Stanford students win international cybersecurity competition

Cyber team
For the third year in a row, the Stanford Applied Cyber team placed first at the Collegiate Penetrating Testing Competition. (Photo: Mariah Rose Whitmoyer)

The STANFORD APPLIED CYBER TEAM beat out nine college hacking teams from around the world at the Collegiate Penetrating Testing Competition at the Rochester Institute of Technology. At the annual event – now in its fifth year – students showcase their technical skills and gain professional experience in the practice of testing a computer system, network or web application to identify security vulnerabilities.

COLLEEN DAI, a graduate student studying statistics and a member of the team, credits the win to strong technical training and camaraderie.

“It means a lot to win,” she said. “[The victory] has a lot to do with our team dynamics and how well we work together.”

The Stanford Applied Cyber team includes computer science majors ANNA ZENG and JACK CABLE; MICHAELA MURRAY, who is double majoring in computer science and math; PIERCE LOWARY, who created his own track consisting of computer science, cybersecurity and policy; and physics PhD student WILL DEROCCO. The students were coached by ALEX KELLER, the senior systems security engineer at the School of Engineering.

During the three-day competition, each college team was tasked with identifying weaknesses in a simulated corporate environment without impacting the operations of business activities. For one challenge, students had to break into the networks of DinoBank, a fake financial services and cryptocurrency company, with event organizers serving as company employees. An ability to hack into accounts without passwords was among the vulnerabilities identified by students. Students also investigated web and software weaknesses, including ones found in the Windows operating system.

“There was also an ATM challenge where we had to figure out how we could extract money without knowing someone’s PIN code,” Dai said. Each team was given a real ATM and teams that successfully hacked the machines got to keep the cash inside.

Read more from The Roundabout.