HECC (Higher Education Cyber Challenge) is a cross-university cybersecurity/CTF competition run by the University of Southampton – following in the footsteps of the Inter-ACE challenge launched by the University of Cambridge’s ACE-CSR in 2016 and hosted there for three years.
The first edition of HECC was held on Saturday 9th March 2019, at Southampton’s Highfield Campus. Eleven students in three teams made the trip from Cambridge to take part, calling themselves ‘cryptographic_randomness’, ‘Cam Power Unlimited’ and ‘NP Compete’
A total of 26 teams competed, from universities across the country. Congratulations go to NP Compete (Chris Underhill, Simon Crane, Dimitrije Erdeljan and Patryk Balicki) who took 2nd place with 44700 points – narrowly beaten to the top spot by team ’0×434343′ from Cardiff University. After hanging around 3rd/4th position for most of the competition, NP Compete accelerated towards the end of the day and overtook team ‘EmpireCTF’ from Imperial College London to claim the silver medal – and a large cash prize.
The competition was jeopardy-style, with challenges covering a wide range of topics, including reverse engineering, forensics, web exploits and packet sniffing. Most were written by students and academic staff from Southampton University, with the rest provided by the competition’s sponsors. Interesting challenges included an NFC problem solving task that involved scanning the lanyards of other teams to get clues for a flag, and a challenge that involved exploiting an automated VoIP call system to run shell commands.
All competitors received a free lunch and enforced breaks from hacking to rehydrate. After the competition ended, the teams had dinner, during which the results were announced and prizes given, followed by a chance to network with organisers and fellow students.
Overall, HECC was an extremely well planned and enjoyable CTF. It was an amazing experience for all of the Cambridge teams. We look forward to next year’s HECC, when maybe Cambridge will take home the first prize.