Mar/24/24 • David Feldman
Our journey to MACCDC this year did not begin in the early hours of the 22nd of March. It began months earlier, even before our qualifying round in January. Many hours, long nights of preparation, and practice added to the weight on our shoulders encapsulated by the desire to improve our performance and engage in friendly rivalries with other competitors.
CCDC itself is a cybersecurity competition format best described by its intensity and chaos. The competitors take the form of an IT & Security operations team of an imaginary organization. Some competitions bring more character to their organizations than others. In this year’s MACCDC, we had to defend an organization bearing a German name that none of us could pronounce. The organization was under the regulatory oversight of multiple controls and frameworks ranging from U.S based to international. These policies governed the IT operations and strategy of our temporary employers. Throughout the entirety of a standard work day, 9 AM - 5:00 PM, we are tasked to defend this organization. All the while, we were simultaneously dealing with the aggressive efforts of a volunteer Red Team, who were mostly sober, to gain access to our machines and take down certain services that are scored based on uptime. Aside from taking down services the Red Team took no issue in disrupting our operations and even kicking us out of our machines. Primarily the service uptime lead our score as well as Injects - Business continuity documents that come periodically throughout the competition with various tasks. Injects can range from policy creation & analysis, setting up and moving services, providing evidence and information on currently running tools, services, and devices, and investigative forensic puzzles. Another key piece of the score came in the form of being able to gain back points from compromises by writing detailed and well structured incident response reports. In addition, we periodically sent out a representative for executive meetings regarding our operations.
The competition began first thing Saturday at 9:00 AM after our sleepy and hungry competition team made their way to Prince George’s Community College. Luckily this year our hotel arrangements were not nearly as questionable, unsanitary, and infectious as last year's! We were kept extremely busy and alert until 5:00 PM. Referred to as the “worst possible day in IT,” the pressure and heat of this competition did not let up, even from the beginning. Almost immediately upon starting we began scrambling for access to our GitHub repository, changing passwords, and worrying about injections due within the first 30 minutes of the competition. This pace was kept relatively steady throughout the majority of the competition until the last two hours when the injects increased in difficulty and the red team had fully begun to take out services without restraint. The Red Team also started to revoke our ability to access some machines, going as far as greeting our attempts to log back into a machine with an infinitely looping video of Nyan Cat. Suffice it to say, we found it best to mute the computer. Throughout our competition, anyone who wanted food or water had to leave the competition area and run to the other side of the performing arts center for any form of sustenance. Because of the nature of the competition, we had to eat as much pizza and drink as much water as possible before running back into the black box, praying we did not miss a score-altering event.
In the end, we placed 4th out of 10 teams. The standings were as follows; First - University of Virginia, Second - Pennsylvania State University, Third - Liberty University, Fourth - Rutgers University, Fifth - George Mason University, Sixth - University of Maryland - Baltimore City, Seventh - University of Maryland - Global Campus, Eight - Messiah University, Ninth - Rowan College of South Jersey, Tenth - Virginia Tech. Despite placing fourth for the second consecutive year, we had beaten out a larger number of teams and had a substantially higher service score. We now look back with a sense of pride in the effort, camaraderie, and passion we put on display. Some may see a competition this intense as masochistic, and they wouldn’t be entirely wrong. However, there is a sense of accomplishment and pride that comes with performing under that kind of pressure while sharing that challenge with like minded teammates. We’re underdogs, and that mentality will always push us to be better. We are deeply grateful to the trailblazers who pioneered Rutgers' participation in the CCDC. We aim to instill the same competitive spirit, work ethic, and unity in future team members to ensure the tradition continues.
We asked our team, two questions - What was the most challenging part of this year's MACCDC? and What was the most exciting part of this year's MACCDC?
What was the most challenging part of this year's MACCDC?
"From my perspective, the biggest challenge for the team this year was orchestration and time commitment. We went all out with practice and have been working on our infrastructure since the last regional ended. I must thank the team for their strength and dedication to practice during weekends and breaks while juggling internships and coursework. It wasn't easy but I'm incredibly proud of our progress this year and as always, we aim to do even better next time."
What was the most challenging part of this year's MACCDC?
"I enjoyed seeing our new members in action since this was their first time participating in CCDC. For this club, last year was the first time we made it to regionals and we're working to make it a pattern to go from qualifiers to regionals every year. Seeing the new roots of the team get to experience the same excitement when moving to the next level is the best part of the entire event and I can't wait to see them make it to nationals someday."
What was the most challenging part of this year's MACCDC?
"Red team stepped up their game substanitally from qualifers. It was a challenge but a really fun one."
What was the most exciting part of this year's MACCDC?
"It was super exciting to see the improvements the team made from last year espically given newer challenges arising"
What was the most challenging part of this year's MACCDC?
"The hardest part for me was organizing and ensuring the team to play to their strengths. Everyone had something they are good at, and together we were able to put those strengths together. This required communicate from everyone on the team and for everyone on the team to take part in communicating to the leads their needs. During a part of the competition red team had stepped up their game, one of the my teammates informed me they had become overwhelmed with the amount of load they had. In response to this, I instructed him to continue to working on the ecomm issue and was able to get another teammate working on the dns issue."
What was the most exciting part of this year's MACCDC?
"The most exciting part was being on stage as the team. We had all been practicing really hard and it was exciting to finally get to see our work in action. It was reassuring that under pressure we were able to support one another and demonstrate we can complete with the other universities. While we didn't make it to top three and there's still alot work to be done. I'm really proud of the team and im excited for the next year's CCDC. I truly believe that RUSEC can win this!!!!"
What was the most challenging part of this year's MACCDC?
"I'd say that the injects (business tasks) were very varied in scope and covered a number of different technical and policy tasks that we had to do throughout the competition, and it was a challenge to manage them all effectively."
What was the most exciting part of this year's MACCDC? "I was excited to work with this competition's network topology since it included a number of unique network appliances and networked services, especially after all of the practice we did as a team."
What was the most challenging part of this year's MACCDC?
What was the most exciting part of this year's MACCDC?
What was the most challenging part of this year's MACCDC?
What was the most exciting part of this year's MACCDC?
What was the most challenging part of this year's MACCDC?
"It was challenging being able to respond quickly and accurately to red teams attacks, as we didn't always work quick enough through things like business and injects to be able to respond to threats as they happened."
What was the most exciting part of this year's MACCDC?
"It was most exciting when we found traces of red team in the VMs and deleted their persistence, cronjobs, beacons, and were able to set a service back up. It was also super exciting and fun just walking in the auditorium with the team."
What was the most challenging part of this year's MACCDC?
"The most challenging part I faced was within preparation and execution of my role. With this being my first year playing in a Cyber Defense competition I was exposed to new responsibilities and skills that needed to be rapidly developed. This coupled with an increased difficulty, specificity, and rate of injects made it more difficult to keep up with injects as well as write timely incident response reports; compared to the injects I was used to in my first two events – invitationals for WRCCDC."
What was the most exciting part of this year's MACCDC?
"The most exciting part came in seeing the passion and effort the team had put into the competition. No one forced us to spend our weekend being brutally battered by a red team with experience and skill than us all in a tight space with minimal breaks all while racing against the clock and nine other teams. We did this because we see these events and the success of our team as something bigger than our individual selves and a challenge to ourselves mentally and physically."