Today’s children and teenagers are integrated into cyberspace so tightly that discussions on the outright prohibition of using devices with Internet connectivity are nonsensical. It is more reasonable to teach children how to behave themselves correctly online and lend support by protecting them against undesirable content. To solve these problems, many parents use dedicated software to protect their children online. The software not only restricts access to undesirable websites but also warns about any danger that the parents want to know about (for example, what their child is searching for on the Internet or to whom he or she is talking) and offers recommendations on what to do in each specific situation.
The Kaspersky Lab software line includes a Parental Control module, which is responsible for the safety of children online and is available as part of security products or as a stand-alone solution called Kaspersky Safe Kids. In order to recognize relevant threats, the products collect anonymous statistics about potentially dangerous content that a child encounters. As part of this report, we analyze the collected data in our quest for the answer to the question of what interests the current generation of children online.How statistics are collected
Kaspersky Lab solutions scan the content of web pages that a child attempts to visit. If a website falls within one of the fourteen undesired categories, the module sends a notification in the Kaspersky Security Network (no personal user data are sent, and privacy is not violated). There are two important points that should be noted:
- Each parent chooses the content categories that he or she wishes to ban and appropriately configures the security solution. However, anonymous statistics will be collected for all fourteen categories.
- The data were collected only from computers running a Windows OS or a Mac OS, and statistics for mobile devices are not included in this report.
Currently, web filtering in the products that have the Parental Control feature is performed for the categories listed below:
- Internet communication media (social networks, messengers, chats, and forums)
- Adult content
- Alcohol, tobacco, narcotics
- Weapons, explosives, pyrotechnics
- Gambling, lotteries, sweepstakes
- Computer games
- Electronic commerce
- Software, audio, video
- HTTP query redirection
- Religions, religious associations
- News media
Out of the entire list, we have chosen the seven most popular categories, according to our statistical data. The remaining categories make up an insignificant number of triggered events (amounting to 0.84% worldwide). Therefore, we won’t be focusing on them today.The world map
First of all, we will review which categories are the most popular among children across the globe (by the percentage of users visiting websites in the relevant category out of the total number of global users of the Parental Control module and the Safe Kids product).
The Percentage Breakdown of Notifications from the Parental Control Module and the Safe Kids Product for 14 Categories, May 2016–May 2017
This breakdown of category popularity shows that communication via social networks, messengers, and chats is still the main pastime of children when they are online. It might come as a shock that children have been increasingly interested in the “Alcohol, tobacco, narcotics” category (14.13% against 9.12% in last year’s report), which pushed “Computer games” to third place. The “Software, audio, video” category (6.23%) switched places with the “Electronic commerce” category (4.45%), yielding fourth place.
These data reflect the map of the world at large. Regionally, the situation may vary; and it does indeed vary. Let us review at length what interests children around the world and try to figure out what may be the cause of these interests.Regional differences
For the study, we have selected six categories out of the list of the most popular ones. We decided not to take into account the “Profanity” category, as this content may be encountered on any website and it does not represent a separate interest for a child.
We have selected the following seven regions for comparison (the languages of all of the countries listed below are supported by the Kaspersky Lab’s child safety software):
- North America (USA and Canada);
- Western Europe (Austria, Belgium, Great Britain, Ireland, Germany, Liechtenstein, Luxembourg, Monaco, France, Switzerland, Denmark, Sweden, Spain, and Italy);
- The CIS (Russia, Belarus, and Kazakhstan);
- Latin America (Argentina, Brazil, Haiti, Guatemala, Honduras, the Dominican Republic, Colombia, Mexico, Panama, Uruguay, Chile, Ecuador, Puerto Rico, and Venezuela);
- Asia (China, Singapore, Hong Kong, Macao, Taiwan, Japan, and Korea);
- The Arab world (Algeria, Bahrain, Djibouti, Egypt, Iran, Iraq, Jordan, Kuwait, Libya, Sudan, Tunisia, the UAE, Yemen, and Saudi Arabia);
- Oceania (Australia and New Zealand).
Here is the breakdown of interests by region.
The Results for the Top 6 Website Categories in Various Regions, May 2016–May 2017
In Western Europe, Northern America, and Oceania, children visit social networks and communicate via messengers almost as often as they navigate to websites with content devoted to tobacco, alcohol, and drugs. In the Arab countries, children visit social networks from their computers more often than other children in the world. In Asia, children show more interest in pornographic websites and online purchases than other children in the world.
The interest of children from the CIS countries and Latin America are very similar: online communication is prevalent, but its percentage is a bit lower in the CIS countries. Alcohol and tobacco follow far behind social networks and takes second place in the preferential rating for these regions. Computer games took third place.
Let’s see what causes this situation by individually reviewing each of the six categories.Differences by country
In order to understand how such a breakdown of interests forms in children of different regions, we have taken several countries from each part of the world and reviewed them in detail for each of the six popular categories. Just as in the comparative charts above, we took the percentage of users who visited websites within a specific category out of the total number of users of the Parental Control module and the Safe Kids product.
Let’s start with the “Internet communication media” category, which holds first place in the rankings.Internet communication media
Starting from last year, there has been a noticeable declining trend in popularity of using social networks from a computer. For example, the number of instances of visiting social-network pages has decreased by more than 10% in Great Britain and nearly by 15% in the USA. We have already explained that using social networks is more convenient with smartphones, as this allows a person to be online 24/7.
The Popularity of the “Internet Communication Media” Category in Various Countries, May 2016–May 2017
Yet, in some countries where the mobile Internet is not so well-developed or where parents are holding off on buying a smartphone for their child for various reasons, the communication platform is still a personal computer.
We can see that the lowest percentage of visits to social networks from a personal computer can be seen in Great Britain (20.57%), China (26.11%), the USA (27.68%), and Germany (28.49%). The highest percentage is in Egypt (88.12%), followed by Saudi Arabia (82.99%) and Mexico (77.70%), where children still prefer to communicate via a computer.
The most popular social networks among children in different regions are Facebook, Twitter, Pinterest, Google+, and, curiously enough, Instagram, even though it is fully focused on mobile devices, as the service does not support the ability to publish pictures from a computer (only with the help of third-party websites and applications).
The Percentage Breakdown of Global Social Network Popularity in Different Regions, May 2016–May 2017 (the percentage of the total number of users of five social networks)
Nearly every region shows a preferential bias towards Facebook out of all of the globally popular social networks. There are countries where regional social networks are more popular. For example, Sina Weibo, a Chinese microblog service, and Kaixin001, a social network, are much more popular than their western competitors.
The Percentage Breakdown of Popularity of Social Networks in China, May 2016–May 2017 (compared to the five popular social networks that were chosen)
However, in Japan, even with the existence of its own large and popular social network Mixi, children who have Kaspersky Lab’s Parental Control installed show preference in using Twitter and Facebook.
The Percentage Breakdown of Popularity of Social Networks in Japan, May 2016–May 2017 (compared to the five popular social networks that were chosen)
In Russia, children generally use domestic social networks, such as Vkontakte and Odnoklassniki.
The Percentage Breakdown of Popularity of Social Networks in Russia, May 2016–May 2017 (compared to the five popular social networks that were chosen)
Social networks and messengers are very convenient means of communicating, meeting new people, and exchanging information. Many social networks are not limited to these functions and also have functions for listening to music, watching videos, and even buying or selling items. At the same time, almost all of the content that is published on social networks is created by users themselves. There are threats and dangers associated with that, and they may affect children who are unprepared for this harsh social environment.
There are two types of threats on a social network: content-related and social. Content threats are various posts and communities that contain, for example, pornography, depictions of violence, information about drugs, etc. Social threats may include such phenomena as cyberbullying, trolling, sexting and sextortion, and psychological manipulation by sectarians whose purpose is to fill their ranks at the expense of the trustfulness of children. Swindlers who hunt for financial profit and use children to steal money from their parents should be included too.
All of the dangers can be avoided if parents monitor what their child is interested in and to whom he or she is talking not only in everyday life but on social networks as well. Parents should explain to their child the rules of conduct, which are relevant not only for public places but for digital social environments as well, since they too are, after all, public places. Leading developers of tools for protecting children on the Internet endeavor to make the social-network environment more transparent to parents, and we are no exception.Alcohol, tobacco, narcotics
The next category that we are going to review is one that has been gaining popularity among children: “Alcohol, tobacco, narcotics”.
The Popularity of the “Alcohol, Tobacco, Narcotics” Category in Various Countries, May 2016–May 2017
First place among all countries where the category is most popular is taken by the UK (37.56%), followed by Canada (34.32%) and the USA (31.92%). We suppose that the high popularity may be connected to children frequently being exposed to scenes of smoking or drinking, for example, in films, and aspire to gain additional knowledge about the topic online. The situation is the same with drugs, especially with marijuana being legalized in some U.S. states.
Last year, we noticed a trend of frequent events triggered for this dangerous topic and explained it as the topic of alcohol, tobacco, and drugs being a part of teenage culture owing to coverage in blogs, films, and music. Also, last year, an “alternative” to smoking became extremely popular among teenagers. This is so-called “vaping”, which utilizes electronic devices to inhale vapor with different flavors.
To this day, this alternative’s level of harmfulness on the human body has not been studied fully yet. So, we decided not to disregard it in the “Alcohol, tobacco, narcotics” category. As a result, the category was expanded by the inclusion of “vaping”; and the overall number of triggered events has been increased, which is reflected in the statistics.Computer games
Games are an integral part of everyone’s childhood. It’s not just children who are interested – many adults enjoy computer games too. With total immersion in a game, a person not only devotes himself or herself to the gaming process but also takes an interest in various mods, codes, and walkthroughs online.
The Popularity of the “Computer Games” Category in Various Countries, May 2016–May 2017
Children in Great Britain (26.43%), Canada (24.95%), Australia (19.60%), and the USA (19.11%) are the ones most interested in computer games. In Egypt (1.66%), Saudi Arabia (3.59%), and Italy (4.97%), children prefer social networks to gaming on the computer.
To get the full picture of what gaming websites children are interested in globally, we have taken the most popular gaming websites (according to data from our users) and checked which ones are popular in which region.
The Percentage Breakdown of Gaming Website Popularity in Different Regions, May 2016–May 2017
It turned out that children in all of the regions except for the CIS and Asian countries frequent the Roblox website more often than other children. Roblox is a massively multiplayer online role-playing game (MMORPG). Uncontrolled passion for these games may lead to fatigue, difficulty in socialization, and psychological problems. However, there are diverse MMORPGs, and Roblox, as well as the well-known game, Minecraft, may be beneficial for the creative thinking and imagination of a child. Nevertheless, no matter how great game is at educating a person, a parent should manage the time that his or her child spends on games to prevent addiction.
In the CIS and Asian countries, the most visited website related to computer games turned out to be Steam, which is a large online store, a gaming community, and also a personal computer client. The client has functions that enable the user to download and launch games, write reviews, trade game cards, etc. The statistics do not include gamer interaction with the Steam client, so one may assume that the real popularity of Steam is higher. But the problem is that a child can use Steam to play any other games, including those that are unsuitable for children. On the other hand, we have high hopes for the popularity of Roblox and Minecraft. The latter, by the way, is used in the school systems of several countries.Software, audio, video
This category includes websites that allow users to listen to music, watch films online, and watch videos on YouTube. The category also includes websites that store various applications, torrents, and much more.
The Popularity of the “Software, Audio, Video” Category in Various Countries, May 2016–May 2017
Children from China spend much more time watching videos and listening to music. In China, the most visited website from this category is Kuwo.cn (a service for listening to music online).
YouTube, just like last year, is the most visited website in the world from this category. In Western countries, Netflix is very popular (it is a movie and TV-show provider). In the CIS countries, popularity is still there for websites that allow users to watch films and cartoons online for free, which is a gray area of legality, and torrent trackers, which are not always safe, as it is possible to download malicious applications along with a film or pirated game.
As for websites like YouTube, we should not assume that these are absolutely safe for children.Electronic commerce
Each year, there is an increasing number of traditional shops opening their online offices; there are also many stores that exist only online. What could be easier than choosing an item you want and paying for it with a couple of clicks without even having to get up from the couch? Children from many countries think the same way.
The Popularity of the “Electronic Commerce” Category in Various Countries, May 2016–May 2017
Children from China (15.44%) and Japan (13.93%) are interested in online purchases more often than their peers from other countries. Their favorite websites are aliexpress.com, amazon.co.jp, and the Japanese rakuten.ne.jp. eBay is very popular among the children from Europe and the USA. All of the aforementioned websites are Internet markets where it is possible to buy virtually anything.
We certainly recommend that parents monitor the activity of their accounts in online stores and log out of them after completing purchases. The point is that many online stores have a feature to save bank card data in the account section so that a user does not have to reenter them. Thus, anyone who logs into an online store by using an account with saved bank card data can pay for any order with two clicks without having any information about the card. To prevent this from happening, a parent should always either log out of the online-store account and not save the password in the browser, or delete (or not confirm saving) bank card data after each purchase. Generally, it is recommended to have two different accounts in an operating system so that a parent’s data (passwords to websites, web-browser history, or bank card data) do not get into the hands of their child.Adult content
To conclude our report, we are going to review the “Adult content” category. On the whole, the task of protecting children from adult topics, for instance, from the topic of sex, has never lost its relevance. With the appearance of the Internet, a variety of erotic and pornographic content became more accessible than ever before; children understand this. However, it is hard to imagine a child spending all day long browsing pornographic websites. Thus, the resulting percentage of the “Adult content” category is not so high.
The Popularity of the “Adult Content” Category in Various Countries, May 2016–May 2017
According to our data, adult content has been becoming less popular among children. But, as we warned in an analytical article last year, we should not assume that children have started visiting pornographic websites less often. It might be possible that they are doing it more frequently from mobile devices.
In China (8.82%) and Japan (5.66%), children show a substantially higher interest in adult content compared to other countries and regions. This might be due to erotic and pornographic comics and cartoons being extremely popular in Asia. For example, there are large stores in Japan that sell relevant products. Children from Saudi Arabia (0.23%) and the Emirates (0.16%) are the least interested in pornography. This might be because of the stringent cultural traditions of the Arab community.Conclusion
Our statistics show that websites visited from a personal computer by a child depend upon the development of the regional Internet infrastructure at the place of residence, the financial abilities of the parents, and cultural peculiarities.
This is not the first year where there is a tendency for growth in the popularity of smartphones and tablets. Today, almost every child who has access to a tablet or a smartphone from an early age can handle it better than a personal computer. This indicates that both developers of applications that protect children online and parents themselves should not fall behind on the technological development of their children.
However, parents should not rely on technical means alone: they should not only manage how long their child spends online but work on developing digital literacy for themselves and their child. Parents should also build trust-based relationships with their child. After all, if he or she is scolded for being on social networks, then the child will be too afraid to turn to his or her parents for help if a dangerous situation occurs and the child will be left alone with his or her problem.
Sometimes ransomware developers make mistakes in their code. These mistakes could help victims regain access to their original files after a ransomware infection. This article is a short description of several errors, which were made by the WannaCry ransomware developers.Errors in file removal logic
When Wannacry encrypts its victim’s files, it reads from the original file, encrypts the content and saves it into the file with extension “.WNCRYT”. After encryption it moves “.WNCRYT” into “.WNCRY” and deletes the original file. This deletion logic may vary depending on the location and properties of the victim’s files.The files are located on the system drive:
- If the file is in an ‘important’ folder (from the malware developers’ point of view – e.g. Desktop and Documents), then the original file will be overwritten with random data before removal. In this case, unfortunately, there is no way to restore the original file content.
- If the file is stored outside of ‘important’ folders, then the original file will be moved to %TEMP%\%d.WNCRYT (where %d denotes a numeric value). These files contain the original data and are not overwritten, they are simply deleted from the disk, which means there is a high chance it will be possible to restore them using data recovery software.
Renamed original files that can be restored from %TEMP%
- Ransomware creates the “$RECYCLE” folder and sets hidden+system attributes to this folder. This makes this folder invisible in Windows File Explorer if it has a default configuration. The malware intends to move the original files into this directory after encryption.
- However, because of synchronization errors in the ransomware code in many cases the original files stay in the same directory and are not moved into $RECYCLE.
- The original files are deleted in an unsecure way. This fact makes it possible to restore the deleted files using data recovery software.
The procedure that determines the temporary directory to store original files before removal
Original files that can be restored the from a non-system drive
The procedure that constructs the temporary path for an original file
The piece of code calling the above proceduresRead-only files processing error
While analysing WannaCry, we also discovered that this ransomware has a bug in its read-only file processing. If there are such files on the infected machine, then the ransomware won’t encrypt them at all. It will only create an encrypted copy of each original file, while the original files themselves only get the “hidden” attribute. When this happens, it is simple to find them and restore their normal attributes.
Original read-only files are not encrypted and stay in the same placeConclusions
From our in depth research into this ransomware, it is clear that the ransomware developers have made a lot of mistakes and, as we pointed out, the code quality is very low.
If you were infected with WannaCry ransomware there is a good possibility that you will be able to restore a lot of the files on the affected computer. To restore files, you can use the free utilities available for file recovery. We advise organizations share this article with their system administrators – as they can use the file recovery utilities on affected machines in their network.