LibriumArcana.Games

popsci.com wrote:It was my first day on the job as chief technology officer for "SnapCat," and the hostile attacks on our servers came at us fast. With proper coding and security measures, I blocked some, but my cat boss informed me after that attack that about a third of our users were driven away from the site because of our poor security. In PBS’s online Cyber Lab game, players select avatars and fictional companies, and then learn the basics of cyber security through simple exercises.

One easy way to get a company’s secrets is to convince people within that company to just hand it over. At the Cyber Lab, these attacks are grouped under “social engineering challenges”, and they most often represent phishing scams. Cyber Lab teaches players how to distinguish between real and scam emails, genuine and imposter websites, and to tell if an offer over the phone is really a trick. One level showed a Google homepage next to an imposter site, and I had to spot the five differences between them before determining which was fake. The old logo, lack of an "https" padlock, and typos on the imposter’s page gave it away, but it was still a great fast lesson in how scammers dress up their schemes as trusted sites.

Another problem facing SnapCat was password security. Password cracking challenges teach players how to write a secure password while also showing the dangers posed by brute force attacks. These rounds play as a duel, with the player creating a password to guard their information, and then selecting a cracking technique to break the opponent’s security. Special characters, numbers, and capital letters are all encouraged, but when possible, players are especially rewarded for coming up with long passwords.

There are also coding challenges, where players plot out step-by-step movements of a bot through a maze. It’s a simple tool for teaching the principles of coding, but an effective one. Starting with orders like "move" and "turn," players stack blocks together to guide the bot through the maze. Later on, blocks signify "if/do" and more complex commands, allowing a single phrase to determine when and if and how the bot should move forward. As an added incentive, players get a reward for completing the task in a set number of commands, so the game rewards both elegance and effectiveness.

After a morning of fending off cyber attacks from SnapCat, I’d not only grown the virtual company to almost 100,000 users, I’d fended off a DDoS attack and refreshed my knowledge on the basics of cyber security. CyberLab is aimed at children, but I found it a pretty good tool for reteaching adults the basics.

fastcompany.com wrote:Today marks the start of Cyber Security Awareness month (totally a thing), and apparently it’s never too early to prepare tomorrow’s CEOs for data breaches and cyber attacks. NOVA Labs, the digital companion to the PBS show NOVA, has created a free, web-based game for middle schoolers to learn about the dangers lurking online. Kids take on the role of defending their tech company--SnapCat, Einstegram, WattsApp, or Phasebook--from hackers. If they succeed, they grow their user base and earn coins that look an awful lot like bitcoins.

Alex Rosenthal, digital content producer at NOVA Labs and the game’s primary developer, says the project is designed to make students more conscious citizens of the Internet. Kids learn practical skills, like how to create hard-to-crack passwords, back up files, and prevent phishing. They can also pick up coding basics. “Coding is the new literacy,” he says. “But we didn’t introduce coding by teaching JavaScript. It’s about understanding the concept and the building blocks of coding.”

NOVA Labs is working with middle schools across the country to introduce the game into the curriculum. There is currently a large unmet demand for cyber security experts, and this effort seeks to make the highly technical field accessible to kids as early as possible. “Women and minorities, in particular, are underrepresented in these fields,” says Rosenthal. NOVA Labs made a deliberate effort to bring on female cyber security experts as advisers to inspire girls.

One of those experts, Suzanne Barber, an engineering professor at the University of Texas at Austin, explains that most parents are not equipped to help their kids learn how to be safe online. “Caregivers know to teach children how to protect themselves from strangers when they are alone in the street, but the digital realm is still unfamiliar to most adults who were not raised on the Internet,” she says. “This is a new challenge for them.”

NOVA Labs is taking the lead in helping to make cutting-edge cyber security tactics accessible to children. “In some cases, kids might even be able to go home and explain these concepts to their parents, who might be in the dark,” says Rosenthal. The short videos NOVA Labs created to offer kids some background into cyber security would be helpful to most adults.

Rosenthal tells me that scientific facts are often taught without any context in the classroom, making it hard for many students to stay engaged or interested. By giving students a narrative and a role in the game, the NOVA team hopes that they will find it easier to remember cyber security concepts. “'Gamification' is sometimes a dirty word, particularly when the goal is to tap into that reptilian side of the brain that leads to addiction,” says Rosenthal. “We’re looking for a deeper engagement that is about agency and context and giving kids a world to play in.”

Lys wrote:What, nothing about the dangers of password re-use? If you use one default password and username, your information being compromised on one site you use could lead to your information being compromised on all sites you use.

Lys wrote:I have not played the game, I'm only going off the article not mentioning that it did address password reuse. It only talked about password entropy, which is frankly itself something of a thorny issue.