Three in 10 cybercriminals are women, study suggests

If you were thinking digital crooks are only men, think again – the cybercriminal underworld is less gender-biased than is commonly portrayed, a study indicates.

From movies to media reports and law enforcement bulletins, the popular belief is that cybercriminals are mainly male.

Commonly, unrecognized threat actors are referred to as “he” and “him” instead of using gender-neutral pronouns like “them” or “they”.

However, as the study by Trend Micro reveals, that is not necessarily true. While it is hard to determine the exact demographics of the cybercriminals, the cybersecurity company’s findings suggest that around 30% of those participating in cybercriminal forums are women.

According to a study, gender is relatively unimportant in cybercriminal communities compared to other types of online gatherings, likely due to the anonymity that leading the life of a cybercriminal requires.

TrendMicro has noted a shift in the cybercriminal underground economy regarding gender inclusivity. By comparing past and current situations, it found evidence that discussions in forums had previously been less accepting of individuals who identified as women. However, in recent years, gender has become less of a focus when conducting ‘business’ within this community.

Expertise and skillsets are highly valued in underground forums, more so than gender. Although women still remain a minority in the cybercriminal community, their presence and influence should not be overlooked.

Analyzed popular hacker forums

TrendMicro conducted the study by analyzing 10 popular cybercrime forums, including five English-language ones: Sinister, Cracked, Breached, Hackforums, and the now-defunct Raidforum. The other five were Russian: XSS, Exploit, Vavilon, BHF, and WWH-Club.

As users on these forums are predominantly anonymous, the researchers employed the Semrush tool for search-engine marketing to determine the gender of forum users. They compared the results with Stack Overflow and Reddit – sites popular among IT enthusiasts. The researchers acknowledge that they cannot fully validate the methods used by third-party tools. However, the research results were quite illustrative.

These revealed that women accounted for 40% of visitors to the English-language cybercrime forums, while men comprised the rest. In the Russian-language forums, 42.6% of visitors were women, while 57.4% were men.

Of the forums analyzed, Sinister had the highest percentage of female visitors, at 61%. By contrast, Stack Overflow, a forum focused on programming and development, saw only 12% of visitors identifying as female.

Three in 10 cybercrime content creators are women

To determine who is creating content on the forums, researchers chose to analyze two popular ones – Russian-language XSS, and English-language Hackforums – using the machine-learning tool Gender Analyzer V5.

Created in 2008 by machine-learning developer uClassify, the software has been tested out on 11,000 blogs, half written by females and half by males, to analyze text and determine the author’s gender.

The study included a control group of 10 users who identified as female on forums. The text analyzer classified all of these as female.

Researchers then looked at 50 random user accounts on the XSS forum and found that 70% were male and the rest were female. Semrush analytics predicted that 59% of visitors to XSS were male and the rest female.

For 50 random aliases from Hackforums, the study found that around two in three were male, similar to the overall gender distribution on English-language forums.

Filling the gender gap

TrendMicro’s findings of around three in 10 cybercriminals identifying as female puts the illegal digital ‘industry’ ahead of the cybersecurity sector in terms of gender equality.

According to a study by ISC2, an organization that trains and certifies IT security professionals, women currently account for about one-quarter (24%) of the overall cybersecurity workforce.

That said, women's involvement in cybersecurity has been increasing, and Cybersecurity Ventures forecasts that by 2025 women will make up 30% of the worldwide cybersecurity workforce, with that number projected to increase to 35% by 2031.

However, the gender gap in STEM (science, technology, engineering, and mathematics) jobs is still prevalent. A study by the International Labour Organization (ILOSTAT) in 2020 found that the country of Georgia had the highest percentage of women employed in STEM fields, with 56% being women. Meanwhile, in the United States, women held 48% of all STEM jobs, compared to the United Kingdom's 40%.

It's worth noting that STEM jobs comprise less than a fifth of employment in all 69 countries covered by the study, with percentages ranging from low digits in several African countries to 15% in the US and the UK, and 17% in Austria.

Gender disparities in access to technology, education, and employment can also affect how individuals engage in cybercrime. As STEM jobs have seen increased uptake by women in recent years, it is not surprising that this trend is extending to underground cybercrime communities, reflecting changes in society and business dynamics.

---

More from Cybernews:

Home data spills bring trouble to your door, experts warn

ChatGTP is coming to Slack to make your work life easier

Ransomware attack spreads chaos at a major hospital in Barcelona

Killnet leader urges cyberattack on German arms maker Rheinmetall

Meta on course for thousands more layoffs in further efficiency push

Subscribe to our newsletter