Today the UK’s most promising amateur cyber defenders will compete to avert a simulated biological attack on the grounds of Westminster Abbey, staged by a fictional cyber terrorist group. The competition, known as Masterclass and run by the Cyber Security Challenge UK, has been developed by QinetiQ and a consortium of the country’s elite cyber experts from, Bank of England, GCHQ, National Crime Agency, BT, Cisco, Falanx Group, Roke Manor Research, Simudyne, and United States based CyberCENTS Solutions.
The Cyber Security Challenge UK competition aims to bring more talented people into the cyber security profession and address a critical skills shortage that affects government bodies, businesses and citizens alike. Addressing the dearth of talent within the workforce is a government priority, with a projected global shortfall of 1.5 million staff by 2020, according to a study by (ISC)², and finding new methods of attracting talent is critical to this non-traditional sector. Over the years, 50% of the previous Masterclass candidates have landed jobs with Britain’s biggest cyber security employers.
During the ultra-realistic simulation, candidates will be assessed on digital forensics, pen-testing and defensive skills used by real world operatives, including the use of the very latest cyber security tools. Candidates will be tasked to design a security strategy to ensure they can regain control of Westminster Abbey’s environmental control system, whilst ensuring that they adhere to GCHQ’s real-life legal permission checks around forensic and pen-testing practices.
The two day Masterclass competition is the culmination of a series of rigorous qualifying rounds held online on the Cyber Security Challenge UK’s new Play on Demand (PoD) platform, Cyphinx, released earlier in the year. Thousands of competitors have used their cyber skills to lead an investigation into the mysterious Black Oleander terrorist group, with 42 of the UK’s brightest amateur code-breakers selected to compete in the finale, with the next Cyber Security Challenge UK Champion being crowned this evening at an awards ceremony sponsored by SANS Institute, one of the Challenge’s founding sponsors.
Right Honourable Matthew Hancock MP, Minister for the Cabinet Office, said: “I am delighted to support this Cyber Security Challenge UK Masterclass event. Today’s competition challenges our very best new cyber talent through a set of intensive, realistic scenarios. Events like this inspire the next generation of cyber professionals who will play a crucial role in keeping Britain safe.”
Candidates began the Masterclass last night at QinetiQ’s hi-tech research facility in Farnborough, where a government agency Commander briefed them on a potential national security threat involving a biological attack in London. Using their forensic and crypto-analysis skills, they entered the murky world of corporate espionage and pieced together clues that revealed insiders planning a bio-attack involving a deadly strain combination of Anthrax and Ebola, known as the ‘Reaper Virus’. Shipped out to London overnight to form a crisis hub in the conference centre at Church House, the candidates are tasked with locating and defeating the cyber attack before the virus is released at the fictitious event this afternoon. A simulated emergency response team including biohazard teams and Counter-IED robots entered the grounds of Westminster Abbey this morning, to prevent the fictitious deadly toxin from being released into the ventilation system and onto the event.
Stephanie Daman, CEO of the Cyber Security Challenge UK, said: “This is the most realistic Masterclass we have staged to date. While there is drama and suspense as the storyline unfolds, everything the candidates are doing matches the tasks of those fulfilling cyber security jobs in real life. They will be tested on the technical, ethical and business skills needed for the cyber security industry and some of the top talent in the UK will be found during our competition. Our consortium of sponsors has provided a tremendous amount of expertise in designing this competition and is set up to enable candidates to demonstrate that they are ready for jobs in the industry.”
This year’s competition explores the nature of insider threats; the leaking of highly sensitive data from within an organisation. Some of the most high profile recent incidents, such as the Ashley Madison and Sony hacks have been shown to be caused by insiders. PwC’s 2015 Information Security Breaches Survey found that well over 50% of the worst breaches this year have been caused by those inside an organisation.
The best teams in the competition will win thousands of pounds worth of career-enabling prizes and the ultimate winner will be crowned the UK’s best cyber security talent.
Monday will see the 2016 Cyber Security Challenge UK open to candidates and with the recent launch of the new Cyphinx platform; users can learn basics of cyber by creating 3D avatars and exploring a virtual world before playing the competition games. To register, click here now.
