British teenagers accused of hacking offenses have taken part in a weekend ‘rehab’ camp. The event involved coding challenges and talks on careers in cybersecurity.
According to a BBC report, the camp was conceived following research that found both criminal hackers and legitimate security researchers had largely similar skills and backgrounds, with the main difference being whether they were spotted and guided towards legal activities.
The participants invited to the camp had received sanctions ranging from an official warning to a criminal conviction with a suspended prison sentence. In at least one case, participation on the camp was a condition of avoiding jail time.
Attendees learned about the different roles computer security staff take on including forensic analysis, network protection and mounting attacks on companies – known as red teaming. They also did coding challenges, took each other on in hacking games and learned about bug bounty schemes. These schemes could mean they would get paid for finding and reporting the loopholes they used to exploit for their own ends.
After the weekend, one attendee said: “Now I know cyber-security exists it sounds like it would be something I really, really want to go into.
“You get the same rush, the same excitement, but you are using it for fun still, but it is legal and you get paid,” he said. “So, it’s every kind of benefit.”
As well as comparing cyber skills, the participants heard from former offenders who now operate cybersecurity companies. They also discussed the reasons they had got interested in computers and hacking, with bullying and autism related conditions cited as contributory factors.
The organizers will now follow up the progress of the participants to see if attending the camp made any difference to how they develop and use their skills.