It was my first day on the job as chief technology officer for "SnapCat," and the hostile attacks on our servers came at us fast. With proper coding and security measures, I blocked some, but my cat boss informed me after that attack that about a third of our users were driven away from the site because of our poor security. In PBS’s online Cyber Lab game, players select avatars and fictional companies, and then learn the basics of cyber security through simple exercises.
One easy way to get a company’s secrets is to convince people within that company to just hand it over. At the Cyber Lab, these attacks are grouped under “social engineering challenges”, and they most often represent phishing scams. Cyber Lab teaches players how to distinguish between real and scam emails, genuine and imposter websites, and to tell if an offer over the phone is really a trick. One level showed a Google homepage next to an imposter site, and I had to spot the five differences between them before determining which was fake. The old logo, lack of an "https" padlock, and typos on the imposter’s page gave it away, but it was still a great fast lesson in how scammers dress up their schemes as trusted sites.
Another problem facing SnapCat was password security. Password cracking challenges teach players how to write a secure password while also showing the dangers posed by brute force attacks. These rounds play as a duel, with the player creating a password to guard their information, and then selecting a cracking technique to break the opponent’s security. Special characters, numbers, and capital letters are all encouraged, but when possible, players are especially rewarded for coming up with long passwords.
There are also coding challenges, where players plot out step-by-step movements of a bot through a maze. It’s a simple tool for teaching the principles of coding, but an effective one. Starting with orders like "move" and "turn," players stack blocks together to guide the bot through the maze. Later on, blocks signify "if/do" and more complex commands, allowing a single phrase to determine when and if and how the bot should move forward. As an added incentive, players get a reward for completing the task in a set number of commands, so the game rewards both elegance and effectiveness.
After a morning of fending off cyber attacks from SnapCat, I’d not only grown the virtual company to almost 100,000 users, I’d fended off a DDoS attack and refreshed my knowledge on the basics of cyber security. CyberLab is aimed at children, but I found it a pretty good tool for reteaching adults the basics.
EDITOR'S PICKS
