November 9, 2024

A team of hackers from two North American universities won the “Capture the Flag” championship, a contest seen as the “Olympics of hacking,” which draws together some of the world’s best in the field. In the carpeted ballroom of one of the largest casinos in Las Vegas, the few dozen hackers competing in the challenge sat hunched over laptops from Friday through Sunday during the DEF CON security conference that hosts the event. The winning team, called Maple Mallard Magistrates, included participants from Carnegie Mellon University, its alumni, and the University of British Columbia.

The contest involves breaking into custom-built software designed by the tournament organisers. Participants must not only find bugs in the program but also defend themselves from hacks coming from other competitors.

The hackers, mostly young men and women, included visitors from China, India, Taiwan, Japan and South Korea. Some worked for their respective governments, some for private firms and others were college students.

While their countries may be engaged in cyber espionage against one another, the DEF CON CTF contest allows elite hackers to come together in the spirit of sport.

The reward is not money, but prestige. “No other competition has the clout of this one,” said Giovanni Vigna, a participant who teaches at the University of California in Santa Barbara. “And everybody leaves politics at home.”

“You will easily find a participant here going to another who may be from a so-called enemy nation to say ‘you did an amazing job, an incredible hack.'”

The game has taken on new meaning in recent years as cybersecurity has been elevated as a national security priority by the United States, its allies and rivals. Over the last 10 years, the cybersecurity industry has boomed in value as hacking technology has evolved.

Winning the title is a lifelong badge of honour, said Aaditya Purani, a participant who works as an engineer at electric car maker Tesla Inc.

This year’s contest was broadcast for the first time on YouTube, with accompanying live commentary in the style of televised sports.

DEF CON itself, which began as a meetup of a few hundred hackers in the late 1990s, was organised across four casinos this year and drew a crowd of more than 30,000, according to organising staff.

On Saturday afternoon, participants at the “Capture the Flag” contest sat typing into their laptops as conference attendees streamed in and out of the room to watch. Some participants took their meals at the tables, munching on hamburgers and fries with their eyes fixed on screens.

Seungbeom Han, a systems engineer at Samsung Electronics, who was part of a South Korean team, said it was his first time at the contest and it had been an honour to qualify.

The competition was intense and sitting for eight hours a day at the chairs was not easy. They did take bathroom breaks, he said with a laugh, “but they are a waste of time.”

© Thomson Reuters 2022