Tech

UK police target script kiddies, teenage hackers

The NCA wants to influence would-be hackers before they become involved in cybercrime.

Written by Charlie Osborne, Contributing Writer Dec. 8, 2015 at 3:50 a.m. PT

UK law enforcement is targeting teenagers dabbling in hacking with the aim of preventing them becoming involved in cybercrime.

A recent UK National Crime Agency (NCA) poll found that the average age of cybercrime suspects -- such as those involved in the recent TalkTalk hack -- is 17, in comparison to 24 a year ago. There are teenagers out there able to flit in and out of servers, pinch data and cause chaos for enterprise players -- all before completing their mandatory education, exams, or being able to legally drink.

This is quite a concept. If you have teenagers interested in and willing to explore cybersecurity and hacking, perhaps these young people could be influenced to do so in a legitimate setting, which would in turn help plug some of the skills gap currently causing businesses headaches thanks to the uptake of high-profile data breaches.

Internet of Things

The NCA is thinking along the same lines.

The #CyberChoices campaign is aimed at educating parents of teenagers potentially involved in hacking, in order to "help parents and carers spot signs of potential problems, understand what the consequences could be, and to emphasise better ways for young people to use their skills and interest in technology."

Richard Jones, Head of the National Cyber Crime Unit's Prevent team said:

"Over the past few years the NCA has seen the people engaging in cyber crime becoming younger and younger.
We know that simply criminalising young people cannot be the solution to this and so the campaign seeks to help motivate children to use their skills more positively."

The NCA's research also indicated few teenage script kiddies or hackers knew what the consequences would be if they were caught.

The UK law enforcement agency says the most popular tools among teens are distributed denial-of-service (DDoS) tools -- unsurprising, considering how easy it is to set up and launch such attacks which flood websites with traffic to take them offline.

In addition, Remote Access Trojans (RATs) are popular. The Blackshades RAT, for example, enticed a number of teenagers into purchase deals, leading to the arrest of 22 people -- the average age of which being 18. The youngest buyer of the RAT was only 12 years old.

"We have aimed the campaign initially at parents, because we know from research that they often are unaware of what their children are doing online," Jones said.

"These individuals are really bright and have real potential to go on to exciting and fulfilling jobs. But by choosing the criminal path they can move from low level 'pranking' to higher level cyber crime quite quickly, sometimes without even considering that what they're doing is against the law."

The campaign is supported by various partners including GetsafeOnline, CREST and the Cyber security challenge.