conference

Synchrony and UConn Engineering Join Forces to Host CyberSEED 2019

STORRS, CT – During National Cybersecurity Awareness Month, Synchrony, a premier consumer financial services company, and The University of Connecticut School of Engineering are joining forces to sponsor CyberSEED 2019, a cyber wargame competition, on Saturday, October 19th from 9am to 5:30pm.

More than forty-two teams from 30 colleges and universities across the country will face off in a variety of challenges that test students’ skills, including: reverse engineering, web application security, network traffic analysis, and cryptography. The grand prize winner will take home $15,000; there will also be two smaller prizes of $2,000 and $500.

Registration for the competition is closed, but registration for a concurrent workshop will remain open through 17 October.

WHAT: CyberSEED – a cyber Capture the Flag competition and Workshop

WHEN: Saturday, October 19th

9:00am – opening remarks

9:30am – competition commences

5:00pm – competition ends

5:30pm – awards and closing

The workshop runs concurrently with the Capture the Flag competition.

WHERE: UConn Storrs Campus — Rome Commons Ballroom

Contact:

Jeannette Burke (UConn) Engr-cyberseed@uconn.edu

Nicole Ward (Synchrony) Nicole.Ward@syf.com

Technical (Synchrony) mark.underwood@syf.com

Cybersecurity Experts Come To UConn For CyberSEED

University of Connecticut Provost Mun Choi, Connecticut State Representative Matthew Lesser (D-Middletown), Comcast Cable Cybersecurity Governance, Risk and Compliance Vice President Ramesh Sepehrrad, U.S. Representative Joe Courtney (D-CT), and UConn Engineering Dean Kazem Kazerounian at the recent CyberSEED event. (Christopher LaRosa/UConn Photo)

From left: University of Connecticut Provost Mun Choi, Conn. Rep. Matthew Lesser, Comcast Cable Cybersecurity Governance, Risk and Compliance Vice President Ramesh Sepehrrad, U.S. Rep. Joe Courtney, and UConn Engineering Dean Kazem Kazerounian at the recent CyberSEED event. (Christopher LaRosa/UConn Photo)

The University of Connecticut’s Comcast Center of Excellence for Security Innovation recently hosted CyberSEED 2016. Speakers from around the country shared perspectives on cybersecurity issues and the importance of strengthening online defenses in vital areas.

“This is almost an existential challenge for the country, and frankly it’s going to be a persistent one, for decades to come,” said U.S. Rep. Joe Courtney at the conference.

U.S. Senator Richard Blumenthal meets with the cybersecurity competition team from the U.S. Coast Guard.

U.S. Sen. Richard Blumenthal met with the cybersecurity competition team from the U.S. Coast Guard. (Christopher LaRosa/UConn Photo)
Senator Chris Murphy (D-CT)

U.S. Sen. Chris Murphy joined CyberSEED by teleconference. Video from his statement is available below. (Photo from Sen. Murphy’s website)

Courtney said that the importance of cybersecurity has been emphasized by the news recently.

“As we know from last Friday, when the Director of National Intelligence and the Department of Homeland Security basically came right out bluntly and said ‘this is an attack that came from another nation state, from Russia,’ this issue just keeps escalating- in terms of the threat to whole sectors that have been totally caught off guard.”

U.S. Sen. Richard Blumenthal echoed Courtney’s commitment to cybersecurity. He discussed the devastating effect that cybercrime can have on citizens, and talked about the need for internet companies to report security breaches in a timely manner.

“A national breach notification standard would help to make sure that consumers are alerted when their sensitive personal information is in the public realm and potentially vulnerable to abuse through identity theft,” Blumenthal said.
hartley

One of the most anticipated talks of the event was from the tech team behind Mr. Robot, the acclaimed television show on the USA Network. The team emphasized the hard work that went into making Mr. Robot accurate from a hacking standpoint.

“What you saw in the seasons, the accuracy that we’ve made, it took a lot of work. A lot of hours at 3 a.m. and text messages at all times of the day,” said Andre McGregor, Director of Security at Tanium. McGregor was previously an FBI Supervisory Special Agent in the Cyber Division, and used that experience to guide the show when it intersected with law enforcement.

One of the recurring topics of the conference was the need to move beyond a coconut model of security, where there is a hard outer shell with a vulnerable system once that shell has been bypassed. This approach not only gives an outside hacker a clear point where they have succeeded, it also leaves a network vulnerable to attacks from within.
The Mr. Robot Panel. From Left are Andre McGregor, Director of Security, Tanium; James Plouffe, Lead Solutions Architect, MobileIron; Ryan Kazanciyan, Chief Security Architect, Tanium; and Dave Kennedy, Founder and Principal Security Consultant, TrustedSec.com.

The Mr. Robot Panel. From Left are Andre McGregor, Director of Security, Tanium; James Plouffe, Lead Solutions Architect, MobileIron; Ryan Kazanciyan, Chief Security Architect, Tanium; and Dave Kennedy, Founder and Principal Security Consultant, TrustedSec.com. (Christopher LaRosa/UConn Photo)

“Every attacker is going to be a potential insider; whether you start on the inside of a network or you’re an external adversary who goes out to breech the perimeter and establish a foothold on the internal network and move from there,” said Sean Malone, chief strategy officer for FusionX.

Malone said that this hardened outer shell approach could lead to a game over mentality when, inevitably, the outer shell is breached.

“It should be as complex or more complex to achieve the objective on the internal network as it is to get there in the first place,” he said.

To view the CyberSEED conferences, visit their Youtube page.

Cybersecurity Contest Challenges Teams to Think Like a Hacker

By William Weir

(UConn Today)

Computer hackers descended upon UConn this past week, and for their efforts, came away with more than $100,000 in prize money.

Teams from 43 colleges including UConn gathered at the Lewis B. Rome Commons Ballroom to take part in various challenges at CyberSEED, a two-day cybersecurity conference that also featured speakers and panel discussions. Rear Adm. David Simpson, chief of the Federal Communications Commission’s Public Safety and Homeland Security Bureau, gave a talk about the state of national and international cybersecurity.

The conference, which took place Oct. 21-22, was organized by the Center of Excellence for Security Innovation (CSI), a partnership between Comcast and UConn School of Engineering’s Center for Hardware Assurance, Security, and Engineering (CHASE). It was the first of what is planned to be an annual event.

CyberSEEDUNewHaven[1]

University of New Haven team members discuss strategy in the Capture the Flag competition, during a two-day cybersecurity conference organized by the Center of Excellence for Security Innovation, a partnership between Comcast and the UConn School of Engineering’s Center for Hardware Assurance, Security, and Engineering. (Christopher LaRosa/UConn Photo)

The competitions featured both software and hardware challenges, but the most popular was Capture the Flag. Here, teams hacked away at classified files of the fictitious country Cyberia, acting on behalf of the small neighboring nation Sanctus Pirata. The files provided details of the country’s oil rigs, allowing the smaller nation to tap into them if successful.

Teams came from as far as Washington State and New Mexico. Some were veterans of hacking competitions, others complete novices. Coming to UConn for their first hacking competition, East Tennessee State University flew into Connecticut at 2 a.m. Energy drinks and coffee figured heavily in their strategy. Their coach, computer science professor Mike Lehrfeld, said the team members had spent much of the past few weeks discussing strategies and different scenarios they might encounter.

“The competition allows them to showcase what they’ve worked on all year long,” he said.

CyberSEEDSyracuse[1]

The team from Syracuse University hacks away for classified files in the Capture the Flag competition. (Christopher LaRosa/UConn Photo)

In the end, it was Brown University who took top honors based on speed and the number of documents uncovered. They won $15,000 for first place. Overall, more than $100,000 was awarded to winning teams. No one went away empty-handed: every participant received a Samsung tablet.

So how do you prepare for a hacking competition?

“Lots of YouTube video, lots of Googling,” said Andrew Rector, a senior with the team from Bloomsburg University in central Pennsylvania. Even though they were taking on the role of the bad guys, he said, “these kinds of efforts will pay off for the good guys. You need to know how a system is vulnerable before you can protect it.”

Indeed, conference speaker Cheri Caddy, director of cybersecurity policy integration and outreach at the White House, told the audience that security efforts have lagged because of a lack of training in the field.

Michael Garvin, senior manager of product management for Symantec, was one of the architects of the Capture the Flag competition. They devise their games partly by current events – who’s committing cyberattacks and why – and from feedback from companies who want to protect their security.

These competitions, he said, are a way of identifying vulnerabilities in a company’s computer system.

“We’ll ask companies ‘What is it that you’re worried about?’ Then we can prevent those things from happening, or lessen the amount of damage,” he said. “We’ve seen some interesting and novel methods in these competitions – all the better to help us prepare.”