The idea of a contest to see who can best defend against attacks sounds like a great one. Yet a recent competition, instead of ending just with the celebration of new-found talent, seems also to come with a subtle marketing spin.
Exercises included advising a start-up on cyber security during a role-playing exercise and fending off a 50-minute-long simulated cyber attack. The simulated attack involved port scans, followed by attacks on a vulnerable webserver, defacement, mail spam, a DDoS and an attempt to extract data. The teams were challenged to try to stop these attacks in real time by changing IDS, firewall and router configurations.
Oh really? They changed IDS, firewall and router configs? Was this a random/unpredictable attack and could defenders choose their own tools? It sounds like it was scripted. Let me guess, this was sponsored by a company that just also happens to sell IDS, firewalls and routers…
…the Hack Idol exercise pitted six five-strong teams against each other in a series of challenges hosted by HP Labs in Bristol on Saturday
Hosted by HP? Shock and surprise. Let me guess next they are going to say how easy it is for anyone to do the same…
[A 19-year-old computer science student], whose only practical experience involved setting up and playing around with a home network, demonstrated innate ability by tackling realistic challenges that simulated the business and practical side of managing enterprise security.
Congrats go to the winner. And then…Bada-bing! It sounds like you just need to send some money to the sponsor for their amazing tools, then do some playing around in the home, and you too will see your attackers start falling down like dominoes.
Hmm, where have I heard this before…