Hack attack: what do today’s cybercriminals look like?

When we think of a hacker most of us mentally turn to Hollywood. We’ll conjure up a picture of a young person (in a hoodie, of course) in their late teens or early twenties. They’ll be motivated by fame or perhaps some sense of justice or an anarchic desire to cause mischief – they will rarely be truly evil.

This stereotype is both a little bit right and very wrong. The typical hacker, according to the online payments company Jumio, is usually between 29 and 49 and male. The cyber-security site Secure Thoughts went one better and came up with a composite image of a typical hacker. Turns out that they are white, male and in their early thirties. But don’t let this profile fool you. The reality these days is that a hacker could be anyone.

What is perhaps more unexpected is the location of these hackers. Hacking may have started in the West but it is now as globalised as any other industry. The lone-wolf stereotype is wrong, too. Hackers tend to work in groups, which may be physical or virtual. They will often meet online in forums or chatrooms to share tips, hone their skills and to show off about their exploits. There is a strong sense of community and there are dozens of prominent groups such as LulzSec and Anonymous.

There is also a very wide spectrum of motivations. Some really do just do it for kicks. Others are motivated by a desire to attack large global corporations or to sow the seeds of anarchy. Some are in it for the money. Moreover, any single individual may occupy several points on this spectrum – they may be hacking for fun as well as profit. Finally, there are those who use their skills for good, who are called “white hat” hackers.

Sergey Pavlovich, a former cybercriminal from Belarussia who went under the name Police Dog and has now written a book called How to Steal a Million, is a high-profile example of some of these traits. He started young with card fraud before perfecting his hacking skills in a variety of online forums. It was all a bit of a game for Pavlovich, but the “game” eventually led to serious crimes. Pavlovich was jailed in 2009 and released in 2015. Since his exploits, hacking has become far more about organised crime. Criminals now rent hacking services or develop their own expertise in-house.

This could involve anything from industrial espionage to vast data breaches to the theft of millions of dollars. Criminals may hold companies to ransom, or they may try to prove a political point. Their ability to wreak havoc has increased exponentially as the world has become more and more connected – and that momentum appears to be difficult to stop.

The scale of the crimes can be breathtaking. In 2015, the security firm Kaspersky uncovered a global hacking ring that had stolen about $1bn from more than 100 banks across the world. No less astounding was the sophistication of the hackers’ techniques. They had used spyware to watch bank staff and learn their routines. They were then able to use these observations for criminal purpose.

So who is the typical hacker? Well, it’s impossible to say. It could be anyone from a bright 15-year-old on your street to a crime lord who funnels the proceeds back to fund further illegal activities. Moreover, it is not impossible that at some point, the paths of these two will cross, however briefly.

The most important thing to remember is that many hackers are now part of criminal organisations. They’re not doing it just for kicks. They’re serious – which is why we all need to take the issue of cyber-security very seriously indeed.

Find out more about staying digitally safe, visit thetimes.co.uk/connectedfamilies