Sophos Launches Cyber Security Contest

A recent competition organized by the major Oxford based security firm, Sophos, gave the UK public a chance to step into the shoes of cyber detectives. Affiliated with ‘Cyber Security Challenge UK’, the event is a part of the competition series organized to discover the most promising cyber security talent in the country by simulating one-on-one cyber battles.


Photo: YanLev / Shutterstock

In this competition, the brightest technical minds in the UK will come under one single roof to face a number of online challenges, which are based on fictional threats. Known as Assignment Flag Drive, the latest challenge demands the participants to gain access to the suspicious hardware that belongs to cyber crooks. And their task doesn’t end here. They also need to find out the owner of that drive.

These challenges are carefully designed to include all the skills needed by a cyber security specialist.

The competition also gives them a firsthand experience of working on an actual case. Speaking highly of Sophos, Stephanie Daman, the Cyber Security Challenge CEO, said that Sophos has played a major role in organizing this challenge by enabling the participants to experience real and prevalent cyber security issues. Sophos has been supporting the event since its inception. The organizers are excited to see the results and the participants are learning from the event.

The Challenge

The participants in the challenge were asked to analyze the Flag Day Associates threat video from YouTube. A thorough analysis of the video threw up critical details such as March 20 2015 being the likely date for a future attack, and a clear reference to the upcoming solar eclipse, which could be observed from the UK.

The first task on decoding the clues was set up with assistance from the National Crime Agency. The candidates were exposed to an email from the ‘under observation’ group, marked as suspicious by the National Crime Agency. The email was probably exchanged between the members of the cyber attack group.

The correspondence of said email was tracked to a deserted warehouse, located in the countryside. Upon reaching the site, the investigators found nothing but a hard drive, which would have been mistakenly left behind by the group members. As expected, the contents of the hard drive were found to be encrypted.

Last month’s event saw a participation of over 1,000 cyber security enthusiasts, all trying to come up with the possible clues present in the traced communication among the group.

Sophos holds the cyber security competition to invite the UK public to assess their technical capabilities. It also tests the ability of cyber experts to break into new systems and derive unknown information.

If this sounds interesting to you, you can register yourself at their website. The registration lines are open from August 1 to 14. After the lines close, you will be sent a letter which would enclose all the details, along with the game URL. The challenge begins on August 15, 9am BST and would close at midnight, August 16. The eligible candidates need to be UK based amateur enthusiasts of cyber security.

What’s In It For The Winners

If you attain the highest rankings, you will directly qualify for the inaugural ‘reconnaissance meet-ups’ to be held on the Operation Flag Day.

The candidates exhibiting the most awe-inspiring skills and applications will be given a once in a lifetime opportunity of travelling to secret UK-based locations to work on real investigations. Also, the results of this event will be used to pick the candidates for the Masterclass Final next year, where they will be pitted against the Flag Day Associates.

According to James Lyne, Sophos’ global head of security research, this competition brings together a number of skills needed by security professionals at their workplace. It has a mix of offensive as well as forensic aspects, which would test the candidates’ skills and applications.

According to Sophos, this event would help in recognizing UK’s greatest counter-terror hackers. The event is endorsed by GCHQ (Government Communications Headquarters), Britain’s intelligence service, which has tied up with six universities to ensure proper training for the next-gen cyber security experts.

The major aim behind the formation of the ‘UK cyber security strategy’ is to enhance the country’s ability to counter cyber attacks. One of its key points was special attention to cyber security education. A step forward in this regard was the fact that four courses, including the ‘University of Oxford’s master’s degree in Software and Security Systems’ were given complete accreditation.