MyDoom wins Cyber Security Challenge Masterclass

Team MyDoom has been declared the winners of the 2018 Cyber Security Challenge Masterclass. They overcame eight other teams in what was a great showcase of future talent for the industry. The Masterclass is the culmination of a year of competitions across the UK. It also included, for the first time, winners from competitions in Singapore.
Unlike many competitions, drawing across multiple competitions means that the Masterclass has a really diverse mix of ages, cultures and gender. For the younger contestants, this is a way of deciding if they want to follow this as a career path. The older contestants are already planning their career change and see this as a chance to show what they can do to the sponsors.
One contestant in particular not only won a Face to Face (F2F) competition earlier this year but received a job offer as a result. At 53, she is now retraining from teaching into cyber security. As an industry that is still trying to deal with huge skills gaps, this is the way it can begin to address its problems.
What was the scenario?
Fictional company Research4U (R4U) is a cyber intelligence and research company. It had suffered a previous cyber-attack which was blamed on its Head of Operations. That individual had been jailed for her part in those attacks. In addition to not disclosing why she attacked the company, she also chose not to admit her membership of a hacking group 29Alpha.
R4U runs a mix of Windows Server and Linux systems with most of the end-user desktops running Windows. It used GIT for source code management and delivered services via its own APIs.
After the original attack the company moved into offering fintech start-ups secure storage of their cryptographic keys. One customer is Th$ Crypt. They are a cryptocurrency exchange and their customers use an app to access their accounts. They use a third-party web application to access their accounts.
R4U was alerted to 29Alpha offering its customers keys in a data dump. The group also claimed to have installed ransomware on R4U servers.
What did the contestants have to do?
The contestants were split into eight teams. Each represented a team brought in to investigate and remediate the attack. They were also part of a larger company and one of the exercises was to hand over to another group in the company who would continue the investigation overnight.
The various challenges on the ground were very different. There were vulnerabilities to identify and patch. Malware attacks had to be remediated although taking the simple approach and just blocking them meant that they kept reappearing. Network traces and identifying bad code was also a challenge for the more technical team members.
This was not a contest, however, set up for the code geeks alone. The game designers also created soft skill challenges such as how to hand over the case to other teams and make presentations. For the first time in a challenge, there was also a mock press conference. This required teams to work together to decide what they could say and how to deal with public interaction. It’s a skill that is in short supply across many cyber security teams.
Across all the tests, different teams struggled with different elements. Blocking some of the attacks caught many out because they didn’t locate the malware source. It meant they lost time trying to deal with problems. The complexity of the scenario also meant that teamwork was a key element. Rather than everyone on the same problem, there was a need to be different roles to better understand the way the attacks worked. This required both good group dynamics, communication and inter-personal skills.
Sponsors getting a look at how the competition works
One of the interesting parts of the Masterclass is that sponsors from the various competitions came to observe. From a recruitment perspective this is a big win. They get to see individuals and teams working realistic problems. For the contestants, this is as much about a job interview as a competition. For the sponsors, this is a chance to see a room full of people showcasing what they can do in a way no job interview can replicate easily.
The sponsors were also able to sit in on the mock press conference. This allowed them to understand the types of questions that might be asked in such a situation and to see how the teams dealt with them. It should help them realise that building teams is not just about technical staff, something that many companies have yet to realise.
What does this mean
For Team MyDoom members, this is something to add to a CV when looking for employment. Employers are becoming increasingly aware of these types of competitions. Importantly, they are also beginning to understand which ones add significant value and which are more about good PR. In this case, the competitors had to win through other competitions to get a place in the final. That makes them all eminently employable.
For Cyber Security Challenge UK this is the end of what has been a stressful period in its history. It has brought in a new CEO and done so without any impact on what it is delivering. Moreover, it has expanded the number of competitions and increased the number of people engaging with it. It has also increased its awareness among companies which should lead to more sponsorship. This can only be good for the competition as it begins the planning for 2019.
The next step will be to select the right people to win the European Cyber Security Challenge. The UK team faltered under pressure this year in Europe. Next year, there is a belief that it can do better.
source enterprisetimes
Industry: Cyber Security News

Latest Jobs
-
- Cloud Architect- German Speaker
- Hungary
- Upto €48000 per year + bonus + benefits
-
As a Senior Pre-Sales Solutions Architect, you will play a pivotal role in driving our sales success by translating complex technical solutions into compelling proposals that resonate with our clients. You will collaborate closely with our sales teams to understand customer needs, design tailored solutions, and negotiate successful deals. Responsibilities: Solution Design: Develop comprehensive technical solutions that align with customer business objectives and industry best practices. Proposal Development: Create compelling proposals, including requirements gathering questionnaires, presentation materials, and Statements of Work (SOWs). Customer Engagement: Build strong relationships with clients, understanding their technical, business, and commercial requirements. Collaboration: Work closely with sales teams, delivery teams, and third-party partners to ensure successful project execution. Pricing Strategy: Define and deliver pricing strategies that align with customer needs and company objectives. Requirements: Experience in technical pre-sales or sales support roles. Proven track record in designing and delivering successful customer solutions. Strong technical foundation in areas such as VMware, Azure, AWS, cloud computing, and data center technologies. Excellent understanding of sales principles, account management, and negotiation techniques. Ability to explain complex technical concepts clearly and concisely. Experience working in international teams and supporting clients across multiple regions. Fluency in German and English is essential. Benefits: Competitive salary and benefits package Opportunity to work on challenging and rewarding projects Collaborative and supportive work environment Potential for career growth and advancement Please note that this role is focused on supporting German clients, but will also involve global client support as needed.
-
- Director Cyber Security Consulting Medical / Biotech / Biopharma. United Kingdom
- United Kingdom
- Generous salary, uncapped bonus, travel and usual benefits.
-
CH8431 Director Cyber Security Consulting Medical / Biotech / Biopharma. United Kingdom Looking to make Security Partner within 2-3 years? Do you have current experience selling / delivering cyber consulting & advisory services into Medical / Biotech / Biopharma? If so, we would like to speak with you. Apply today for a discreet conversation. This is a UK based opportunity. Current Cyber security consulting experience is essential, as is a network into the Pharmaceutical / Healthcare industry. Package- Generous salary, uncapped bonus, travel and usual benefits. 07884666351 | chris.holt@dclsearch.com
-
- Director Cyber Security Consulting Pharmaceutical / Healthcare. United Kingdom
- United Kingdom
- Generous salary, uncapped bonus, travel and usual benefits.
-
CH8430 Director Cyber Security Consulting Pharmaceutical / Healthcare. United Kingdom Looking to make Security Partner within 2-3 years? Do you have current experience selling / delivering cyber consulting & advisory services into Pharmaceutical / Healthcare? If so, we would like to speak with you. Apply today for a discreet conversation. This is a UK based opportunity. Current Cyber security consulting experience is essential, as is a network into the Pharmaceutical / Healthcare industry. Package- Generous salary, uncapped bonus, travel and usual benefits. 07884666351 | chris.holt@dclsearch.com
-
- Privileged Access Management (PAM) Specialist
- Germany
- upto €700 per day
-
We are looking for a Privileged Access Management (PAM) specialist to help us redesign our customer's administration environment and implement a PAM tool. The project is divided into two phases: a rough concept phase and a detailed concept phase. We need someone with deep knowledge of ITIL V4, product provisioning, automation, and standardization, as well as good knowledge of the cloud environment, Enterprise Vault, requirements documentation, and analysis. We also need someone with strong communication and team skills Ideally you will have experience with CyberArk, we do require someone who is fluent in German for this contract