Abusive images of children online is not a new thing, traditionally it has been paedophiles swapping images amongst themselves.

My only professional involvement was after putting together a case for a photographer client over image thefts from his online library, to the point of getting a court order, when the police carried out the raid, we were informed that our case would have to take a backseat as they found thousands of child abuse images on his computer, he was convicted and suitably sentenced. That was 15 years ago, and I understand it’s becoming more common that while investigating some unrelated matter forensics will turn up such evidence.

Victim Daniel Perry

Victim Daniel Perry

This story on the BBC has highlighted a shocking new exploit, that’s what it is, an exploit of a vulnerability (using social engineering), and now there is financial motive, I expect this will become a much bigger issue. In summary, the predators are tricking children into performing embarrassing and humiliating sex acts on webcam, then either escalating the demand for ever increasing abusive acts, both online and off, or just straight forward blackmailing them financially. Quite a growing number of these victims have now committed suicide, solely caused by these predator attacks.

It’s a classic IT security issue, and the first line of defense, controls in security speak, have to be online education of the children, schools in some cases are doing just that, but parents need to understand the threat, meaning how the social engineering aspect works, and be able to educate their own children.

I have browsed around authoritative advice to parents such as this article here from Microsoft “Online predators: Help minimize the risk” while I find it is good at identifying the threat, like others I find it lacking in useful advice in the reducing the risk, even posting quite arguably useless advice such as:

“never downloading images from an unknown source” what’s an unknown source, do you know?
“Using email filters” it’s quite clear this is all happening over social media.
“Choosing a gender-neutral screen name” most of the targets have been boys, and these criminals aren’t bothered about the child’s sex.

Something that is often forgotten in the advice I have seen is to remind us that it is not just computers that are internet connected and have cameras, so thought should be given to mobile phones and game consoles which also have chat capabilities and discussion forums.

I did find this advice useful for parents, but just showing this to a child would maybe not mean that much to them, I think you need to understand why they are vulnerable, say if appropriate “a boy going through puberty might do a lot to please what he thinks is a suitable girl online”, and be honest with them that these predators will take advantage given the chance.

There is plenty of advice online, but unlike traditional IT threats, and there are simple controls to reduce risk, this is far more complex, while the predators are blackmailing them now, I can see them chasing up some of their victims in the future when they are able to pay larger sums. Of course if you see this happening, you’re first action must be taking it to the police and assuring the child that they are not in trouble, and they will get over any embarrassment.

I should mention that while I admit that admirable as they are, vigilantes such as Stinson Hunter although controversial I believe are likely to have an impact on our local online predators, the predator groups motivated by financial gain are international and likely beyond the reach of any law enforcement, so all controls need to be placed our end, by educating and protecting the children.

2 Responses to “Biggest threat to Children online, and it’s growing fast”

  1. Personal privacy is now being taken being taken seriously | Marc Kranat

    […] I don’t believe that these legislative changes would directly help the cases I mentioned here where 8 boys in the UK have taken their own lives, as the motive of the abuse (threats to disclose […]

  2. Personal privacy is now being taken seriously | Marc Kranat

    […] I don’t believe that these legislative changes would directly help the cases I mentioned here where 8 boys in the UK have taken their own lives, as the motive of the abuse (threats to disclose […]

Leave a Reply

Your email address will not be published. Required fields are marked *


1 2 3 5
October 8th, 2015

Using an SMTP mail relay to secure a network

Small businesses with Exchange Server or other mail servers tend to have their mail server physically located in their office […]

June 10th, 2015

Hacking the Hackers

Well not quite hacking as most people think of it, but technically it is, and it’s great. There is a common […]

June 2nd, 2015

Switching a WordPress site over to HTTPS/SSL, the official hosted version of WordPress have switched over to enforcing SSL, while this is mostly a political statement, […]

May 7th, 2015

Local man tricks upto 2000 boys into exposing themselves online

I don’t think kids are getting the message, allowing anything that you would not be comfortable for your mother to […]

April 15th, 2015

Critical Vulnerability in Windows IIS – HTTP.sys PoC (MS15-034)

From Microsofts warning is not clear what the vulnerability is, but you can see that this is critical, and the […]

March 8th, 2015

DDoS on WordPress using the search feature

This fairly low tech DDoS can easily take down an under resourced WordPress website, what you will see in your […]

February 18th, 2015

Setting up a Simple VPN Server

VPN offer far more security than the proxy servers which most people are used to using, when using commercial paid for […]

January 25th, 2015

Cyberwar on free speech and small businesses

The last month has seen an major increase in international cyber warfare, first we had North Korea hacking Sony, apart […]

January 17th, 2015

AntiCrawler, referrer spam turned nasty

AntiCrawler, referrer spam turned nasty, asking you to add potentially malicious code to your own site. Although this is by […]

December 21st, 2014

Fake GoDaddy DNS Notifications

Only last week I posted about another phishing scam targeting GoDaddy clients, this client only just bought his first domain […]

XSLT Plugin by BMI Calculator