One Third Of Cyber Criminals Are Women

Uploaded on 2023-03-08 in NEWS-Cybersecurity News, FREE TO VIEW

Female engagement in cyber crime is a lot higher than other parts of crime, according to a new report, which raises some interesting questions about possible gender bias in investigations. 

In a research paper Trend Micro show that while female cyber criminals are in the minority, they most certainly do exist in large numbers and they say an investigator should be open to this possibility from the start.

It revealed that 30% of those XSS forum users were women, rising to 36% of Hackforums users. XSS and Hack Forums are popular entrances into the world of criminal hacking, with tutorials and millions of posts teaching the relevant skills.  

“Our control group consisted of 10 aliases that posted their gender profiles online and identified themselves as women from XSS and Hackforums,” the report noted. “When we ran posts from these users through the text analyzer, results indicated that all the aliases were classified as female with an average classifier percentage of 82.4%.”

Trend Micro's researchers also used an  AI tool to discover the gender of cyber crime forum users. Semrush is an SaaS  search engine marketing solution that uses machine learning algorithms to analyse data from social networks and other third-party sources, in order to determine the demographic information of web users, such as gender. Its analysis claimed an even higher percentage of dark web forum users were women: 41% of XSS users and 40% of Hackforums users.

By contrast, 4–8% of the prison population in the UK, Russia and US is female, according to data cited in the report. If accurate, the findings would also indicate that a higher percentage of women participate in cyber crime than currently work in the cyber security industry. The latest estimates from ISC2 say the number is about 24%, although it increases to 30% in the under-30s.

Trend Micro suggest that the cyber crime economy appears generally welcoming of all individuals so long as they have the right skills and experience. This is in contrast to the 'legitimate' industry where sexism is prevalent

That should be a reminder to investigators never to assume a malicious actor’s gender, it concluded. “It is our recommendation for all investigators to avoid assumptions of male personas while carrying out their work - such as referring to a suspect as ‘he’ or ‘his’ - as this creates an inherent bias as they progress their case,” says the Report.

Various academic research has found that there are complex reasons behind the very low percentage of women working in the cyber security industry. Yet women could be the key to overcoming the shortage of skilled workers required to combat the growing threat of online crime.

Trend Micro:   Jo. Advances in Humabities:    Infosecurity Magazine:      ICS2:    Cyber Peace Inst.:   

Cybesecurity Ventures:     Krebs on Security:    Heimdal Security:   

You Might Also Read:

More Women Needed In Cyber Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Two Cities In Californian  Attacked
Which CI/CD Tools Can Promote Supply Chain Security? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Paraben

Paraben

Paraben provides digital forensics solutions for mobile devices, smartphones, email, hard drives, and gaming system.

CERT Polska

CERT Polska

CERT Polska is the first Polish computer emergency response team and operates within the structures of NASK (Research and Academic Computer Network) research institute.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

SISA

SISA

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive and corrective cybersecurity solutions.

ClickDatos

ClickDatos

ClickDatos specializes in consulting, auditing, data protection training, accredited by ISO/IEC 27001 certification.

Pindrop Security

Pindrop Security

Pindrop solutions are leading the way to the future of voice by establishing the standard for security, identity, and trust for every voice interaction.

ATIA

ATIA

ATIA provides consulting services in the design and implementation of IT system, Information Security, ISO certification, and professional IT training and education.

Dualog

Dualog

Dualog provides a maritime digital platform which ensures that services work reliably and securely onboard.

Xilinx

Xilinx

Xilinx is the inventor of the FPGA, programmable SoCs, and now, the ACAP. We are building the Adaptable, Intelligent World.

Zero Networks

Zero Networks

With Zero Network, you can achieve affordable, airtight network access security at scale.

OffSec

OffSec

OffSec have defined the standard of excellence in penetration testing training. Elite security instructors teach our intense training scenarios and exceptional course material.

Eunetic

Eunetic

Eunetic IT security solutions - we secure your websites, emails, domains and data.

ActiveFence

ActiveFence

ActiveFence enables Trust & Safety teams to be proactive about online integrity so they can keep their users safe from online harm – across content formats, languages, and abuse areas.

Knownsec

Knownsec

Knownsec provides customers with cloud defense, cloud monitoring, and cloud mapping products and services with "AI + security big data" as the underlying capability.

Orca Technology

Orca Technology

Orca is a UK-based Managed Service Provider delivering end-to-end managed IT services, support, hosted desktop, cloud solutions and strategic guidance.

Amplix

Amplix

In the race to create value for your enterprise, Amplix is your best asset for making technology decisions and optimizing your IT infrastructure, cloud usage, and security posture.