One Third Of Cyber Criminals Are Women

Female engagement in cyber crime is now a lot higher than other parts of crime, according to a new report, which raises some interesting questions about possible gender bias in investigations. In a research paper Trend Micro show that while female cyber criminals are in the minority, they most certainly do exist in large numbers and they say an investigator should be open to this possibility from the start.

It revealed that 30% of those XSS forum users were women, rising to 36% of Hackforums users. XSS and Hack Forums are popular entrances into the world of criminal hacking, with tutorials and millions of posts teaching the relevant skills.  

“Our control group consisted of 10 aliases that posted their gender profiles online and identified themselves as women from XSS and Hackforums,” the report noted. “When we ran posts from these users through the text analyzer, results indicated that all the aliases were classified as female with an average classifier percentage of 82.4%.”

Trend Micro's researchers also used an  AI tool to discover the gender of cyber crime forum users. Semrush is an SaaS  search engine marketing solution that uses machine learning algorithms to analyse data from social networks and other third-party sources, in order to determine the demographic information of web users, such as gender. Its analysis claimed an even higher percentage of dark web forum users were women: 41% of XSS users and 40% of Hackforums users.

By contrast, 4–8% of the prison population in the UK, Russia and US is female, according to data cited in the report. If accurate, the findings would also indicate that a higher percentage of women participate in cyber crime than currently work in the cyber security industry. The latest estimates from ISC2 say the number is about 24%, although it increases to 30% in the under-30s.

Trend Micro suggest that the cyber crime economy appears generally welcoming of all individuals so long as they have the right skills and experience. This is in contrast to the 'legitimate' industry where sexism is prevalent

That should be a reminder to investigators never to assume a malicious actor’s gender, it concluded. “It is our recommendation for all investigators to avoid assumptions of male personas while carrying out their work - such as referring to a suspect as ‘he’ or ‘his’ - as this creates an inherent bias as they progress their case,” says the Report.

Various academic research has found that there are complex reasons behind the very low percentage of women working in the cyber security industry. Yet women could be the key to overcoming the shortage of skilled workers required to combat the growing threat of online crime.

Trend Micro:   Jo. Advances in Humabities:    Infosecurity Magazine:      ICS2:    Cyber Peace Inst.:   

Cybesecurity Ventures:     Krebs on Security:    Heimdal Security:   

You Might Also Read:

More Women Needed In Cyber Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Two Cities In Californian  Attacked
Which CI/CD Tools Can Promote Supply Chain Security? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSR Privacy Solutions

CSR Privacy Solutions

CSR Privacy Solutions is a leading provider of privacy regulatory compliance programs for small and medium sized businesses.

Secure360

Secure360

Secure360 focuses on the following key areas: governance, risk and compliance, information security, physical security, business continuity management, and professional development.

CloudCodes Software

CloudCodes Software

CloudCodes is a cloud security solutions provider focused on providing cloud security solutions to enterprise customers.

Stormshield

Stormshield

Stormshield is a European leader in digital infrastructure security. We offer smart, connected solutions in order to anticipate attacks and protect digital infrastructures.

BitSight Technologies

BitSight Technologies

BitSight transforms how companies manage information security risk with objective, verifiable and actionable Security Ratings.

Cryptovision

Cryptovision

cv cryptovision GmbH is one of the leading specialists for modern, user-friendly cryptography and solutions for secure electronic identities.

NETAS

NETAS

Netas offers solutions in information and communication technologies including end-to-end value added solutions, system integration and technology services to providers and corporations.

Tricerion

Tricerion

SafeLogin from Tricerion is an entirely software based identity access management solution that uses picture based passwords rather than alphanumeric text.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

Trustelem

Trustelem

Trustelem offers European and global companies a ready-to-use access management service that respects the principles of sovereignty, territoriality and privacy.

Hacken

Hacken

Hacken provide a range of cybersecurity services including security assessments, blockchain security audits, and secure software development.

Razorpoint Cybersecurity

Razorpoint Cybersecurity

Razorpoint’s world-class security experts have provided advanced, effective cybersecurity expertise to corporate and public-sector organizations around the world.

Iterasec

Iterasec

Iterasec provides a full range of security services to hacker-proof your products and make software engineering process secure by design.

US Fleet Cyber Command (FLTCYBER)

US Fleet Cyber Command (FLTCYBER)

US Fleet Cyber Command is responsible for Navy information network operations, offensive and defensive cyberspace operations, space operations and signals intelligence.

Anonomatic

Anonomatic

Anonomatic’s mission is to make data privacy secure, simple and cost effective. We are Data and Privacy Experts who are passionate about helping organizations solve PII compliance.

Guardey

Guardey

Guardey protects thousands of SME's environments. Whether your team works at the office, at home, at the customer or remotely. We protect your business. We do this in an accessible and affordable way.

ASRC Federal

ASRC Federal

ASRC Federal’s mission is to help federal civilian, intelligence and defense agencies achieve successful outcomes and elevate their mission performance.