A UK National Crime Agency report, which is based on debriefs with offenders and those on the fringes of criminality, explores why young people assessed as unlikely to commit more traditional crimes get involved in cyber crime.
Motives and opportunities
It emphasises that financial gain is not necessarily a priority for young offenders. Instead, the sense of accomplishment at completing a challenge, and proving oneself to peers in order to increase online reputations are the main motivations for those involved in cyber criminality.
During his debrief, Subject 7, who was jailed for Computer Misuse Act and fraud offences, told officers, “…it made me popular, I enjoyed the feeling… I looked up to those users with the best reputations”.
The report identifies that some offenders begin by participating in gaming cheat websites and “modding” (game modification) forums before progressing to criminal hacking forums.
The assessment notes that off-the-shelf tools such as DDOS-for-hire services and Remote Access Trojans (RATs) are available with step by step tutorials at little to no cost to the user, making the skills barrier for entry into cyber crime lower than it has ever been.
It also highlights that whilst there is no socio-demographic bias, with people across the country from different backgrounds among offenders, the average age of cyber criminals is significantly younger than other crime types. In 2015, the average age of suspects in NCA cyber crime investigations was 17 years old, compared to 37 in NCA drugs cases and 39 in NCA economic crime cases.
Diverting youngsters towards a more positive path
Many offenders see criminal hacking as a victimless crime, and consider the risk of being caught as low.
Subject 1, a member of a hacking collective who sold DDoS tools and Botnet services, told officers that a warning from law enforcement would have made him stop his activities.
The report also identifies education and opportunities to use skills positively as helpful in steering potential offenders towards a future career in cyber security.
“The aim of this assessment has been to understand the pathways offenders take, and identify the most effective intervention points to divert them towards a more positive path,” Richard Jones, Head of the National Cyber Crime Unit’s Prevent team, noted.
“That can be as simple as highlighting opportunities in coding and programming, or jobs in the gaming and cyber industries, which still give them the sense of accomplishment and respect they are seeking.”