Decorative picture of LU Hack Logo

Lancaster University Ethical Hacking Group

LUHack kicks off for the 2019 academic year

The Lancaster University Ethical Hacking Group (LUHack) kicked off for the 2019 academic year on the 16th October 2019. 10 students across PGR and UG hosted an introductory event for over 70 interested people who came to see what LUHack was about, ranging from first year UG to members of staff.

The event packed out the InfoLab21 foyer for an initial talk about LUHack’s plans for the year and the ethics of white hat hacking, before splitting off into multiple demos including:

  • Industrial control systems
  • TEMPEST
  • Lockpicking
  • Reverse engineering
  • Web application hacking
  • Wireless network hacking

With such a large turnout, the demos needed to be rotated in groups so that everyone got to see each one, but soon after the all important pizza arrived, where 32 large pizzas were demolished in 15 minutes by the hungry crowd.

The prospective members gave glowing feedback of the event and were extremely keen to see what the rest of the year of LUHack had to offer for them.  They will learn all about ethical hacking, from enumeration of a target all the way to gaining entry through exploiting various attack surfaces. As well as this there will be multiple events, competitions, and talks, externally and internally, hosted by sponsors and other industry organisations.

Next week, 23rd October 2019, will begin with an introduction to reconnaissance.

LUHack Capture the Flag Success

Lancaster University Ethical Hacking Group have had 3 teams place 1st, 2nd, and 5th out of 8 teams in the British Computing Society’s first Capture the Flag Hacking Competition. The competition is attached to the BCS event, CyberCrime 2018 (https://www.cybercrime.co.uk/). Not only that, LUHack won 3 other awards within the event.

The first team won £400 and consisted of:

Ric Derbyshire (PhD student), James Boorman (PhD student), Pierre Ciholas (PhD student), Anna Hayley (MSc student), Bhagya Wimalasiri (Msc student), Harry Balderstone (2nd year Computer Science), Henry Clarke (2nd year Computer Science), Ben Simms (1st year Computer Science), Alex Butler (1st year Computer Science), Paulius Ivaskevicius (1st year Computer Science).

 

The other awards for Lancaster were:

  • Troubleshooting Award

to Matt Davis (of the team placing 2nd) for finding a critical vulnerability in the game platform.

  •  Fair Play Award

to Lancaster University as a collective for reporting the vulnerability.

  • B2R award

for completing the “Boot 2 Root” challenge first.

 

Members of LUHack will be receiving prizes at CyberCrime 2018 on Monday, where some of the team are also speaking.

Lancaster University students to take on Inter-ACE cyber security challenge

The eight Lancaster students are taking on competitors from 17 of the UK’s other leading cyber security universities in a two-day cyber security competition, Inter-ACE, which is organised by the University of Cambridge. Now in its third year, Inter-ACE is supported by GCHQ’s National Cyber Security Centre to attract the best young minds into careers in the sector.

Up for grabs is £10,000 in cash prizes and the opportunity to compete with the best of the USA in ‘Cambridge2Cambridge’, a transatlantic contest to be held later this year.

Two teams of four students from Lancaster will be taking their place among the 134 competitors, organised into 34 teams from 18 UK universities. They will face over 20 challenges set by experts from the University of Cambridge and sponsors including Context IS and Palo Alto Networks. The two-day event, taking place at the University of Cambridge on the 16th and 17th March 2018, will culminate in a ceremonial dinner at Trinity College, Cambridge.

Inter-ACE will simulate a number of scenarios, including working to prevent a cyber-attack on the infrastructure of a fictional city and the results of a successful tap on an undersea data cable. Competitors will develop and hone penetrative testing skills. These skills include the binary reverse engineering of malware, breaking into a web application such as an online payment system, decoding secure communications and piecing together intercepted data.

Ollie Cuffley, one of the Lancaster team members, said: “We're really looking forward to putting the skills that we've learned as part of the Ethical Hacking Group here at Lancaster and during our courses to use in real-world challenges. This is also a fantastic chance to meet our counterparts at other universities and build lasting connections with like-minded people.”

Professor Frank Stajano of the University of Cambridge, the founder of Inter-ACE, said “Protecting IT and infrastructure means understanding how it can be attacked. The head of the National Cyber Security Centre, Ciaran Martin, is absolutely right in that a major cyber-attack on the UK is a now matter of “when, not if” and we must recognise that the UK faces an urgent skills shortage.

“Inter-ACE gives future cyber security professionals the opportunity to test their skills against the best and meet others in their field and future employers. This is about engaging with the next generation of cyber security talent, and raising awareness of this vital, interesting and exciting career choice.

“It’s also about making the good work of cyber security professionals much more visible. Like other initiatives such as NCSC’s CyberFirst programme, the interesting experiences of the University students taking part in this year’s event will help to inspire those currently at school to consider a rewarding career in this field.”

Chris Ensor, Deputy Director for Skills and Growth at the NCSC, said: “The InterACE competition is a fantastic way to encourage bright young minds to hone their cyber knowledge further and meet like minded people.

“The cyber threat is growing, and so making sure that young people have the cyber security skills to help protect us has never been more important. We at the NCSC hope the entrants will be inspired – and can perhaps inspire others – into starting a thrilling career defending the UK and helping make it the safest place to live and work online.”

Established through the UK’s National Cyber Security Strategy and supported by GCHQ’s National Cyber Security Centre, the competition is sponsored by Microsoft, BT, Palo Alto and Context IS.

The 18 universities sending teams to Inter-ACE are Queen’s University Belfast, the University of Birmingham, the University of Cambridge, Cardiff University, De Montfort University, the University of Edinburgh, Edinburgh Napier University, Imperial College London, the University of Kent, Lancaster University, Newcastle University, the University of Oxford, Royal Holloway University of London, the University of Southampton, the University of Surrey, University College London, the University of Warwick and the University of York.

The Lancaster team is sponsored by Holker IT and Fujitsu.