A Westminster-based technology nonprofit invited students this past weekend from around the country — and outside of it, too — to try and capture a virtual flag in a cybersecurity exercise described as “ethical hacking.”
Mid-Atlantic Gigabit Innovation Collaboratory, or MAGIC, announced Monday that the eighth Capture the Flag event it hosted Saturday reached 308 registered participants, setting a record for participation since the program’s start four years ago. That total doubled the number of participants the competition had earlier this year, in April, at 135.
MAGIC hosts the event twice a year, once in the spring and another in the fall.
“We couldn’t be more pleased by the turn-out. MAGIC’s CTF competition is now one of the largest entry cyber security challenges in the world,” said Graham Dodge, executive director of MAGIC said in a news release. “If not the largest.”
According to the news release, 20 locations participated worldwide, including in Maryland, Tennessee, Idaho and New Hampshire, as well as Northern Ireland and Estonia.
“It is an early, entry, beginner-level cybersecurity competition that engages students who might not necessarily have a lot of experience in what we call ethical hacking and cybersecurity,” Dodge said in an interview. “This competition really presents them with challenges and puzzles that help them understand some of the techniques that cybersecurity companies would use what they call penetration testing. So, it’s a great format for young students, or anyone of any age, learning about cybersecurity that really wants to kind of dive in a competitive tournament-style format to quickly learn some of these skills that would then qualify them for careers in cybersecurity.”
It is because they have built more relationships on an international level that Dodge thinks there was such a high turnout this year.
“We’ve had great relationships with the Maryland Department of Commerce and the Army National Guard, who have contacts in various countries in cybersecurity,” he said. “So, we expect to see this grow as we’re being introduced into more programs in other countries through these networks of cybersecurity organizations. So, we expect to bring on at least two more countries next year as well."
According to Dodge, the competition basically requires the competitors to solve puzzles that MAGIC creates to accumulate points.
“Essentially we create different servers and computer systems that we and our volunteers have created that contain what we call flags that they’re looking for,” Dodge said. “They’re given some hints at the beginning of the competition for each of the puzzles and where to start looking. Then they have to really hack into each system to find these flags.”
When the participants think they have the correct answer to the flag, they enter it to see if they got it right or not, and if they did they receive points. The team with the most points in the end wins.
The winners of the competition all received monetary prizes. The members of the team that won first place each received $100, the members of the team that won second place each received $50 and the members of the team that won third place each received $25.
First place went to the “CyberSpike 19” team from Tallinn University of Technology in Estonia with 6,155 points, second place went to the “Viljandi Gymnasium and friends” team from VIKK Technical School in Estonia with 5,739 points and third place went to the “Less is More” team from the Baltimore County Public Library branch in Owings Mills with 5,730 points.