Cyber War Exercise in Central London

Uploaded on 2015-03-23 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW 

 

 

Forty-two amateur cyber defenders gathered on the HMS Belfast in London this week to take part in a cyber terrorist attack simulation run by the Cyber Security Challenge UK.
The competition, known as the Masterclass and developed by a group of cyber experts led by BT, is now in its fifth year and aims to plug the skills shortage currently affecting both governments and UK businesses. The competition essentially invites participants to put their skills to the test and experience a dramatized version of events faced by regular cybercrime fighting professionals. It also allows sponsors of the competition such as BT, Lockheed Martin, and Airbus, to hover on the sidelines and cherry pick the next cybercrime busting whizz kids.
In 2014, the competition took place in an underground bunker of the Churchill War Rooms, with prizes worth £100,000 going toward educational and career advancement opportunities.
This year, organizers aimed to stoke interest among both the public and would-be cyber defenders by upping the dramatic narrative of the competition. Aboard the HMS Belfast, cyber defenders competed to regain control of the naval guns system, taken over by fictitious cyber terrorist network, the Flag Day Associates.
"I wanted to design a realistic challenge that used the kind of computer systems and networks that cyber defenders have to defend in real life," Robert Partridge, Head of BT Security Academy, told WIRED UK. "But I also wanted to make it exciting and put some Hollywood into it as well," says Partridge, while noting that he wanted to "de-geekify" the image of cyber security.
"There will be more jobs than candidates for [cyber defense jobs] in the next 20 years, and we need to lift the profile of cyber securities careers in the UK to address this skills gap," he continued.
Over the course of two days (March 12 to 13), the amateur cyber defenders were tasked with finding the vulnerabilities and flaws placed in the operating system set up by the competition developers. Primarily, the competitors had to race against the clock to regain control of the ship's gun systems. Secondly, they searched for weaknesses within the IT system of fictitious physical infrastructures, such as water treatment plants and manufacturing facilities, in order to defend these against the rogue cyber terrorist group.
As countries the world over make a push to establish smart cities, the physical infrastructures sustaining our societies are increasingly under threat from cyber attacks. As more systems are brought online, maintaining the security and stability of critical national infrastructure becomes paramount.
As part of the competition, Airbus' SCADA Challenge Brief encourages competitors to conduct a security validation test in real time. This allows competitors to practice sussing out what the flaws and best cyber security solutions are before they are deployed in the real world—or in this case within the fictive one created by the challenge.
"Airbus group understands that the industrial controls system that underpin our critical national infrastructures, such as water treatment facilities, electricity grids, and our logistics and supply chains, must also be considered for the cybersecurity solutions that we bring in place," Kevin Jones, Head of Cyber Operations Research Team of Airbus Group, told WIRED UK.
"As these systems go online and become increasingly interconnected, we also need to take action to secure them," he adds. The cyber attack, which physically affected the furnaces of a German steel mine back in December 2014, demonstrates the extent to which Internet crimes are infiltrating physical structures, he explains.
"Cyber attackers are looking to perform malicious actions against such industrially controlled systems, and as security professionals, we have to make sure we're building up the defenses," adds Jones.
Ein news http://ow.ly/KIPPW

« Europe’s Data Privacy Laws Annoy US Tech Companies
Jobs for Cyber Superstars »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation is Europe's leading centre for research & education in cybersecurity, cybercrime and digital forensics.

Cyber Threat Intelligence Network (CTIN)

Cyber Threat Intelligence Network (CTIN)

CTIN provides cyber threat intelligence services including training, platform evaluation, ISAC/ISAO systems development and counter botnet operations.

Aujas Cybersecurity

Aujas Cybersecurity

Aujas has deep expertise and capabilities in Identity and Access Management, Risk Advisory, Security Verification, Security Engineering, & Managed Detection and Response services.

InPhySec

InPhySec

InPhySec is a leading New Zealand information, physical and cyber security company.

Griffeshield

Griffeshield

Griffeshield is a company specialised in new information technologies used to protect Intellectual Property.

Blue Cedar

Blue Cedar

Blue Cedar's mobile app security integration platform secures and accelerates mobile app deployment for enterprises and government organizations around the world.

OmniCyber Security

OmniCyber Security

Omni is a cyber security firm specialising in Penetration Testing, Managed Security and Compliance.

Content+Cloud

Content+Cloud

Content+Cloud is a leading technology services business and Managed Services Provider (MSP) with a genuine passion for helping your organisation to succeed, whatever your ambitions.

Techstep

Techstep

Techstep is a complete mobile technology enabler, making positive changes to the world of work; freeing people to work more effectively, securely and sustainably.

Vancord

Vancord

Vancord is an information and security technology company that works in collaboration with clients to support their infrastructure and data security needs for today and tomorrow.

Cranium

Cranium

Cranium are an international consultancy organisation specialised in privacy, security and data management.

Millennium Corporation

Millennium Corporation

For nearly two decades, Millennium Corporation has been operating on the leading edge of cybersecurity.

Moonlock

Moonlock

Cybersecurity tech for humans. At Moonlock, we make software that seamlessly protects you and has your back as you live your life.

Venticento

Venticento

Venticento is an IT company specialized in consulting and network support and assistance for companies that need to make their business processes more effective.

Boston Government Services (BGS)

Boston Government Services (BGS)

Boston Government Services is an engineering, technology, and security firm providing mission-focused solutions for the clean energy, nuclear, and federal programs markets.

CQR

CQR

CQR are at the forefront of innovative cyber solutions, dedicated to securing and fortifying Operational technology (OT) infrastructure.