On December 4th, 2009 the largest hacking competition ever carried out was held at UCSB. The competition included 56 teams from North America, South America, Europe, Russia, India, and Australia.
More than 800 students participate in a live security exercise in which they had to compete against each other by using their security skills. The theme this year was: “Know your enemy!”. The goal of the game was to compromise the browsers of a large set of simulated users, steal their money, and make them part of a botnet. In order to compromise the simulated users the participants had to analyze the code of a number of browsers, and find vulnerabilities that could be exploited by executing a drive-by-download attack. In order to perform the attack, each team had to lure the simulated users to a web site under their control by publishing blog entries and using search-engine optimization techniques. This procedure followed the scheme used by actual Internet criminals. The goals of the exercise was to test the participants security skills and also educate them about the nefarious criminal activities carried out on the network today, so that they could participate in the design of a more secure Internet.
The competition was won by the CInsects team, from the University of Hamburg, Germany, who was able to compromise the most users and gather the most money. More information about the competition is available at http://ictf.cs.ucsb.edu.