Category Archives: hacker

Anti-Bullying Curriculum presented at NJEA Convention

AscentiveInternet safety news from the Ascentive team

Each day as many as 160,000 U.S. children miss school because of bullying. Students in the Know Foundation, a non-profit group, has launched the Bullying Academy (www.bullyingacademy.org) a web-based interactive program designed to help 4th-8th grade students recognize the dangers associated with bullying and cyber-bullying. The Bullying Academy is already being used successfully in scores of schools throughout New Jersey and across the country and is quickly becoming the leading online educational source for schools to teach kids about bullying and cyber bullying.

Tens of thousands of NJEA (New Jersey Education Association) members from across the state are expected to attend the 157th annual NJEA Convention November 10-11, 2011 in Atlantic City. Recognized as the largest educational gathering of its kind anywhere in the world, the NJEA Convention draws teachers and educational support professionals who participate in over 300 seminars, workshops, and programs. Program founder Tommy Walser and his staff will be available throughout the convention at the Bullying Academy booth 1907.

According to Mr. Walser, “Cyber cruelty is rapidly increasing in volume and complexity because teens are never taught how to act responsibly and appropriately while communicating online or via other electronic devices,” who is also the executive director of Students in the Know. “The Bullying Academy is a simple and free solution to a pressing dilemma: How to teach students that bullying should not be tolerated as merely part of growing up, and that all students have the right to a safe learning environment.”

According to American Justice Department statistics, school bullying statistics and cyber-bullying studies show that on any given month 1 out of every 4 kids are abused by another youth. Thirty-five percent of students report hate-related words being used against them. Bullying has become epidemic as observed in the media through alarming cases of violence and desperation that, in extreme cases, have led to deaths.

“As technology continues to leap ahead schools are falling behind,” adds Walser. “Many school curriculums don’t address bullying prevention, especially cyber-bullying, one of the most common forms of abuse that involves instant messaging and text messaging. Both can occur at any time during the day and are often suffered in silence.”

http://www.bullyingacademy.org requires no additional software or extensive training for teachers. Schools simply register with the program’s website and students immediately have the curriculum available to them. It can be implemented during any class period or extracurricular activity.

Students learn:

Characteristics and risk factors common to bullies

What bullies look for in victims

How to recognize the short- and long-term effects of bullying on victims and bullies

How to properly respond and report bullying

How to avoid violence while standing up for each other

All materials are grade appropriate. A pre- and post-quiz component measures how much students learn after completing the program. Students receive a certificate/diploma which varies depending on their score, and are provided with data reports of how well they performed in certain categories of questioning such as recognizing consequences of bullying or developing effective communication.

Picture Credit


National Cyber Security Alliance Announces New Agreement to Promote Cyber Security Education Programs Nationwide

AscentiveInternet Safety information from the Ascentive team

The National Cyber Security Alliance (NCSA) – a non-profit public-private partnership focused on cyber security awareness and education for all digital citizens – has announced that on behalf of the National Cybersecurity Education Council (NCEC) it has signed a memorandum of understanding (MOU) with the U.S. Department of Education (ED) and the National Institute of Standards and Technology (NIST) to formally institute and promote cyber security education programs in K-12 schools, higher education, and career and technical education environments nationwide.

The new agreement paves the way for the continuation of the recently established public private partnership known as the National Cybersecurity Education Council to build a consensus on the future of cyber education in the United States. The multi-stakeholder effort will bring together government, industry, nonprofit, academia and other educational organizations to make recommendations and suggest guidelines on cyber education.  The collaboration will also include all parties participating in a working group to identify the cyber education needs of all young people and the foundational knowledge, skills and competencies needed by government and industry to build a workforce that can protect America’s vital digital assets.

The MOU’s partnership supports many of the educational efforts responding to President Obama’s 2009 Cyberspace Policy Review, which called for the nation to “build an education system that will enhance understanding of cyber security and allow the United States to retain and expand upon its scientific, engineering, and market leadership in information technology.” Toward this end, in the spring of 2010, the National Institute of Standards and Technology (NIST) within the U.S. Department of Commerce led a team involving many departments and agencies across the government in launching the National Initiative for Cybersecurity Education (NICE). The goal of NICE is to establish an operational, sustainable and continually improving cyber security education program for the nation to use sound cyber practices that will enhance the nation’s security. NICE includes four focus areas, or tracks:  cyber security awareness, formal cyber security education, cyber security workforce structure, and cyber security workforce training and professional development. The public/private partnership, which the MOU fosters, will advance efforts of the formal education track, particularly responding to the needs identified in the Cyberspace Policy Review for a K-12 cyber security education program for digital safety, ethics, and security and for expanded university curricula.

NCEC members are also cognizant of the inherent demand for improved cyber security education in bolstering America’s future workforce.

Today, the U.S. faces a deficit in the number of cyber security professionals in our country, and predictions of our future needs are worrisome. Estimates from a recent study by (ISC)2 and Frost and Sullivan reveal a need of more than 700,000 new information security professionals in the Americas by 2015. What’s more, the U.S. Bureau of Labor Statistics estimate that there will be 295,000 new IT jobs created in the U.S. between 2008 and 2018 – many of which will require cyber security expertise. This data points out a great responsibility within the U.S. education system and other industry groups to help produce cyber capable citizens.

“Our children live in an interconnected technology-based world with a growing need for digital skill sets,” said U.S. Secretary of Education Arne Duncan. “An education that incorporates tools to understand, navigate and operate technology will encourage students to exercise awareness when using digital platforms while helping better prepare them for the jobs of the future.”

“This important MOU will add another dimension to the public/private partnership that is key to cyber security awareness and formal cyber education,” said Special Assistant to the President and Cybersecurity Coordinator, Howard Schmidt.  “Through the partnership, we will continue to increase public awareness of safe cyber behavior, as well as expanding the availability of the cyber education so vital to the future of our workforce.”

“Our future depends on a digital citizenry that can use the Internet safely, securely, ethically and productively,” said Michael Kaiser, executive director of the National Cyber Security Alliance. “Today, the United States faces a daunting challenge. We need to build a cyber security ready workforce trained to deal with a constantly changing digital infrastructure that is protected against a broad range of cyber threats. This broad effort is critical because cyber security and digital safety touches everyone.”

“With cyber threats on the rise, career opportunities in cyber security will continue to grow and students need to have the access to the necessary foundational STEM education and other prerequisites needed to pursue them,” said NICE National Lead, Dr.Ernest McDuffie. “Higher education and technical training must lead to skills and competencies that meet the hiring requirements of government and industry to fill the growing need for cyber security professionals. This working group will help pave the way to achieving this goal.”

“We are proud to convene and lead this new nationwide effort to help make cyber security education widely available and accessible,” said John Havermann, of EMC Corporation and president of the NCSA Board of Directors. “There is no organization or government agency that can tackle this problem alone. It’s going to take a diverse partnership between government, industry, academia and others to work together to develop shared priorities and a path forward.”

Cyber education is also critical to our nation’s economic growth as evidenced by a recent survey, conducted by Zogby International for NCSA and Symantec, of U.S. small business owners that shows a high portion of businesses need employees with cyber security skills. When employers were asked to rate skills necessary for new hires, U.S. small businesses report the following skills are very relevant or essential:

Understanding privacy (51%);

Importance of protecting intellectual property (49%);

Basic knowledge of using technology ethically (47%);

Basic knowledge of Internet security practices (passwords, identifying secure websites) (44%).

In addition, NCSA and Microsoft recently conducted research on the state of cyber security education and the results make clear better cyber education is needed in America’s K-12 classrooms.

 

More than one-third of U.S. K-12 teachers (36%) received zero hours of professional development training by their school districts in issues related to online safety, security and ethics in the past year. (86% received less than six hours of related training).

Only 51% of teachers agree their school districts do an adequate job of preparing students for online safety, security and ethics.

Few K-12 educators are teaching topics that would prepare students to be cyber-capable employees or cyber security-aware college students. In the past year, a mere 4% taught about careers in cyber security; 20% taught about knowing when it is safe to download files; 23% taught about using strong passwords; and just 7% taught about the role of the Internet in the U.S. economy.

 

Photo Credit


Cyberattacks on the Rise

AscentiveCybersecurity information from the Ascentive team

New cybercrime statistics published by HP reveal that the cost of cyber attacks has risen more than 50%* since last year, and IT security expert Stu Sjouwerman cautions that number is likely to grow. As the founder and CEO of Internet Security Awareness Training (ISAT) firm KnowBe4, Sjouwerman (pronounced “shower-man”) has made it his mission to learn the increasingly sophisticated tactics used by the latest generation of cybercriminals – and to educate small and medium enterprises (SMEs) on how to recognize and avoid them.

According to the Second Annual Cost of Cyber Crime Study, which was sponsored by ArcSight (an HP company) and conducted by the Ponemon Institute, survey respondents reported losses between $1.5 million and $36.5 million per year due to cyber attacks. Collectively, their median annualized cost was $5.9 million – a 56% increase over the $3.8 million figure reported in the July 2010 study. Other key findings announced by HP: the frequency of cyber attacks has increased nearly 45%, and the time and cost to resolve them has risen. The study’s findings indicate that a single attack now takes an average of 18 days and $416,000 to correct.

As many executives and entrepreneurs have learned the hard way, today’s cybercriminals are stepping up their efforts with stealthy tactics and sophisticated technology. This latest study shows that cyber attacks and their related costs are rapidly growing, so business need to be proactive in combating cybercrime if they want to avoid financial loss,” cautioned Sjouwerman.

To educate SMEs on the evolution of cybercrime – and help them better understand what they’re up against today – KnowBe4 provides an overview of the “Five Generations of Cybercrime” on its website. “While the first generation of hackers were more interested in notoriety than financial gain, today’s cybercriminals – Generation Five – are more likely to be operating within organized crime syndicates and profiting handsomely from their schemes,” Sjouwerman explained. “Coding skills are no longer required. Tools and malware are readily available through a thriving underground market, so even a relative novice could quickly get in on the action.”

Among the alarming developments Sjouwerman and his KnowBe4 colleagues are seeing today are:

  • · Licensed malware complete with technical support
  • · Cybercrime social networks with escrow services
  • · “Pay-for-play” malware infection services
  • · Botnet rentals for cybercrime sprees

Sjouwerman believes that the reason so many companies are falling victim to cybercrime is because they’re not taking proactive measures to prevent it. He attributes the growth of the criminal enterprise to a false sense of security among executives at SMEs and a lack of training among their employees. “Many people assume antivirus software and an IT team are sufficient protection against cyber attacks. But the fact is that cybercriminals can bypass corporate security measures simply by tricking one employee into clicking a link. With one click, malware can be instantly downloaded to a computer and quickly spread across an entire network. And in most cases, the employee is completely unaware he or she has just given cybercriminals open access to company systems.”

Photo Credit


New Studies show that Parents don’t Properly Protect Children from Cyber-Bullying

AscentiveSafe Internet Use Tips from the Ascentive team

With about half of young people experiencing some form of cyberbullying or other harassment online, a majority of parents with children under 18 say they are concerned about their children’s social networking activities and want to find ways to protect them. Most parents also admit, however, that they do not have the tools, knowledge or time to properly monitor their children on social networks—and many admit that they take no precautions at all. That’s according to two new studies released today by an online monitoring service.

According to the studies, over 69% of parents with children ages 10 – 17 say they are concerned about their children visiting social networking sites, with their biggest fears being, in order, contact from strangers, information being displayed online that shares their child’s physical location, postings that could tarnish their child’s reputation, and their child getting cyberbullied.

However, the data also shows that most parents do not take the proper precautions to ensure their child’s safety when visiting social networks. For example, even though 68% of parents believe that daily monitoring is a must because news on social networks spreads fast and needs to be resolved quickly, only 32% of parents say they actually monitor their child’s social networking activities every day, and 28% of parents admit they only occasionally, rarely or never monitor their child’s social networking activities.

Meanwhile, 66% of parents believe they should monitor all of their child’s Facebook activity including emails and chats, yet the most common monitoring technique stated—”friending” their child—does not allow the parent to monitor email, chats or many other activities where dangers could lurk. Even if a parent were to “friend” their child, it would be practically impossible and extremely time-consuming to monitor what all of their child’s friends are doing, especially since the average teenager has more than 200 friends on social networks. Many parents don’t realize that the greatest danger posed to their child on social networks isn’t what their child does, but what others do to or say about their child.

“Almost all parents agree that they have a responsibility to look out for their kid’s safety and well-being while they’re on social networks, but there is a serious gap between what most parents believe is sufficient monitoring and what they are actually doing, which in most cases is far from sufficient,” said George Garrick, chief executive officer of SocialShield. “Our goal is to evaluate every friend request, every comment, every photo and all other activities regarding our customer’s children—including by all their friends—so that we can alert the parents if there’s anything suspicious. It’s ironic that so many parents insure their cellphones or protect their computers with anti-virus software, yet fail to properly protect their children from potential threats that can be both physical and psychological.”

Unfortunately, suicides by teens who have been cyberbullied on social networks are a fact of life today, as are incidents of predators stalking and contacting young teen girls, with such contact often leading to tragic outcomes. About half of young people have experienced at least some form of cyberbullying, and 10 to 20 percent experience it regularly, according to the Cyberbullying Research Center, which also found that cyberbullying victims are almost twice as likely to attempt suicide compared to youth who had experienced no cyberbullying.

Since using a social network essentially requires the use of your real name and identity, many people (younger, more vulnerable teens in particular) often post excessive amounts of personal data including their daily habits and locations, not realizing they are leaving a real-life trail of who they are, what they do, and where they can be found.

Other findings from the report include:

  • 62% of parents feel that occasionally looking over their child’s shoulder while he/she sits at the computer in the family room is enough to monitor his/her activities effectively, even though 71% admit their child also accesses social networks from other places, such as at a friend’s house or the library.
  • 50% of parents admitted that “properly monitoring would take a lot of time and I’m sure there are things I’m not seeing”
  • 63% of parents say they frequently review who their child is friending on social  networks to make sure it is only people that he/she knows in real life (although it’s impossible for any parent to really know who a particular “friend” is)
  •  54% of parents say they monitor their child’s social networking account by logging into his/her account as him/her on occasion; only 5% say they are currently using a monitoring application that alerts them if there is something they should be aware of.

Steve DeWarns, a San Francisco Bay Area police officer said: “Whenever I’m speaking to parent organizations, I always tell them that you don’t know what you don’t know, and this data proves that while parents want to protect their kids on social networks, they don’t necessarily have time or even know the most effective way.  And at the most basic level, a large proportion of parents really don’t understand what social networks are and how they work, thus where the risks lie.”

 Photo Credit


Hoax inspires Police to Raid Anti-Cyber Bullying Campaigner’s Home

Internet safety news from the Ascentive team

On Monday, July 22, New Jersey Police and SWAT teams raided the residence of a well-known Internet safety expert and lawyer after receiving an elaborate hoax call from an unidentified man to authorities claiming that another man had killed four people, and was holding another hostage.

SWAT teams descended on the quiet suburban home of Parry Aftab in Wyckoff, New Jersey (a suburb about 15 miles west of New York City), following the call from hackers who had planned the revenge hoax against the prominent internet security campaigner.

Hackers are believed to have orchestrated the plot by first cloning Mrs. Aftab’s telephone number, then placing the unidentified 911 phone call that resulted in thirty armed officers storming the residence in a tense three-hour standoff. Wyckoff police Chief Benjamin Fox said investigators believe the call was made using a computer.

 

After waiting for more instructions from the supposed killer (who had demanded $10,000 and a getaway car) police entered the residence but found it unoccupied, as Mrs. Aftab was out of town.

SWAT teams had trained automatic rifles on the property and stormed it after throwing tear gas through the window, but got inside to find only the family cat on its own.

They had initially thought the house was occupied due to the movements of the same cat behind the curtains. It’s widely-believed that Mrs. Aftab has been targeted by members of online cyber-bully community ‘4chan’ after she spoke out against cyber bullying on the television show “Good Morning America.” 4chan is also associated with Project Chanology, an anonymous group of hackers that recently cyber-attacked the Church of Scientology. The campaigner has often been in direct opposition to online community members like these who believe the Internet should be uncensored, regardless of damage. After speaking out on cyber-bullying last July, Mrs. Aftab was pranked called, and had her Wikipedia page vandalized by wiki-users believed to be from 4chan.

The SWAT team call-out to her house is the latest incident of ‘swatting’, a practice commonly used by cyber-criminals where prank calls see police arrive at people’s homes with SWAT teams. Aftab is said to have apologized to her neighbors for the altercations on Sunday afternoon, and is now working with authorities to attempt to trace the call.

“There are a lot of people who hide behind a computer monitor and think it’s going to get them attention, but this is going to get them the wrong kind of attention. This is not a harmless prank. Any 8-year-old I know could have done this, and it does hide the identity of whoever’s sending it if it’s done the right way, said Aftab.

Wyckoff police Chief Benjamin Fox said, “While we’re all out at this scene, God forbid there’s a second, real scene somewhere else. You’re taking the law enforcement resources from something that could be more serious at another location.”

Photo Credit