New responses to new crimes
Most readers will be more than familiar with the rapid rise in cybercrime (which now amounts to at least one sixth of all offences), and the main ways of protecting ourselves and our work organisations from cyber attacks.
We gather from the news that many hackers are young people who seem to get the same sort of excitement from their cyber exploits as previous generations of teenagers did from stealing and racing cars.
Back in the day, no self-respecting Youth Offending Service was without a motor project to try to channel young men’s (most young people involved in this form of crime were male) fascination with cars into more legal activities.
Now, the same sort of approach is being tried with young cyber criminals.
Last month (July 2017), the National Crime Agency ran its first weekend camp for young computer criminals in Bristol. The seven young men attending had either been arrested, visited by officers because they were spotted using tools and techniques that break UK computer misuse laws or been cautioned by police because of offences committed at school. They had been caught defacing websites, knocking servers off-line and carrying out hack attacks that let them take over restricted networks.
The weekend had a number of aims but was primarily intended to divert those that could be putting their skills to a more positive and legal use. The weekend was delivered by Cyber Security Challenge UK.
The two-day residential camp reinforced messages about using technical skills responsibly and called on industry professionals who gave talks about jobs in cyber-security. BBC reporter Mark Ward said that the weekend “had the air of a school trip in that much of the fun was closely supervised and had an educational bent.”
Attendees learned about the different roles computer security staff take on including forensic analysis, network protection and mounting attacks on companies – known as red teaming. They also did coding challenges, took each other on in hacking games and learned about bug bounty schemes. These schemes could mean they would get paid for finding and reporting the loopholes they used to exploit for their own ends.
After the weekend, one attendee said:
Now I know cyber-security exists it sounds like it would be something I really, really want to go into.
You get the same rush, the same excitement, but you are using it for fun still, but it is legal and you get paid. So, it’s every kind of benefit.
Ethan Thomas of the NCA was reported saying that the idea for the event grew out of a research project that compared the hacking skills of people on both sides of the law.
It measured up the profiles of different offenders we had and compared it to those of talented people in the industry. What we found was that the only sole difference within the stories was that the industry members, at some point, had an intervention.
Mr Thomas said these pivotal moments in the career of a young person came from different sources – parents, guardians or teachers – but the guidance given demonstrated how effective such an intervention could be.
The skills are so transferable with this crime type. If you have good cyber-skills there are many, many qualifications you can take.
He said the people who took part in the weekend would be monitored to see how their experience changed them. The NCA said it was planning to introduce similar weekends across the UK if they proved to be able to set young malicious hackers on the straight and narrow.