Hurry shipmates - the black hats have hacked our fire control system
Infosec younglings stave off cyber-assault on WWII cruiser
The final instalment of Blighty's Cyber Security Challenge, a ten-month process to find new talent for Blighty's infosec workforce, will conclude this afternoon.
The Cyber Security Challenge Masterclass, organised by BT, and described as "a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more [UK residents] to become cyber security professionals," launched yesterday.
It sets 42 hackers against the fictional Flag Day Associates, a slightly pantomime group of cyber terrorists who have usurped access to the Second World War light cruiser HMS Belfast's gunnery control system.
The warship, permanently moored on the River Thames, has one of her four 6" gun turrets trained on City Hall, although in all probability Belfast is not actually about to open fire on the Greater London Authority. Her two forward 6" turrets are trained on the M1's Scratchwood services, 11.7 miles - or 20,500yds - away.
Deep in her junior ratings' mess, seven teams formed of six cyber security amateurs are hacking away on laptops booted with Kali Linux to diagnose how the terrorists penetrated the ship's network, and have until Friday afternoon to fix any problems they find.
Although the candidates are competing as individuals, assessors will be following their teamwork skills as well as their technical ability to rapidly audit a broad range of networks for vulnerabilities, extending from the ship's gunnery control system, hosted on Lockheed Martin's Test and Evaluation Network (TEN), through to a smart grid designed by Airbus.
A spokesperson for GCHQ, one of the events many sponsors, told reporters that the candidates' “soft skills and their ability to collaborate and appreciate the talents of their colleagues” will be probed throughout the two-day event.
Dr Kevin Jones, head of Airbus' cyber security research department, cited an attack last year on a German steel mill as evidence of the necessity of pro-actively defending infrastructure.
The founder and chairman of Challenge, Judy Baker, tol El Reg that 27 per cent of the UK's infosec workforce is due to retire within five years, and four to five thousand additional jobs need filling annually.
Candidate Ese Oduyoye described the opportunity to “directly interview” with the government agencies and private sector employers sponsoring the event as “wonderful”.
Nigel Lee, Lockheed Martin's head of business and strategy, noted that involvement in the competition "helps us not only to support the development of these talented people but also allows us to highlight the role we play in cyber security".
In terms of recruitment, Lockheed took a great interest in the event's capacity to flag up the kind of talent it's looking for. Graduates in computer science and maths are common, although candidates with degrees in music have also found their way into Lockheed's employment, as "we're all about aptitude", said Lee.
Mark Hughes, president of BT Security, also lauded the recruitment value of the event and stated the telecoms company's interest in organising the event for the candidates.
Noting that the skills gap could not be completely filled through competitions such as Challenge, Hughes also stated that BT would be taking on 17 apprentices as part of the government's scheme in the coming financial year.
Even for those candidates not snatched up by a big company, Nigel Harris, chair of the prize committee, explained to The Register that 60-70 prizes with a cumulative worth of between £100,000–£200,000 would be awarded to the candidates to help their career progression. ®