Team Mantrap Captures National Championship in Cyber Defense for Red Bank Regional

Six students from RBR prove they are the best in the nation when it comes to defending cyber attacks, thanks to a curriculum designed by their coach and teacher, Little Silver resident Mandy Galante.

At a banquet not far from Washington, D.C. attended by the creator of the Internet, former heads of the CIA and NSA, and CEOs of multi-billion dollar corporations, the brightest spotlight was on six nimble young men from Red Bank Regional and their proud teacher.

"People were coming up to us and saying 'you're the celebrity here, we want to meet you,'" said Little Silver resident and Red Bank Regional junior Jared Katzman. "It was the best feeling in the world."

Katzman and the five Red Bank Regional seniors of Team Mantrap earned their prestige by demonstrating they are the best in the country when it comes to stopping hackers. Armed with skills they acquired in their Academy of Information Technology classes, the boys out-maneuvered teams from non-military programs across the United States to be crowned national champions of CyberPatriot III, the nation’s largest and most prestigious high school cyber defense competition.

Presented by the non-profit Air Force Association, 2011 was the first year non-military programs were invited to compete. The Open Division was open to college prep programs and the All-Service Division was for JROTC programs.

In winning the Open Division, Team Mantrap won the President’s Trophy and each member will receive a $2,000 college scholarship from Northrop Grumman, the main sponsor of the final competition. 

Years of hard work and curiosity by the students and their coach, Little Silver resident Mandy Galante, resulted in their victory. Over the course of 9 years teaching at Red Bank Regional, Galante has designed a three-year program of computer courses that teaches her students how to build and network computers and meet the real-life challenges of protecting networks. So when senior Adam Cotenoff, of Shrewsbury, approached Galante last year about competing in CyberPatriot, it seemed a natural extension of what they were already doing.

Team Captain Jack Kelleher said the competition was a good motivator to learning, as the drive to win ignited his team's hunger for knowledge. “Originally, Team Mantrap got involved because it sounded really cool and because we would always rather do hands-on applications of the stuff we learn in textbooks," said Kelleher, a Shrewsbury resident who plans on attending Rochester Institute of Technology next year. "As time went on we got better and better, we started to think, ‘Hey we could win this thing!’ Just like a sports team, we reviewed our last game to find areas for improvement. We documented game plans, and we did drills over and over again.”

At the beginning of the school year, Team Mantrap added themselves to a list of 186 teams registered from college prep computer science programs around the United States. Applicants included public, private and high technology focused high schools.

Qualifying competitions began in October and took place at the teams’ own high schools during all-day weekend sessions. The schools’ computers were tied into the AFA server, which provided software for the competition and real-time scoring, as students successfully identified and eliminated cyber threats against their computers within a specified time-frame.

The resulting 12 national finalists were invited to the final event, with all expenses paid by the AFA sponsors. The final competition took place at the Gaylord National in National Harbor, Md. on April 1 over a five-hour stretch in a large room where each team was ensconced in its own makeshift section.

A scoreboard listed each team’s progress as the challenge evolved, but the identity of the teams was kept anonymous, so no one knew which team was actually in the lead. Throughout the competition, most of the teams’ scores tracked closely together, except for the still-anonymous winning team, which maintained a clear distance ahead of the others. Team Mantrap didn’t know it, but it was actually way ahead.

“We worked well as a team, and spent many hours preparing for it,” said Cotenoff.  “I knew from the way our guys were working and the points that were registered on the board that we were ahead.”

Galante admitted she was a bit worried when she found her team packing up their notes ten minutes before the actual end of the competition. “It’s cool,” they said to her, when they saw the panic on her face. “We did fine.”

Five of the team members will graduate high school in June, and all intend to pursue careers in cyber security. The rapidly-growing industry will create 40,000 new jobs in the next year according to a survey cited by Galante, who believes having "national champion" on a résumé will greatly help her students to get those jobs.

"We just took six kids and put them in the front of the line and said 'these are the best of the best,'" said Galante. "That's got to be good."

What's in a name?

"A 'mantrap' is a barrier to entry," explained senior Colin Mahns, of Shrewsbury. "It's one of the most secure ways that you can enter a building."

"There's a turnstile or a door of some sort and you enter a weighted room with videocameras all around making sure that you are the only person in this room and you match up with your weight and there's nobody trying to hide behind you or anything. You input your security card or password and if any of those factors don't match up, it actually locks you in that room so somebody can escort you out."

Mahns and Kelleher said the team decided on the name after learning about the security system.

"We thought that it was a fairly cool thing," said Mahns. "Team Cookies" and "Team Adminitraitor" were also bandied about, but Team Mantrap stuck. 

"We didn't realize that it'd be used for everything that gets published," said Kelleher. "When we realized that they were using this for things, we maybe a little bit regretted not thinking of something more original."

According to Kelleher and the team, some of other names teams went by were: Team Mongoose, Team Annex, Cyberpanthers, Team Thundercats, Team CutTheHardLines, Team 1337dH4x0rz, and some teams just went by their school name.

How they practiced

"We all sat in a room together and basically went through different machines, finding things that were in common with other machines and looking to see where things weren't in common and something was wrong. We also did research on different attacks and different settings that people might be able to play with or exploit," said Mahns.

Additionally, Katzman said that after each round of competition, they were given the solutions and were able to review where they lost points.

"Ethical Hacking"

Galante's Advanced Security class is commonly referred to by her students as "Ethical Hacking" or "Hacking 101," though she and her students said the class does not promote the creation or spread of malicious attacks.

"If we know how to hack, we can better understand how to defend against it," Katzman explained.

"We had to sign a contract when we got into this class saying that we won't use anything that we learn in the class outside of here, or a home network, or somewhere that's contained and we can't hurt anything else," said Kelleher.

Joshua Eddy of Shrewsbury, who has been working with computers since his father taught him how to build them as a child, used an attack he learned about to send an old computer to its death.

"I personally did the 'ping of death' attack," said Eddy." It's a very old one, it doesn't work on anything older than Windows 95, so I had a Windows 95 computer and I crashed it by sending it lots of ping requests."

Destructive as it may sound, Eddy says he did it to gain a greater understanding of the way software works.

"It's just interesting to find out how everything works and how to exploit it. There's programs out there that have exploits that we can fool around with on our home networks, mess with our siblings, but we don't really do it out in the public to hurt anything."

How does a CyberPatriot serve?

Of the six members of Team Mantrap, none expressed much interest in joining the military directly, but all agreed they would work as contractors.

When asked why they would prefer civilian life, Eddy gestured to Barry's lengthy black hair. Mahns, whose brown locks also flow a bit longer than traditional military guidelines, explained his choice not to serve wasn't anti-patriotic, but rather the exercise of the unalienable rights to life, liberty and the pursuit of happiness guaranteed to him by the Constitution.

"If the military wants to hire me, that's great. Cool, I will definitely work for you," said Mahns. "I just want to have the options and be able to look for other things."

Defending with a cyber spear

Team Mantrap has had the the guidance and mentorship of Herb Kelsey, a Red Bank Regional parent who, at one point in his career, was the head of cyber security for IBM. Kelsey visits Galante's classroom often to talk about the real world need for students to become educated enough to defend the nation's networks.

“Five years ago the government set out to see how they could get our young people involved in an industry that was rapidly becoming a national security priority," said Kelsey. "This competition is an outgrowth of that concern.”

Galante also acknowledged the important task she has in educating her classes about cyber security.

“At one point during the symposium, I heard General Lord, CIO US Air Force, speak about identifying the young people who will hold the tip of the spear in cyber defense for our nation," said Galante. "These students are not just geeks, with left-brains perfectly developed to speak code and manipulate bits. These young men and women are the ones who when they see a challenge, they will rise to meet it. When presented with a problem, they will strive to solve it. And when they hear a call to duty, they will answer it. These are the young men and women who will hold that cyber spear to keep our systems resilient, reliable and robust.”

Susan Murray April 12, 2011 at 11:47 PM
Kudos to all!
David Ballard April 13, 2011 at 12:28 PM
Mandy- fantastic work by you and your students- congrats!
Cindy Burnham April 14, 2011 at 10:43 AM
Due to a fine group of young men, led by a dedicated and committed teacher, this group achieved something that no other high school was able to achieve. You all should be very proud of yourselves! CONGRATS!!!!! You are the Champions!
Stephanie Faith June 01, 2011 at 09:21 PM
Mr. Kelsey a RBR parent has been a fantastic mentor to these boys. He is a parent of a RBR student who is not in the program. Mr. Kelsey has donated many hours to help mentor these boys. Congrats and thank you to all for their time! It takes a Village for sure.
russell deich June 02, 2011 at 10:51 PM
Additionally, Katzman said that after each round of competition, they were given the solutions and were able to review where they lost points How did RBR obtain the solutions after each round of competition?
Greg Kulaga June 03, 2011 at 02:16 AM
Thanks for your comment, Russell. I've just emailed their teacher, Mandy Galante, to get some clarification on that. Here is her response in full: "Actually, no they (the Air Force Association) were quite adamant that they wouldn't give out the solutions. They want to be able to use the images they created or adapt them for the future, so the actual problems and vulnerabilities were not detailed. Instead we were given a list of "types" of vulnerabilities - policy, malware, operation system, auditing - and a percentage tag on how many of them were found by ALL competing teams. So this was actually very skimpy information to work with . . . BUT I really hammer the guys on keeping detailed documentation, so we were able to back our way into understanding which ones we probably got. Then we spent a lot of time researching vulnerabilities to try to determine what it is we may have missed or overlooked. Good learning opportunity, but boy it would have been nice to have the solutions!!"


More »
Got a question? Something on your mind? Talk to your community, directly.
Note Article
Just a short thought to get the word out quickly about anything in your neighborhood.
Share something with your neighbors.What's on your mind?What's on your mind?Make an announcement, speak your mind, or sell somethingPost something