A family member just told me they’d bought a cheap second-hand laptop for their 9-year-old. Turns out the laptop is so old that it can only run Windows-10. That’s a serious problem.

Microsoft stopped supporting Windows 10 last month (October 2025). No more security updates. No more patches. That means any new weakness discovered in Windows 10 will stay open forever. Hackers know this - and they’re already using automated bots to scan the internet for these vulnerable devices.

Why Antivirus won't help

Antivirus software is designed to detect and block malware, but it cannot fix vulnerabilities in Windows itself. If the OS has a flaw, attackers can exploit it before antivirus even detects the threat.

Why does this matter if it’s “just for gaming”?

Because criminals don’t care about your child’s game passwords—they care about using that laptop as a stepping stone into your home network. Once inside, they can install keyloggers to capture your banking logins, work credentials, or even access other devices. Think of it like having a door in your house with a lock that any burglar can pick using instructions freely available online.

Cybercrime is easier than breaking into homes. Criminals have moved online because it’s faster, safer for them, and more profitable. Kids are prime targets because they click on anything - especially on gaming sites where attackers hide malware behind fake downloads and chat links.

Gaming consoles are safer, particularly for younger kids. Systems like Nintendo Switch, PlayStation, and Xbox are heavily fortified and receive constant security updates. They’re much harder for hackers to compromise compared to an unsupported PC.

Case Study: How a Child’s Gaming Laptop Led to a Household Breach

Ten-year-old Liam loved gaming. His parents bought him a second-hand laptop running Windows 10 so he could play his favourite titles. One afternoon, Liam downloaded a “free mod” from a gaming forum. Hidden inside was malware designed to steal credentials and spread across home networks.

Within minutes, the malware installed itself and began scanning for other devices. It found Liam’s dad’s work laptop connected to the same Wi-Fi. Using stored credentials and Windows networking features, the malware moved laterally and infected the parent’s device.

The next day, Liam’s dad logged into his corporate VPN and online banking from that compromised laptop. The attackers captured his credentials and sold them on the dark web. Within a week, the family’s bank account was drained, and the dad’s employer faced a security incident because the stolen VPN credentials were used to access sensitive company systems.

Bottom Line

Start treating cybersecurity as a bigger risk than physical home security.  Criminals are moving online because online break-ins are safer for them due to the much lower chance of being caught, and even if they are, the ease of fleeing the scene without being unmasked.  Also, the act of breaking-in and stealing can be automated, so in a week or a month they can steal more stuff.

Parents may find this guide useful, i.e. “How to protect your children online” from the Australian Cyber Security Centre:  https://www.cyber.gov.au/sites/default/files/2024-04/Protect-your-children-online_A-guide-to-cyber-security-for-parents-and-carers.pdf

Remember though – it’s not just protecting your children.  The unfortunate reality is that kids online activity is a threat to the whole household.

#cybersecurity #acsc #parenting