Simulated terrorist cyber-attack on London
Simulated terrorist cyber-attack on London

A cyber-detonated terrorist attack on the UK's critical infrastructure targeting key landmarks in London will be at the heart of the 2015 Cyber Security Challenge UK Masterclass, with some 42 of the country's most talented amateur cyber-defenders seeking to thwart the attack in real time.

Companies supporting what has been described as the ‘largest and most ambitious Challenge event ever' include BT, GCHQ, NCA, Lockheed Martin, Juniper and Airbus Group.

The challenge final is the culmination of almost a year's worth of nationwide competitions to identify new talent for the cyber security profession and address a critical skills shortage that affects government bodies, businesses and citizens alike.

Sarb Sembhi CISM, director, Storm Guidance, commented to, “It's important to get a variety of backgrounds (coming into the industry). We need to be giving exposure to the demand, and attract more people into the industry who may not have a security background.  Past winners have shown that people from all sorts of backgrounds are good candidates.  This event lets people without a security background try out in a safe environment and test what they can do and find out what's going on.”

Minister for Cabinet Office, Francis Maude, said in a statement to press: “We are funding the Cyber Security Challenge to help potential experts hone their skills through an exciting and stretching series of scenarios. I would encourage all budding cyber experts to get involved and test their skills.”

Stephanie Daman, CEO, Cyber Security Challenge UK, told “We've put together as realistic a scenario as we can.” She added, “This year's finalists will face a Masterclass that will excite and challenge in equal measure. This is the largest collection of cyber-expertise we have ever pulled together to put our candidates through their paces. (For anyone considering entering, from any background) I would definitely encourage them to enter – its enormous fun, its a great career and there are lots more jobs coming up in the sector – what have you got to lose?”

Sembhi went on to note that there would be different groups, with different skills competing, including those coming from the dark side of hacking: “There will be people who know what to look out for because they have been attackers.  And also those with a good business background, good decision-making experience and business understanding which not all security people will have.”

While Sembhi recognises some people wouldn't employ a former hacker, he commented to SC: “If we believe in rehabilitation as a society, then depending on circumstances, why would we keep out skilled people and push them to hacking? Black Hat in the US has seen the FBI going in to try and get people with good skills.”

Bob Tarzey, analyst and director, Quocirca Ltd agreed, telling SC: “There is a lot of talent in the criminal fraternity. Banks have already hired former attackers. Criminals often have a better knowledge of how to hack systems.” But he also noted that public bodies like GCHQ may need to up their remuneration to attract former criminals used to higher returns on their efforts.

Robert Partridge, Head of BT Security Academy told that while he did not know of any instance of recruiting a black hat hacker at BT, and that any staff would need to get security clearance meeting the company's criteria, they would not absolutely disregard such a candidate. He explained that the main reason for sponsoring the challenge was that: “We are making sure the industry in general attracts new blood – we don't feel there is enough coming through.  There are a number of reasons, including that its not a widely publicised career option in schools, universities and colleges.  The industry demand for skills is growing quickly while the talent pool remains the same size – so we want to raise awareness.  Yes, we are interested in participants, but its more about the bigger picture, promoting the profession and show there are really viable exciting careers – and if a bit of theatre, a bit of Hollywood to dramatise the issue with terrorism gets mass media attention, that's good. We've raised the bar in terms of the intellectual challenge, the scenarios, the way they are delivered and what's expected of participants.”