MACCDC takes great pride in being one of the premier events of this type in the world.
The 2022 Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC) – presented by Raytheon Intelligence and Space and run by the National CyberWatch Center – is in its 17th year of providing a unique experience for college and university students to test their cybersecurity knowledge and skills in a competitive environment. In 2021, more than 200+ students competed for an opportunity to be one of eight teams to advance to the Regional Finals. The Regional Finals are open to the public to attend. In non-COVID-19 pandemic years (2020, 2021), the Regional Finals are held at the Johns Hopkins University Applied Physics Laboratory in Laurel, Maryland. The winner of the MACCDC represents the Mid-Atlantic region at the National CCDC, usually the third week in April.
“Such experiential education increases the knowledge and expertise of future professionals who may be in a position to contribute to the secure design and operation of critical information and its supporting infrastructure.”
from Exploring a National Cyber Security Exercise for Colleges and Universities, Lance J. Hoffman and Daniel Ragsdale, 2004
While similar to other cyber defense competitions in many aspects, MACCDC, as part of the National CCDC, is unique in that it focuses on the operational aspects of managing and protecting an existing network infrastructure. Teams are physically colocated in the same building. Each team is given physically identical computer configurations at the start of the competition. Throughout the competition, the teams have to ensure that the systems supply the specified services while under attack from a volunteer Red Team. In addition, the teams have to satisfy periodic “injects” that simulate business activities IT staff must deal with in the real world.
In spring 2006, five teams from Maryland, Virginia, and Pennsylvania competed in the 1st MACCDC. By today’s standards, the infrastructure was simple. Each team had a router, a firewall, and a small sampling of servers. Scoring was accomplished through a custom Perl script that checked network and service availability and integrity. In 2006, the teams defended a mere seven assets, including a router, a firewall, servers, and an IP surveillance camera, and there were only four Red Team members (“hackers”) attacking and disrupting the students’ infrastructure.
The Teams: Red vs. Blue
Red Team is responsible for offensive operations against the defending teams
Members of the Red Team are professional penetration testers. Red Team members work in teams to collectively attack student teams' assets. Red Team players are scored on their ability to compromise systems and gain execute privileges, corrupt or capture data, and complete tasks on time.
Blue Team are the competitive teams consisting of students competing in a CCDC event
Defending a network from attackers is one of the most critical skills needed in IT today. If you’re still in school, you can’t miss an opportunity to improve your cybersecurity skills by defending real networks from real hackers. The CCDC challenges you and your team to consider the legal, ethical, forensic, technical, and business aspects of both defending and maintaining the integrity of business systems, in real time.
- Build a meaningful mechanism by which institutions of higher education may evaluate their programs.
- Provide an educational venue in which students are able to apply the theory and skills they have learned in their course work.
- Foster a spirit of teamwork, ethical behavior, and effective communication both within and across teams.
- Foster a dialog and awareness among participating institutions and students.
Competition officials who organize, run, and manage the competition
Competition officials who observe team performance in their competition area and evaluate team performance and rule compliance
Penetration testing professionals simulating external hackers attempting to gain unauthorized access to competition teams’ systems
Competition support members who provide technical support, pick up and deliver communications, and provide overall administrative support to the competition
The institution competitive teams consisting of students competing in a CCDC event
A student member of the Blue Team identified as the primary liaison between the Blue Team and the White Team
A student member of the Blue Team identified as the secondary or backup liaison between the Blue Team and the White Team, should the Team Captain be unavailable (i.e., not in the competition room)
A faculty or staff representative of the Blue Team’s host institution responsible for serving as a liaison between competition officials and the Blue Team’s institution
Casey is a co-founder of the MACCDC and the Executive Director and Principal Investigator of the National CyberWatch Center, the organization behind the MACCDC since its inception in 2006.
Mike has been involved with MACCDC since 2006 and is a full-time systems engineer, as well as an adjunct instructor with the Community College of Baltimore County and Towson University. He earned a Master’s Degree in Telecommunications from the University of Denver in 2020.
Rob has over 14 years of information security experience. He has helped design, build, and defend the U.S. Marine Corps, U.S. Senate, and Pentagon networks, as well as performing penetration tests and Red Team assessments against those same networks. He is the CTO for the MACCDC and past Captain of the Red Team.
Michael has over 20 years of experience in the offensive security field and has been part of the MACCDC since its inception. Over the last two years, he has been the MACCDC Red Team lead. Michael believes in giving back to the field by volunteering his time to help those that are interested in getting into the field.
Why Get Involved?
Students who compete in MACCDC will, no doubt, come away with information security skills way beyond those of the average IT specialist. The CCDC is also a great way to bolster your resume by:
- Bringing attention to your qualifications and experiences
- Networking with representatives from leading corporations and federal agencies
- Gaining hands-on experience hardening network assets against live, constant threats
- Attending featured keynote speeches by industry leaders