College hackers compete to shine spotlight on cybersecurity

March 4, 2016 by Collin Binkley

Students from MIT and Britain's University of Cambridge will spend the weekend hacking one another's computers, with the blessing of their national leaders.

The two schools are competing in a contest that U.S. President Barack Obama and British Prime Minister David Cameron announced last year among other joint cybersecurity projects between the two nations. The White House billed it as a showdown between the two prestigious schools, both known as heavyweights in the world of computer science.

But the colleges opted to make it a friendlier match. Instead of facing off against each other, the schools assigned their top hackers to six teams made up of students from both institutions. Teams will gather at MIT on Friday and then, for a frenzied 24 hours, try to hack into their opponents' computers and steal a trove of files.

"This isn't us versus them," said Howard Shrobe, a principal researcher at MIT's Computer Science and Artificial Intelligence Laboratory, which is hosting the event. "It's the best of both schools working together."

Along with bragging rights, winners will receive cash prizes of more than $20,000. It's intended to be the first in a series of global cybersecurity competitions.

After a summit in Washington last year, Obama and Cameron jointly called for wider collaboration on cybersecurity. It was only weeks after the U.S. government accused North Korea of hacking computers at Sony Pictures Entertainment Inc. The leaders also agreed to form a joint "cyber cell" among their national security agencies, among other measures.

Major breaches like the Sony hack have underscored what experts say is a shortage of cybersecurity professionals. An industry group reported last year that 86 percent of its members believe there is a shortage of skilled workers. The contest at MIT aims to spark interest in the field and to promote cooperation among academics.

"It is essential for us to work together and compare notes," said Frank Stajano, leader of the Academic Centre of Excellence in Cyber Security Research at the University of Cambridge, which is sending 10 students to the competition. "If you're not at least as good as the bad guys, then you have no chance against them."

Hacking competitions have been gaining popularity in recent years, both as sport and to train students for jobs in cybersecurity. By carrying out attacks, students learn to uncover weak spots in security systems and, in turn, build better defenses. On Friday, students will use computers that have hidden vulnerabilities already built-in.

"You have to identify them and patch them before other competitors notice them," said Rahul Sridhar, a sophomore competitor from MIT.

The event is styled after other so-called "capture the flag" hacking competitions, including an annual contest at the Def Con hacking conference that draws top professionals.

For the competition Friday, teams are encouraged to use any means necessary to retrieve the files they're hunting for. They can stick to hacking or try to trick opponents into divulging key information. It's meant to replicate a real cyberattack, with students thrown into the middle. Side events will let students tackle other challenges, including a lock-picking contest.

"Part of cybersecurity is physical security, too," Shrobe said. "Plus it's fun to learn how to pick a lock."

Both schools provided training to their in recent weeks to sharpen their hacking skills. At the University of Cambridge, Stajano is already planning to add that training to the broader curriculum.

Meanwhile, organizers are already talking about arranging a sequel next year, perhaps with other institutions from around the world.

"The bad guys are organized," Stajano said, "so the good guys have to be organized as well."

Explore further: US spy agency holds contest to find young hackers (Update)

Related Stories

Trainee cyber-criminals wanted to help solve skills shortage

December 3, 2014

The world is already short of computer security experts, but by 2017 that shortfall is going to have reached about two million. Criminal hackers cause damage running to billions of pounds every year – just look at the attack ...

Obama to push for new cybersecurity legislation

January 13, 2015

President Barack Obama on Tuesday will renew his call for Congress to pass cybersecurity legislation, including a proposal that encourages companies to share threat information with the government and protects them from potential ...

US official: Charges possible if Chinese hackers keep it up

November 11, 2015

The U.S. could consider criminal charges or sanctions against China if the U.S. determines hackers there are violating an agreement not to conduct economic cyber espionage on American industry, a senior Justice Department ...

US to renegotiate arms control rule for hacking tools

March 1, 2016

The Obama administration plans to renegotiate portions of an international arms control arrangement so it's simpler to export tools related to hacking and surveillance software, since those technologies are also used to secure ...

Recommended for you

Inferring urban travel patterns from cellphone data

August 29, 2016

In making decisions about infrastructure development and resource allocation, city planners rely on models of how people move through their cities, on foot, in cars, and on public transportation. Those models are largely ...

How machine learning can help with voice disorders

August 29, 2016

There's no human instinct more basic than speech, and yet, for many people, talking can be taxing. 1 in 14 working-age Americans suffer from voice disorders that are often associated with abnormal vocal behaviors - some of ...

Apple issues update after cyber weapon captured

August 26, 2016

Apple iPhone owners on Friday were urged to install a quickly released security update after a sophisticated attack on an Emirati dissident exposed vulnerabilities targeted by cyber arms dealers.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.