Do video games breed hackers?

On July 5th I am guest chairman for a SASIG event on the theme “Do video games really bred hackers”. Thanks to its on-line events over the past year SASIG is now by far the largest UK community of those responsible for corporate information security. Joseph Wise, who uses the title Community Maker in much the same way as I use convenor, will  reprise a presentation he first did some years ago on whether on-line games really are a gateway for youngsters to enter the hacking world, as we so often hear.

And if so, is that a problem or an opportunity?

We are unlikely to have time to cover the  harassment of female gamers  or the use of gaming chat functions for grooming and abuse, let alone how to correct those at risk or the moral and/or legal obligations of those running such services and whether HMG’s legislative proposals are fit for purpose proposed.

I do however, look forward to hearing some facts regarding the motivation of gamers and how to harness these for good.

I recently found my file on the 1994 Home Affairs Select Committee investigation into Computer Pornography (not apparently available on-line, hence the value of paper). The memorandum submitted by IDPM (the then professional body for IT managers) began “The nature of inter-active software means that Computer Based Pornography can have more influence on an adolescent game-playing audience than equivalent paper or video based material. It is therefore important to enable rapid and effective action when problems are detected, particularly in schools and other educational establishments ….”

It is interesting to see how little debate on possible solution has moved on since 1994. Some might argue that the Government response today is no more credible than it was then. We do now, however, have nearly 30 years of evidence and guidelines as on-line gaming and inter-active social media have moved from being the exception to the norm.

And we are increasingly are being told that gamification is the way forward for motivating learners and assessing talent, aptitude and achievement at all ages.

But there are some very real questions to be asked.

Are the problems/opportunities really as big as portrayed?

How does the progression from gaming to hacking work?

Does cheating at a video game actually encourage young people to turn black hat, or is there more at work?

The aim on Monday is to explore how the online wild west of gaming seemingly escalates young gamers from downloading simple cheat codes to launching full-scale DDoS attacks and even being involved in state-sponsored espionage.

Is a cause-and-effect in play here, or do hackers just happen to like playing video games?

SASIG has strong links with NSPCC and Childline. I therefore I look forward to later events which also explore some of the wider issues, including how to exercise corporate responsibility for reducing the risk of corporate or academic services being abused. The appendices of the 1994 Home Affairs Select Committee Report on Computer Pornography contain many recommendations for Government plus a Code of Conduct for those running on-line services, issued by the IDPM after widespread peer review and legal advice involving many of the founder members of EURIM (now the Digital Policy Alliance).

But it is as well to begin with something less controversial. And the best way to explore a subject is to chair those who know about it and do not have a solution to sell.

P.S. For those who thought I had other roles than, Director of Winsafe (of which you have never heard) or the Norwood Community Safety Partnership (of which you will equally have never heard) I should repeat the background that I will give which participants are logging and checking their connections.

Winsafe is the name of the off-the-shelf company I bought when I left the National Computing Centre taking with me the “Technology Assessment” and “National Role” (alias support for policy formation and scrutiny) operations I had joined them to create. The “paying clients” have included Banks, Investors (including Finance Directors) , Parliament and Industry Groups, Publishers and Select Committees. They have never included any Government Departments or Technology Suppliers. Their terms and conditions would have compromised the independence of myself and those I have employed to help me.

The Norwood CSP helps me understand what happens when the various central and local government delivery drainpipes, plus the digital services of the private sector, fail to serve those in most need of easy to access, joined up support. In 1968 I was taught to look at systems (and technologies) from the perspective of the user, alias victim. I have never lost that view point – even though I  have spend most of my life working alongside technology enthusiasts. That is also why I still have a role in chairing event like those on recovery from lockdown, where digital has prevent most of society with as many problems as solutions.