The United Kingdom’s National Crime Agency has published research into how and why some young people become involved in cybercrime.
The report, which is based on debriefs with offenders and those on the fringes of criminality, emphasizes that financial gain is not necessarily a priority for young offenders. Instead, the sense of accomplishment at completing a challenge, and proving oneself to peers in order to increase online reputations are the main motivations for those involved in cyber criminality.
During his debrief, Subject 7, who was jailed for Computer Misuse Act and fraud offences, told officers, “…it made me popular, I enjoyed the feeling… I looked up to those users with the best reputations.”
The report identifies that some offenders begin by participating in gaming cheat websites and “modding” (game modification) forums before progressing to criminal hacking forums.
The assessment notes that off-the-shelf tools such as DDOS-for-hire services and Remote Access Trojans (RATs) are available with step by step tutorials at little to no cost to the user, making the skills barrier for entry into cybercrime lower than it has ever been.
It also highlights that whilst there is no socio-demographic bias, with people across the country from different backgrounds among offenders, the average age of cyber criminals is significantly younger than other crime types. In 2015, the average age of suspects in cybercrime investigations was 17 years old, compared to 37 in drugs cases and 39 in economic crime cases.
Subject 1, a member of a hacking collective who sold DDoS tools and Botnet services, told officers that a warning from law enforcement would have made him stop his activities.
The report also identifies education and opportunities to use skills positively as helpful in steering potential offenders towards a future career in cybersecurity.