One Third Of Cyber Criminals Are Women

Female engagement in cyber crime is a lot higher than other parts of crime, according to a new report, which raises some interesting questions about possible gender bias in investigations. 

In a research paper Trend Micro show that while female cyber criminals are in the minority, they most certainly do exist in large numbers and they say an investigator should be open to this possibility from the start.

It revealed that 30% of those XSS forum users were women, rising to 36% of Hackforums users. XSS and Hack Forums are popular entrances into the world of criminal hacking, with tutorials and millions of posts teaching the relevant skills.  

“Our control group consisted of 10 aliases that posted their gender profiles online and identified themselves as women from XSS and Hackforums,” the report noted. “When we ran posts from these users through the text analyzer, results indicated that all the aliases were classified as female with an average classifier percentage of 82.4%.”

Trend Micro's researchers also used an  AI tool to discover the gender of cyber crime forum users. Semrush is an SaaS  search engine marketing solution that uses machine learning algorithms to analyse data from social networks and other third-party sources, in order to determine the demographic information of web users, such as gender. Its analysis claimed an even higher percentage of dark web forum users were women: 41% of XSS users and 40% of Hackforums users.

By contrast, 4–8% of the prison population in the UK, Russia and US is female, according to data cited in the report. If accurate, the findings would also indicate that a higher percentage of women participate in cyber crime than currently work in the cyber security industry. The latest estimates from ISC2 say the number is about 24%, although it increases to 30% in the under-30s.

Trend Micro suggest that the cyber crime economy appears generally welcoming of all individuals so long as they have the right skills and experience. This is in contrast to the 'legitimate' industry where sexism is prevalent

That should be a reminder to investigators never to assume a malicious actor’s gender, it concluded. “It is our recommendation for all investigators to avoid assumptions of male personas while carrying out their work - such as referring to a suspect as ‘he’ or ‘his’ - as this creates an inherent bias as they progress their case,” says the Report.

Various academic research has found that there are complex reasons behind the very low percentage of women working in the cyber security industry. Yet women could be the key to overcoming the shortage of skilled workers required to combat the growing threat of online crime.

Trend Micro:   Jo. Advances in Humabities:    Infosecurity Magazine:      ICS2:    Cyber Peace Inst.:   

Cybesecurity Ventures:     Krebs on Security:    Heimdal Security:   

You Might Also Read:

More Women Needed In Cyber Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Two Cities In Californian  Attacked
Which CI/CD Tools Can Promote Supply Chain Security? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cofense

Cofense

Cofense (formerly PhishMe) is a leading provider of human-driven phishing defense solutions.

CodeOne

CodeOne

CodeOne provides solutions for website and web app security.

Mitchell Sandham

Mitchell Sandham

Mitchell Sandham is an, independent insurance and financial services brokerage. Business products include Cyber/Privacy Liability insurance.

Center for Cyber & Homeland Security (CCHS)

Center for Cyber & Homeland Security (CCHS)

The Center for Cyber and Homeland Security at Auburn University is a nonpartisan think tank that works to develop innovative strategies to address current and future threats to the United States.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

World Congress on Industrial Control Systems Security (WCICSS)

World Congress on Industrial Control Systems Security (WCICSS)

The World Congress on Industrial Control Systems Security (WCICSS) is focused on emerging trends in protection of industrial control systems.

German Israeli Partnership Accelerator (GIPA)

German Israeli Partnership Accelerator (GIPA)

GIPA is based on two pillars: it is an incubator aimed at young academics and a program to transfer cybersecurity expertise to corporate partners.

NINJIO

NINJIO

NINJIO is a leader in cybersecurity awareness training. View IT Security Awareness through a different lens - entertain and educate your users through storytelling.

e-Careers

e-Careers

e-Careers is an edtech institution that provides industry recognised courses and up-skilling solutions to individuals and organisations.

HunCERT

HunCERT

HunCERT's mission is to assist Hungarian Internet Service Providers in applying appropriate procedures to address the risks of computer network incidents and to respond to such incidents.

Open Data Security (ODS)

Open Data Security (ODS)

Open Data Security is a market leader in the information security sector, offering services to companies, governments and individuals, helping them shield from hackers and cyber attacks.

Visory

Visory

Great businesses depend on great technology. We make sure our clients go to market with enterprise-level technology and world-class security for their data and infrastructure.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

SignMyCode

SignMyCode

SignMyCode is a one-stop shop for trusted and authentic code signing solutions to safeguard software.

WireGuard

WireGuard

WireGuard is a communication protocol and free and open-source software that implements encrypted virtual private networks (VPNs).

Softanics

Softanics

Softanics’ ArmDot protects .NET apps with advanced obfuscation, control flow protection, and virtualization, securing code against reverse engineering without requiring agents or environment changes.