The Hollywood picture of felony hackers being largely teenage ne’er do wells is due for an replace.
That’s as a result of profit-seeking profession criminals — usually approaching center age — make up the biggest cohort of as we speak’s cybercriminals, based on an evaluation of felony instances carried out by Orange Cyberdefence.
The Orange Group’s cybersecurity unit analysed 418 publicly introduced legislation enforcement actions carried out between 2021 and mid-2025, discovering that cyber offenders’ engagement in crime peaks between the ages of 35 and 44, with this demographic accounting for 37% of all of the cybercrime instances reviewed.
Collectively, the mixed age teams of from 25 to 44 make up nicely over half (58%) of analysed cybercrime instances. This all goes towards the Hollywood picture of the maladjusted teen hacker residing of their mum’s basement and as much as no good.
Revenue-motivated cybercrime escalates with age — in contrast to different types of crime the place felony behaviour emerges in adolescence, peaks within the late teenagers or early maturity, after which sharply declines.
The assessment of felony instances discovered that 18- to 24-year-olds had been the defendants in 21% of cybercrime instances, a determine that drops to five% for the 12-to-17 age vary.
Offender profiling
The examine discovered a notable development in cybercrime exercise as offenders age.
Amongst 18- to 24-year-olds, cybercriminal exercise is very numerous, with a deal with hacking (30%), adopted by promoting stolen knowledge and DDoS assaults (10% every).
“The number of actions signifies the experimental, multifaceted nature of this demographic’s engagement in cybercrime as they check boundaries and trial techniques,” based on Orange Cyberdefence.
This begins to shift amongst offenders aged 25 to 34, the place actions similar to promoting stolen knowledge (21%), cyber extortion (14%), and malware deployment (12%) prepared the ground — indicating a transfer towards profit-motivated crime.
The development intensifies among the many 35-44 cohort, the place cyber extortion (22%) is the dominant offence, adopted by malware (19%), cyber espionage (13%), hacking (10%), and cash laundering (7%).
“Whereas youthful, much less skilled hackers interact in extremely numerous crime they might be much less prone to interact in calculated, profit-seeking exercise,” mentioned Charl van der Walt, head of safety analysis at Orange Cyberdefense. “As an alternative, cybercrime careers seem to peak a lot later into maturity, accompanied by vastly extra refined and intentional strategies.”
Cybercrime cartels
Dray Agha, senior safety operations supervisor at managed detection and response providers agency Huntress, mentioned the evaluation illustrates that the “Hollywood picture of a teenage lone wolf hacking for bragging rights” is vastly outdated because the risk panorama is dominated by “extremely organised, profit-driven syndicates.”
“Whereas younger individuals should interact in digital vandalism or act as low-level associates, the architects orchestrating large-scale extortion and malware campaigns are mature adults working what are primarily illicit know-how firms,” Agha mentioned.
Agha argued that the 35-44 age group aligns completely with the talents required to run trendy cybercrime operations, similar to ransomware-as-a-service (RaaS). These professionally run campaigns require challenge administration, software program improvement lifecycles, human sources (recruiting associates), and customer support (negotiating with victims).
“This degree of operational maturity isn’t present in youngsters; it requires the enterprise acumen typical of midcareer professionals,” Agha mentioned.
Whereas it may be comparatively straightforward to breach a weak system, efficiently cashing in on illicit entry is a difficult course of that requires expertise.
“The prominence of cyber extortion and cash laundering within the 35-44 demographic highlights the necessity for a deep understanding of company stress factors, cryptocurrency tumbling, and illicit monetary networks,” Huntress’ Agha added. “Older offenders have the real-world expertise essential to navigate these advanced monetary logistics and switch stolen knowledge into usable money.”
Whereas youthful offenders usually act as “preliminary entry brokers” — discovering the preliminary approach right into a community — this entry is usually bought onto older, extra skilled risk actors who execute the high-stakes extortion and espionage.
“The younger ‘choose the locks,’ whereas the adults ‘run the syndicate,’” Agha mentioned.
Profession ladder
Andra Zaharia, cybersecurity group lead at Pentest-Instruments.com, mentioned that many cybercrime operations look “much less like solo exercise and extra like organised networks with roles, handoffs, and repeatable processes.”
“That construction naturally skews older as a result of it rewards operational self-discipline and belief networks that take time to construct,” Zaharia informed CSO. “Technical talent issues, however so does reliability and consistency over months and years.”
Zaharia added: “Revenue motive additionally reshapes the ‘profession path.’”
Extortion and malware campaigns usually contain completely different individuals for various jobs: entry, tooling, infrastructure, negotiation, and shifting cash.
“Status turns into a type of forex in these environments,” Zaharia concluded. “Actors construct it, shield it, and use it to climb into higher-earning roles.”
