CMU Cyber Security Contest Promises Kids A Legal Way To Practice Their Hacking Skills

Mar 27, 2017

What’s being billed as the largest hacking contest ever is launching Friday.

PicoCTF from Carnegie Mellon University aims to educate middle and high school students on the importance of computer security and tackle a common misconception – that hacking is bad.

“What hacking is about is understanding computers deeply and understanding how they function and how they may have bugs in them, how something may go wrong and being able to anticipate that,” said David Brumley, director of CyLab, CMU’s security and privacy institute.

The goal is to fix those problems and make systems more secure, he said.

“Computer security is growing 50 percent faster than computer science, 2.5 times faster than the national average for other jobs," he said. "So we have this huge demand for computer security professionals – they’re high-paying jobs, and we don’t have enough people to do them.”

A skills gap of about 1.5 million is expected in the next five years, according to the Center for Cyber Security and Education, and Brumley said criminal hacking is going to continue.

“We see computer security in the news every day with the DNC getting hacked, voting hacking, Russia hacking,” he said. “What we’re trying to do is educate and bring up a culture of people who are experts at computer security who can make those systems more safe.”

The two-week hacking contest features a series of challenges, which participants must solve either by decryption, breaking, reverse engineering or hacking - whatever it takes. As each problem is solved, teams advance.

“We gamify it, we show it as a puzzle and we’re able to automatically check when they get the solution to the problem, but we really don’t care how they solve it. That’s one of the great things about hacking. It allows for a lot of creativity,” said Brumley.

Top winners will receive a cumulative $30,000 in prizes.