Skip to content

GCHQ challenges UK amateurs to defend government from cyber attacks


GCHQ – defend the nation

The UK national Cyber Security Challenge has launched another competition to test the ability of amateur cyber defenders to protect a simulated government IT system.

The competition is designed and run by the government’s communications intelligence agency, GCHQ. It requires competitors to manage the risks posed by attacks – from hostile states, organised criminal cyber gangs or individual hackers – to a simulated government IT system.

Balancing the Defence, as the competition is known, is open to anyone aged 16 or over who is not actively working in cyber security.

Competitors will be tasked with analysing a mocked-up network typical of government departments. They will be asked to look for vulnerabilities that an attacker could exploit, prioritise the threats and, while working to a tight budget, suggest a range of defensive controls, both technical and policy-based, to reduce the risk to the network.

A GCHQ spokesman said: “Cyber Security Challenge UK has proved itself a very accomplished mechanism for finding new talent. We hope this competition will uncover those who have the vital mix of technical ability and business awareness to make tough decisions in the best interest of an organisation. At GCHQ we are committed to finding and developing the new cyber security skills in the UK and these are the skills sets employers including ourselves are most interested in.”

The competition will take place from 1 to 8 October 2012.

What’s the motive behind this?

  • Good fun
  • Cheap way for a govt to test their security?
  • A way to locate talented crackers – to work for GCHQ
  • A way to build a cyber warfare team – Simon Cowell style
  1. Strangely enough, from what I’ve seen and heard, GCHQ is focussing exclusively on defensive security, the reason being the geeks (the proper network engineers) working for them know that ‘cyber warfare’ is a losers’ game. There’s no real long-term benefit. They know that attacking someone else’s network will open themselves up to attack, reveal something about their own methods/capabilities, and if it ever became common practice the security of this country’s Internet would eventually be severely degraded.


  2. As with Stuxnet – once the code is in the wild, it’ll be adapted for attacking other plants/sites:)
    So I can see what you mean.. it’s a zero sum game – the attackers code could be adapted and sent right back at the attacker. The art of war🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: