Cybercrime sets the gender equality bar

Trend Micro Australia Pty Ltd

By Mayra Rosario Fuentes, Senior Threat Researcher, Trend Micro
Monday, 17 April, 2023


Cybercrime sets the gender equality bar

For a subculture you’d expect to be dominated by males, the cybercrime underground is fast becoming a bastion of equal opportunity, at least from a gender perspective, with participants judged more on their skills than the pronoun with which they choose to identify themselves.

Indeed, with anonymity playing a big role in cybercrime and the groups behind it, gender tends to play a much less important role than in many other online communities. This is despite a broad assumption that most cybercriminals are male — a belief made plain by the way the law enforcement fraternity often talks about cybercriminals.

Gender bias is commonplace

It’s far more common to see police bulletins and media reports use the terms ‘he’ or ‘him’ rather than ‘she’ or ‘her’ when referring to cybercriminals whose identities may not yet be known or attributed to the crime in question.

However, this tendency to generally accept that most cybercriminals are male can be a problem. Gender biases and the presumption that a cybercriminal is male can in fact hinder the law enforcement process. For this reason, security practitioners should not simply assume that criminals are male.

Our research teams have a longstanding policy of using terms such as ‘them’ or ‘they’ to refer to threat actors. It makes sense. This practice removes gender bias — something that has the potential to lead an investigator down the wrong path.

Gender bias, whether explicit or implicit, can severely undermine a criminal investigation. This is because, when it comes to cybercrime, gender influences individuals’ different experiences and shapes their respective roles among cybercriminal groups or hackers.

But gender bias towards the cybercrime community is understandable. In years gone by, the cybercriminal underground economy was often less accepting of individuals who identified as women. Our research in this area suggests that over the past few years, gender has been discussed less than it was previously when it comes to the business of cybercrime.

Today, women sometimes receive a positive reputation due to their gender — a far cry from the harassment, poor reputation and low popularity points on forums that many females used to receive from the hacker community.

While it would be disingenuous to suggest that the cybercrime community has become broadly more accepting of women, it is reasonably accurate to say that gender is simply less of an issue or barrier when conducting business in the underground.

Capability outweighs gender

Cybercriminals today seem to be judged more on capability than gender. Our research has revealed that most job advertisements or affiliate postings found in the underground are typically gender neutral and open to everyone, as long as they have the right skills. This is not dissimilar to job ads in the non-underground workforce, where gender is usually not mentioned.

Even recruitment posts for cybercriminal gangs typically do not mention gender. Where gender is discussed, underground jobs ads in cybercrime forums targeting women specifically include muling for drug trafficking or money laundering, call centre jobs, and social engineering and romance scams — areas in which a female voice can increase the effectiveness of an exploit.

It should come as little surprise, then, that many cybercrime forums are seeing far more females participating in discussions than in the past. Our research found that 61% of visitors to one such forum, Sinister, were female. Compare this to Stack Overflow, a popular developer and programming forum, on which just 12% of visitors were found to be female, according to our research.

More broadly, approximately 30% of cybercriminal forum participants are women, according to our analysis of research that made use of the Gender Analyzer V5 tool, created in 2008 by uClassify, a machine learning web service to create and use text classifiers.

The shift in gender ratio within the cybercriminal community comes amid changes to gender ratio imbalances in the broader tech industry.

Compared to previous years, there are now more women involved in science, technology, engineering and mathematics (STEM) jobs, and it is likely that this has spilled over into the underground as it also follows offline societal and business changes.

Just as the regular business community has a need for talent and skill to bolster their bottom lines, so too do cybercriminal endeavours. Most cybercrime is, after all, about making money. Gender doesn’t figure into the decision-making process when it comes to finding the right person to support or carry out an exploit, especially when so many bad actors obscure their true identities.

This combination of needs and community dynamics has seen the criminal underground become one of the most meritocratic online communities in existence, where people are valued only for their skills and experience when it comes to conducting exploits.

Although a meritocracy is generally a good thing, in the world of cybercrime the gender diversity it drives is likely to hamper investigation efforts unless traditional biases can be overcome.

With this in mind, it is important that those investigating cybercrime avoid assumptions of male personas while carrying out their work. As a starting point, let’s stop referring to suspects as ‘he’ or ‘him’, as this creates an inherent bias as criminal cases progress.

Using non-gender specific pronouns such as ‘they’ will not only cover any gender involved, but may also encourage investigators to factor in that more than one person may be behind a single moniker under investigation.

With a broader, less blinkered view of criminals, law enforcers may have a better chance of pinning down their quarry and more effectively fighting cybercrime.

Image credit: iStock.com/jxfzsy

Related Articles

Too much of a good thing: Australia's cyber overlap issue

Recent research indicates many organisations may have too many security systems with overlapping...

The true cost of cyber attacks

The average annual expense of recovering and dealing with cyber attacks has surpassed AU$4.1...

Tackling the human element in modern authentication: the phishing-resistant user

Integrating human-centric cybersecurity strategies is not merely an option but a necessity in...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd