Skip to content
The Black Team saves Christmas Part two: the breach 

News -

The Black Team saves Christmas Part two: the breach 

Missed the first part of The Black Team saves Christmas? Read all about the surveillance stage of the Black Team’s festive mission here.

With time running short, it was time to make our move on the naughty and nice lists. Upon approaching the reception with the same cheery demeanour as the other elves, we noticed a pile of new elf passes on the desk. We told the receptionist that we were there to run a test flight with the reindeer, and while he went to make us hot chocolate, we stashed a few of the passes into our makeshift toy sacks. 

Smiling and oblivious, he pointed us to a waiting area, where we were to wait for one of the head elves to give us the WiFi code. 

Before the elf could get there, we ducked into a quiet workshop and, with a laptop quietly taken from a desk, set about compromising the laptop so our Red Team had access to the naughty and nice lists. It didn’t take the Red Team long to not only swap a name from the ‘naughty’ to ‘nice’ list, but also locate one of the presents in the sleigh and send the location to Black Team.

Emboldened by our first victory, we headed over to the sleigh shed. The elves, busy with their toy-making in a busy workshop, didn’t notice us. However, another security troll stopped us in a quieter corridor and asked us what we were doing. 

Luckily, at that moment, we saw Santa strolling by and humming to himself. It was time to change our story, so we told the security troll that we just wanted a picture with Santa. 

“Ho! Ho! Ho! Of course, you can,” he chuckled, and before being escorted out of the workshop, we had a picture – with Santa’s security pass clearly visible in the image. The Black Team whiled away the rest of the afternoon creating a forgery of Santa’s pass, along with some new elf uniforms. 

The next day, we set off on our mission to retrieve a present from the sleigh. Heading to the workshop, we were stopped in our tracks by Mrs Claus.  

After showing her Santa’s pass, and informing her that he’d sent us there to remove a present, she made a quick check of the naughty list, which the Red Team had updated to verify our story.

After checking the list twice, Mrs Claus let the team through. However, our fake pass wouldn’t open the sleigh – with a keyless entry system in place, it initially seemed that the sleigh had the level of security that Santa expected. However, by using a relay attack – during which we intercepted the signal from the sleigh’s key fob and used it to access the sleigh – we were able to steal the present that we wanted and made our way back home through the snow.

It took seven days, several elf costumes, a few pounds gained as a result of over-indulgence in hot chocolate and a mild case of frostbite, but we had been successful in showing Santa the security gaps across the North Pole – not just the list, where he knew to be vulnerable, but his sleigh, where he thought he was secure. 

With our insight into the changes that need to be made to processes and policies, Santa and his team (with a little training from NCC Group) have made some important changes to secure the workshop. 

Another jolly client, another successful operation for our Black and Red Teams, and most importantly, a safer Christmas for all. 



NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7721577574
NCC Group - Financial Media Enquiries

NCC Group - Financial Media Enquiries

Press contact Maitland AMO Financial Results Media Enquiries +44 (0)20 7379 5151
Regional Press Office - North America

Regional Press Office - North America

Press contact +1 408 776 1400
Regional Press Office - Europe

Regional Press Office - Europe

Press contact +31 20 794 4737

Related content

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks organisations and customers are exposed to is more important than ever.

Understanding the impact and how to be more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we help assess, develop and manage cyber resilience posture.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom