Training Young Hackers To Stop Cybercrime

At the heart of a police operation to defend Britain from attack by cybercriminals, a 14-year-old boy was honing his skills to thwart hackers linked to a rogue state.

Ben Abrahmason was among a group who gathered at a military base in Wiltshire to counter fictional but sophisticated cyber-attacks. Police chiefs and intelligence officers hope young people like Ben will become the latest recruits in the rapidly evolving war. “A lot of it is like normal forensics. There are fingerprints, DNA, except it’s digital,” said Ben, from Leicestershire. “You examine phones, laptops, hard drives: the data on them can help you solve crimes.”

He had passed rigorous online tests to be selected to spend the day being tutored by experts from the National Crime Agency. Police say it is important for them to woo talented hackers who might be tempted, out of boredom or greed, to target companies or even work for criminals.

Colin Lobley, chief executive of Cyber Security Challenge UK, which organises a series of national competitions to identify the best potential “cyber-defenders”, said: “They might be phenomenally talented, but not old enough for us to offer them anything so we have to keep them interested and prevent them going to the dark side.”

He was referring to the network of cybercriminals which Europol has warned is responsible for launching 4,000 ransom attacks a day and whose technological capability threatens critical parts of the financial sector.

The government’s National Cyber Security Centre, in its 2017 annual review, revealed it had responded to 590 significant incidents including attacks on key national institutions such as the health service and the British and Scottish parliaments.

Christopher Williams, 18, from south London, is another who wants to help defend the UK’s critical infrastructure from cyber-attack.

“Anyone who’s a good citizen wants to help their country. It’s exciting to know you can still help protect your community and your country, to defend the UK using forensic skills to provide support for British troops overseas and the likes of MI6,” Williams said .

There was another pressing reason for Friday’s event: a gaping skills shortage threatens the rapidly expanding cybersecurity sector. Robert Hannigan, the former head of GCHQ, the intelligence and security agency, has predicted a “huge skills shortage” by 2025.

Craig Jones, head of preparing cyber-capability at the National Crime Agency, warned that if the UK failed to recruit top-level talent it would not be able to keep pace with criminals. “It’s simple: we are going to struggle. We need the best people to progress, though we also need to recognise that people are not going to stay for a 30-year career in law enforcement,” said Jones.

One area where recruitment must improve is in attracting more women to the sector. On Friday only three of the 30 contestants were women, a ratio that broadly mirrors the UK sector as a whole. Only about 8% of jobs in cybersecurity are filled by women compared with 11% globally.

One of the female contestants, Rhiannon Eason, 23, from Oxford, said: “I have always been interested in forensics and law enforcement, but until recently I had never thought of cybercrime. I’d like to do either forensics or ‘red team’ penetration, where you are an external attacker to test defences. I’m happy to play either side.”

Del Rattenbury joined the National Crime Agency in 2014 and explained that becoming a cybersecurity investigator could make the difference between life and death.

She said that one of her operations had helped reduce deaths from the synthetic opioid, fentanyl, which had been linked to particular drug producers in China and suppliers on the dark web. Other investigations had identified women who had been trafficked.

“You are protecting some of the most vulnerable people in society, saving lives,” she said.

The Guardian:

You Might Also Read:

Cybersecurity Training For High School Students

« Why Mainframe Security Risks Are Largely Unrecognized
The Best Security Is Based On Zero Trust »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Institute for National Security and Counterterrorism (INSCT)

Institute for National Security and Counterterrorism (INSCT)

INSCT is a center for the study of national security, international security, and counterterrorism. Research programs include New Frontiers in Science, Cyber, & Technology

NT Cyfence

NT Cyfence

CAT Cyfence is the IT Security services business unit of CAT Telecoms.

MagicCube

MagicCube

MagicCube is a device independent IoT security platform that protects against on-device, cloud, and network attacks.

CloudVector

CloudVector

CloudVector's API Detection & Response platform is the only API Threat Protection solution that goes beyond the gateway to provide Shadow API Prevention and Deep API Risk Monitoring and Remediation.

Thridwayv

Thridwayv

Thirdwayv helps your enterprise realize the full potential of loT connectivity. All while neutralizing security threats that can run ruin the customer experience - and your reputation.

Kape Technologies

Kape Technologies

Kape Technologies is a cybersecurity company focused on helping consumers around the world have a better digital experience with greater privacy and protection.

CACI International

CACI International

CACI is at the forefront of developing and delivering technological breakthroughs that transform and optimize government operations.

Purple Knight

Purple Knight

Purple Knight is a free Active Directory security assessment tool built and managed by an elite group of Microsoft identity experts.

SHI International

SHI International

SHI International deliver against your IT and business needs, helping you build strategies and solutions that will drive innovation, collaboration and security.

Gem Security

Gem Security

Gem is on a mission to help security operations evolve into the cloud era, and stop cloud threats before they become incidents.

Keytos

Keytos

Keytos has revolutionized the Identity Management and PKI industry by creating cryptographic tools that allow you to go password-less by making security transparent to the user.

Technology Mindz

Technology Mindz

Technology Mindz is a leading provider of cybersecurity services. We offer a wide range of services to help businesses. Our services are Identity and access management, Governance risk and compliance.

Var Group

Var Group

Var Group is one of the main partners for innovation in the ICT sector in Italy.

Aspiron Search

Aspiron Search

Aspiron Search is a niche-focused Cybersecurity search firm that works exclusively with venture-backed Cybersecurity firms.

Cytacs

Cytacs

Cytacs is the AI-powered cyber security platform specifically designed for small and medium-scale enterprises.

Astra Cybertech

Astra Cybertech

At Astra Cybertech, we're more than just cybersecurity experts - we're your partners in safeguarding your digital assets.