In today's interconnected world, computer crime knows no age requirements. People of all ages are capable of committing malicious acts online. That includes teenagers. For example, in October 2015, a teenager allegedly breached the email account of CIA Director John Brennan. UK authorities now believe that they have arrested that same individual, who is accused of also having hacked the email account of Director of National Intelligence James Clapper as well as posted the personal information of 30,000 DHS and FBI personnel after gaining access to an intranet at the Department of Justice. In another incident involving young hackers, U.K.-based telecommunications company TalkTalk experienced a data breach that affected over 150,000 of its customers. The subsequent investigation led to several arrests, with the alleged hackers ranging in age from 15 to 20 years old. These events would seem to confirm the finding of the National Crime Agency (NCA) that the average age of those who commit acts of computer crime dropped from 24 in 2014 to 17 last year. Apparently, hackers are getting younger. Or are they? As it turns out, the picture painted by the NCA is not entirely accurate.
"No matter what, the sample age range of hackers will be skewed because we are measuring the hackers who’ve been caught," says Craig Young, security researcher at Tripwire. "An inexperienced hacker is more likely to trip up than a seasoned cyber criminal."
Little good can come from blaming teenagers for today's data breaches, Young goes on to explain. Instead, parents along with the security community have a responsibility to educate young people about the consequences of malicious hacking and to steer them away from computer crime. Towards that end, Young and Tyler Reguly, manager of security research and development at Tripwire, offer four ways parents and teachers can help educate teens about information security:
- Showcase positive hacking examples by using practical samples of vulnerability research. Popular companies, such as Riot Games and Google, offer bug bounty programs that reward white-hat hackers when they uncover software problems. Those companies can then fix those vulnerabilities in order to continue protecting their users.
- Provide safe and supportive spaces that allow teens to learn about constructive hacking. These can take the form of capture the flag contests and information security classes.
- Discuss online safety with your teen. Young people may believe their identities are anonymized on the Internet and that online mischief is relatively safe, but that is simply not the case. Teenagers need to understand that malicious acts committed in the digital space have real-world consequences.
- Be prepared to limit and supervise use of the Internet. Many malicious tools are easy to download and widely available. It's therefore a good idea that teens not have unfettered access to the Internet lest they decide to explore the dark side of the web.
"Tech literacy does not automatically lead to computer crime," explains Reguly. "Your 5-year-old nephew may be able do things on an iPad that your mother can’t, but that doesn’t mean he’ll grow up to be a malicious hacker. Since kids often do not connect online actions with real-world consequences, it’s up us to help the next generation grow into constructive hackers who will help make the Internet safer for everyone." For more information on how you can to steer your kids clear of malicious hacking, please click here. In the meantime, you can learn more about how kids are the future of computer security by reading this interview with 10-year-old CEO Reuben Paul here. Title image courtesy of ShutterStock
