NZCSC_Logo
CSC20

Announcing the NZCSC'20 Winners

Thanks to everyone who participated and helped make the NZCSC'20 a success! We've had over 500 expressions of interest of which 322 actively participated in Round 0. Of those 322 participants, 147 selected for Round 1 and the top 10(the top 2 from each category and the next 4 highest scorers) moved to the next round, Round 2.

A BIG CONGRATULATIONS TO OUR NZCSC'20 WINNERS!

Grand Winner: Jamie McClymont

Category Winners
  • HighSchool Category: Technocoder(Zhiyuan Qi)
  • Tertiary/University Category: Dast(Daniel Stokes)
  • Industry/Open Category: Jamie McClymont
The Top 10
  • Dast(Daniel Stokes)
  • Tomais Williamson
  • Jamie McClymont
  • Logan Krippner
  • Technocoder(Zhiyuan Qi)
  • ZerOne(Sam Redmond)
  • Samdaman(Sam Hogan)
  • Fromage(Joshua Hogan)
  • Michael Jang
  • RavSS(Ravjot Singh Samra)
Individual Challenge Rewards
Medium Challenges
  • Challenge 4: Fromage(Joshua Hogan)
  • Challenge 5: Toby Heitland
  • Challenge 7: Gittarackur(Ryo Sugiyama)
Hard Challenges
  • Challenge 8: Fromage(Joshua Hogan)
  • Challenge 10: Jamie McClymont
  • Challenge 11: Jamie McClymont
  • Challenge 12: Jamie McClymont

PLATINUM SPONSORS

Endace-logo InternetNZ-Logo AURA-Logo

GOLD SPONSORS

Insomnia-logo RSA-logo

SILVER SPONSORS

CTEK-logo DTA-logo

MEET SOME OF OUR SPONSORS

   

ORGANISERS

University-Of-Waikato-logo Crow-logo


Stratus=logo

The Schedule

! The Organizers have right to modify the agenda


important dates


  • Round 00: 25th May 06:00 am - 6th June 06:00 pm

  • Round 01: 9th July 09:00 am - 10th July 09:00 pm

  • Public AMAs: 11th July 10:00 am - 11:00 am

  • Rounds 02: 11th July 11:30 am - 4:00 pm

NZCSC 2019

FIRST PLACE

Team 'The Password Inspectors' - Jamie McClymont, Rhys Davies.

GrandWinner

WHAT HAPPENED?

Congratulations to all the Cyber Security Challenge competitors of 2019. This year, the challengers took on the Internet of Things with the focus on - forensics, reverse engineering, steganography, web-application security and cryptography.

RUNNER-UP OF TERTIARY CATEGORY

Now UC Me (Joshua & Sam Hogan, University)

WINNER OF SECONDARY CATEGORY

Thonking (Cameron Li & Jason Xu)

RUNNER-UP OF SECONDARY CATEGORY

Arrays start at 1 (Ethyn Gillies & Marshall Patty)

RUNNER-UP OF SECONDARY CATEGORY

Frozen Orange (Orion Edwards & Thilanka Priyankara)

RUNNER-UP OF INDUSTRY CATEGORY

Gradyhooker (Grady Hooker).

NZCSC 2018

FIRST PLACE

Team Elliptic Curveballs - Logan Krippner, Jacob Cheatley and Michael Jang.

GrandWinner

Women's Technical Challenge Champions

Team Octocats - Jamie McClymont and Abigail Koay

Drone challenge winners

Team UniHack - Rajat Rokhade, Debac Manikandan and Arnav Gogia

WHAT HAPPENED?

The NZ Cyber Security Challenge 2018 (NZCSC'18) hovered into action with a drone challenge for Round 1 & 2 contestants at the University of Waikato campus. Challengers tested their hacking skills as they attempted to take charge of a drone controlled by a host's smartphone and intercept photos taken by the drone's camera. Prizes were awarded to the successful hackers. NZCSC'18 action also included training sessions with some of the best, opportunities to kickstart a cyber security career at the job fair and talks by some of the movers and shakers in the industry. Round 0 online qualifying round took place from June 18-29, with the top 150 moving on to Rounds 1 and 2 on July 14 at the University.

CSC 2017



FIRST PLACE

2017 challenge known for Challenge Winner Repeat Performance .
It was a repeat performance by the overall champions team Arcton, Nathaniel Watson, Jeremy Symon and Grady Hooker took out last year's Challenge.

Representing industry, they walked away with a cheque for $2500 and NetHui fellowships. Jeremy is currently doing a Masters of Computer Science at Waikato and working at Gallagher, and Grady and Nathaniel are former Waikato Computer Science students now working in the computer science industry.

Arcton-claiming-their-price

RUNNERS UP

overall runners-up 418ShortAndStout - Michael Robertson and Brent Vollebregt - placed top in the tertiary division and took home $1800.

Top performers in the high school division after Rounds 1 and 2, SQL Sharks twins Sam and Josh Hogan also took out first place in the new Policy Round. Contestants were tested on responsible disclosures, asked to critique a really badly-written cyber policy, and suggest incident response next steps for a fictitious event.

The winning team from the industry division after Rounds 1 and 2 were Jack Haystead, Daniel Tebbutt and Declan ter Veer-Burke. They took home a cheque for $1800.



WHAT HAPPENED?

nZCSC'17 hit all the right keys with VIPs from the Government Communications Security Bureau (GCSB) and INTERPOL attending. GCSB director Andrew Hampton told the Challengers it wasn't long ago that people were saying cyber security should be on the agenda but now the agenda is cyber security.

although, In this year's Challenge CROW collaborated with Japan's National Institute of Communications and Information Technology ( NICT ) to up the ante in the visualisation of the attack and defend networks of the competition. CROW member Cameron Brown worked with Koei Suzuki to customise the NIRVANA Kai visualisation to show network traffic between the Round 3 servers. The collaboration is mutually beneficial as NICT will utilise CROW technology in the future. NICT supply the visualisations for Japan's largest cyber security competition SECCON.


competition-software

CSC 2016



FIRST PLACE

team Name: Hodor (462,250 points)
team Members: Sjoerd de Feijter, Matthew Stringer, Vladimir Petko
industry category team, representing Gallagher Group

RUNNERS UP

First Runner-Up

Team Name: Solo Team(406,160 points)
Team Members: Michael Robertson, 17 years old,
Secondary School Category team, representing Cambridge High School.

Second Runner-Up

Team Name: Arcton(386,300 points)
Team members: jeremy Symon, Nathaniel Watson, Grady Hooker
Tertiary category team, representing University of Waikato Faculty of Computing And Mathematical Sciences



WHAT HAPPENED?

due to the popularity of the competition in 2015, we introduced an online qualifying round, Round Zero. 267 participants registered for Round Zero and attempted the challenges between the 17 June - 1st July, after which the Top 150 were chosen to attend the competition on the 14 and 15 July.

participants competed in two rounds: Round One, a capture-the-flag style challenge and Round Two, a Red team vs. Blue team game where the Blue teams had to defend their vulnerable servers from attacks from the Red teams, which consisted of an Industry Professional from Gallagher and two CROW members.


CSC 2015

FIRST PLACE

team Name: ter B

RUNNERS UP

First Runner-Up

Team Name: DoubleMC

Second Runner-Up

Team Name: Kanye4Prez



WHAT HAPPENED?

nZCSC'15 was open to all of New Zealand and participants were split into 3 categories: Secondary, Tertiary, and Industry/Open.

the competition had 2 rounds: Round 1 was a capture-the-flag style challenge. Round 2, open to the top 5 teams of Round 1, was a Red team vs. Blue team style challenge where 5 Blue teams defended their systems against the Red team, which included Industry professionals from Insomnia Security and PWC Digital.


CSC 2014

the first instalment of the Cyber Security Challenge was open to University of Waikato students only.

cSC'14 had a single round - a capture-the-flag style challenge where the students participants solved challenges to acquire flags. The event served its purpose: to gauge students' interest in a Cyber Security-themed competition. Over 70 students registered, attended the training and paticipated in the competition, which encouraged the organisers to plan the next CSC.


CHALLENGE OVERVIEW





EVENTS

Public AMA

JULY 11

location: online

Keen to learn more about the ever-evolving field of cybersecurity? Our world-leading cybersecurity team is hosting an ‘Ask Me Anything’ webinar this Saturday from 10-11am, featuring some of New Zealand’s leading cybersecurity experts.

The Ask Me Anything panel includes:

  • Sam Sargeant, Chief Security Officer, InternetNZ: Sam Sargeant has been working with the Internet in New Zealand since the 1990s, starting as a test engineer for a network hardware vendor. Sam soon moved to roles in ISP engineering and security operations. In the early 2000s, Sam co-founded a web hosting company where he learnt the challenges of a startup while helping to grow a million-dollar business before his departure in 2007. Roles as Chief Technology Officer and Chief Information Officer for public and private organisations followed, before joining the New Zealand Intelligence Community in 2015 to help protect our national security. In 2019 Sam took up his current role at InternetNZ as their first Chief Security Officer to keep .nz secure, and support the development of the Internet in Aotearoa. This involves leading the discussion on security issues as well as how to keep on top of them.
  • David Tredger, Principal Consultant, Aura: David is one of Aura’s home-grown talents, joining Aura as a graduate in 2013 after completing his Bachelor of Network Engineering from Victoria University of Wellington with 1st Class Honours. David excels in the execution of high standard offensive and defensive security capabilities, and enjoys the complex investigative work required for solving challenging technical security problems. His key areas of strength include penetration testing of complex applications, systems, and networks, and contributing to the quality of Aura's technical deliverables. David is Aura’s technical lead for a number of Aura's Wellington-based enterprise customers and has performed security assessments for a wide array of industries, both private and public sector. David conducts ongoing research into the area of security appliances, and has published vulnerabilities for Fortinet’s Fortiportal software. As a passionate advocate for the local cyber security industry, David also manages Aura’s internship program, providing guidance and mentoring to the InfoSec community’s newest entrants.
  • Lee McCotter, Senior Systems Engineer, RSA: Lee McCotter is a Senior Systems Engineer at RSA Security, where Lee provides technical assistance for the RSA NetWitness® Platform to prospective and existing customers in New Zealand and Australia. Lee’s day to day role consists of preparing and delivering technical presentations to explain the products and services that RSA can provide to enterprise customers, qualifying opportunities for Threat Detection and Response solutions including Security Analytics, Endpoint Detection and Response (EDR), Network Forensics and SIEM, architecting solutions to meet customer needs and providing sales support which includes providing product demonstrations and running Proof of Concept engagements. As Lee loves puzzles and helping people, before becoming a technical Pre-Sales Engineer, he spent the last 10 years working as either a security engineer supporting customers globally or providing professional services for a large multi-national Security Consulting firm. Lee is the holder of security certifications such as CompTIA Security+ and EC Council's Certified Ethical Hacker (CEH) and received a Bachelor of Computer Science with majors in Computer Forensics and Systems Programming from Western Sydney University.
  • Dajne Win, Senior Security Consultant, Insomnia Security:Dajne is a Senior Security Consultant at Insomnia Security. Coming from a technical background with experiences across several technologies, Dajne is further equipped with a Masters of Information Security and Digital Forensics from AUT. Post his academic successes, he has spent the last 4 years conducting a variety of security-based engagements across a range of technologies and stacks. His expertise includes web and mobile application penetration testing, with a specific interest in social engineering, penetration testing tool development, and physical control-based testing. Outside of work he usually keeps himself occupied through many side projects such as woodworking, gardening, and off-grid power systems.

COMPETITION

ROUND 0 (QUALIFYING ROUND)

May 25 - June 6

location : ONLINE

Round 0 is a qualifying one of capture-the-flag. After the Round0 closes, the top 150 participants will be invited to Round 01 & 02.

Details for Round0 will be sent to registered participants on the 25th May. Round0 will be available for the full two weeks (25th May - 6th June).

Topics Round0 will cover:

  • Cryptography
  • Steganography
  • Network
  • Reverse Engineering
  • SQL Injection


ROUND 01 & 02

JULY 9th - JULY 11th

location : online

ROUND 01
After qualifying, the top 150 participants will compete individually in Round1 online. Each participant will have 10+ capture-the-flag challenges with a 36 hour time limit.


ROUND 02
Round 2 documenatation has been sent to the Round 1 participants. Please check you email.

PRIZES

GRAND WINNER

WINNER OF THE COMPETITION AFTER ROUND 2

$1000


ROUNDS 01

WINNER FOR ROUNDS 01 IN EACH CATEGORY: SECONDARY, TERTIARY/UNIVERSITY, INDUSTRY/OPEN

$500


Top 10

THIS YEAR WE ARE SELECTING TOP 10(TOP 2 FROM EACH CATEGORY AND THE NEXT 4 WILL BE TOP 4 FROM ANY CATEGORY)

$150


CHALLENGE REWARDS

Medium complexity challenge

$50 per challenge

Hard challenges

$100 per challenge


REGULATIONS

RULES & ELLIGIBILITY

COVERS RULES AND ELIGIBILITY TO PARTICIPATE IN THE COMPETITION

RULES & ELIGIBILITY pdf


ETHICS AGREEMENT

COVERS ETHICAL BEHAVIOUR DURING THE TECHNICAL COMPETITION

ETHICS AGREEMENT pdf


CODE OF CONDUCT

COVERS CODE OF CONDUCT DURING THE ENTIRE COMPETITION

CODE OF CONDUCT pdf

CROW-NZ's First Cyber Security Lab

crow-team

Established in 2012, CROW is a research group located in the Department of Computer Science at The University of Waikato.

With the emergence of cloud computing technologies and prevalent mobile device usage, we are witnessing the diminishing effectiveness of traditional cyber security approaches such as perimeter defence, intrusion detection and infrastructure hardening.

To address this, CROW focuses on six major themes: Provenance, User-Centricity, Visualisation, Economics, Hardware, and Tools & Datasets. Together, these six themes enable the return of control of data to users, thereby reducing reliance on third-party vendors or trust relationships commonly found in most cyber security contracts today

crow.org.nz

Contact CROW