Cyber Security Students Advance to Midwest Regional CCDC
A team of Information Technology (ITEC) students are preparing for The Collegiate Cyber Defense Competition (CCDC) Midwest Regional Wildcard event on March 5. These Minneapolis College students are striving to configure firewalls, protect computer systems, and ultimately land a career in cyber security.
“The opportunity is there,” said Brian Huilman, Minneapolis College ITEC faculty advisor and coach for the Cyber Defense student club. “Microsoft CEO Brad Smith said in a recent blog post that for almost every two cybersecurity jobs in the United States today, a third job is sitting empty because of a shortage of skilled people.”
This is where the Minneapolis College Cyber Defense club students can demonstrate their skills in the Regional Wildcard competition against 15 other colleges and universities in the Midwest. Minneapolis College finished in second place in the Minnesota State CCDC event Feb. 5.
The winner of each state advances to the Midwest Regional CCDC event March 18-19 and the second and third place teams advance to the Wildcard event where the top two teams also advance to Regionals.
Advancing to the Regional Wildcard event is Minneapolis College’s best showing since the National CCDC event began in 2004. The team’s previous highest finish in the State competition was third in 2009. The team finished sixth in 2019 and fourth in 2020.
This year, the National finals are scheduled April 21-23 in San Antonio, Texas. The State, Wildcard, and regional competitions have been virtual with the team gathering on-campus in a Minneapolis College classroom and joining a Zoom session.
“The intent is to have students practice in a simulated, real-world situation using all the skills they’ve been learning through the club and their classes,” Huilman said. “It’s a full spectrum event involving all aspects of Information Technology. Students must know and understand networking and web technology, system software, and all the security aspects in every area. The event was created for students to have all this real-world experience by putting those things into practice.”
Justin Third is confident the team will do very well in the Wildcard competition. “Taking second place in State set our guys on fire,” he said. “Winning a national championship is not outside the window of opportunity. "Third and other members, like team captain Dostal and Mooney, have participated in previous competitions, which Huilman said developed cohesiveness, confidence, and solid leadership. At the same time, newcomers like Golden and Standingstrong brought new perspectives. “Without them we did not finish second – with them we did,” Third said.
Huilman said this was significant because, “you don’t already have to be an industry expert in cyber security to participate in this competition. The whole idea of student clubs is that students are helping and engaging other students to participate in the things they are passionate about. Through this club, Nicole and Devon learned the skills and applied them in the competition.”
Golden said she, “wanted to acquire as much knowledge as I could about IT, so I joined the club. I was only taking introductory ITEC classes because I wanted to know if I was really into it and really liked them. Now, I’ve decided to take an Associate Degree in math with a transfer pathway to study Computer Science at Metro State, which won first place in the recent State competition.”
Standingstrong, who had been President of the Computer club, thought about joining the Cyber Defense club for two years before, “Justin talked me into joining the second week of classes this past fall. Now, I have been invited to an interview for an internship with a security company. It was just incredible someone reached out to me. I felt like I jumped over the moon when I got that email.”
Huilman adds that, “This competition is the type of thing you put on your resume. It is a differentiator. Two-year schools are producing individuals who are very much in demand for those positions because of their hands-on experience.”
Underscoring this point, Microsoft has launched a national campaign with two-year U.S. community colleges to help skill and recruit 250,000 cyber security staff by 2025.
Competition scenarios
The firsthand experience referenced by Huilman is very evident in the challenging competition scenarios.
“Students have to run those computers like they’re new IT staff who have just replaced the previous staff that were fired for not doing a good job,” Huilman said. “The students start to manage the systems and discover they are in an unknown state. They might find old accounts that shouldn’t be there or security holes in running services and the operating system that need to be patched or updated.”
Huilman explained that two things happen during the event while students are managing the computers. “The fictitious CEO sends a memo, known as an inject, to the IT department saying he wants all the computers to send their logs to a central server. ‘Make that happen and let me know when you’re done. You have 45 minutes.’ Another memo might come before 45 minutes is up saying there is a new employee starting work and the team must create a new account and grant access for that person and they have 15 minutes to do it.”
While all this is happening a “Red team” of professional ethical hackers and penetration testers spice up the competition by attempting to hack into the systems. The student “Blue team” is expected to protect the systems and try to detect and report that the Red team is hacking. Each competing team gets an identical copy of the 10 computers as virtual machines they access remotely, with all teams receiving the same injects from the CEO, while the Red team is trying to hack them.
Points are awarded based on how well teams detected the hackers, the time their servers continued to run, and how well they respond to the injects, including whether they fully completed the request, the professionalism of their response, and the amount of time it took.
“Soft skills are so valuable in IT, like communication and technical writing to work effectively within their teams, demonstrating initiative and leadership, and the ability to be dynamic and adjust to constantly changing environments,” Huilman said. “These are skills we talk a lot about in classes and do a lot of group work with. This competition is a solid real-world example of what it’s like when you’re part of an IT organization. The students on this team have both the technical and soft skills to maintain continuity and cohesiveness over the years. They’ve learned to work with each other giving them a great chance to move onto the Regional.”