Cyber Security Challenge sees youngsters hack into and control a drone

Filed Under: Featured, Security threats

Cyber Security ChallengeLast weekend featured more wireless networks than I've ever seen, a flying drone, Python, a lot of Raspberry PIs and a whole load of talented young people.

On Saturday, the top 25 contestants from a series of national online competitions came together for a wireless themed hackathon at Sophos HQ in the UK as part of the Cyber Security Challenge - an initiative focused on finding those with the aptitude and skills to help us all solve the next generation of infosec challenges.

The amateur cyber defenders were competing for a place at the Cyber Security Challenge Masterclass 2014 which awards winners with career-enabling prizes to help accelerate their path to industry.

Working at computer

In this challenge, competitors had to demonstrate their knowledge of wireless technologies from a penetration testing, forensic and auditing perspective. Competitors were put into teams and given kit to test the various target networks that had been set up.

The wireless networks exhibited exactly the kind of security flaws that are commonplace in consumer and business networks. The contestants had to find outdated networks like WEP, avoid an attacker's wireless subterfuge with fake network broadcasts, find hidden networks, crack passwords, as well as demonstrate basic Linux and programming skills.

After taking over and carrying out forensics on the wireless networks, contestants were to boot up and configure a Raspberry PI in a race to remotely access and control a drone in the center of the room.

Drone

In addition to demonstrating wireless security skills, our challengers also had to show the link between the digital and physical, and how an attack can have kinetic real world impact.

Oh and rumour has it, it was a great deal of fun too!

From a personal perspective this event was an absolute joy to watch. The teamwork, skills and sheer creativity that was demonstrated by the challengers was a joy to watch and it was great to meet everyone who attended.

Every team did an amazing job and the event was extremely close, with a number of teams battling down to the second for control of the drone at the end of the game.

Drone winners

I had a great deal of fun putting together this competition, but we know it can be improved significantly with all your brilliant brains. We want to see who can come up with the best ideas for a future Raspberry PI-powered security challenge.

And if you think you have what it takes to actually participate in a future Cyber Security Challenge competition you can find more details at the Cyber Security Challenge site.

Sadly both competitions are only available to those in the UK but there are many other competitions like this worldwide.

As an industry, I believe we should all be doing what we can to encourage the next generation of talent, and to show the world how interesting working in IT security is.


, , ,

You might like

3 Responses to Cyber Security Challenge sees youngsters hack into and control a drone

  1. If you thought hacking to a wireless network to take control of a Drone required significant expertise and resource, read on...

    Various groups of amateur cyber security contestants showed how easily it can be done with a Raspberry PI.

    OK, the system will have been set up in such a way that there were holes to be exploited left open, BUT sadly research seems to suggest this is the case for a large number of control systems connected to the Internet too. Protecting these real systems is not a job for amateurs.

    • Naturally Colin, but when presented with the challenge of recruiting cyber security professionals, many companies complain of a distinct lack of selection. I believe the significant number of sponsors of Cyber Security Challenge UK to be evident of this. Challenges such as these are designed to be the first step in the direction of identifying those with potential and assisting them towards a professional career. We all have to start somewhere!

  2. Patrick · 434 days ago

    Readers in Australia may want to keep an eye out for the Australian Cyber Security Challenge http://www.cyberchallenge.com.au/, which is in its second year.

    Winners of the 2013 Australian Cyber Challenge

    University of New South Wales (UNSW1) - 94 Points
    University of New South Wales (UNSW2) - 68 Points
    University of New South Wales (UNSW3) - 66 Points
    University of Sydney (US3) - 64 Points
    The Australian National University (ANU2) - 44 Points
    Flinders (FL1) - 43 Points
    The Australian National University (ANU1) - 42 Points
    Swinburne University of Technology (SUT2) - 34 Points
    Edith Cowan University (ECU3) - 34 Points
    University of Adelaide (UOA1) - 34 Points

    Right now its only open to undergraduates, but it is worth joining in if you are at Uni. The winners (UNSW1) got flown to Blackhat.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

James Lyne is Global Head of Security Research at Sophos. James is known for his passionate presentations and live demonstrations of the latest in cyber crime. He spends most of his time trying to find ways to simplify security or make it more accessible to the general public. He is also extremely keen on encouraging new talent in to the industry and is involved with a number of initiatives to help develop the future talent pool. You can reach James on twitter at @jameslyne.