GCHQ is calling on the UK public to protect a fictitious aerospace technology company threatened by imminent attack from cyber terrorists. ‘Assignment: Astute Explorer’ is the latest game to be devised by the Cyber Security Challenge UK, the Government-backed project designed to run an inspirational series of national competitions aimed at attracting talented people into the profession and informing them about cyber security careers. The latest process affords members of the public a chance to act like a GCHQ operative, using their cyber security skills to investigate and attempt to fix the vulnerabilities of a global defence company ahead of a forewarned cyber attack. Earlier this year, the Cyber Security Challenge UK launched its 2014-2015 programme of online and face-to-face cyber games by introducing a new enemy, The Flag Day Associates, via a threat video that warned of future cyber attacks against the UK. The Challenge’s first recurring characters, the investigation and defence against this new nemesis forms the basis of this year’s competitions. ‘Astute Explorer’ follows on from an assignment set by global security software vendor Sophos which tasked the public to analyse a hard drive recovered from The Flag Day Associates. The hundreds of candidates who tackled the Sophos-devised competition revealed plans for a future attack on ‘Ebell Technologies'” described as an aerospace and electrical engineering company who are world leaders in the production of military and civilian aircraft, green energy technologies (such as wind turbines) and a variety of electronics products. In launching its new game, the Challenge has revealed that Ebell Technologies is understandably concerned about the threat of an imminent attack and has thus approached GCHQ to assess its susceptibility to being compromised. As part of the analysis, GCHQ’s ‘Astute Explorer'” an automated code scanning tool after which the game is named” has returned various snippets of code that may contain vulnerabilities. Those who take up the challenge will be asked to identify these vulnerabilities, explain why and how they could be exploited and suggest appropriate fixes. Need for a skilled cyber security workforce ” As the UK’s National Technical Authority for Information Assurance (NTAIA), GCHQ is pleased to have been able to develop an original game for the Cyber Security Challenge UK,” explained Chris Ensor, deputy director for the NTAIA.” We have designed ‘Astute Explorer’ to really test candidates’ cyber aecurity skills. We absolutely recognise the need for a skilled workforce which is why we’re delighted to once again support the Cyber Security Challenge UK and help inspire the next generation of cyber security talent.” Those who register will be competing to book their place at the Challenge’s first of a series of reconnaissance meet-ups organised as part of ‘Operation: Flag Day’. Here, the most impressive candidates from the virtual assignments will be asked to report for duty in person at secret locations around the UK to carry out investigations face-to-face in teams. As well as uncovering vital clues on the objectives and identities of The Flag Day Associates, these gatherings will ultimately determine the final line-up of online defenders to take on the cyber terrorist group at next year’s Masterclass final. ” There’s no doubt that ‘Astute Explorer’ is an ingenious game from GCHQ which will not only provide an enjoyable challenge but also test skills that are in high demand by employers in this sector,” said Stephanie Daman, CEO of the Cyber Security Challenge UK.” I would encourage anyone with an interest in how IT systems and the information they hold can be protected to sign up and give it a go.” Series of national competitions As stated, the Cyber Security Challenge UK runs a series of national inspirational competitions aimed at attracting talented people into the profession and informing them about cyber security careers and learning opportunities. Now in its fourth year, the Challenge is running an ambitious programme of competitions and activities designed to spread the word about why cyber security is such a fulfilling and varied career and help talented people obtain their first cyber security job. The Challenge is sponsored by some of the UK’s most prestigious public, private and academic sector organisations and already making a notable difference to the career prospects of those with the talents and aptitude to become cyber security professionals. *Further detail is available here **GCHQ is, of course, one of the three UK intelligence agencies. Further information on its work can be found here
GCHQ and Cyber Security Challenge UK test public’s ability to prevent cyber terror attack
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.