UA Little Rock team takes fourth place in cyber defense competition

The UA Little Rock team advancing to the second round of the Collegiate Cyber Defense Competition include Coach Yanyan Li, Captain Connor Young, Aaron Mays, Hector Fernandez, Jeffrey Wooldridge, Josh Carlat, Malik El-Amin, Shijun Zhong, and Zachary Long.

A cyber security team from the University of Arkansas at Little Rock was one of the top finishers in the Collegiate Cyber Defense Competition Southwest regional March 17-19 in Tulsa, Oklahoma. 

Coached by Yanyan Li, an integrated computing doctoral student, the team of Connor Young, Aaron Mays, Hector Fernandez, Jeffrey Wooldridge, Josh Carlat, Malik El-Amin, Shijun Zhong, and Zachary Long took fourth place in the competition.

“The regional competition is a highly intensive cyber defense competition, and requires a lot of knowledge such as networking, server management, cybersecurity, and business operation as well as teamwork and communication skills,” Li said.

During the competition, each team served as the information technology department for Planet Express Trucking, Inc., a fictional company that provides freight services. The teams tasks included setting up an email server, running the company website, and developing social media policies as well as fulfilling assigned business tasks, such as adding a server to the company’s domain and writing policies about the use of external data storage devices on company property.

“It was a grueling competition in which all the teams faced, in two days, challenges that real world IT teams experience over weeks or months,” said Fernandez, senior computer science major from North Little Rock. “Overall, it was a very satisfying experience in which the team as a whole practiced and developed leadership, organization, communication, and technical skills.”

Team Captain Connor Young said the problems began as soon as they stepped into their workspace.

“Our ‘boss’ didn’t have the passwords for the computers, so we were forced to break into them ourselves,” he said. “We had a few unexpected surprises, such as when we learned we had no internet access.”

Since participants were barred from using outside devices, like their trusty smartphones, the team was left in a bind.

“That means that until we fixed our network, we had to work without the luxury of Google to help solve our issues,” Young said.

Competitors also had to defend their work against the Red Team, whose members consist of professional penetration testers charged with sabotaging their work. Penetration testers are hackers hired by companies to find holes in their cybersecurity systems.

Red Team members employed both technical and psychological attacks.

“One of the more ridiculous and effective attacks was that they would go outside our rooms, type on a computer while maliciously staring into the room, and laugh as the teams ruined their computers trying to stop the Red Team’s attack,” Young said. “Several teams ended up letting the Red Team in during their rushed attempt to keep them out, but we responded by simply waving at them and continuing on with our work.”

The Red Team did pull one over on the UA Little Rock squad by tricking the competition hosts into having the Red Team temporarily serve as a judge, which gave it full access to the team’s workspace.

“These are known as social engineering attacks, and they exist to remind us that the weakest part of a computer’s security is the person using it,” Young said.

The UA Little Rock team was one of eight to advance to the regional event after competing against 20 teams from Texas, Oklahoma, Arkansas, Louisiana, and New Mexico during a virtual qualifying round on Feb. 18.

Share this Post: