The rise of teen hackers ‘makes for a good headline’, but cyber crime activities peak later in life
With family responsibilities and mortgages to pay, it's not teenagers dishing out malware or carrying out cyber extortion
While much emphasis has been placed on the rise of youth cyber crime over the last two years, new research shows hacker activity peaks much later.
Orange Cyberdefense looked at the numbers and found that it's actually thirty- and forty-somethings that are the greatest threat.
The company’s intelligence team analyzed 418 publicly announced law enforcement activities between 2021 and mid-2025 and found that offenders’ activities peaked between the ages of 35 and 44. This age group, they said, accounted for 37% of cyber crime cases.
Put together, the combined age groups of 25-to-44 make up well over half (58%) of analyzed cyber crime cases.
Only one-in-five (21%) incidents were the work of 18-to-24-year-olds. Despite the bad press they get in movies and the news, 12-to-17s were behind fewer than 5% of cases.
“The surge in cyber offences committed by teenagers in recent years may be creating a false impression of the age of today's cyber criminals," said Charl van der Walt, head of security research at Orange Cyberdefense.
"The sensationalist interpretation of cyber crime's youthfulness makes for a good headline, but these findings appear to tell a different story."
Differing motives
One big difference between the kids and their elders is the underlying motivation behind attacks, researchers noted. As you might expect, younger hackers are frequently experimenting while the older cohort is in it primarily for financial gain.
Among 18-24-year-olds, cyber criminal activity is highly diverse, though there's a focus on hacking (30%) in particular, followed by selling stolen data and DDoS attacks (10% each).
Things start to change among offenders aged between 25 and 34, who tend to focus on more profitable activities such as selling stolen data (21%), cyber extortion (14%) and malware deployment (12%).
This trend continues among 35-to-44 year olds, where cyber extortion (22%) is the crime of choice, followed by malware (19%) and cyber espionage (13%), hacking (10%), and money laundering (7%).
"While younger, less experienced hackers engage in highly diverse – and often noticed and reported – actions, they may be less likely to engage in calculated, profit seeking activity," said van der Walt.
"Instead, cyber crime careers appear to peak much later into adulthood, accompanied by vastly more sophisticated and intentional techniques.”
Some of those teen-related activities are very high profile indeed. Late last year, for example, a 15-year-old was outed by security researcher Brian Krebs as a member of Scattered LAPSUS$ Hunters – the group responsible for the Jaguar Land Rover (JLR) and M&S cyber attacks.
Two teenagers, meanwhile, are set to face charges for the 2024 hack of Transport for London (TfL), while another pair have been arrested for the data breach of the Kido chain of children's nurseries.
FOLLOW US ON SOCIAL MEDIA
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
-
Sam Altman pours cold water on AI 'jobs apocalypse' concernsNews OpenAI CEO Sam Altman “thought there would have been more impact” on white collar and entry-level jobs at this point
-
Everything you need to know about Euro-OfficeNews Euro-Office offers a sovereign European rival to Microsoft Office and Google Docs
-
Hackers are turning up at law firms to gain physical access to machinesNews The FBI is warning companies to look out for fake IT staff
-
New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacksNews NTT researchers warn that the RaaS group is leveraging SystemBC malware to establish covert tunnelling, evade detection, and support rapid lateral movement across enterprise environments
-
Instructure chose to a pay ransom following the Canvas cyber attack – research shows more than half of security leaders would follow suitAnalysis Opting to pay ransoms creates huge risks for enterprises – you’re relying on the word of criminals
-
UK government calls on firms to sign Cyber Resilience Pledge as security sector boomsNews With new figures showing a boom in the country's cybersecurity sector, the government calling on businesses to make the most of the industry’s expertise
-
Claude users beware, hackers are using a fake website to dupe developers and deliver malwareNews 'Beagle' is deployed through a Dynamic Link Library (DLL) sideloading chain, and gives attackers remote access to the system
-
‘We’re not investing as much as we should in their skills and development’: Skills shortages remain a key factor in security breaches — and things could get worse with AI in the equationNews Skills capabilities remain a key factor in security breaches, according to a new study
-
Ransomware negotiator sentenced for role in major cyber crime groupNews Deniss Zolotarjovs was a key player in a group associated with Conti
-
North Korean hackers are duping freelance developers with fake interviews to steal cryptocurrency and deliver malware — Sophos warns the 'Nickel Alley' group is using LinkedIn, Upwork, and Fiverr to target victimsNews A fake interview process uses coding tests and repo downloads to deliver malware
