
Warning signs of cyber crime according to UK National Crime Agency - CSDude
http://www.nationalcrimeagency.gov.uk/crime-threats/cyber-crime/cyber-crime-preventing-young-people-from-getting-involved
======
throwawayukcyb
Children committing crimes using computers is a real problem and should not be
disregarded. See the last portion of "Reflections on Trusting Trust".

That said, this webpage is dangerous and misleading for a lot of reasons, but
I'll try to focus on the problems that are actionable:

1\. The "warning signs" the article enumerates are almost certainly not
significantly correlated with youth who commit cyber crimes. In other words,
the warning signs are probably just some made up bullshit someone with
arbitrary biases came up with and put online. ( _Even if_ it accurately
describes _every_ youth convicted of cyber crime, that still doesn't mean that
it's remotely likely to be correlated with cyber crime.)

In my mind, there's no material difference between teenagers who bully geeks
and the author of this article -- both are identifying people who are
different from them and then bullying them for being different. The only
difference is that the author of this article has fooled themselves into
thinking they have a justifiable excuse for painting with a broad brush.

2\. The focus on computer security in the alternatives is misplaced.
Especially considering the "warning signs". Far better to find the kid some
bright mentors who match them intellectually _in any field_ than to focus
arbitrarily on computers -- much less computer security! A socially isolated
student who's teaching themselves to program is not likely to do much more
than roll their eyes if you explain to them that they could spend their life
configuring firewalls and installing AV.

~~~
jcrawfordor
I object to your dismissal of my industry as "configuring firewalls and
installing AV". Certainly the security industry is not for everyone, but it
does have a wide variety of interesting challenges ranging from highly
theoretical to highly applied. My friends and coworkers in the security
community do everything from mathematics to public policy, with no small
amount of software engineering and systems design in between. Many governments
and members of private industry also face a significant labor shortage in
security right now, which provides a certain motivation for this agency to
suggest it to people.

A lot of people in the security industry would not even consider "configuring
firewalls and installing AV" to be security work, in most organizations that
rests with the sysadmins and network engineers, who also have a varied and
challenging field.

~~~
throwawayukcyb
I think you've misinterpreted me. The problem is not that security work isn't
interesting. The problem is that the sorts of security-related things a
teacher/parent is most likely to point their children to (most likely the
school's IT staff or some ridiculous certification exam) aren't interesting.

Basically, my advice is to scrap what the article suggests and instead prefer
"intellectually stimulating" to "related to security" when diverting a bright
child's interests. It's often easy to find something sufficiently
intellectually stimulating if you don't focus on security. Also, something
related to security isn't necessarily at all intellectually stimulating
(again, please don't flip my quantifier...).

 _> I object to your dismissal of my industry as "configuring firewalls and
installing AV"._

This wasn't my intention. FTR I respect security professionals and IT folk of
all stripes.

But there are boring jobs in every indsutry.

My observation is only that diverting a student to the nearest person whose
job has anything to do with "cyber security" is not likely to end with that
student showing up at a security research lab. Similarly, I think it's a
laughably bad idea to try to get a kid who is already checking out of school
to prep for something like a CREST certification exam.

 _> Certainly the security industry is not for everyone_

This was more my other point.

I doubt that most students who are interested in computers and who are also
acting out using computers are necessarily interested in computer security. I
think that assuming this fundamentally misunderstands/conflates two very
different things going on in the student's life -- their interest in
computers/science/technology, and anti-social behavior.

 _> A lot of people in the security industry would not even consider
"configuring firewalls and installing AV" to be security work_

Unfortunately most of the teachers/parents reading that webpage are unlikely
to know the difference.

~~~
jcrawfordor
I get your meaning now. I would agree with you on this then - and I have seen
various programs to get K12 students into or more knowledgeable about security
and they've often been fairly terrible. I'm curious to evaluate the ones they
refer to, but I don't have high hopes.

------
Fuzzwah
Warning signs of cyber crime

    
    
      * Is your child spending all of their time online?
      * Are they interested in coding? Do they have independent learning material on computing?
      * Do they have irregular sleeping patterns?
      * Do they get an income from their online activities, do you know why and how?
      * Are they resistant when asked what they do online?
      * Do they use the full data allowance on the home broadband?
      * Have they become more socially isolated?

~~~
thescriptkiddie
Sounds familiar...

    
    
      * Has your son asked you to change ISPs?
      * Are you finding programs on your computer that you don't remember installing?
      * Has your child asked for new hardware?
      * Does your child read hacking manuals?
      * How much time does your child spend using the computer each day?
      * Does your son use Quake?
      * Is your son becoming argumentative and surly in his social behaviour?
      * Is your son obsessed with "Lunix"?
      * Has your son radically changed his appearance?
      * Is your son struggling academically?
    

[http://www.adequacy.org/stories/2001.12.2.42056.2147.html](http://www.adequacy.org/stories/2001.12.2.42056.2147.html)

~~~
arcadius
At first glance, I thought this is what he was quoting. I haven't thought
about this page in a long time.

~~~
whoopdedo

        Popular hacker software includes ... "Flash"
    

Well, kinda yeah.

------
Symbiote
Related, "The average age of suspected cyber-attackers has dropped
dramatically to just 17, the National Crime Agency has said."

"We know that simply criminalising young people cannot be the solution to this
and so the campaign seeks to help motivate children to use their skills more
positively."

[http://www.theguardian.com/technology/2015/dec/08/average-
ag...](http://www.theguardian.com/technology/2015/dec/08/average-age-of-cyber-
attack-suspects-drops-to-17)

------
CM30
So every hardcore gamer is displaying the 'warning signs of cyber crime' now?
Because let's face it, most of those signs also apply pretty well to die hard
gamers or video game fans, especially ones who discuss them on internet forums
and watch videos on Youtube.

But hey, keep buying into the crap about the average cyber criminal being your
typical 'geek' or gamer type.

------
mangeletti
This article, IMHO, represents the fact that, globally, we're approaching Peak
Government.

As government takes up more and more resources and provides less and less
value, it also falls out of touch with reality, and then we get to this
point...

------
KupKLIO
Apologies for veering slightly off-topic and the pedantry.

Is 'cyber' actually used by technically competent folk now? It's been cropping
up alot with the 'cyber' crime, 'cyber' attacks happening in 'cyber' space
recently, needing improved 'cyber' security skills.

Usually the term's reserved for either mass-media outlets, or people trying to
scare you.

~~~
jcrawfordor
"Cyber" is used heavily in the industry, much to my chagrin. I wage a minor
war of replacing "Cybersecurity" with "Information Security" anywhere I can.

I once kept a list of every cyber-* I heard at an industry conference with the
idea of making Conference Cyberbingo. Notable entries included "cybertactics,"
"cyberstrategy," "cyberthreat".

~~~
fao_
> I wage a minor war of replacing "Cybersecurity" with "Information Security"
> anywhere I can.

For some reason, both of these terms make me grate my teeth!

I imagine it has something to do with only hearing "cyber" being used by
people who are woefully out of date, and "Infomation Security" by people who
are actually marketers that can use a computer...

------
mediocrejoker
This reminds me of another article

[http://www.adequacy.org/stories/2001.12.2.42056.2147.html](http://www.adequacy.org/stories/2001.12.2.42056.2147.html)

------
gaius
When I was a kid there was basically the same list, but for Dungeons &
Dragons, which was a gateway to satanism doncha know...

------
protomyth
So, the UK Government thinks every programmer is a criminal?

~~~
scotty79
> Many of these are just normal teenage behaviours and don't necessarily
> suggest a young person is at risk of getting involved in cyber crime.

No. Some are just presenting normal teenage behaviours.

~~~
mikeash
The wording suggests that some of them _aren 't_ normal teenage behaviors and
_do_ suggest a young person is at risk. I wonder which ones they think those
are.

