Last weekend featured more wireless networks than I’ve ever seen, a flying drone, Python, a lot of Raspberry PIs and a whole load of talented young people.
On Saturday, the top 25 contestants from a series of national online competitions came together for a wireless themed hackathon at Sophos HQ in the UK as part of the Cyber Security Challenge – an initiative focused on finding those with the aptitude and skills to help us all solve the next generation of infosec challenges.
The amateur cyber defenders were competing for a place at the Cyber Security Challenge Masterclass 2014 which awards winners with career-enabling prizes to help accelerate their path to industry.
In this challenge, competitors had to demonstrate their knowledge of wireless technologies from a penetration testing, forensic and auditing perspective. Competitors were put into teams and given kit to test the various target networks that had been set up.
The wireless networks exhibited exactly the kind of security flaws that are commonplace in consumer and business networks. The contestants had to find outdated networks like WEP, avoid an attacker’s wireless subterfuge with fake network broadcasts, find hidden networks, crack passwords, as well as demonstrate basic Linux and programming skills.
After taking over and carrying out forensics on the wireless networks, contestants were to boot up and configure a Raspberry PI in a race to remotely access and control a drone in the center of the room.
In addition to demonstrating wireless security skills, our challengers also had to show the link between the digital and physical, and how an attack can have kinetic real world impact.
Oh and rumour has it, it was a great deal of fun too!
From a personal perspective this event was an absolute joy to watch. The teamwork, skills and sheer creativity that was demonstrated by the challengers was a joy to watch and it was great to meet everyone who attended.
Every team did an amazing job and the event was extremely close, with a number of teams battling down to the second for control of the drone at the end of the game.
I had a great deal of fun putting together this competition, but we know it can be improved significantly with all your brilliant brains. We want to see who can come up with the best ideas for a future Raspberry PI-powered security challenge.
And if you think you have what it takes to actually participate in a future Cyber Security Challenge competition you can find more details at the Cyber Security Challenge site.
Sadly both competitions are only available to those in the UK but there are many other competitions like this worldwide.
As an industry, I believe we should all be doing what we can to encourage the next generation of talent, and to show the world how interesting working in IT security is.