Website URL:
     * Edition: 
          + Asia 
          + Australia 
          + Europe 
          + India 
          + United Kingdom 
          + United States 
          + ZDNet around the globe:
          + ZDNet China 
          + ZDNet France 
          + ZDNet Germany 
          + ZDNet Korea 
          + ZDNet Japan 

   
   Search
     * Videos 
     * Windows 10 
     * 5G 
     * IoT 
     * Cloud 
     * AI 
     * Security 
     * more
          + TR Premium 
          + Build a Website 
          + Innovation 
          + Tonya Hall Show 
          + Best Smartphones 
          + Executive Guides 
          + Best VPN Services 
          + Web Hosting 
          + See All Topics 
          + White Papers 
          + Downloads 
          + Reviews 
          + Galleries 
          + Videos 
          + TechRepublic Forums 
     * Newsletters
     * All Writers
     * 
          + Preferences
          + Community
          + Newsletters
          + Log Out

     * 
     * 
          +
     * Menu
          + Videos 
          + Windows 10 
          + 5G 
          + IoT 
          + Cloud 
          + AI 
          + Security 
          + TR Premium 
          + Build a Website 
          + Innovation 
          + Tonya Hall Show 
          + Best Smartphones 
          + Executive Guides 
          + Best VPN Services 
          + Web Hosting 
          + See All Topics 
          + White Papers 
          + Downloads 
          + Reviews 
          + Galleries 
          + Videos 
          + TechRepublic Forums 
     * 
     * 
          +
               o Preferences
               o Community
               o Newsletters
               o Log Out
     * us
          + Asia 
          + Australia 
          + Europe 
          + India 
          + United Kingdom 
          + United States 
          + ZDNet around the globe:
          + ZDNet China 
          + ZDNet France 
          + ZDNet Germany 
          + ZDNet Korea 
          + ZDNet Japan 

UK police deny responsibility for poster urging parents to report kids for using Kali Linux

   Updated: Using Discord, too, is apparently a warning sign that your child is turning into a naughty hacker.

     * 
     * 
     * 
     * 
     * 
     * 
     *

   Charlie Osborne 

   By Charlie Osborne  for Zero Day | February 14, 2020 -- 14:26 GMT (06:26 PST) | Topic: Security

   Under half of CISOs are ready to respond to a cyberattack Only 49% of CISOs and other senior executives are fully confident that their organisation could deal with the fallout of a hacking incident or data breach right now, and most think the threat from cyberattacks will get worse.

   The UK's National Crime Agency (NCA) has publicly said it has nothing to do with a misleading poster designed to put fear into the hearts of parents and urge them to call the police if their children are using Kali Linux.

   The poster, made public by Twitter user @G_IW, has reportedly been distributed by local authorities on behalf of the West Midlands Regional Organised Crime Unit (WMROCU).

   It appears the creators of the poster are aiming to inform parents of what dubious software to look out for if they suspect their children are up to no good on the computer. While a good and reasonable intention, the disinformation on the poster, as described by @G_IW, is "staggering."

   Virtual machines, the Tor Browser, Kali Linux, WiFi Pineapple, Discord, and Metasploit are all deemed terrible finds and the poster urges parents to call the cops "so we can give advice and engage them into positive diversions."
   screenshot-2020-02-14-at-14-05-07.png

   G_IW

   In reality, virtual machines (VMs) are a safe, perfectly legitimate way to run different operating systems and to test software without risking core computer systems. They can come in handy, for example, if software or games are designed for one operating system but are not compatible with another -- such as playing a Windows game on a macOS machine or vice versa.

   The Tor Browser is open source software developed by the Tor Project designed to protect your privacy and is especially useful for those in surveillance and censorship-based states, civil rights groups, activists, and journalists.

   CNET: Plastic surgery images and invoices leak from unsecured database

   Developed by Offensive Security, Kali Linux is a valuable OS used to learn penetration testing. The operating system is used by security professionals worldwide in white-hat security roles, as is the Metasploit tool, and WiFi Pineapple is also used for penetration testing -- but considering a price tag of a few hundred dollars, it is unlikely many kids have one of these stashed away.

Security 101

   How to protect your privacy from hackers, spies, and the government 

   How to protect your privacy from hackers, spies, and the government 

   Simple steps can make the difference between losing your online accounts or maintaining what is now a precious commodity: Your privacy.

   Read More

   The mention of Discord as a platform to "share hacking tips" is laughable, as you are more likely to come across gaming enthusiasts and meme-sharers than hacking communities.

   See also: The best gifts for hackers in 2019

   Naturally, the poster has drawn the ire of many in the cybersecurity industry and as both the WMROCU and NCA logos were included, the NCA has been forced to publicly distance itself from the advisory.

   In response, the NCA said the agency "was not involved in the production or release of this poster."

   "There are many tools which tech-savvy children use, some of which can be used for both legal & illegal purposes, so it is vital that parents & children know how these tools can be used safely," the NCA added.

   The team from Kali Linux might have enjoyed the marketing, though, given their light-hearted response to the poster:
   screenshot-2020-02-14-at-13-48-27.png screenshot-2020-02-14-at-13-48-27.png

   TechRepublic: Chinese cyber criminals are getting more organized and dangerous

   The police force eventually responded, blaming a third-party:

     "The poster -- produced by a third party -- was created as an aide memoire to assist teachers with safeguarding in schools. It was taken from wider information on cyber tools which could be used to commit cyberattacks, but equally have a legitimate purpose."

   Make of that what you will. But it should be noted that we should be encouraging a healthy interest in cybersecurity as there are plenty of roles, both current and emerging, which require skilled, white-hat professionals, and we should not be trying to frighten parents, teachers, and children away from tools that not only protect our privacy but can also pave the way for successful future career paths.

   Speaking to ZDNet, Jim O'Gorman, the Chief Content & Strategy Officer for Offensive Security commented:

     "I think that the whole situation reminds me of the generational scares that happen with rock music, video games, and so on. Hopefully no parent would take it seriously and feel like they have to call the police on their own children if they find them using Kali or chatting with others on Discord, as that's pretty ludicrous.

     These are all awesome opportunities for parents to engage with their children, find common interests, and spend time together while helping the child learn skills that will help them later in life.

     If you don't understand something your child is into, instead of freaking out about it just ask the kid and learn from them. In the end, none of this entire issue has anything to do with Kali or any of the other tools called out in the poster, instead it just has to do with how to be a good engaged parent and some people's misunderstanding of what that means."

   Update 17.58 GMT: WMROCU told us:

   "This poster was produced to raise awareness among teachers, parents, and guardians to help them advise children how to stay safe online. The poster highlighted some of the digital tools their children might be using at home.

   The software mentioned is legal and, in the vast majority of cases is used legitimately, giving great benefit to those interested in developing their digital skills. However, as with any software, it can also be misused by those with less legitimate intentions. The purpose of this poster was to provide a quick reference guide to the range of software available, so those with parental responsibility for children and young people can start up a conversation about the safe and legal use of computers and technology."

  Previous and related coverage

     * US lawmakers introduce bill to fight cybersecurity workforce shortage
     * Cybersecurity staff burnout risks leaving organisations vulnerable to cyberattacks
     * Singapore tackling cyber talent shortage one capture the flag challenge at a time
     _____________________________________________

   Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0
     _____________________________________________

  Related Topics:

   Security TV  Data Management  CXO  Data Centers 

     * 
     * 
     * 
     * 
     * 
     * 
     *

   Charlie Osborne 

   By Charlie Osborne  for Zero Day | February 14, 2020 -- 14:26 GMT (06:26 PST) | Topic: Security

   Show Comments 
   LOG IN TO COMMENT
     * My Profile
     * Log Out

   | Community Guidelines
   

Join Discussion

   Add Your Comment
   Add Your Comment

More from Charlie Osborne

     * 
       Security
       Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products
     * 
       Security
       US government authorities fail to train employees on ransomware detection, prevention
     * 
       Security
       Raccoon malware targets massive range of browsers to steal your data and cryptocurrency
     * 
       Security
       Former Microsoft engineer convicted of 18 felonies for digital currency fraud scam

   

Newsletters

   
   See All
    
   See All
   

Related Stories

     * 1 of 3
     *

     * 
       Singapore university to establish facility that studies social impact of internet
       Operational from April, the National University of Singapore's Centre for Trusted Internet and Community aims to tap artificial intelligence and data science to assess implications ...
     * 
       Malicious attacks continue to account for 64% of data breaches: OAIC
       It's the first report since OAIC announced it would shift the NDB reporting scheme from a quarterly report scheme to a six-month one.
     * 
       Report identifies the most dangerous mobile app store on the internet
       And, no! It's not the Google Play Store.

     * 
       Home Affairs savaged over poor data retention laws oversight
       Australia's Department of Home Affairs doesn't even know how many agencies have been authorised to access telecommunications metadata without a warrant, let alone what for, but ...
     * 
       ACMA mandates stronger identity checks when porting Australian mobile numbers
       From April, customers will need to authorise transfers with their telco.
     * 
       Let's Encrypt issues one-billionth web security certificate
       In less than five years, Let's Encrypt has secured almost 200 million websites with free TLS certificates.

     * 
       Facebook sues SDK maker for secretly harvesting user data
       Data analytics firm OneAudience allegedly paid app developers to include its SDK in their code so it could harvest data from Facebook users.
     * 
       Intel fixed 236 bugs in 2019 and only 5% (11 bugs) were CPU vulnerabilities
       Intel says that 60% of all security bugs fixed in 2019 were discovered internally, by employees.
     * 
       How to lock down your Google Account using hardware security keys, or your iPhone or Android smartphone
       Use your Google account for important work that you wouldn't want to fall into the wrong hands? You need to lock down your Google Account using the Advanced Protection Program. ...

   ZDNet
   Connect with us
      

   © 2020 CBS Interactive. All rights reserved. Privacy Policy | Cookies | Ad Choice | Advertise | Terms of Use | Mobile User Agreement
     * Topics
     * Galleries
     * Videos
     * Sponsored Narratives
     * CA Privacy/Info We Collect
     * CA Do Not Sell My Info

     * About ZDNet
     * Meet The Team
     * All Authors
     * RSS Feeds
     * Site Map
     * Reprint Policy

     * Manage | Log Out
     * Join | Log In
     * Membership
     * Newsletters
     * Site Assistance
     * ZDNet Academy
     * TechRepublic Forums