UVA Defeats UMBC, in Stunning Upset

Will it go down as the greatest upset in Mid-Atlantic Collegiate Cyber Defense Competition history? As newcomers to the competition, the University of Virginia's Cyber Defense Team were surely not the favorites to defeat reigning national champions University of Maryland Baltimore County - but in their first competiton, UVA took home the victory.

The win may have been particularly sweet because UMBC had crushed UVA in a historic 74-54 route one day earlier in the first round of the men's NCAA basketball tournament - the first time ever that a No. 16 defeated a No. 1 seed.

UVA also took down six other teams in the regional event, presented by Raytheon and the National Science Foundation's National Cyberwatch Center, and therefore progresses to the national competition.   

Most importantly, these young computer scientists were awarded for a skillset most needed, but less frequently lauded with oohs and aahs from a crowd: blue teaming. 

Each competitor played as a blue team for an online news site and had to protect their entire network from a red team made of industry professionals. The competition official served as company CEO, demanding status updates from the captain of each blue team. 

"We had a pretty solid game plan," team captain Mariah Kenny told UVAToday. "We split into different groups. We had a Windows group, a firewall group, a Linux group, and so on." 

"In order to win, we had to show we could maintain business continuity while defending against professional hackers," Kenny she told UVAToday. "...Unlike other teams, we didn't focus too much in one category, because they all mattered. We focused on all of them. And we were in constant communication."

In addition to the standard punishments of trying to shut down their systems, the red team tried to shake the first-timers' confidence - hacking the competition hall security cameras and sending the team UVA team photos of themselves. They tried trash-talking, defacing the company website with messages that the CEO was a moron who was "driving the entire company into the ground." 

Teams were rated on a variety of factors related to their skill at identifying malware, reporting to their CEO, and most of all, keeping their business running, with all critical services and customer access available. 

Congratulations to UVA on the win. While the Capture the Flag contests may reward the slam dunks and buzzer beaters of the security world, we applaud those who supply help defense and good spacing, who box out, and hustle for loose balls.     

For more information, see here. 

Join Dark Reading LIVE for two cybersecurity summits at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the security track here. Register with Promo Code DR200 and save $200.