The Badge Archive

Games – Hacker Action Relay Race

Info Needed for Step 1 of the badge requirements: All hackers use similar strategies and tools, but their motivations and affiliations set them apart. There are three main categories of hackers: Gray Hat Hackers: Hackers who operate between the two categories, following personal ethics but sometimes breaking laws or acting without permission. White Hat Hackers: Ethical hackers who use their skills legally to protect people and organizations. Black Hat Hackers: Unethical hackers who break into systems for personal or financial gain.

Info Needed for Step 2 of the badge requirements: Think about the balance between protecting individual privacy and ensuring collective safety. Consider how decisions impact trust and security. First are the types of hackers: White Hat, The good guys, fixing problems legally. Gray Hat, They break rules but try to help. Black Hat, The bad guys, causing harm or stealing. Then reflect on what happens when security weaknesses are discovered. Should the information be kept secret, shared publicly, or reported to the organization for improvement? Consider different perspectives like: Government, Wants safety and crime prevention. Companies, Want to protect users’ trust. Hackers and Public, Opinions vary depending on the situation. Realize that decisions have consequences. Will the choice help or harm individuals and organizations?

Items Needed

  • Cards listing hacker actions (See suggested list below)
  • Three labeled sections on a wall: “White Hat,” “Gray Hat,” and “Black Hat”
  • Open space for scouts to run safely
  • (Optional) A timer or stopwatch (only allow 15 seconds to make a choice for added challenge)
  • (Optional) A scorekeeper to tally successful returns

Instructions

  1. Divide scouts into two teams and line them up.
  2. Place the cards with hacker actions in a pile at a central location near the teams. Post the three hacker type labels (“White Hat,” “Gray Hat,” “Black Hat”) on the wall some distance away from the teams.
  3. (Fulfills Step 1) The first scout from each team races to the pile, draws one card, and runs to the wall. They place the card under the appropriate hacker type section (White Hat, Gray Hat, or Black Hat). The scout then runs back and tags the next scout in line to take their turn.
  4. (Optional) A designated scorekeeper, keeps a running tally of how many scouts successfully return after placing their cards. Since all cards will be mixed into the three sections on the wall, the scorekeeper tracks success based on completed turns instead of counting the cards.
  5. (Fulfills Step 3) Once matches are completed, discuss as a group:
    • Why does each hacker type behave the way they do?
    • What ethical dilemmas might these actions create?
    • How do these actions impact privacy, security, and trust?

Suggested Hacker Actions Cards

White Hat Hacker Actions:

  1. Fixes vulnerabilities with permission from the organization.
  2. Is hired to test a company’s security system and provide recommendations.
  3. Writes reports for companies on how to improve their cybersecurity.
  4. Patches a software vulnerability to prevent future attacks.
  5. Teaches organizations about protecting themselves from cyberattacks.
  6. Develops tools to detect and prevent malware or ransomware attacks.
  7. Advises businesses on creating stronger passwords and security measures.
  8. Investigates how a hack occurred to help organizations secure their systems.
  9. Builds secure networks to protect sensitive data.
  10. Works with law enforcement to expose illegal hacking activities.

Gray Hat Hacker Actions:

  1. Finds vulnerabilities without permission but reports them publicly.
  2. Compromises systems without authorization to test their security.
  3. Informs an organization about a flaw they exploited after the fact.
  4. Shares weaknesses online to raise awareness but doesn’t exploit them.
  5. Bypasses security measures for personal challenges or skill-building.
  6. Creates tools to find vulnerabilities but doesn’t sell or use them maliciously.
  7. Hacks into systems to gather data for non-malicious purposes, like exposing corruption.
  8. Explores networks without approval to understand their flaws.
  9. Publicly critiques companies for weak security without causing damage.
  10. Uses hacking skills to highlight cybersecurity gaps but doesn’t directly harm anyone.

Black Hat Hacker Actions:

  1. Hacks into systems to steal sensitive information like credit card details.
  2. Sells discovered vulnerabilities on the black market for profit.
  3. Creates and spreads viruses or malware to damage systems.
  4. Deploys ransomware to lock data and demand payment.
  5. Uses stolen information to commit fraud or identity theft.
  6. Builds botnets to flood and shut down websites.
  7. Exploits vulnerabilities to spy on users without their knowledge.
  8. Hacks into networks to steal trade secrets or confidential corporate data.
  9. Manipulates or deletes critical files to harm organizations.
  10. Targets individuals or businesses for personal revenge or financial gain.
Tia Kennard