From Airline Systems to Spacecraft, Cyber Defenders Thwart Attacks in Embry-Riddle Contest

Participants at the Aviation Cyber Initiative (ACI) Cyber Rodeo
As part of Embry-Riddle’s third Aviation Cyber Initiative (ACI) Cyber Rodeo, more than 300 participants competed in a capture-the-flag challenge, where teams completed defensive objectives in aerospace and aviation scenarios. (Photo: Embry-Riddle/David Massey)

Seth Robbins /

Mar 19, 2025, 9:02 AM

Hackers have infiltrated the Iron Galaxy space system, targeting the satellite’s payloads. But the spacecraft must keep operating and delivering.

This was one of the new scenarios that unfolded at Embry-Riddle Aeronautical University’s latest capture-the-flag challenge. The annual competition made a giant leap into the space domain this year thanks to the team at CT Cubed, a cybersecurity consulting company, which integrated its Iron Galaxy training system into the competition.

“Having students see a satellite and a ground station, inject cyber anomalies and see it react in real-time and how they can defend it — that is fantastic for applied learning and teaching students how to become cybersecurity professionals for space assets,” said Dr. Sean Crouse, assistant professor of Spaceflight Operations and associate director of the Center for Aerospace Resilient Systems (CARS).

More than 300 participants competed in this year’s capture the flag, where teams completed defensive objectives in aerospace and aviation scenarios. The competition was part of the third Aviation Cyber Initiative (ACI) Cyber Rodeo, hosted at Embry-Riddle’s Daytona Beach Campus under the auspices of CARS. The event, which took place over two days in February, also included technical demonstrations, poster presentations and recruiting sessions.

The Cyber Rodeo, now in its third year, brings together industry, government and academia to provide an “opportunity fo students as well as seasoned enthusiasts to explore, innovate, educate and grow in the field of aviation cybersecurity,” said Denise S. Hampt, the Department of Defense lead for the Aviation Cyber Initiative, which is co-chaired with the Federal Aviation Administration and Department of Homeland Security. “Embry-Riddle does a super job synthesizing the critical infrastructure aviation scenarios,” Hampt said.

Much of the competition models a worst-case scenario where hackers have compromised a major airport, said Dr. Krishna Sampigethaya, professor and chair of the Department of Cyber Intelligence and Security. Sampigethaya — along with Jesse Chiu, assistant professor in the same department — mentored students at the Prescott Campus to develop several of the individual challenges.

The hypothetical problems began with airline ticketing systems, with participants forced to fend off a breach affecting printed boarding passes. As part of the same event, they also kept a radio-controlled tram system moving smoothly while under attack. Later, in-flight entertainment systems and overhead ventilation and lighting units needed to be secured.

The hackers also spread a ransomware attack through a maintenance laptop, encrypting files and demanding payment to unlock them.

“The contestants are trying to reverse the malware to grab what’s called a decryption key, which will allow them to recover the files,” explained Michael Doolan, who is pursuing a master’s degree in Cyber Intelligence and Security. “In this very simplified version of ransomware, they are learning how to reverse engineer.”

A University of Central Florida team took the top spot in the competition’s student category. The winning team’s members were (from left) Muhammad Ali, Tyler Waddell and Jack Sweeney.
A University of Central Florida team took the top spot in the competition’s student category. The winning team’s members were (from left) Muhammad Ali, Tyler Waddell and Jack Sweeney. (Photo: Embry-Riddle/David Massey)

Another challenge required participants to maneuver a virtual car on a computer screen using the controls of a Resistant Automotive Miniature Network (RAMN) board. The device — which is the size of a credit card and includes a turnkey, brakes, gas, headlights and even turn signals — is “basically a car without the wheels, transmission or engine,” said William Decator, a junior in the Cyber Intelligence and Security Department.

Participants acted as air traffic controllers, relaying clear communications to keep planes separated, landing and taking off. This challenge, which involved suspicious aircraft activity, was “developed to raise awareness about scenarios that controllers need to be better prepared to handle,” said Kyle Wilkerson, assistant professor and chair of the Air Traffic Management program on the Prescott Campus.

Nine student teams competed in the capture-the-flag contest, including Embry-Riddle and the University of Central Florida (UCF), whose “Knightsec” team came in first in the student category.

While fun, the competition offers students and professionals a “hands-on experience with real-world challenges in a competitive yet supportive environment,” Sampigethaya said.

Technical demonstrations also helped attendees understand the latest vulnerabilities. One used an avionics testbed to model incidents of GPS spoofing, where aircraft receive fake GPS location data sent by attackers.

Jake Neighbors, a software engineer at Embry-Riddle’s CARS lab, pointed out one tell-tale sign for pilots that they are running into GPS spoofing: uniformly strong GPS signals.

Jenna Korentsides, a Ph.D. candidate in the Department of Human Factors and Behavioral Neurobiology, presented on the use of artificial intelligence to detect digital incursions that would otherwise be hard to see. With its ability to recognize patterns, AI has the potential to help shut down such attacks, including ones where hackers are using AI themselves.

Participants work on a testbed set up by MITRE
Participants work on a testbed set up by MITRE, a non-profit involved in federally funded technology research that advances national security. (Photo: Embry-Riddle/David Massey)

“What was most rewarding for me,” Korentsides said, “was being able to speak in person to all of these different professionals.”

The MITRE Corporation, a non-profit involved in federally funded technology research that advances national security, set up a testing lab where participants worked with an oscilloscope, which measures electronic signals visually.

“These metal pins represent communications lines, and it shows the actual waves of electricity going across those pieces of metal,” said Jacob Downs, a lead cybersecurity engineer at MITRE.

Connor Brennan, a sophomore Air Force ROTC student in the Cyber Intelligence and Security Department, said he found the MITRE experience, where he had to “take apart the data packets, figure out the bit segments and how the information is translated,” to be a valuable learning experience. He also appreciated that the challenge came directly from the organization.

“Much of the information we take away from the competition,” Brennan said, “can be applied to real-world industry activities.”

Posted In: Aviation | Security Intelligence and Safety | Space