Tufin Survey Finds One in Six New York Teenagers Hack - And Rarely Get Caught

Half Have Had Their Facebook or Email Account Compromised Yet Almost 40% Think Hacking is "Cool"; Companion Survey of London Students Underscores Cultural Differences

April 14, 2010:Tufin Technologies, the leading provider of Security Lifecycle Management Solutions, today announced survey results that reveal the hacking habits of 1000 New York City teenagers. Exactly half (50%) of US kids sampled revealed they'd had their Facebook or email account hacked, which may explain why 75% feel hacking is wrong and 70% think it should be considered a criminal offense. However, 39% of the teens surveyed think hacking is "cool" and 16%, or roughly one in six, admitted to trying their hand at it. Only 15% of the entire sample has either been caught or knows someone who has - particularly disturbing considering 7% of young hackers reported they did so for money and 6% view it as a viable career path.

"Because kids today tend to be more tech savvy than their parents, and the processes, procedures, and precedents for some forms of Internet-based crime are still evolving, it's too easy for kids to not realize the dangers or consequences of hacking until they are no longer juveniles," said Monique Nelson, Chief Operating Officer of WebWiseKids.org, an online safety organization sponsored in part by the United States Department of Justice. "These young hackers are under the radar, with the majority hacking from home. Prevention is always an uphill battle, but it's imperative that parents do pay close attention to their children's attitudes and beliefs about what is appropriate - and legal - online behavior. We want to educate kids before they make bad choices, not because they already did."

A potentially surprising finding is that it's not just the boys - of the sample, 29% of those who admitted to hacking were girls. The most common reason cited for hacking was for fun (54%) followed by curiosity (30%). 14% that hack aimed to cause disruption and a resourceful 7% of US kids thought they could generate an income from the activity, with 6% viewing it as a viable as a career path! 34% had already hacked by age 13 and 52% hacked between the ages of 14-16.

Are American teenagers more law abiding...or do they just not get caught?
Tufin performed an identical survey of 1000 high school students in London, the results of which can be found at http://tr.im/TULj. The collective results reveal some interesting contrasts between American students and their UK brethren. Some of the major take-away's include:

  • American kids hack less, are hacked more and get caught hacking substantially less than their UK counterparts.
  • In the UK, one in four (26%) have tried hacking with 36% - or roughly one in three - reporting that they have been hacked.
  • In the US, 16% of students, or roughly one in six hack and exactly half (50%) have had their Facebook or email accounts compromised.
  • 18% of London and a surprising 30% of NYC students agreed hacking is easy.
  • 70% of UK teenagers labeled the practice as 'uncool' versus 61% of US teenagers.
  • Roughly 70% of New York students think hackers should be viewed as criminals and be punished by the law, compared to only 53% of their peers in London.
  • Perhaps it's because they get caught almost twice as often - in the UK, 27% have been caught or know someone who has been caught hacking, as opposed to only 15% of their American brethren.
  • Facebook is the number one target for young hackers in the US (20%) and the UK (25%), followed by their friends' email accounts (6% US & 18% UK).
  • 80% of US kids had tried hacking by age 16 as opposed to only 44% of their UK peers.

In the U.S., home is where the hack is...
The study found a clear dichotomy between the two populations when it came to their methods - while only 27% of UK students were inclined to misbehave from the confines of their bedrooms, 51% of New York teens had no issue hacking from their home computers. 22% of juvenile offenders in the UK are utilizing computers in Internet Cafés (22%), with only 6% in the US. The number of US kids hacking at school was 28%, compared to 21% in the UK, with roughly 20% of each population using someone else's machine.

"Over the years, hacking has changed from teenage 'script kiddies' showing off their online prowess to sophisticated career criminals hacking for profit," said Ruvi Kitov, CEO of Tufin Technologies. "Whether they target a company's intellectual property, a person's bank account or their Facebook page, our job as IT security professionals is to stop hackers in their tracks. We need to ingrain in our children that no matter how harmless your intent, to gain unauthorized access into another person or company's online assets is both wrong and illegal. This is important not just to combat hacking in the future, but also to educate children about online safety and increase their awareness of common threats."

  1. If bored or curious kids were this successful at hacking, just imagine what a motivated criminal could accomplish. Here are some ways to stay safe online: Install security software: anti-virus, anti-spyware and a personal firewall. At a minimum, your computer should have current anti-virus and anti-spyware software and a firewall to protect yourself from hackers and malicious software that can steal sensitive personal information.
  2. Keep your security software and operating system up-to-date.
  3. Protect your personal information online. Be wary of clicking on links in emails that are unfamiliar and be very cautious about providing personal information online, such as your password, financial information, or social security number.
  4. Know whom you are dealing with. It is remarkably simple for online scammers to impersonate a legitimate person or business.
  5. Vary your user name and passwords between sites, that way if one account is compromised it can limit the damage of others being breached.
  6. Use "strong" passwords that are long and use both letters and numbers, and change them every few months. To keep track of them without having to write them down, use a password manager such as Password Safe by Bruce Schneier (http://passwordsafe.sourceforge.net/).
  7. Untick 'remember me' boxes for user name and passwords, especially for email accounts, online banking, social media websites etc.. If your computer is used by other members of the household - and possibly their friends - you may be exposing your personal information without realizing it!
  8. Be careful what you talk about in chat rooms, you never know whom you're talking to or who's listening in.
  9. Learn what to do if something goes wrong. You can also alert the appropriate authorities by contacting your Internet Service Provider or the Internet Crime Complaint Center. The Federal Trade Commission (FTC) can assist if you are subject to identity theft. You can also forward spam or phishing emails to the FTC at spam@uce.gov

Notes to editors:
This survey was carried out by independent, "man-on-the-street," researchers for Tufin Technologies amongst 1000 teenagers in London and 1000 teenagers in New York City.

10.35.4.249;