One Third Of Cyber Criminals Are Women

Uploaded on 2023-03-08 in NEWS-Cybersecurity News, FREE TO VIEW

Female engagement in cyber crime is a lot higher than other parts of crime, according to a new report, which raises some interesting questions about possible gender bias in investigations. 

In a research paper Trend Micro show that while female cyber criminals are in the minority, they most certainly do exist in large numbers and they say an investigator should be open to this possibility from the start.

It revealed that 30% of those XSS forum users were women, rising to 36% of Hackforums users. XSS and Hack Forums are popular entrances into the world of criminal hacking, with tutorials and millions of posts teaching the relevant skills.  

“Our control group consisted of 10 aliases that posted their gender profiles online and identified themselves as women from XSS and Hackforums,” the report noted. “When we ran posts from these users through the text analyzer, results indicated that all the aliases were classified as female with an average classifier percentage of 82.4%.”

Trend Micro's researchers also used an  AI tool to discover the gender of cyber crime forum users. Semrush is an SaaS  search engine marketing solution that uses machine learning algorithms to analyse data from social networks and other third-party sources, in order to determine the demographic information of web users, such as gender. Its analysis claimed an even higher percentage of dark web forum users were women: 41% of XSS users and 40% of Hackforums users.

By contrast, 4–8% of the prison population in the UK, Russia and US is female, according to data cited in the report. If accurate, the findings would also indicate that a higher percentage of women participate in cyber crime than currently work in the cyber security industry. The latest estimates from ISC2 say the number is about 24%, although it increases to 30% in the under-30s.

Trend Micro suggest that the cyber crime economy appears generally welcoming of all individuals so long as they have the right skills and experience. This is in contrast to the 'legitimate' industry where sexism is prevalent

That should be a reminder to investigators never to assume a malicious actor’s gender, it concluded. “It is our recommendation for all investigators to avoid assumptions of male personas while carrying out their work - such as referring to a suspect as ‘he’ or ‘his’ - as this creates an inherent bias as they progress their case,” says the Report.

Various academic research has found that there are complex reasons behind the very low percentage of women working in the cyber security industry. Yet women could be the key to overcoming the shortage of skilled workers required to combat the growing threat of online crime.

Trend Micro:   Jo. Advances in Humabities:    Infosecurity Magazine:      ICS2:    Cyber Peace Inst.:   

Cybesecurity Ventures:     Krebs on Security:    Heimdal Security:   

You Might Also Read:

More Women Needed In Cyber Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Two Cities In Californian  Attacked
Which CI/CD Tools Can Promote Supply Chain Security? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Backup Systems

Backup Systems

Backup Systems is a leading backup and disaster recovery systems provider across the UK.

Lanner Electronics

Lanner Electronics

Lanner Electronics is a leading hardware provider for advanced network appliances and industrial automation solutions including cyber security.

Venrock

Venrock

Venrock helps entrepreneurs build some of the world's most disruptive, successful companies. We invest in technology: Security, Cloud Services, Big Data, Healthcare IT, AdTech.

Cord3

Cord3

Cord3 delivers data protection, even from trusted administrators – or hackers posing as administrators – with high privilege.

Ensighten

Ensighten

Ensighten is a leader in Website Security & Privacy Compliance. Protect your website from malicious attacks, monitor & detect vulnerabilities, protect consumer data.

Portshift

Portshift

Portshift leverages the power of Kubernetes and Service-Mesh to deliver a single source of truth for containers and cloud-native applications security.

InferSight

InferSight

InferSight can help you design an architecture that takes into account security, performance, availability, functionality, resiliency and future capacity to avoid technological lock in and limitations

Entara

Entara

Entara (formerly YJT Solutions) is an eXtended Service Provider (XSP) focused on providing cutting edge technology and cyber security solutions to companies in regulated industries.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

WinMagic

WinMagic

At WinMagic, we’re dedicated to making authentication and encryption solutions that protect data without causing user friction so that everyone can work freely and securely.

LaScala

LaScala

LaScala is an IT Managed Services provider delivering technical, security, and compliance solutions with dedication, compassion, and agility.

Logiq Consulting

Logiq Consulting

Logiq Consulting provide a full range of Cyber Security, Information Assurance and System Engineering services.

Frontier Technology Inc. (FTI)

Frontier Technology Inc. (FTI)

Frontier Technology Inc provides the technology and deep data expertise to drive the best defense and intelligence solutions.

RedLattice

RedLattice

RedLattice are at the cutting edge of tool development and AI-assisted vulnerability research in cybersecurity.

Planisys

Planisys

Planisys is a cybersecurity leader specializing in cutting-edge DNS security and email security solutions.

Kali Linux

Kali Linux

Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing.