Carnegie Mellon University
October 16, 2019

INI students helped CMU launch 'world's largest hacking competition'

picoCTF 2019: Meet the INI students who brought the game to life.

By Daniel Tkacik

& Deana Lorenzo

Jessica Shirley
  • Director of Strategic Communications

These days, if you ask a kid what they want to be when they grow up, they might respond, “a computer hacker.” And that’s a good thing, given the current need for more cybersecurity professionals.

That’s the motivation behind picoCTF, a free, online cybersecurity competition aimed at middle and high school students created by security experts in Carnegie Mellon University’s CyLab. This year’s competition ran from September 27-October 11, 2019.

The competition is widely known as the largest hacking competition in the world, having drawn over 150,000 participants since its initial launch in 2013. Over 39,000 people registered for this year’s competition.

hananhibshi-800x800.jpg“Our long-term goal is to enhance the cybersecurity workforce by introducing cybersecurity skills at an early stage through a fun and interactive way of learning,” says Hanan Hibshi, research and teaching scientist in the Information Networking Institute (INI) and a faculty advisor behind picoCTF. “Even if students choose a different path than computer security for their career, the game can help create awareness about cybersecurity issues.”

In previous years, post-competition surveys showed that nearly two-thirds of middle and high school participants claimed that they were "more interested in pursuing a career in cybersecurity" as a result of playing picoCTF.

The game is designed such that minimum equipment is needed to participate. All one needs to play is a computer with internet access. 

During the two-week competition, students solved challenges that started out simple and became progressively more difficult. If students became stuck, the game offered hints to help them learn.

The challenges, designed to mimic real-life cybersecurity problems, were developed by the Plaid Parliament of Pwning (PPP), Carnegie Mellon's competitive hacking team famed for its 5-time champion status at the DefCon "World Cup of Hacking." The challenges are housed in an interactive game, designed by a team of students in Carnegie Mellon's Entertainment Technology Center.

Top teams will be awarded cash prizes in the coming weeks. Although the picoCTF 2019 competition is complete, year-round play is open.

The INI team behind picoCTF

This year, 12 INI students developed problems for the competition, including Daniel Tunitis, who is completing his second year in the M.S. in Information Security (MSIS) program.

As problem development lead, Tunitis enjoys creating challenges that provide both an educational and fun experience for new and returning players. When it comes to playing the game, persistence is key, Tunitis explained. “PicoCTF has a nice ramp of difficulty and gets progressively harder,” he said. “Sometimes you just have to keep trying different things to figure out how a problem works.”

INI students have played an integral part in picoCTF since its inception, helping provide continuous updates and building new challenges.

“The ideas stay fresh and up-to-date thanks to the wonderful team of students we had over the years,” said Hibshi. “They find so much joy applying what they learned in classes to hands-on problems that can help others learn about cybersecurity.”

Meet the INI students behind picoCTF

  • Archit Agarwal

  • Joonjae Bang

  • Alex Bushkin

  • Santiago Carvajal

  • Yaamika Dedhia

  • John Johnson

  • Jason Lee

  • Thomas Nguyen

  • Samuel Sabogal Pardo

  • Daniel Tunitis

  • Wai Tuck Wong

  • Victoria Zheng

Thomas Nguyen

Problem Developer


"PicoCTF serves as an excellent gateway to the world of cybersecurity. Its approachability and gradual progression in difficulty inspires confidence and increased engagement among students of all levels across the globe. I'm glad that I could play even just a small part in serving this mission."

Samuel Sabogal Pardo

Problem Developer


"My favorite part is that the picoCTF is fun. Fun learning all the time! People do not realize it, but it is a revolutionary tool for learning. Teaching strategies from 1900 are not so different from 2019 strategies: class and exams. I have seen people memorize things on a sheet of paper, get a good grade on an exam, and then forget everything after a week. PicoCTF might be a game changer in the way students learn; learning with more quality and depth, developing actual skills."

Victoria Zheng

Problem Developer


"The more technology evolves, the more important cybersecurity becomes. I didn't start learning about computer security until late as an undergraduate in computer science, so I think it is incredibly cool that CTFs like picoCTF are exposing beginners as young as middle schoolers to computer security concepts in fun and exciting ways."

Daniel Tunitis

Problem Development Lead


"On my undergraduate cyber team, picoCTF was one of the resources we used when first starting out to learn important security concepts for CTFs. It is nice to give back by helping provide a valuable resource like picoCTF." 

Wai Tuck Wong

Problem Developer


"The beauty of picoCTF is that it is targeted at beginners, so us challenge developers can make really creative problems without worrying that a challenge might be too easy."

Related Content