In October 2015, WikiLeaks leaked the contents of CIA Director John Brennan's personal email account and became a hot topic. What's more, it was a teenage boy who claimed to have hacked.
The boy is said to have reset the password for Mr. Brennan's account under the guise of an official of the US telecommunications carrier Verizon. In short, he hacked with a technology-free social engineering technique. Social engineering is a method of obtaining confidential information by aiming at human psychological gaps or inviting behavioral mistakes.
A Twitter account claiming to be a boy tweeted, "If I stop tweeting with this account, I'm being caught and tortured by the CIA." The way to reset a password is like an adult, and as the boy says, a "five-year-old child" can't.
In this way, there are many examples of teenage boys hacking or using unexpectedly to break the limits set by adults. I would like to introduce the behaviors and problems unique to teenagers.
Teens hacking by sharing ways beyond common sense
Since 2010, Suma Gakuen Junior and Senior High School has been providing mobile phones with filtering and viewing time restrictions. The school manages the server, and when there is a suspicion of bullying on the Internet, it has been successful by monitoring e-mails and call history. As smartphones have become widespread, in April 2013 we provided smartphones to 520 first-year high school students. The mobile phone company recommended apps that can be restricted in use so that unnecessary game apps cannot be downloaded.
However, students found out that the game application could be downloaded by initializing the smartphone, and many students played games without permission. Some students illegally obtained school management passwords and charged them, and some students were soaked in games and were absent from school. It was unexpected to play the game until it was initialized, and the school had to cancel the smartphone and return to the conventional mobile phone only half a year after its introduction.
The school is also known for having ASCII founder Kazuhiko Nishi as the principal of the school. In 2010, the then governor of Osaka Prefecture, Toru Hashimoto, said, "I don't need a mobile phone." I chose to use a mobile phone with it. It is a good choice with an ideal, and I would like to support that attempt. However, unfortunately, the current smartphones were not suitable for restricted use at schools.
Children are in close contact and in touch online and offline. Even in elementary school, there are children who get information from children who have older brothers and sisters in junior high school, or search and search on the Internet by themselves. When one person gets the information, the information becomes known to the students in the class, grade, or school at once. Children's ideas are flexible because they are not bound by common sense like adults, and they are willing to go even if they are outlandish.
Similar incidents have occurred in the United States. In September 2013, at three schools in the Los Angeles Unified School District, 340 high school students took their school-issued iPad home, removed their MDM (Mobile Device Management) software profile, and unlocked it. I was downloading an app that was banned from downloading or browsing a website that was banned from access. For the whole night, the unsecured iPad was in an all-you-can-use state. With the deletion of the MDM profile, the access restriction filter also stopped working.
Again, it's not a hack because it can be deleted with just a few taps. However, it seems that it is very teenager who found out that it can be used by deleting the profile of MDM and spread it at once.