Cyber Security Challenge Masterclass
Cyber Security Challenge Masterclass

Church House, behind Westminster Abbey in London, was ground-zero for a simulated cyber-attack on Friday to test the finalists in this year's Cyber Security Challenge. 

A total of 42 contestants took part in the realistic cyber-security attack simulation, designed to unearth hidden talent and find tomorrow's cyber-security experts.

Staged over three days, the competition was organised by Cyber Security Challenge UK and international defence giant, QinetiQ. Testing the contestants with real world simulation technology used by the US Army, they had to defend Church House from a fictional biological/cyber terror attack.

The ‘fake' scenario was a very pertinent one – an individual working for a pharmaceutical company called ZSB Formulas had leaked some form of ‘biological weapon' to a terrorist group called Black Oleander that had rigged up this weapon to be unleashed inside of Church Houses' environmental control systems while the royal family was present.

The simulation tested candidates' skills in digital forensics, pen-testing and defensive skills used by real world operatives, including the use of the very latest cyber-security tools.

Candidates had to design a security strategy to ensure they can regain control of Church Houses' environmental control system, whilst ensuring that they adhere to GCHQ's real-life legal permission checks around forensic and pen-testing practices.

Falanx Assuria were also present, and were monitoring the networks and ensuring there was no cross hacking going on between the contestants.

According to organisers, this year's competition explores the nature of insider threats and the leaking of highly sensitive data from within an organisation. PwC's 2015 Information Security Breaches Survey found that well over 50 percent of the worst breaches this year have been caused by those inside an organisation.

Bryan Lillie, CTO of Cyber Security at QinetiQ, highlighted the fact that the contestants have had to demonstrate both real life and technical skills for the challenge, explaining that this is not just a challenge for “techies”.

Speaking to, contestant Tim (surname withheld), a student of cyber-security at Royal Holloway, University of London explained that as part of the realistic scenario, each team has to present its findings to the board of directors of the fictitious ZSB Formulas company. Teams are assessed in part on their ability to explain what had happened during the cyber-attack and how they planned to fix it.