The Cabinet War Rooms sheltered Winston Churchill and his cabinet during the World War II Blitz. Last weekend, it found itself used in a battle against a 21st century invasion.
The bunker was the venue for this year's Cyber Security Challenge in which teams of amateur security analysts were pitted against a foe aiming to bring down the UK's financial system with a deluge of digital threats. The teams had to analyse the attacks, develop ways to mitigate them, and report to a fictional board of directors about what to do next.
The teams were confronted with a concerted attack featuring a combination of a denial of service, phishing and ransomware, which together rendered online banking platforms inaccessible and forced the cancellation of a high-profile stock market floatation.
After spreading beyond the City and hitting the transport, power and utilities sectors, the scenario culminated in a potentially life-threatening attack on a nuclear power plant — which thankfully the competitors managed to avert.
The aim of the 36-hour competition is to find hidden talent in people who might not necessarily consider a job in information security — a few years back the competition was won by a postman. The event is sponsored by tech companies, but also by the UK's National Crime Agency and the government surveillance agency GCHQ, and is set up using the organisation's experience of real world cyber-attacks.
'Toby' from GCHQ — participants from the agency don't give their real name due to the sensitive nature of their work — said events like this are useful for finding great candidates that might not shine at an interview.
Judy Baker, chair of Cyber Security Challenge UK, said the aim of the completion is to bridge the cyber-security skill gap which has emerged, but said more needs to be done to make IT security a priority for businesses. "Why isn't it a module in business studies?" she asked.
There were only two women in the 42 finalists in the year-long competition and, while Baker said this was "100 percent better than other years", the problem is far from solved.
She said that about one-third of contestants who get through to the face-to-face stage — somewhere between 100 and 200 each year — go on to get a job in cyber-security, but warned that the skills gap affects management skills as well as technical ones. "We definitely don't have enough people with the technical skills ... we've got to have the people people as well."
The competition was won by the youngest finalist Will Shackleton, a 19-year-old student at the University of Cambridge, who develops mobile apps in his spare time. He beat more than 3,000 entrants and 41 fellow finalists.
Shackleton has already bagged a summer internship at Facebook, but said success in the competition has lead him to consider a career in cyber-security.
"I'm convinced security is an area I want to pursue and I can't wait to take what I have learnt from the challenge into my university studies and summer internship, and eventually into a job where I can do this stuff for real."
Registrations for this next cyber security challenge are now open.