Training Young Hackers To Stop Cybercrime

At the heart of a police operation to defend Britain from attack by cybercriminals, a 14-year-old boy was honing his skills to thwart hackers linked to a rogue state.

Ben Abrahmason was among a group who gathered at a military base in Wiltshire to counter fictional but sophisticated cyber-attacks. Police chiefs and intelligence officers hope young people like Ben will become the latest recruits in the rapidly evolving war. “A lot of it is like normal forensics. There are fingerprints, DNA, except it’s digital,” said Ben, from Leicestershire. “You examine phones, laptops, hard drives: the data on them can help you solve crimes.”

He had passed rigorous online tests to be selected to spend the day being tutored by experts from the National Crime Agency. Police say it is important for them to woo talented hackers who might be tempted, out of boredom or greed, to target companies or even work for criminals.

Colin Lobley, chief executive of Cyber Security Challenge UK, which organises a series of national competitions to identify the best potential “cyber-defenders”, said: “They might be phenomenally talented, but not old enough for us to offer them anything so we have to keep them interested and prevent them going to the dark side.”

He was referring to the network of cybercriminals which Europol has warned is responsible for launching 4,000 ransom attacks a day and whose technological capability threatens critical parts of the financial sector.

The government’s National Cyber Security Centre, in its 2017 annual review, revealed it had responded to 590 significant incidents including attacks on key national institutions such as the health service and the British and Scottish parliaments.

Christopher Williams, 18, from south London, is another who wants to help defend the UK’s critical infrastructure from cyber-attack.

“Anyone who’s a good citizen wants to help their country. It’s exciting to know you can still help protect your community and your country, to defend the UK using forensic skills to provide support for British troops overseas and the likes of MI6,” Williams said .

There was another pressing reason for Friday’s event: a gaping skills shortage threatens the rapidly expanding cybersecurity sector. Robert Hannigan, the former head of GCHQ, the intelligence and security agency, has predicted a “huge skills shortage” by 2025.

Craig Jones, head of preparing cyber-capability at the National Crime Agency, warned that if the UK failed to recruit top-level talent it would not be able to keep pace with criminals. “It’s simple: we are going to struggle. We need the best people to progress, though we also need to recognise that people are not going to stay for a 30-year career in law enforcement,” said Jones.

One area where recruitment must improve is in attracting more women to the sector. On Friday only three of the 30 contestants were women, a ratio that broadly mirrors the UK sector as a whole. Only about 8% of jobs in cybersecurity are filled by women compared with 11% globally.

One of the female contestants, Rhiannon Eason, 23, from Oxford, said: “I have always been interested in forensics and law enforcement, but until recently I had never thought of cybercrime. I’d like to do either forensics or ‘red team’ penetration, where you are an external attacker to test defences. I’m happy to play either side.”

Del Rattenbury joined the National Crime Agency in 2014 and explained that becoming a cybersecurity investigator could make the difference between life and death.

She said that one of her operations had helped reduce deaths from the synthetic opioid, fentanyl, which had been linked to particular drug producers in China and suppliers on the dark web. Other investigations had identified women who had been trafficked.

“You are protecting some of the most vulnerable people in society, saving lives,” she said.

The Guardian:

You Might Also Read:

Cybersecurity Training For High School Students

« Why Mainframe Security Risks Are Largely Unrecognized
The Best Security Is Based On Zero Trust »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Homeland Security Investigations (HSI)

Homeland Security Investigations (HSI)

Homeland Security Investigations (HSI) is a premier federal law enforcement agency within the Department of Homeland Security (DHS).

PFP Cybersecurity

PFP Cybersecurity

PFP provides a SaaS solution for life-cycle protection based on our IoT security platform and power usage analytics.

Identity Automation

Identity Automation

Identity Automation is a leading provider of Identity and Access Management software.

HYAS Infosec

HYAS Infosec

HYAS is a highly skilled information security firm developing the next generation of information security technology.

Virsec Systems

Virsec Systems

Virsec detects and remediates previously “indefensible” advanced memory-based attacks on critical applications and server endpoints.

Lynx Technology Partners

Lynx Technology Partners

Lynx Technology Partners is a full service, full life-cycle risk-based security consulting firm.

LightEdge Solutions

LightEdge Solutions

LightEdge’s highly-trained compliance and security experts take the guesswork out of keeping your business protected.

United Biometrics

United Biometrics

United Biometrics is an anonymous and real-time authentication platform designed to stop the fraud for mobile payments, e-Commerce and applications.

QuillAudits

QuillAudits

QuillAudits offers advanced Ethereum, EOS, TRON smart contract audit, blockchain protocol security and formal verification to ensure your platform’s integrity.

HacWare

HacWare

HacWare is a data driven cybersecurity awareness product that leverages machine learning and behavior analytics help IT professionals combat phishing.

Thoma Bravo

Thoma Bravo

Thoma Bravo is a leading private equity firm with a 40+ year history and a focus on investing in software and technology companies.

GRSi

GRSi

GRSi deliver next-generation systems engineering, cybersecurity, technology insertion and best practices-based Enterprise Operations (EOps) management.

Zeva

Zeva

Zeva solves complex identity and encryption challenges for the federal government and corporations around the globe.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.

Cyber Defense International (CDI)

Cyber Defense International (CDI)

At CDI, we utilize decades of experience in designing and building large-scale cybersecurity programs, creating tailored solutions and services that protect businesses from cyber threats.