Indiana and Illinois middle schoolers learned valuable lessons in cybersecurity at a virtual workshop hosted this summer by the Center for Applied Cybersecurity Research (CACR) and WonderLab. The Security Matters Cybercamp was the first time for many of the seventh and eighth graders to learn cybersecurity basics, and it was also the first time the camp was hosted for middle schoolers.
There were numerous other firsts for the cybercamp as adjustments were made due to the pandemic and improvements were implemented due to popular demand. It was the first time the camp:
Was completely virtual, including a virtual tour of three Data Centers
Hosted kids from Illinois
Ran five days instead of three
Utilized Jetstream, a National Science Foundation-funded supercomputer hosted at and operated by Indiana University
Partnered with WonderLab, which helped with promotion, sign-ups, and logistical support
Held June 8-12, 2020, the camp ran from 9:30am to 2:30pm each day to accommodate a shorter attention span over Zoom. Twelve IT and cybersecurity experts from IU and one from the University of Illinois developed content for the camp and shared their real-world experiences.
“One of the biggest advantages of our cybercamp is that local experts create and present the subjects. When the kids learn about networking, they are learning about it from top networking people at IU. When they learn about Jetstream, they are learning from one of its architects. When they learn about data forensics, they learn about it from someone who worked in a digital crime lab,” said Mark Krenz, chief security analyst, CACR.
… I think cybersecurity can be effectively taught to children this age, and that it is beneficial and fun for them.
Mark Krenz, chief security analyst, CACR
Topics and presenters included:
Security ethics and passwords and crypto, Susan Sons
Jetstream set up, George Turner and Ishan Abhinit
Networking basics and network security, Keith Lehigh
Secure communications and video conferencing, Will Drake
Website penetration testing, Mark Krenz
Website cookies, Kay Avila (University of Illinois, National Center for Supercomputing Applications)
Cybersecurity careers, Emily Adams
Mobile device and app store security, Mike Stanfield
Lockpicking, Nathan Heald
Computer Data Forensics, Zalak Shah
Virtual Data Center tour, Anurag Shankar
Educational advice provided by Tom Edelberg
Students learned more than 200 technical terms during the camp and participated in 40 activities related to IT and cybersecurity. For many students, it was their first time to use Linux, the command line, virtual machines, networking, and browser plugins. It was also their first time to view website source code, run programs as an administrator, install software, see a data center, and much more.
The concepts definitely sunk in: Two quiz competitions later in the week showed that students retained much of what they’d learned from the camp, such as:
100% correctly identified an IP address (up from 20%)
100% correctly answered that you should not use the same password on every website. “Since password reuse is one of the biggest problems in cybersecurity and one of the leading causes of data breaches, this is a great result,” said Krenz.
100% correctly answered that a password manager can be used to keep track of all your passwords.
“Based on the accuracy of the responses in assessment quizzes, enthusiasm shown, questions asked, and comments made during the camp, I think cybersecurity can be effectively taught to children this age, and that it is beneficial and fun for them,” added Krenz.