deepagopi2011 - Fotolia
Security certification body Crest has joined forces with the National Crime Agency (NCA) to call on UK industry to support efforts to give talented youngsters an alternative to cyber crime and boost the ranks of cyber defenders at the same time.
Crest is collaborating with the NCA on knowledge and resource sharing to further the aims of the agency’s Prevent campaign as part of the certification body’s social responsibility programme.
By understanding the cyber criminal and their motivations, the NCA believes it is possible to encourage youngsters to use their skills and knowledge for good rather than criminal activities.
One of the first joint initiatives aimed at promoting a closer relationship between the security industry and law enforcement is a discussion paper on strategies to help young people avoid cyber crime.
The discussion paper is based on a joint workshop to gain understanding of the characteristics and motives of young people at risk of moving from gaming and coding into cyber crime.
The document details common pathways to illegal online activity, identifies potential intervention opportunities and outlines strategies for redirecting youngsters towards a career in IT or IT security.
Prevent campaign aimed at ‘inquisitive hackers’
According to the NCA, many of the youngsters who become involved either wittingly or unwittingly in cyber crime become socialised into it through interactions with others in gaming and coding forums.
While the NCA continues to pursue the top cyber criminals, malware coders and distributors and senior forum members to bring them to justice, the Prevent programme is aimed at the more junior members and what the NCA terms “inquisitive hackers”, with some as young as 10 years old.
Downloading cheats and modifications to games often leads to participation in hacker forums, which can lead to minor cyber crime to beat the system or for financial gain, which eventually leads to serious cyber crime.
The NCA’s Prevent campaign is in response to the fact that a growing number of cyber criminals are youngsters. Although their actions have a huge impact on public and private organisations, many have no criminal record and claim to be unaware of the true consequences of what they are doing.
Read more about cyber crime
- A TechUK report calls for collaboration between police and industry to raise standards of reporting, recording and responding to cyber crime.
- The chief of the Metropolitan Police Service’s fraud squad Falcon admits the Met’s policing of online fraud and cyber crime has not been good enough in the past.
- Co-operation with business in the private sector is an increasingly important element in fighting crime, according to UK, US and EU law enforcement officers.
- The Metropolitan Police should appoint a senior officer to ensure the whole force is prepared to tackle online crime, says a London watchdog.
According to the NCA, most youngsters involved in cyber crime are self-taught and driven by the urge to learn how things such as game cheats and modifications work and are created.
They are also often motivated by winning the recognition of those they interact with online, which provides a sense of worth and value they are not getting anywhere else.
“From the workshop it was clear that the earlier we can intervene, the more likely it is that talented youngsters will join the information security industry,” said Ian Glover, president of Crest.
“By providing a positive and challenging alternative, we can discourage youngsters from becoming cyber criminals. At the same time we can help address the national and international shortage of people with cyber security skills,” he said.
Crest and NCA call on industry support
Glover called on UK industry to support the NCA’s Prevent campaign by helping Crest and the NCA in providing better access to information about careers in IT and IT security, and suggest ways in which the IT and IT security industries could do to complement law enforcement.
“Crest is trying to pull industry together and encourage them to think about this in a common way,” he said.
Glover also called on UK industry to support Crest and the NCA in efforts to provide “positive diversions” and opportunities for those on the cusp of cyber crime, which will give them an alternative and positive way to use and develop their technical skills that is challenging and rewarding.
Building on insights from the workshop, Glover said Crest has developed a career guide for school children and an interactive PDF about why the security industry is fun to work in, and both are online for free download.
Crest has also developed a career guide for colleges and universities that will soon be available for public distribution, and is working on various mentoring programmes.
“We have made good progress in the creation of material, but we need additional proactive support from UK industry. There is a lot to be done and Crest can’t do it all alone,” said Glover.
“A lot more needs to be done to raise awareness of cyber security as a career. We need to start marketing it a lot more to the right people in the right way,” he said.