Meet the champions of the 2018 DEFCON CTF 26

Reclaiming World No. 1 Ranking after 3 Years





On August 12, the multinational team DEFKOR00T was triumphant at the 2018 DEFCON CTF 26 Championship (hereafter Defcon), the world’s largest hacking and defense tournament. DEFKOR00T is a team composed of students from DEFKOR (the Department of Cyber Defense, Korea University) and R00TIMENTARY (Georgia Tech, U.S.A.). The team defeated the US PPP team, the winner of last year’s tournament, and won first place in the tournament. The communications team interviewed two players, Lim and Lee, who were central to the team’s victory (*Due to the anonymity and confidentiality regulations enforced by the Department of Cyber the students’ full names have not been disclosed.)


The term “hacking and defense tournament” is not well known to the general public. At Defcon, participating teams score points not only by identifying and remedying the vulnerabilities of their respective servers but also by attacking other teams’ vulnerabilities. The strategies adopted are akin to those of WarGames, with teams' virtual servers being the territory to be attacked and defended.


DEFKOR is a spin-off team that emerged from “CyKor”, the information security club of the Department of Cyber Defense, Korea University. As the name suggests, the team was established specifically in order to compete at Defcon. After qualifying to take part in the tournament, DEFKOR joined together with Georgia Tech's R00TIMENTARY team to form a single team, which they have long wanted to do. The joint team can be considered the avengers to win the Defcon.


“Our team was divided into three sub teams according to the various roles we played,” said one of the two anonymous players. “The 'attack team' was set up to determine opponents’ vulnerabilities and attack them, the 'defense team' to defend against opponents’ attacks, and the 'management team' to oversee the overall strategy devised by Defcon. Each player prepared diligently to play his or her role in the team. As the tournament's steering committee did not disclose any hints about the challenges we would face prior to the event, we prepared by selecting and solving problems that had previously arisen in other similar tournaments and could plausibly occur at Defcon.”





“There were several tactics that we devised,” the player continued, “but unfortunately they were prohibited in the actual tournament. No one knew what the quest and the rules were in advance, but nevertheless our thorough preparation and training helped us win.”


Since this year's tournament was the first to be held after a change in the Defcon steering committee membership and resultant changes in the rules, there were several new variables to be considered. One was the fact that competitors could not see the scoreboard displaying the rankings on the final day of the two-night and three-day tournament. In light of this, one of the players described the challenge they faced. “The US PPP team, the winner of last year’s tournament, was a strong team. Knowing that it was so heavily favored, we could not slacken our efforts until the very last moment.”


Although Defcon took place from 10 a.m. to 8 p.m. each day, the players had to stay awake for the full duration of the tournament. This was due to the fact that even after a day's action came to a close they had to fully prepare for the following day's challenges. In particular, they had to be ready to attack and defend themselves as soon as the server was opened. “Toward the end of the first and second day of the tournament the steering committee gave us a new challenge. We were all busy solving the new problem so we had no time to rest in our dorms.” Laughingly, one of the players recounted a humorous aspect of this situation. “What was funny was that each morning the steering committee members asked us whether we had a good night's sleep.”


The two players seemed to be relaxed despite having to consider what the most challenging aspect of the tournament was. “The most difficult thing for us was perhaps the aspects we could not control. For example, the slow speed of the internet at the tournament venue or in the dorm was something that we had to deal with. But with our determination to do our best during the tournament, we were able to win by maintaining a competitive advantage throughout.”


“White hat hacking”, which entails hacking systems in order to improve their defenses, is a field that is still relatively unknown in Korea. When the two players were asked what may need to be improved in the field, they carefully considered their response.


“We feel that information security awareness is noticeably better compared to when we started learning about hacking. However, just because a particular team won a hacking tournament does not necessarily mean that the information security level of the country its members come from will suddenly be strengthened. Although having Korean members win a high-profile tournament by demonstrating outstanding skills is important, we believe that it is only through continuous investment in security that the level of security in Korea will truly increase. In order to ensure public interest in this, we hope people get to know more about tournaments such as Defcon.”


When asked about whether they had any personal desires with regard to studying in the field of information security as researchers, one of them answered, “Just because we won the tournament once does not mean that we will stay at the head of the field. This is because there are so many rapid changes happening in the field. Our priorities are to continuously update ourselves on current developments and to keep enhancing our skills.” It was this attitude that doubtlessly enabled them to win Defcon.


Lastly, when asked about their future plans, one of them said, “In accordance with the nature and regulations of the Department of Cyber Defense, I will be serving as a military officer for 7 years after graduation. Although there may be a change in my status, from being a student to becoming a researcher, I plan to continue my research in the field of information security. I hope the field receives a lot of future investment aimed at establishing a better foundation for relevant research.” The student added to laughter, “And yes, investment is really important.” The future looks bright for the field of information security in Korea, with talented people like Lee and Lim in the forefront of winning global tournaments and setting ever-higher standards.