GCHQ in Cheltenham

GCHQ launches cyber security competition

GCHQ has unveiled an online security competition to identify future espionage recruits and raise awareness of cyber attacks.

The Government Communications Headquarters (GCHQ), the UK's largest spy agency, said those aged 16 or over and not already working in cyber security could apply to test their ability to guard a computer network but only 150 contestants at most would  eventually be allowed to compete.

While politicians around the world are increasingly worried by cyber threats, the UK sees them as a particular priority because GCHQ has had problems retaining Internet sleuths who can double or triple their salaries in the private sector.

GCHQ director Iain Lobban, whose service breaks codes and intercepts communications, said in October 2011 that government and industry computer systems were facing a "disturbing" number of cyber attacks that posed a threat to the country's economic wellbeing.

In a June 2012 speech, Jonathan Evans, director general of the MI5 Security Service, warned of "industrial-scale" cyber espionage and theft against the UK and cited the case of an unnamed London-listed company which lost £800m as the result of a state cyber attack.

The test, called 'Balancing the Defence', will run from 1-8 October and require the players to analyse a mocked-up government computer communications network and look for vulnerabilities that an attacker could exploit.

They will be asked to prioritise the threats and suggest defensive controls, both technical and policy-based, to reduce risks while abiding by a tight budget, organisers say.

Karl, the GCHQ architect of the competition who declined to give his full name for security reasons, said the service had designed the competition to have a maximum of 150 players.

Those not chosen to play would be able to apply to other cyber contests promoted by Cyber Security Challenge UK, an educational organisation supported by the government and the private sector to raise the UK's cyber skills.

Those will be accessible from the same website link.

"There is no such thing as a completely secure system; businesses will always need to balance where to spend a limited budget, to manage risks and provide opportunities," he said.

"This is why risk analysis is such as important and much sought-after skill in cyber security.

"We hope this competition will uncover those who have the vital mix of technical ability and business awareness to make tough decisions in the best interests of an organisation.

"At GCHQ we are committed to finding and developing the new cyber security skills in the UK and these are the skills-sets employers including ourselves are most interested in.”

Karl said the intention of the GCHQ test was to raise the public's knowledge of cyber threats and also identify potential gifted recruits for the spy service and for the private sector.

A GCHQ statement announcing the game made no mention of its staffing situation, but said the service was committed to finding and developing new cyber security skills in Britain.

Parliament's Intelligence and Security Committee, which oversees Britain's spy services, said in a 2011-12 annual report that its main concern about the agencies' staffing was "the ability of GCHQ to retain Internet specialists".

It said GCHQ was "losing critical staff with high-end cyber technology skills at up to three times the rate of the corporate average".

Employing more than 5,000 staff, GCHQ has almost twice as many people as each of its sister agencies MI5 and MI6.

It is not the first such test by GCHQ, which devised an online competition called 'Can You Crack It?' last year.

A GCHQ puzzle is currently part of an exhibition on codebreaking at the Science Museum marking the centenary of the birth of World War Two codebreaker and mathematician Alan Turing.

Further information:

Register for the competition

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them