Seven teams compete in first all-machine hacking competition The first all-machine hacking competition is taking place today in Las Vegas.Seven teams, each running a high-performance computer and autonomous systems, are going head-to-head to see which one can best detect, evaluate and patch software vulnerabilities before adversaries have a chance to exploit them.It’s the first event where machines – with no human involvement – are competing in a round of “capture the flag, according to DARPA (Defense Advanced Research Projects Agency), which is sponsoring and running the event. DARPA is the research arm of the U.S. Defense Department.The teams are vying for a prize pool of $3.75 million, with the winning team receiving $2 million, the runner-up getting $1 million and the third-place team taking home $750,000. The winner will be announced Friday morning. The winning autonomous system also will have the opportunity to take on the world’s best human hackers in the annual DefCon Capture the Flag competition set for Friday.“Capture the flag is a speed-driven, bug-hunting contest on binary code,” said Mike Walker, DARPA program manager for the event known as the Cyber Grand Challenge. “People who can succeed at the top level of capture the flag are the world’s great bug hunters. And they can use that skill to hunt for bugs in the code that runs our civilization.” The competition was first announced in October 2013 when DARPA first put out a call for competitors. More than 100 teams from around the world took up the challenge.After three qualifying events over the last several years, seven finalists were announced.The teams competing today are: Code Jitsu from Berkeley, Calif.; CSDS, the University of Idaho; Deep Red, Arlington, Va.; Disekt, Athens, Ga.; For All Secure, Pittsburgh; ShellFish, University of California, Santa Barbara; and TechX from Ithaca, N.Y. and the University of Virginia.With the competition, DARPA wants to encourage research into autonomous systems that can be used in cybersecurity. With the growing Internet of Things, more devices are being connected to each other without human involvement.Devices with IoT technology, such as a coffee maker, a car or a personal-assistant robot could be hacked, leaving users open to a security threat.“The whole world is moving toward computers. We know this,” David Brumley, a member of the For All Secure team, said in a DARPA video interview. “Everything is becoming automated. Pace makers. Refrigerators. Everything is connected to the Internet one way or another these days.” That means cybersecurity needs to move beyond laptops and tablets, but it’s an overwhelming job for human hackers to tackle on their own.According to DARPA, computer systems, which can work autonomously and with greater speed than the best human hacker, are what’s needed.“Right now, we know that machines have the speed and the scale but do not have the expertise,” said DARPA’s Walker. “People have the expertise, but they are too slow and they do not scale.” Related content news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Vulnerabilities Security brandpost The advantages and risks of large language models in the cloud Understanding the pros and cons of LLMs in the cloud is a step closer to optimized efficiency—but be mindful of security concerns along the way. By Daniel Prizmant, Senior Principal Researcher at Palo Alto Networks Oct 03, 2023 5 mins Cloud Security news Arm patches bugs in Mali GPUs that affect Android phones and Chromebooks The vulnerability with active exploitations allows local non-privileged users to access freed-up memory for staging new attacks. By Shweta Sharma Oct 03, 2023 3 mins Android Security Vulnerabilities news UK businesses face tightening cybersecurity budgets as incidents spike More than a quarter of UK organisations think their cybersecurity budget is inadequate to protect them from growing threats. By Michael Hill Oct 03, 2023 3 mins CSO and CISO Risk Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe