A version of a PC game that has players fill the shoes of a computer hacker is being developed for use as a training tool in schools and workplaces.
Hacknet was released in August 2015 and has already achieved more than 100,000 downloads on internet-based distribution platform Steam.
Its creator Matt Trobbiani, a 25-year-old University of Adelaide computer science graduate, said he did not focus on Hacknet’s educational benefits when developing the game.
“It turns out that US Pacific Command’s cyber warfare division already buys Hacknet and runs all their new recruits through it – it’s a big deal and I originally had no idea that this was something really very valuable at all,” Trobbiani said.
“It’s got a really good base for putting it into high schools or training courses for businesses and military programs, it just teaches this baseline technical competence and confidence.
“Everyone who’s gone through the game is less scared of computers and much more prepared to deal with technical problems in a sensible way – they know how to use a terminal, they know the basics of computer security, they know fundamental skills that I think if everyone knew then the world would be a much safer place, especially online.
“I was teaching a lot of this stuff just by accident and the teaching side of this is becoming a bigger deal so I’m working on a special version geared towards schools and universities.”
The immersive terminal-based hacking simulator, which is also being translated into Simple Chinese, follows the trail of a famed hacker, Bit, who has recently died.
Trobbiani said the award-winning game was not breeding a new generation of hackers and actually taught more skills about how to increase online security and protect users from hacking.
“It’s much more useful as a defensive tool than as an aggressive one,” he said.
“You leave Hacknet after being from the perspective of the aggressor the entire game but you’ll know a lot about how to be much more safe online and you’ll know next to nothing about how to actually do any damage.”
“It definitely says that there is a place for what we call ‘white hat hackers’ in the world, being a hacker isn’t just a bad thing, there’s a lot of hackers out there who do a lot of great work, who are really helping companies and who are very transparent about everything that they do.
“I think this negative notion of hackers is really cool but it’s not necessarily how the world works.”
Distribution or licensing arrangements are yet to be determined for the education version but Trobbiani said it will be a workplace training tool.
“Ideally it would be split up into lesson-sized chunks that are designed to be teacher and other student assisted so the students work together and the teacher works with anyone who is struggling to smooth over the first couple of weeks to hopefully bring everyone up to a certain level of confidence and competence so no one gets overwhelmed by the material, which is a really big problem in computer science courses especially.”
“While I was never really taking the education side of it seriously, I would be really foolish not to pursue it.”
University of South Australia cybercrime expert Associate Professor Raymond Choo said turning Hacknet into an educational tool was a timely initiative.
“Malicious cyber activities are no longer a matter of if but of when, and they are a rapidly expanding form of criminality that knows no borders,” Dr Choo said.
“Games could be a useful way of engaging our younger generation in cyber security training, and allowing them to learn, practice and hone their skills in a relatively risk-free virtual environment.”
Matt Trobbiani’s Top 5 tips for staying safe online
1) Think before you download
Never download anything that you don’t trust – if you don’t know what it is, don’t get it!
2) Click in the right place
Make sure you’re clicking the button you’re meant to, not an ad. If you’re unsure, check the URL that comes up mousing over it.
3) Check before getting personal
When giving out any personal information, check the URL at the top of the page and make sure you’re on the right site – phishing schemes use very similar or exact copies of regular sites with slightly different or typo’d names to steal data
4) Choose your browser carefully
Use a secure browser – preferably Google Chrome or Mozilla Firefox. They’re much safer than Internet Explorer – especially old versions of it.
5) If you don’t need it, don’t get it
Don’t install toolbars, add-ons or any other software that you don’t *really* need – they can be dangerous, and are almost always more annoying than helpful.