Ethical amateur hackers take over CCTV cameras and internet connected toys in cyber contest

On Friday evening, NCC Group and Cyber Security Challenge UK ran a competition which saw 25 extraordinary code breaking amateurs from across the UK battle each other to ethically hack common Internet of Things (IoT) devices, including remote controlled cars, CCTV cameras and even children’s dolls.

The competition was designed to find and nurture the UK’s best hidden cyber security talent and help them secure careers in cyber security; plugging a critical skills gap in the information security industry. (ISC), the world’s largest independent body of information security professionals, predicts a global shortfall of 1.8 million workers by 2022 if current employment trends continue.

Created by NCC Group, the competition saw contestants hacking into real security flaws that NCC Group’s team have exposed in these products during its world-leading research. This scenario demonstrates how hackers could use everyday consumer IoT products as a gateway to steal personal information and even turn them into spying and eavesdropping devices.

The 25 contestants played the part of a cyber security consultancy team, hired by a fictitious global media company following the appointment of a new chief executive officer. Known for his divisive media persona, the company’s cyber security team were concerned that he may be the target of criminal hacking gangs looking to gain access to data and information that could be used against him and his company.

Nigel Harrison

Contestants were asked to adopt the role of ethical hackers and break into IoT devices within his home, documenting they ways in which hackers could use them to access his private data. Assessing the candidates were professionals from security organisations across the country. They monitored the strength of their technical skills, including penetration testing and network analysis, as well as their soft skills, such as communication and teamwork. These are all traits that are highly sought after in the cyber security profession.

The winning team was team Tommy Flowers, named after the man who built the world’s first programmable computer, which consisted of: Steven Eccles, Syed Hasan, Waldo Woch, Michael Yonli and Kajusz Dykiel.

The individuals who have qualified for Masterclass include: Arran Thomson, Josh Hadland, Justin Rowley, Harvey Stocks, Michael Yonli and Buster Parr.

The competition was the fourth of five face-to-face semi-final rounds in Cyber Security Challenge UK’s 2017 programme. This year’s competitions have mirrored cyber threats in the Internet of Things, which resemble real-life threats and incidents.

In October last year for example, millions of IoT devices like cameras and routers were hacked and turned into a large botnet that took down popular services like Twitter and Netflix, highlighting how vulnerable these devices can be and the disastrous that these vulnerabilities can have, far beyond the home, or business environment in which they are operating.

The top performers from NCC Group’s competition have been invited to the Masterclass grand final in November where they could be offered highly lucrative jobs that average around £60,000 (€66070.25) per year after training and experience. For those looking to secure a coveted place in the competition, there is still an opportunity, with the final qualifiers of the year open on the Challenge’s CyPhinx (Play on Demand) system until 15th September.

Colin Gillingham, associate director at NCC Group said:“Our research shows that several IoT devices have found their way to market with inherent cyber security flaws in them, opening the door for hackers to target individuals and their private information.

Our competition was designed to show that these devices can be used by hackers to get access to not only homes but businesses as well. By supporting the Challenge, we’re committed to growing the next generation of cyber security professionals, protecting society from potential cyber threats both now and in the future.”

Nigel Harrison, acting chief executive of Cyber Security Challenge UK said:“As our homes and daily lives become more internet connected, we open ourselves up to an extraordinary number of potentially damaging vulnerabilities. With an estimated 80 billion devices connected to the internet by 2025, we need more people than ever to protect our personal and professional data, and to keep our country safe and secure.

The Challenge is working with partners such as NCC Group to inspire talented individuals to choose this career path and to ensure that our competition scenarios mirror those tasks professionals face each day.

Comment on this article below or via Twitter: @IoTNow OR @jcIoTnow


Smart metering: Load balancing leads to annual savings of almost £5,000 for a large UK bakery

Posted on: August 10, 2022

Energy management is becoming an increasingly important component of business strategy for today’s FMCG companies, aimed largely at reducing energy costs, improving sustainability, and achieving ESG goals. According to the 2020 Deloitte Resources Study, half of industrial companies report incorporating energy management at the corporate strategy level, says Matthew Margetts is director of sales and

Read more

Digi-Key exclusively stocks new XPLR-IoT-1 Kit from u-blox for purchase globally

Posted on: August 10, 2022

9 August 2022 – Digi-Key Electronics, which offers the selection of electronic components in stock for immediate shipment, announced that the XPLR-IoT-1 explorer kit from u-blox, a global technology specialist in positioning and wireless communication, is now available for purchase globally, exclusively from Digi-Key.

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more

What is IoT?

Posted on: July 7, 2019

What is IoT Data as a new oil IoT connectivity What is IoT video So what’s IoT? The phrase ‘Internet of Things’ (IoT) is officially everywhere. It constantly shows up in my Google news feed, the weekend tech supplements are waxing lyrical about it and the volume of marketing emails I receive advertising ‘smart, connected

Read more
IoT Newsletter

Join the IoT Now online community for FREE, to receive: Exclusive offers for entry to all the IoT events that matter, round the world

Free access to a huge selection of the latest IoT analyst reports and industry whitepapers

The latest IoT news, as it breaks, to your inbox