Cybersecurity escape room promotes safe, secure online practices

The winning staff team poses outside Young Hall with their $50 gift cards. The winning staff team from College of Liberal Arts

Slow, steady and cautious are the characteristics of safe cybersecurity behavior – and they were the skills that won teams of students and staff $50 at ITaP’s first cybersecurity escape room.

Faculty, staff and students formed 32 teams to participate in ITaP’s “I’ve Been Hacked” Cybersecurity Escape Room, one of three events held in October for National Cybersecurity Awareness Month.

The escape room, designed and built by a team of IT Security and Policy staff and students, focused on this year’s theme of privacy. The teams were challenged with figuring out how a fictitious Purdue dean’s bank account was compromised, emphasizing the potential security and privacy risks we’re all exposed to, by following clues and tips that promoted safe cybersecurity principles.

Strong password security, the importance of two-factor authentication (such as BoilerKey) and safe use of email were highlights of the escape room. Teams of four to six had to work together and use clues left in the room to solve the puzzle. The fastest teams, and ultimately the teams that devoted just enough time to pay attention to details and avoid mistakes, were awarded $50 gift cards as a prize, provided by Splunk.

Cara Groff, a security analyst and build team member, says it was crucial to keep the puzzles both engaging and difficult for a variety of technical levels.

“There was a fine line that our team balanced when creating cybersecurity puzzles for both the technical user and everyday computer user. It was interesting to see what each team tripped up on and what cybersecurity principles each team learned along the way,” Groff says.

The winning student team poses in a conference room with their $50 gift cards. The winning student team

The rest of the escape room build team included IT security staff members Krysten Stevens and Kate Nice; IT security students Haley Yeager and Quoc Anh Nguyen Din; and research computing graduate student Jessa Ackerman.

The fastest staff and student teams were those that paid attention to the introduction videos and thoroughly read the provided informational sheets. Members of the winning staff team are Edie Moffitt, Dan Hall, Heather Holley and Matt Bosgraaf from the College of Liberal Arts. The winning student team included College of Engineering students Megan Singer, Claire Arthur and Bailey Christensen and College of Science student Reign Browning.  

“That attention to detail is how these teams were able to complete so quickly. It is that same level of attention to detail that will give users an advantage when it comes to protecting their personal data and staying safe while online,” Stevens says.

Check out the Secure Purdue website for more information on cybersecurity and free anti-virus software. For more cybersecurity tips and tricks, follow ITaP on Twitter, Instagram and Facebook.

Writer: Krysten Stevens, IT security analyst, Information Technology at Purdue (ITaP),

Last Updated: November 19, 2019