real world. After a day of penetration testing, the teams will make presentations to the judges on their findings and offer suggestions for mitigating risk.
"This mock company holds confidential data that would have a significant impact if breached," said Bill Stackpole, professor of computing security at RIT and director of the competition. "But this isn't just happening in a simulation. Real companies are facing cybersecurity threats every day and our students need to learn how to combat that."
"It's very important to have a penetrating testing contest like this because it teaches the graduates or soon-to-be graduates a new skill," added Bob Kalka, vice president of the IBM security business unit and an alumnus of RIT, in a video about last year's event. "It's not just, how do you keep the hackers out; it's how [do] you proactively figure out how they're getting in. So having a competition that [lets] students learn those techniques allows them to mentally understand the bigger picture of how to provide effective security overall."
IBM is a sponsor of the event, alongside the National Security Agency, IEEE, Amazon, Google and Facebook.
Participants will also have the chance to meet security experts and hand out resumes.
Besides Rochester, participants in the competition will include the University of Central Florida, City College of San Francisco and Tennessee Technological U, among others.
Stackpole noted that more teams wanted to participate than the competition could accommodate. "We would like to see this grow from a single event into a national tournament, with four or five regional competitions feeding to the championships at RIT."
About the Author
Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.