Tuesday, March 3, 2015

ISTS12 Results

This past weekend, RPISEC sent one team of five members to compete in the 12th Information Security Talent Search as organized and hosted by Rochester Institute of Technology's Security Practices and Research Student Association.

The computer security competition is known for being an 'attack-defend' styled hacking competition. At the start, blue teams are each given a number of vulnerable servers that they must lock down and attempt to keep services up (such as HTTP, DNS, SMTP, SSH, etc) while being attacked throughout the competition by a dedicated red team or even other blue teams. Maintaing service uptime, attacking other teams, and completing various forensics, reverse engineering, and crypto challenges all factor in to the final score calculation.

The team RPISEC sent this year ultimately ended up taking 1st place in the competition playing as 'Team 8'. This year the team consisted of Branden Clark '16, Patrick Biernat '16, Austin Ralls '17, Sophia D'Antoine '15, and Markus Gaasedelen '15. RPISEC placed 1st both at ISTS12 and ISTS11 (last year), and a few other times in years previous.

The opening talk and keynote as given Friday night @ RIT.


Saturday morning, not too long before the the kickoff of ISTS12.


Saturday afternoon, in the heat of competition. Day one was carnage, but filled with fun.


Some of the over night challenges we took a peek at Saturday-Sunday included punchcards, and zipdrives. No pictures of the goofy zipdrives, sorry ):


The start of day two, Sunday morning. 


Day two RPISEC had to spin the wheel of 'misfortune' along with the rest of the teams competing. We were blessed with karaoke, and managed to string along the red team in a beautiful rendition of 'One Thousand Miles' by Vanessa Carlton. It was more than worth it (:


White team wrapping up sunday afternoon, after the scoring and competition had officially ended.


Last year there were scoring concerns and recounts after the competition, but this year RPISEC carved out a very clear result. 


In the final minutes, we even managed to squeak ahead by a few points on the defensive side of maintaining services. 


Ultimately RPISEC took first, with the team walking away with a nice new set of 24inch dell monitors. 


RPISEC competes almost exclusively in jeopardy style CTF's during the school year, with ISTS being the main attack / defend CTF we participate in. We don't bother to compete in competitions like CCDC because of the formalities and restrictions placed upon them. It's events like ISTS that we genuinely appreciate as they clamor for the same level of excitement we seek, allowing us to express our true creativity and passion for the world of security.

Props to RIT's SPARSA for putting together another fantastic competition, we'll see ya next year.