Carnegie Mellon hacking team finishes 2nd at DefCon

Daniel Tkacik

Aug 10, 2020

Student on a laptop

Source: CyLab

A member of Carnegie Mellon's hacking team, PPP, competes in the DefCon Capture the Flag competition in 2015. This year, the competition was held remotely.

Carnegie Mellon University’s competitive hacking team, the Plaid Parliament of Pwning (PPP), finished in 2nd place in the “Capture the Flag” competition—widely referred to as “The Olympics of Hacking”—at the this year’s DefCon security conference. The competition, played in the form of a virtual game of capture the flag, was held remotely August 7-9.

“The teams that qualify to compete in this competition represent the absolute highest level of cybersecurity proficiency today,” says David Brumley, a professor of Electrical and Computer Engineering at Carnegie Mellon and the faculty advisor to PPP.

Cyberattacks continue to be waged on companies, governments, and individuals on an increasingly regular basis, putting people with cybersecurity proficiency in extremely high demand as the workforce struggles to fill essential roles. Competitions like DefCon’s allow those who are studying or practicing cybersecurity to sharpen and hone their skills against one another.

This year’s competition consisted of 16 pre-qualified teams from around the world. Team “A*0*E” from China placed first overall, and team “HITCON⚔Balsn” from Taiwan finished in third. Throughout the competition, PPP and A*0*E traded the top position on the leaderboard at least nine times, but A*0*E finished on top with a score of 870. PPP trailed by only two points with a score of 868.

This game was crazy, check out this #DC28CTF game!@defcon CTF

Source: @oooverflow

This game was crazy, check out this #DC28CTF game!@defcon CTF /cc @thedarktangent

“It was really a game between PPP and A*0*E, going back and forth and back and forth, fighting, patching and exploiting, over and over,” said Zardus, a pseudonym of a hacker who helped organize and run this year’s competition with the hacking group, “The Order Of the Overflow.”

Over the course of the 72-hour competition, teams made up of students, industry workers, and government contractors attempted to break into each other’s systems—stealing virtual “flags” and accumulating points—while simultaneously protecting their own. To add drama, team scores were hidden in the final hours of the competition. With many teams standing neck-and-neck at the top of the rankings, competitors were sent into a hacking frenzy.

PPP first formed in 2009 and began competing at DefCon in 2010. The team previously won the contest in 2013, 2014, 2016, 2017, and 2019.

 

Image source: https://twitter.com/oooverflow/status/1292630993422057474?s=20