Cyber War Exercise in Central London

 

 

Forty-two amateur cyber defenders gathered on the HMS Belfast in London this week to take part in a cyber terrorist attack simulation run by the Cyber Security Challenge UK.
The competition, known as the Masterclass and developed by a group of cyber experts led by BT, is now in its fifth year and aims to plug the skills shortage currently affecting both governments and UK businesses. The competition essentially invites participants to put their skills to the test and experience a dramatized version of events faced by regular cybercrime fighting professionals. It also allows sponsors of the competition such as BT, Lockheed Martin, and Airbus, to hover on the sidelines and cherry pick the next cybercrime busting whizz kids.
In 2014, the competition took place in an underground bunker of the Churchill War Rooms, with prizes worth £100,000 going toward educational and career advancement opportunities.
This year, organizers aimed to stoke interest among both the public and would-be cyber defenders by upping the dramatic narrative of the competition. Aboard the HMS Belfast, cyber defenders competed to regain control of the naval guns system, taken over by fictitious cyber terrorist network, the Flag Day Associates.
"I wanted to design a realistic challenge that used the kind of computer systems and networks that cyber defenders have to defend in real life," Robert Partridge, Head of BT Security Academy, told WIRED UK. "But I also wanted to make it exciting and put some Hollywood into it as well," says Partridge, while noting that he wanted to "de-geekify" the image of cyber security.
"There will be more jobs than candidates for [cyber defense jobs] in the next 20 years, and we need to lift the profile of cyber securities careers in the UK to address this skills gap," he continued.
Over the course of two days (March 12 to 13), the amateur cyber defenders were tasked with finding the vulnerabilities and flaws placed in the operating system set up by the competition developers. Primarily, the competitors had to race against the clock to regain control of the ship's gun systems. Secondly, they searched for weaknesses within the IT system of fictitious physical infrastructures, such as water treatment plants and manufacturing facilities, in order to defend these against the rogue cyber terrorist group.
As countries the world over make a push to establish smart cities, the physical infrastructures sustaining our societies are increasingly under threat from cyber attacks. As more systems are brought online, maintaining the security and stability of critical national infrastructure becomes paramount.
As part of the competition, Airbus' SCADA Challenge Brief encourages competitors to conduct a security validation test in real time. This allows competitors to practice sussing out what the flaws and best cyber security solutions are before they are deployed in the real world—or in this case within the fictive one created by the challenge.
"Airbus group understands that the industrial controls system that underpin our critical national infrastructures, such as water treatment facilities, electricity grids, and our logistics and supply chains, must also be considered for the cybersecurity solutions that we bring in place," Kevin Jones, Head of Cyber Operations Research Team of Airbus Group, told WIRED UK.
"As these systems go online and become increasingly interconnected, we also need to take action to secure them," he adds. The cyber attack, which physically affected the furnaces of a German steel mine back in December 2014, demonstrates the extent to which Internet crimes are infiltrating physical structures, he explains.
"Cyber attackers are looking to perform malicious actions against such industrially controlled systems, and as security professionals, we have to make sure we're building up the defenses," adds Jones.
Ein news http://ow.ly/KIPPW

« Europe’s Data Privacy Laws Annoy US Tech Companies
Jobs for Cyber Superstars »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

FDM Group

FDM Group

FDM Group is an international Professional services company with a focus on IT. Services offered include Software Testing, and Information Security with a focus on operational security and compliance.

Lares Consulting

Lares Consulting

Lares is a security consulting firm that helps companies secure electronic, physical, intellectual, and financial assets through a unique blend of assessment, testing and coaching.

X-act Forensics

X-act Forensics

X-act forensics are computer forensic experts with experience in cases of computer fraud, intellectual property theft, and social networking cases.

Protenus

Protenus

Protenus provide a solution to proactively monitor and protect patient privacy in the electronic health record (EHR).

Kivu Consulting

Kivu Consulting

Kivu Consulting combines technical and legal expertise to deliver data breach response, investigative, discovery and forensic solutions worldwide.

Chronicle

Chronicle

Chronicle products combine intelligence about global threats in the wild, threats inside your network, and unique signals about both.

AUTOCRYPT

AUTOCRYPT

AUTOCRYPT is a mobility security provider dedicated to the safety of future transportation

DataPassports

DataPassports

DataPassports is a data-centric security and privacy solution that enforces privacy and security from end-to-end with transparent protection of data at the source.

Activu

Activu

Activu makes any information visible, collaborative, and proactive for people tasked with monitoring critical operations including network security.

Valtix

Valtix

Valtix is the first and only multi-cloud network security platform delivered as a service that enables cloud teams to meet the most stringent security requirements in a cloud-first & simple way.

Brennan IT

Brennan IT

For over 25 years, Brennan’s expert team has helped businesses achieve real success through innovative and secure technology solutions.

Cyber Octet

Cyber Octet

Cyber Octet is an IT Solution, Security, Training and Services company. We provide training and services from Web Application Security to ISO 27001 implementation.

Iron Mountain

Iron Mountain

Iron Mountain Incorporated is a global business dedicated to storing, protecting and managing, information and assets.

Cyex

Cyex

Cyex helps people to become cyber wise. We enable our clients to find, track and improve cyber awareness in one place.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.

Convergint

Convergint

Convergint is a service-based systems integrator working alongside a global network of partners and manufacturers to deliver a range of solutions including cybersecurity.