Why the hacker world is getting younger

How the accessible nature of crime can appeal to younger generations

When discussing the climb of hacker and malware attacks across the world, it’s worth pointing out how accessible the hacking “economy” is. And with accessibility fosters a younger generation of malicious actors, something we haven’t observed in force before. Don’t get me wrong, there’s always been a community of teens that learn the versatile power of computer exploits. But today, that’s transitioning into a concrete reality, that complex hack attempts are no longer exclusive to the trained and educated.

But it’s a problem of bigger gravitas than just “kids finding a way to cause trouble.” For instance, in March 2022 a handful of teens between the ages of 16-22 were arrested with a tied association to the Lapsus$ hacker group. Said group managed some alarming breaches, such as with the gaming/media company EA. Other companies like Ubisoft and Samsung were also targets, the point being these are “big fish” for younger minds to hunt.

There’s a bit to unpack here, but it reminds me of something. Wargames, a film released in the 1970’s, starred a young man with an “interest” in computers (hacking) which led him to such shenanigans like hacking his school’s network by way of password theft, and then coming into contact with what was essentially a war simulation system.

No, I’m not suggesting that hacking a school computer means one can then suddenly launch attacks on infrastructure, much less the military. That would be crazy!

And yet, fiction this movie was, I see parallels to that and today. Why bring it up? Because at the very least, I think it’s important to understand the environments which lead to these results. After all, it’s never as simple as “bad kid does bad thing.”

Safety, accessibility, and agility

You’re young and you have little control in your life. But then, you find a skill, a skill with real-world applications, that’s got training and knowledge right at your fingertips so long as you have a network connection, which could, potentially, yield you insane profits.

That, I think, is the initial lure of hacking and ransomware gangs. Learning code, understanding network infrastructure, learning how to deploy executables, things like that can be found on the net and learned about. One is not limited by physical space or even money to study malicious tactics. Heck, I’ve already pointed out RaaS kits and providers taking out most of the digital legwork.

And when it’s learned, it’s power. Small, but power enough. You can upend a whole network. You could demand ransom from victims. You don’t need to physically threaten someone or even be in proximity to your target. If you fail, you can hide your location and try again. If you’re careful, you might potentially never be caught. Digital it all is, but it’s still money and power, and to a young person, that’s enticing depending on their environment and background.

Speaking of environments, our world is only growing more reliant on digital mediums, network connections, and remote capabilities. Basically, opportunities are limitless for up-and-coming hackers, and you don’t have to look far to see just how severe cyber attacks can be. Once more, hackers can take advantage of hot topics and international events/turmoil to increase their effectiveness. In other words, a young person doesn’t need the knowledge of organizational experts to get into “dark web” tactics.

Not the same “passion” for cybersecurity defense

So, you’ve got stories about ransomware and hacker gangs comprised of teens. Do you see the same for “defense?” Not really. It’s a nice thought, to imagine an altruistic group of young somethings dedicated to the art of cybersec knowledge and defense with the same “passion” as hackers. But the reality is, cyber crime is a more attractive prospect, and it’s outpacing the means to protect data and networks.

Therefore, looking at the whole picture, you’ve got the “perfect” environment for the fostering of younger hackers and malware gangs: accessibility, ease of application, numerous targets of varying size, and potential for big payouts.

By recognizing this, we can get insight into how the future of the cybersecurity and IT realm will look in the next five to ten years. How we shape our defense will determine whether it’s a good or bad future.

-Douglas James

Still concerned? You can get help today with Bytagig by contacting us.

 

Share this post: