What Makes A Cyber Criminal?

The UK’s National Crime Agency has published research into how and why some young people become involved in cyber-crime.

The report, which is based on debriefs with offenders and those on the fringes of criminality, emphasises that financial gain is not necessarily a priority for young offenders. Instead, the sense of accomplishment at completing a challenge, and proving oneself to peers in order to increase online reputations are the main motivations for those involved in cyber criminality.

During his debrief, Subject 7, who was jailed for Computer Misuse Act and fraud offences, told officers, “…it made me popular, I enjoyed the feeling… I looked up to those users with the best reputations.”

The report identifies that some offenders begin by participating in gaming cheat websites and “modding” (game modification) forums before progressing to criminal hacking forums.

The assessment notes that off-the-shelf tools such as DDOS-for-hire services and Remote Access Trojans (RATs) are available with step by step tutorials at little to no cost to the user, making the skills barrier for entry into cybercrime lower than it has ever been.

It also highlights that whilst there is no socio-demographic bias, with people across the country from different backgrounds among offenders, the average age of cyber criminals is significantly younger than other crime types. In 2015, the average age of suspects in cybercrime investigations was 17 years old, compared to 37 in drugs cases and 39 in economic crime cases.

Subject 1, a member of a hacking collective who sold DDoS tools and Botnet services, told officers that a warning from law enforcement would have made him stop his activities.

The report also identifies education and opportunities to use skills positively as helpful in steering potential offenders towards a future career in cyber-security.

Security Magazine

You Might Also Read:

Young People’s Concerns About Job Automation:

UK Fraud Hits £1.1bn As Cyber Crime Soars:

UK National Cyber Security College Locates To Bletchley Park:

 

« How Social Media Influences Elections
Cambodia’s Cyber War Room »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ACID Technologies

ACID Technologies

ACID provide a supplementary layer of protection by performing searches to detect potential threats and risks before actual attacks commence.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

IABG

IABG

Activities include consulting services in the development of software systems in the area of secure information and data communication.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

Quaynote Communications

Quaynote Communications

Quaynote Communications is a specialist conference and communications company focused primarily on the maritime, yachting, aviation and security industries.

Qatar Computing Research Institute (QCRI)

Qatar Computing Research Institute (QCRI)

QCRI perform cutting-edge research in such areas as Arabic language technologies, social computing, data analytics, distributed systems, cyber security and computational science and engineering.

Portuguese Institute for Accreditation (IPAC)

Portuguese Institute for Accreditation (IPAC)

IPAC is the national accreditation body for Portugal. The directory of members provides details of organisations offering certification services for ISO 27001.

SecureMisr

SecureMisr

SecureMisr is a trusted advisor and leading cybersecurity services and solutions provider across the Middle East and Africa.

Secure-CAV Consortium

Secure-CAV Consortium

Secure-CAV is a technology-led consortium funded by Innovate UK to drive the development of cybersecurity solutions for connected and autonomous vehicles.

Sevatec

Sevatec

Sevatec’s Active Cyber Defense (ACD) methodology proactively defends against adversarial kills chain, addressing active and emerging threats while reducing program vulnerabilities and risks.

SearchInform

SearchInform

SearchInform is a leading risk management product developer, protecting business and government institutions against data theft, harmful human behavior, compliance breaches and incomplete audit.

Blackfoot Cybersecurity

Blackfoot Cybersecurity

At Blackfoot, we work in partnership with you to deliver on-demand cyber security expertise and assurance, keeping you one step ahead of threats & compliant with regulations.

State Service of Special Communications & Information Protection of Ukraine (SSSCIP)

State Service of Special Communications & Information Protection of Ukraine (SSSCIP)

State Service of Special Communications and Information Protection is the technical security and intelligence service of Ukraine, under the control of the President of Ukraine.

Qohash

Qohash

With a focus on data security, Qohash supports security, compliance and optimization use cases enhancing your risk management process.

Panacea Infosec

Panacea Infosec

Panacea Infosec is a leading provider of information security compliance services. We help our clients in protecting their data, reducing security risks and fighting cybercrime.

Material Security

Material Security

Material is solving one of the most fundamental problems in security: protecting the data sitting in mailboxes.