For some reason, there is a tendency today towards hiding knowledge away from teenagers that is deemed ‘unsuitable’ for them to know, something which seems to fly in the face of the very concepts underpinning education – transparency, honesty, and curiosity. One of the most dangerous areas where this is occurring is that of understanding security protocols and how to protect oneself from the nefarious ‘hackers’ that are apparently around every corner.
According to the Home Office, having “specialist knowledge and skills in IT and communications” could be a gateway to potential law-breaking. The guide, intended to help police and local authorities spot ‘at-risk’ individuals, states that those who have undertaken formal IT training, or even those who have taught themselves, could have skills to “commit serious offences.” It goes on to suggest that some of these ‘dangerous’ skills include “hacking video games” or “sharing online.” The document goes further by saying “Early behaviours could include modifications to games or software and sharing online. Recent evidence suggests that the number of frauds committed by young adults is increasing.”
While every week the media seems to detail new horror tales of hacks, scams, viruses and thefts online – it might be interesting to turn to the UK Department of Education to see what they mandate as important for UK teenagers to learn during their study of Computer Science:
School curricula aim to teach teenagers how to “use technology safely, respectfully, responsibly and securely,” but only address online social issues such as avoiding online predators or dealing with online bullying. Schools don’t tend to deal with the rights and wrongs of online life – the ethics of being a solid digital citizen, let alone why it’s probably not a good idea to infiltrate government and military networks such as British hackers Gary McKinnon, Lauri Love or Jake Davis did.
This discrepancy between what a competent teenage digital citizen should know and what some authorities feel is forbidden knowledge, is causing confusion to those teenagers who are curious and interested in the capabilities of digital security systems. They are being left to their own devices and allowed to educate themselves in using this ‘digital voodoo’ with no oversight or guidance that might give them a better sense of the consequences of their online actions and help them avoid breaking the law in their quest for knowledge. Left to their own devices, it isn’t difficult to imagine what sort of imaginative – and destructive – uses a disaffected teenager may find for their new talents.
Parents are in danger of leaving it up to Google and online communities like 4Chan and Reddit to educate teenagers. Since the advent of social media, the internet has become the new public space – according to OfCom in their annual ‘MediaUse and Attitudes Report’ last year, people aged 16-24 spent an average of 27 hours 36 minutes online each week.
Teenagers themselves need to realise that they have a responsibility to other people in this new and pervasive public sphere.
There isn’t any need to tell teenagers in a woodworking class not to hit each other over the head with hammers – they are very aware of the consequences of that action. But online, there is less tangible understanding of the effects of any digital activity. Indeed, many people being arrested for committing online security crimes are as young as 16! It seems reckless to allow children access to the most powerful tool that exists in the world today without giving them a primer on the capabilities, risks, and ethics of using it.
We don’t allow teenagers to learn about sexual health and interaction by asking Google. Why is it any different for their digital interactions?
Recently, the VPN provider HideMyAss ran an experiment where they provided a seven-year-old girl named Betsy Davies the instructions on how to run a ‘Man in the Middle’ (MITM) attack on a public WiFi access point. An MITM attack means that this little girl had set her computer as the access point for all the users on the network and was accepting and passing on ALL the data from anyone connected to her ‘rogue access point.’ This hack took Betsy less than ten minutes, and the instructions to accomplish this feat are readily available from a quick Google search.
So how can we confront this enormous issue? When it comes to teenagers, the first and most obvious place to start is at school and home. As a parent, you have a duty to ensure that your teenager is not engaging in criminal activity, and this should be no different online.
However, the problem we encounter time and again is the enormous disparity between parents and children when it comes to understanding the workings and uses of modern technology. In August last year, an Ofcom survey found that younger people have a way more advanced understanding of technology than adults: most 6-year-olds have the same level of knowledge as the average 45-year-old.
As a parent, if you are to monitor and guide your teenager’s use of technology and make sure he’s not becoming involved in cyber-crime, you must first be able to understand the technology itself.
Ofcom tells us that the most digitally confident people in the UK are teenagers aged between 14-19 years old. Using devices such as smartphones and tablets already seems like second nature for these digital natives, when it can take days for some parents to grasp even the concept of a touch screen.
Not enough, it seems. In the UK, for example, The Department for Education gave Computing At Schools £3 million over two years to help schools prepare, but they are still waiting to hear if it will have any funding after March. And when you think about it, that £3m only amounts to around £150 per school – even less per teacher. Not close to enough to send them on a training or development day to simply improve their general digital knowledge.
We need more hands-on training and upskilling for our educators if we can even hope to improve the prospects of students who are interested in infosec away from cybercrime.
As a parent, you need to understand what your teenager is doing on-line and have a greater general understanding of the moral and social issues online. A great place to start is talking to him and other family members and friends about this.
People always fear what they don’t understand, and by not discussing the ideas around information security we are increasing the power of those in the inner-circle, those who would use the knowledge for their destructive ends. We need to be more open and honest about the ‘Dark Arts’ online – just as thousands of martial arts teachers have been for centuries: teaching someone Kung Fu always comes at the risk of them abusing their power and attacking or hurting others. But if all of us know a little Kung Fu or digital literacy (you don’t have to be a black-belt!) then we are less able to be victimised by those willing to abuse their knowledge for their gain. If we engage and educate ourselves as parents, we will be a little safer, knowing that even if we can’t save ourselves, there are others around us who are trained and knowledgeable, who can come to our aid when we need it.
Coders, hackers, programmers and most of all, technology companies should be taking up the mantle of improving the general level of security on the internet by educating its denizens on the risks of ignorance. In my opinion, perhaps governments should be relinquishing some of their power over the internet, to cultivate more empowered, knowledgeable, altruistic and social citizens. Teachers also need to ask for more resources, training and knowledge of the new curriculum in their industry. In the words of Spiderman, teenagers need to understand that… “With great power, comes great responsibility.”