Skip to content
The Black Team saves Christmas Part two: the breach 

News -

The Black Team saves Christmas Part two: the breach 

Missed the first part of The Black Team saves Christmas? Read all about the surveillance stage of the Black Team’s festive mission here.

With time running short, it was time to make our move on the naughty and nice lists. Upon approaching the reception with the same cheery demeanour as the other elves, we noticed a pile of new elf passes on the desk. We told the receptionist that we were there to run a test flight with the reindeer, and while he went to make us hot chocolate, we stashed a few of the passes into our makeshift toy sacks. 

Smiling and oblivious, he pointed us to a waiting area, where we were to wait for one of the head elves to give us the WiFi code. 

Before the elf could get there, we ducked into a quiet workshop and, with a laptop quietly taken from a desk, set about compromising the laptop so our Red Team had access to the naughty and nice lists. It didn’t take the Red Team long to not only swap a name from the ‘naughty’ to ‘nice’ list, but also locate one of the presents in the sleigh and send the location to Black Team.

Emboldened by our first victory, we headed over to the sleigh shed. The elves, busy with their toy-making in a busy workshop, didn’t notice us. However, another security troll stopped us in a quieter corridor and asked us what we were doing. 

Luckily, at that moment, we saw Santa strolling by and humming to himself. It was time to change our story, so we told the security troll that we just wanted a picture with Santa. 

“Ho! Ho! Ho! Of course, you can,” he chuckled, and before being escorted out of the workshop, we had a picture – with Santa’s security pass clearly visible in the image. The Black Team whiled away the rest of the afternoon creating a forgery of Santa’s pass, along with some new elf uniforms. 

The next day, we set off on our mission to retrieve a present from the sleigh. Heading to the workshop, we were stopped in our tracks by Mrs Claus.  

After showing her Santa’s pass, and informing her that he’d sent us there to remove a present, she made a quick check of the naughty list, which the Red Team had updated to verify our story.

After checking the list twice, Mrs Claus let the team through. However, our fake pass wouldn’t open the sleigh – with a keyless entry system in place, it initially seemed that the sleigh had the level of security that Santa expected. However, by using a relay attack – during which we intercepted the signal from the sleigh’s key fob and used it to access the sleigh – we were able to steal the present that we wanted and made our way back home through the snow.

It took seven days, several elf costumes, a few pounds gained as a result of over-indulgence in hot chocolate and a mild case of frostbite, but we had been successful in showing Santa the security gaps across the North Pole – not just the list, where he knew to be vulnerable, but his sleigh, where he thought he was secure. 

With our insight into the changes that need to be made to processes and policies, Santa and his team (with a little training from NCC Group) have made some important changes to secure the workshop. 

Another jolly client, another successful operation for our Black and Red Teams, and most importantly, a safer Christmas for all. 



About NCC Group

NCC Group exists to make the world safer and more secure.

As global experts in cyber security and risk mitigation, NCC Group is trusted by over 15,000 clients worldwide to protect their most critical assets from the ever-changing threat landscape.

With the company’s knowledge, experience and global footprint, it is best placed to help businesses identify, assess, mitigate and respond to the evolving cyber risks they face.

To support its mission, NCC Group continually invests in research and innovation, and is passionate about developing the next generation of cyber scientists.

With over 1,800 colleagues in 12 countries, NCC Group has a significant market presence in North America, continental Europe and the UK, and a rapidly growing footprint in Asia Pacific with offices in Australia and Singapore.

Press contacts

NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7824 412 405
NCC Group - Financial Media Enquiries

NCC Group - Financial Media Enquiries

Press contact Maitland AMO Financial Results Media Enquiries +44 (0)20 7379 5151
Regional Press Office - North America

Regional Press Office - North America

Press contact +1 408 776 1400

Related stories