Government-backed Cyber Security Challenge UK stages “most realistic civilian cyber attack ever”

On Friday 20 November, the UK’s most promising amateur cyber defenders competed to avert a simulated biological attack on Church House within the Grounds of Westminster Abbey staged by a fictional cyber terrorist group. The competition, known as ‘Masterclass’ and run by the Cyber Security Challenge UK, was developed by QinetiQ and a consortium of the country’s elite cyber experts from the Bank of England, GCHQ, the National Crime Agency, BT, Cisco, the Falanx Group, Roke Manor Research and Simudyne as well as United States-based CyberCENTS Solutions.

Each year, the Cyber Security Challenge UK competition aims to bring more talented people into the cyber security profession and confront a critical skills shortage that affects Government bodies, businesses and citizens alike.

Addressing the dearth of talent within the cyber workforce is a priority for Government, with a projected global shortfall of 1.5 million staff by 2020 according to a study recently conducted by (ISC)². Finding new ways of attracting talent is critical to this non-traditional sector.

Over the years, 50% of previous ‘Masterclass’ candidates have gone on to occupy roles with Britain’s biggest cyber security employers which really does highlight the overriding importance of the competition.

During the ultra-realistic simulation, candidates were assessed on digital forensics, pen-testing and defensive skills used by real world operatives, including employment of the very latest cyber security tools.

Candidates were tasked to design a security strategy that would ensure they could regain control of Westminster Abbey’s environmental control system while at all times adhering to GCHQ’s real-life legal permission checks around forensic and pen-testing practices.

Rigorous qualifying rounds

The two-day Masterclass competition is the culmination of a series of rigorous qualifying rounds held online on the Cyber Security Challenge UK’s new Play on Demand (PoD) platform, Cyphinx, released earlier in the year. Thousands of competitors have used their cyber skills to lead an investigation into the mysterious Black Oleander terrorist group, with 42 of the UK’s brightest amateur code-breakers selected to compete in the final.

The next Cyber Security Challenge UK champion was crowned at an awards ceremony sponsored by SANS Institute, one of the Cyber Security Challenge UK’s founding sponsors.

38-year-old Peter Clarke, a network engineer with a prestigious car dealership, is the 2015 Cyber Security Challenge UK champion. “I only entered the competition eight or nine weeks ago without anything higher than a GCSE and a few Microsoft qualifications in my back pocket,” said Clarke. “To be here now is unbelievable. I’ve had an interest in cyber for several years and always make an effort to keep up with the current trends, but this achievement represents the first step towards a future career in the sector. I want cyber to become my profession.”

Clarke can now select his rewards from a collection of prizes worth over £100,000 including specific training, academic courses and access to strategic industry events. This year’s prizes have been organised by sponsors including the Royal Holloway University, (ISC)², CompTIA, the IISP, the IAAC, InfosecSkills and CREST.

Commenting on the 2015 competition, Matthew Hancock MP (Minister for the Cabinet Office) said: “I’m delighted to support this Cyber Security Challenge UK Masterclass event. The competition challenges our very best new cyber talent through a set of intensive and realistic scenarios. Events like this one absolutely inspire the next generation of cyber professionals who will undoubtedly play a crucial role in keeping Britain safe.”

Potential national security threat

Candidates began the Masterclass on the evening of Thursday 19 November at QinetiQ’s hi-tech research facility in Farnborough, where a Government agency Commander briefed them on a potential national security threat involving a biological attack in London.

Using their forensic and crypto-analysis skills, candidates then entered the ‘murky world’ of corporate espionage and pieced together clues that revealed insiders planning a bio-attack involving a deadly strain combination of Anthrax and Ebola, otherwise known as the ‘Reaper Virus’.

Shipped out to London overnight to form a Crisis Hub in the Conference Centre at Church House, the candidates were then tasked with locating and defeating the cyber attack before the virus was released at the fictitious event on Friday. A simulated emergency response team including bio-hazard teams and Counter-IED robots entered the grounds of Westminster Abbey to prevent the fictitious deadly toxin from being released into the ventilation system and on to the event itself.

Stephanie Daman, CEO of the Cyber Security Challenge UK, said: “This is the most realistic ‘Masterclass’ we have staged to date. While there was drama and suspense as the storyline unfolded, everything the candidates did matches the tasks of those fulfilling cyber security-focused roles in the real world. They were tested on the technical, ethical and business skills needed for today’s cyber security industry. Our consortium of sponsors has provided a tremendous amount of expertise in designing this competition, which is set up to enable candidates to demonstrate that they are indeed ready for jobs in the cyber industry.”

This year’s competition explored the nature of insider threats (ie the leaking of highly sensitive data from within an organisation). Some of the most recent high profile cyber incidents, such as those involving the Ashley Madison website and Sony hacks, have been shown to be caused by insiders.

Indeed, PwC’s 2015 Information Security Breaches Survey found that well over 50% of the worst breaches this year have been perpetrated by those inside an organisation.

Today (Monday 23 November) sees the 2016 Cyber Security Challenge UK open to candidates and, with the recent launch of the new Cyphinx platform, users can learn the basics of cyber by creating 3D avatars and exploring a virtual world before playing the competition games. Those who wish to register should click here

Comments from the Masterclass Consortium

Bryan Lillie, Chief Technical Officer (Cyber), QinetiQ

“The aim of the Cyber Security Challenge UK is to unearth the best talent the UK has to offer with regards to cyber security expertise. The scenario and tests that, with the help of others, we put in place for this year’s competition do just that, providing emerging and tough cyber security challenges to be solved. The cyber security threat to our country, both to businesses and the general public, is constantly changing and developing so we must ensure we have the highest level of talent protecting us. The Challenge is perfect for ensuring this. QinetiQ itself has hired past competitors to help the business provide protection for Critical National Infrastructure and the Government.”

Steve Herron (an IT security consultant at QinetiQ) was working as a system administrator for a legal firm when he competed in the Cyber Security Challenge UK Final in March this year. His performance in the competition led to a job offer from QinetiQ.

“The job at QinetiQ was exactly what I was looking for and I really cannot believe my luck,” said Herron. “To take such a radical career diversion at 41 years of age is really something quite special, and I’m over the moon. I do feel I owe something to the UK’s Cyber Security Challenge, so I’m happy to pay the competition back by helping to make this year’s ‘Masterclass’ happen. It’s a real stepping stone into the industry.”

Mark Hughes, CEO, BT Security

“Protecting businesses, Government and the general public from attacks is vitally important for the UK. Getting security right is essential, as is promoting the industry at a time when the UK faces a worrying shortage of cyber security talent. Cyber security has to be high up on the national agenda. This is a critical matter of importance for national security and economic prosperity. Going forward, we need to find the right people to be trained and take on key roles in the cyber security profession. The Masterclass is an alternative and innovative way in which to attract new and urgently needed talent into cyber security. This is something BT is delighted in helping to develop.”

Will Brandon, Chief Information Security Officer, Bank of England

“The Bank of England has a natural interest in helping to develop the skills and knowledge needed to respond to cyber risks, given its role as an operator of Critical National Infrastructure, its interest in ensuring the operational resilience of the financial sector and its supervisory objective to promote the safety and soundness of businesses. The Bank is pleased to support the Cyber Security Challenge UK which has conducted so much great work in encouraging people from diverse backgrounds to pursue careers in cyber security.”

Ben Russell, Strategy Manager, National Crime Agency’s National Cyber Crime Unit

“We’re pleased to support the latest instalment of the Cyber Security Challenge UK. As well as enjoying the competition, participants can learn more about the real world opportunities to showcase and develop their skills while protecting the UK from cyber threats. The NCA’s work to combat serious computer crime has attracted a number of previous competitors.”

John Blamire, Chief Executive Officer, Falanx Group

“Throughout the Masterclass, Falanx watched the networks for any signs of unauthorised behaviour to ensure that the contestants didn’t do something they were not allowed to do and also that there were no other external or internal security issues adversely affecting the scenario. In keeping with the realism of this year’s ‘Masterclass’, this is a capability that we provide, against Government Best Practice guidelines, in order to keep network infrastructure systems secure and enable organisations to respond quickly to cyber attacks or insider threats. Protecting companies’ data, business processes and ultimately their reputation is the goal.”

Blamire continued: “We’ve recently seen a number of high profile cyber attacks, like those perpetrated on TalkTalk and Ashley Madison. It’s clear that organisations need to protect the data and intellectual property they hold by taking a proactive security stance. That’s why events such as the ‘Masterclass’ are so important. We can only help companies to defend against cyber attacks if we’re able to attract the best of cyber security talent. Events like this one are ideal to excite and identify the next influx of high calibre professional staff to this growing industry.”

Ciaran Martin, Director General for Cyber, GCHQ

“I’m pleased that GCHQ continues to support the vital search for fresh cyber security skills via our sponsorship of the Cyber Security Challenge UK. Developing a resilient and talented cyber security skills pipeline is absolutely essential for enabling the UK to flourish in today’s digital world.” 

David Cole, Managing Director, Roke Manor Research

“Cyber Security skills and talent are vital for protecting the UK. Roke is proud to sponsor the Cyber Security Challenge UK to identify those people who can make a significant contribution to the UK’s security, prosperity and productivity. As founding members of the University of Southampton’s Cyber Security Academy and GCHQ’s Cyber First Initiative, and with a history of contributing to the development of the cyber security research and know-how through a comprehensive network of university links, the sponsorship of PhD students/courses and an active college and school liaison programme, we’re committed to bringing talented people into the UK’s cyber security profession.”

Justin Lyon, Chief Executive, Simudyne

“It’s not a case of if an organisation will be attacked, but when. There’s no magic software that will keep the criminals out, but simulations of your networks allow you to generate, test and refine your defensive strategies, just like pilots who train for thousands of hours in flight simulators. Only then can a Board of Directors ensure that their company will be ready and able to defend itself when attacked. We’re so pleased to be part of the Cyber Security Challenge UK and its efforts to bring more talented people into the cyber security profession. We need to ensure that Britain’s businesses are protected, and this Challenge really is an amazing way in which amateur code-breakers can fast-track their entry into the profession.”

Stephanie Harwell, Chief Operating Officer, CyberCENTS Solutions

“Cyber security is a global threat that requires the collaboration of nations to ensure the safety of countries and their citizens in today’s global digital economy. To combat the cyber space threat facing nations, an integrated combination of technology, education, training and exercises like the ‘Masterclass’ is needed. Effective cyber operations must be employed and managed by professionals who are well versed in protecting their networks and have a firm understanding of security policy and procedures as well as the tactics and tools of the cyber space adversary. CyberCENTS is proud to support the Cyber Security Challenge UK by providing the realistic, high-fidelity, cyber range environment in which the competitors have been able to hone their cyber security skills as part of their development towards becoming part of our next generation of digital economy guardians.”

With the backing of founding sponsors like the SANS Institute, the Challenge started out in 2010 to create a series of virtual and face-to-face competitions that would identify talented people for the cyber security industry.

Now entering its sixth year, the Challenge is backed by over 50 of the UK’s most prestigious public, private and academic sector organisations and hosts a wide programme of activities designed to ‘spread the word’ about why cyber security is such a fulfilling and varied career in today’s world.

*For further information access: https://cybersecuritychallenge.org.uk/

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts