What our kids can teach us about cyber security

The surge in cyber-criminality during coronavirus has been well documented. Across the globe, millions of coronavirus scam messages have been thwarted.

Closer to home, Action Fraud has reported that losses to coronavirus-related fraud in the UK more than doubled in six weeks (totalling over £4m).

It’s vital as a society that we ensure our most vulnerable are informed about the risks of cybercrime at all times, but especially now. In the last few weeks, we’ve heard many stories of the elderly being tricked into giving access to their computers or tablets. Scams have included fake calls from so-called Sky engineers, NHS Test and Trace call handlers and Amazon.  Financial losses may be refundable, peace of mind isn’t.

During this period, many children have been left to their own devices rather more than usual. Many have had to get to grips with new technology as their schools have moved learning online. This has given them unprecedented access to laptops, tablets and mobiles. We’ve been saddened to hear of children accessing unsuitable content, racking up in-app purchases and experiencing racism and cyber bullying online. Yet, there are also lessons that we have learned during lockdown from our children…

Distraught at his Roblox account being compromised, a nine-year-old recently turned to one of his friends for support. Unfortunately for him, he chose one of our team’s offspring, who, having grown up in a household which discusses cyber security fails over the dinner table, was incredulous that he didn’t have 2-Step verification turned on to prevent such happenings. Sympathy may have been in short supply, but the child soon knew what he needed to do to protect his account in the future. 2-Step verification is also being recommended by Nintendo following hackers gaining access to over 300,000 Nintendo Switch accounts. This has resulted in funds going missing from accounts and unauthorised purchases. Sensitive personal information stored in user accounts is also at risk.

Another of our team’s children, a teenager with a penchant for the popular shoot-em-up, Rainbow Six Siege, has been heard loudly voicing his discontent at slow or crashing servers caused by co-ordinated Denial of Service attacks (DDOS). DDOSING has plagued the game since its inception in 2015. The publisher, Ubisoft, has taken increasingly draconian measures to stamp out the practice including banning cheaters and hackers at their first offence and suspending 1,300 cheaters en-masse. Having restored faith in the vocal Siege community by reducing DDOSING by 93%, Ubisoft has recently resorted to legal measures to tie up the ‘loose-ends’, suing the businesses and individuals (including minors) involved for undisclosed sums of money.

So, what can we learn from these children’s experiences and how does it relate to business?

  1. Cyber frustration is hard to handle

Installing anti-virus, checking emails carefully and finding out how to reduce the latest cyber security risks can definitely feel like a faff, but it’s nothing compared to the frustration of not being able to access your favourite game or business systems. Only this week, Garmin’s user base has been unable to access the company’s services following a ransomware attack.If you want to reduce the risk of an attack, Cyber Essentials is a great first step. Endorsed by the National Cyber Security Centre, it’s required by an increasing number of organisations as part of their supply chain assessment.

  1. 2-Step verification isn’t just for emails

2-step verification or 2-factor authentication (2FA) is used to protect your accounts from unauthorised access, even if someone knows your password. Again, they may feel like a pain, until you get used to them, but they are the gold standard for preventing unauthorised access. Although their use is not limited to emails, it’s definitely what they are best known for and rightly so. To use one of our favourite analogies, a password is the equivalent of having a wire cage to catch your post and keep it safe whereas 2FA is like having a hungry Rottweiler stationed on your doorstep.

  1. Everyone needs cyber security training

Children are often prone to clicking first and thinking later, just as we are when we’re busy or distracted. Cyber security training reminds us of the need to be alert and helps us to develop spidey senses that keep us safe. You can find links to free online training for adults in our free resource guide.  There are also several free cyber training opportunities for teenagers, including Virtual Cyber School, CyberFirst and Cyberland. With the growing skills shortage in cyber security, it could be the start of a great career! Other resources targeted for children include Thinkuknow, a site from the National Crime Agency which includes advice for different age groups. It’s supported by the Child Exploitation and Online Protection command whose advisors can help children who are worried about the way someone has been communicating with them online.

More news

Upcoming events