Fifty pupils from five Tayside and Fife high schools took part in a password cracking workshop at Abertay University in Dundee.
The workshop, organised by Skills Development Scotland, aimed to raise awareness about the importance of online security, both for personal safety and as a career option.
During the session, the S3 pupils from St Paul’s Academy, Monifieth High School, Carnoustie High School, Craigie High School and Madras College in St Andrews learned some of the core features of what cyber security professionals to while the team delivered some practical advice on the importance of tough-to-crack passwords.
Students were asked to create ‘strong’ passwords then see evidence of their actual strength before being introduced to tools and techniques aimed at keeping private information secure.
Debbie McCutcheon, digital skills project manager at Skills Development Scotland, said research last year showed over 13,000 career opportunities in Scotland’s digital technologies with 60% of these jobs out-with traditional technology sectors.
“Basically we run a four year programme at SDS and it’s primarily about raising awareness of cyber security jobs and pathways for young people,” she said.
“The added bonus to that is we are getting a lot of young people making them more cyber resilient – making them more safe online and making sure they are more aware of things like phishing emails to make them safer.”
Debbie said there’s a massive skills shortage in Scotland in terms of people who are skilled in cyber.
Ethical hackers are often employed by industry to test the resilience of their cyber security systems.
Craigie High School computing teacher Pauline Cassidy said the workshop at Abertay – which offers a world leading ethical hacking degree course – helped give pupils an insight into real life events and how its practical for their skills to be developed.
“I think kids in general are very savvy about the ‘dos and don’ts’ of things online like not speaking to strangers, ”she said.
“But while we’ve set the foundations of being safe online, society hasn’t really set the foundation yet of being secure online. Even today the kids are struggling with the difference between cyber security and cyber safety. I think that’s something we need to try and develop as pupils are coming from primary school upwards.”
Craigie High pupil Keraleigh Simpson, 14, said she’s learned about cyber security and responsible use of computers at primary school with social education teaching continuing at high school. “I know it’s easy to be hacked and all that – I just know it’s never happened to me,” she said.
But fellow pupil Lea McLeod, 14, had found out the hard way how easy it is for a problem to arise having once accidentally downloaded a computer virus by clicking on a wrong link.
WORKSHOP
When I was invited to take part in the password cracking workshop at Abertay, I didn’t expect to be handed an actual lock to pick.
It all made sense, however, when it was explained that many security consultants, ethical hackers and cyber security experts take up lock-picking in their spare time.
Not only is it a good problem solving exercise embodying knowledge, resilience and patience, it also comes in handy when it comes to ‘red teaming’ – the name given to when a company hires a penetration tester to attack the target using all the possible avenues a hacker would.
After reading a disclaimer that lock-picking is illegal without consent, Michael Kleinman, a fourth-year ethical hacking student at Abertay who ran part of the pupils’ workshop, gave a brief overview of how locks work.
Then it was down to business.
Inserting a tension wrench into the key-way at the top and applying about 40% of maximum finger pressure, the idea was to further insert a sharp-edged raking pick, set the binding pin, then move the pick back and forward until hitting all the right pins inside.
It was far from being like anything in the movies. But after much trial and error, the lock opened with a satisfying ping!
“This is basically the physical manifestation of ethical hacking in my opinion,” said Mr Kleinman afterwards.
“Basically it teaches you all the basic skills you need – you need to be patient, you need to do research into it, you need to look into locks, you need to look into how to tackle a problem, and you need persistence as well.
“Trying to break into a firewall or a network or a website, it requires a lot of practice and patience. You can’t really do that instantaneously – it takes hard work.”
