6. You overhear them using hacking terms
Every generation has its slang, in part to keep older generations from catching on to what's being said. As with unknown file names above, it's worth looking up what you hear to get an inkling. And if what comes back is computer hacking slang -- "pwnd sites," "DDoS," "doxing," and the like -- pay attention.
7. Your internet provider tells you to stop hacking
One sad fact of the internet is that nary a day goes by without some inexplicable communication from an entity you either don't know or can't quite be sure is legit. At least a few times when my stepson was in a computer hacking gang, I received emails from strangers and our internet provider warning me that if I continued hacking I would have my internet connection terminated or even face criminal and civil actions and fines.
Of course, at the time I didn't know my stepson was a hacker, so I was caught completely off guard. I got angry and confrontational. I asked for details, and when I got them, I was livid because none of the websites, email addresses, or IP addresses had anything to do with me. I may have even threatened to take my own civil action against our cable provider if they cut us off.
It wasn't until the third such call in a year that I noticed my stepson listening to my half of the conversation and then trying to shrink into the background. That's when I realized there may have been a culprit in the living room. I distinctly remember cupping the phone so the cable rep couldn't hear and asking my stepson if he was hacking anyone. Up until that point I was clueless. He responded, "What?" And then, "Maybe."
All the past phone calls and the emails from strangers telling me to stop hacking suddenly made sense. They weren't idiots blaming me for something I wasn't doing. Maybe I was the idiot for not connecting the dots.
8. Their close (computer) friends have been investigated
Two years after I became intimately aware of the extent of my stepson's hacking activities, my wife and I read about some arrests related to computers at his school. Some of the kids I had previously heard that my stepson hung out with had been arrested for a variety of illegal computer deeds. These included hacking the school's computers, changing grades, and even, very unfortunately for all involved, posting nude photos of one of their girlfriends to a public website -- the latter of which resulted in multiple felonies.
Our family's saving grace was our early recognition of our son's questionable hacking activities and our dedication to putting a stop to them. It wasn't easy, and it didn't happen without a fight. But luckily, by the time his group's activities got noticed by local school and law enforcement activities, his hacking days were long over. We fretted for a few weeks about whether the larger investigation would find trails leading back to our son. Fortunately, they did not.
9. They consistently switch to 'boss screens' when you walk into the room
While this may simply be a privacy issue, it's worth noting. And if you work in an office, you're likely familiar with this behavior. "Boss screens" are fake screens, often mimicking legitimate spreadsheets and school projects, that can quickly replace whatever the computer user is truly doing. Boss screens look legitimate, but rarely change.
If you notice that your kid is always moving their hands (usually it is a Crtl or Alt key combination) or mouse every time you come into the room (that is, they are never just reading from the screen without moving their hands), pay more attention to what's on the other windows on their PC. One way to do this is to call them away from the computer to do a chore, while directly looking at them, and then perform a quick investigation of the various windows after they walk away.
10. Your monitoring tools never show any activity
The absence of activity is rarely a good thing. A normal kid doing normal things will occasionally trigger events in system or parental blocking logs. It's hard to surf the web looking for normal things without the internet bringing back something illegitimate from time to time. If you've caught your kid doing something unsanctioned or nefarious on the internet once or twice before, and you know they are still interested in that subject, the absence of activity in a related log file is more likely a problem than not.
I remember unduly congratulating myself when my stepson's hacking activity appeared to go away after we caught him a few times. "He's finally listening to us," I remember thinking. Nope. He was just a master at using local and remote proxy servers to hide his illegal activity. At the time I had heard about these sort of port proxies, but I didn't fully understand how they worked.
What he and his friends had done was set up proxies on other people's computers, which tunneled their illegal activities across the internet. They had installed the proxies when other people asked them to look at their computers to repair or troubleshoot something. Grandma never did understand why her cable company was accusing her of hundreds of illegal downloads. She never was a big fan of Britney Spears or Good Charlotte.
He would also connect to my neighbors' unprotected wireless networks. When I asked my neighbors within wireless reach to add passwords, he hacked into their routers. I learned more about how easy it is to hack wireless WEP security from my stepson than from years of working in the security field.
He also learned that he could change his computer's time to 10 years in the past, and all the local event and system logs would store new alerts at the bottom of the indexed stack of messages. I didn't learn about this trick until he forgot to switch the time back a few times and I kept finding strange file time and date stamps.
11. Failing grades suddenly improve to top scores
Failing grades are among the most common hacking targets. Teenage hackers love hacking their school's computer system. And even though schools have greatly improved their security, having nearly every hacker wannabe test those defenses is bound to turn up vulnerabilities.
If your kid suddenly turns a failing grade to an A or B without any noticeable additional effort, while at the same time expressing some of the previous signs discussed above, you might have a grade hacker. This is easy to check; just call the teacher and (proudly) ask what your kid did to drastically improve their grade. Hopefully the teacher won't sound surprised and it was just the result of harder work.
A word of caution
Given the tumultuous nature of the teenage years, behavior like that outlined above may not mean your child is a malicious hacker. The desire for extreme privacy, curiosity, the desire to fit in -- many of the above behaviors could very well be considered normal for teens. I'm sure many of you have encountered one or more of the above behaviors and your kids have not been involved in illegal or unethical hacking. But it's important to share these signs, so you won't be caught blindsided like me and my wife were, or like many of the readers who write me have been. Awareness is a good thing.
The other thing to note is that not all hacking is bad. In fact most hacking is positive. Going beyond the normal confines of a GUI, investigating what computers and networks do -- hacking can be a vital expression of curiosity and experimentation. If you think your kid is hacking, it's important to determine whether they are doing something unethical or illegal before taking away their computer privileges. After all, most of the computing industry finds its roots in the hacking ethic of the young.
How to put a stop to malicious activity
If you do find that your kid is participating in unethical or illegal hacking activity, there are steps you can take to turn them around, but it won't always be easy.
First, realize that kids who hack maliciously can be reformed. Most give up illegal activities as they mature and find enough stimulation from legitimate computing work. Only a very small portion make a career out of black hat activities. The key is to help guide a hacking child who knows they are doing wrong to using their developing skills for good.
Second, be firm in telling them that you know what they are doing and that it is unethical, illegal, and could lead to their arrest. Long gone are the days when companies and authorities were clueless entities that rarely arrested someone for computer-related crimes. Hackers are arrested every day. It happened to some of my stepson's friends. I have co-workers that to this day cannot accompany me on certain high-profile engagements because their criminal record prevents them. This is serious business.
Third, let them know you will be monitoring their activities for as long as you feel they need to be monitored. Tell them that you won't be telling them what you'll be doing, but that they've been warned. And if you catch them doing anything even slightly unethical or illegal, that every electronic device they have will be taken from them for a long time. They need to know there are consequences to their actions. Most importantly, follow up on your threats if they break the rules.
Meanwhile, move their computers into the main living area where you can monitor their use. They've lost the privilege to use a computer behind closed doors. Set a rule that prevents them from using a computer when you're not home and not monitoring. This rule should be in place until you can trust them again.
Once again, follow through. You will need to monitor what they are doing on any computer in the home, even in front of you. My stepson did really well at first with the computer in the central room, but after a while he noticed that his mom and I were too busy to monitor him closely. Old habits crept back in, and we ended up getting another warning call from the cable company.
Along with the forfeitures and potential punishments, be sure to give guidance. This is probably the most important thing. Explain the importance of ethics, and that any hacking activity is illegal if they don't have the explicit permission of the legal owner or custodian of the systems involved. Even borderline hacking activity, such as uninvited port or vulnerability scanning, is unethical and can be illegal.
Positive outlets for reforming hackers
There are many websites that permit and encourage hacking, and are worth searching out to placate the itch in an innocuous way. Hacking certifications, such as EC-Council's Certified Ethical Hacker, are available to work toward and are very valuable. I've been hacking for nearly 30 years and every certification I've earned has taught me something I did not know and made me a better hacker.
Lastly, connecting your hack-curious teen with a mentor, especially one who has turned their hacking creativity into a legal and well-paying career, can be invaluable. If you don't know anyone else, consider sending me an email. I'll be glad to add yours to the list of kids that I mentor. I can lend guidance similar to what is outlined here and introduce them to other, more dedicated white hat hackers. Most kids think black hat hackers are the super-smart ones. Without a doubt the best hackers I've met have been defenders. After all, these pros build systems that can withstand constant challenges from malicious hackers.
If your child or someone else's child is possibly doing unethical or illegal hacking, show them this article. Those curious teenagers with a love of hacking can always be turned around to the good side.
And that malicious hacking stepson? He's doing great. He has a good, well-paying web programming supervisor job, and he's a great son, father, and ethical human being. I couldn't love him more. We laugh about those many months when it was us against him in the digital world. He thanks me and his mom for stepping in when he needed a little guidance to move away from the darker aspects of hacking.
- 11 signs you've been hacked -- and how to fight back
- Be paranoid: 10 terrifying extreme hacks
- 10 reasons why phishing attacks are nastier than ever
- 19 open source GitHub projects for security pros
- 6 hard truths security pros must live with
- 10 security blunders that will get you fired
- 10 dumb security mistakes sys admins make
- The most innovative and damaging hacks of 2015
- 6 lessons learned about the scariest security threats