#CyberSpaceWar, Uncategorized

Australia’s top hackers uncovered in tournament

from apperspective.net: Bunkered down in rooms across the nation, 43 teams of students spent 24 busy hours hacking IT systems non-stop this week.


Their challenge? To uncover flaws in a fictitious company's IT systems.


Telstra chief information security officer Mike Burgess said "If I find 10 good people out of this exercise, I'm going to
give all 10 of them a job because there is actually a big demand for
these skills"



Telstra, along with other government agencies, held their "2013 Cyber Security Challenge" on Tuesday and Wednesday to try to uncover Australia's next top IT security minds. The students' mission was to find the most flaws in the fictitious company's IT systems in 24 hours.


Groups of four students from 20 universities and TAFE colleges across
Australia participated and Telstra said the competition proved so
popular that it had to cap the number of teams per institution to three.

Winning team,
"UNSW1", which included students Karla Burnett, Petr Novak, Jack Murray
and Theo Julienne, from the University of New South Wales, were awarded
a trip to the infamous Black Hat IT security conference in Las Vegas.



They could also be offered Telstra or government jobs in IT
security, depending on how good they are, according to Telstra's chief
information security officer, Mike Burgess.

They scored 94 points.

Earlier this year Burnett and Julienne were involved in cracking the secret algorithm used on Sydney's public transport tickets for buses, trains and ferries, which could have allowed them to print their own tickets.

The second and third places went to "UNSW2" (68 points) and
"UNSW3" (66 points), two other teams at UNSW, which will each be
awarded either a new smartphone or tablet of their choice from Telstra.

"If I find 10 good people out of this exercise, I'm going to give
all 10 of them a job because there is actually a big demand for these
skills
," Burgess said on Wednesday, just before the winners were
announced.

As part of the challenge, the teams were required to conduct
testing on a fictitious security company's product called "Very Secure
Transfer Protocol".

In the scenario created, the company, "Computer Security
Synergistic Cloud Computing", was supposedly concerned that its popular
product could be hacked and required it to be tested. Burgess said it
involved the students being engaged as consultants to the company to
"undertake a range of security consultancy functions to test the
company's security". They were required to conduct what's called
penetration testing on the company's web apps, network and product, as
well as give advice in easy-to-understand language.

Burgess said Telstra hosted the fake company's infrastructure while Defence created the challenge.

Just last month Telstra was awarded a $1.1 billion six-and-a-half year Defence telecommunications contract, which will require 230 new jobs in Canberra, some of which will require security expertise.

Because of this, Burgess said Telstra was looking for new talent.


He said there was an IT security skills shortage in Australia and
that this week's challenge was just one of the ways Telstra and
government agencies could recruit staff who had the required technical
skills.

There were several other reasons why the challenge was being conducted, Burgess said.

"One is just to raise awareness on cyber security as an issue," he said.

"It's also trying to encourage bright young minds to take up a
career in cyber security.
We're trying to encourage these guys and
girls [to think about] a career in cyber security because it's an
important national issue and ultimately Telstra, the [Defence Signals
Directorate] and CERT Australia would really love to recruit these
people, especially the good ones ..."

Although Telstra did not hire anyone from last year's
challenge, Burgess said the team that won did work experience with
Defence, where Burgess was recently deputy director of Cyber and
Information Security.

#PumpUpThaVolume: September 18, 2020