Chapter 7
Understanding Cybercriminals
7.1 Understanding the context
In order to prevent, detect, pursue or punish cybercrimes, it is necessary to
understand the proles and the motivations of cybercriminals. Understanding
a hackers motivation and level of technical skills can help assess how serious
an attack is and assist in devising an appropriate counter-strategy. To secure
an information system, it is necessary to know against whom it needs to be
protected.
The preceding chapters have shown that cybercriminality is within the
power of virtually everyone. There is a vast range of motivations and knowl-
edge among cybercriminals, and the ways of expressing these are many and
varied. Because of this, it is difcult to provide an exhaustive list of possibili-
ties or to present a rigorous classication of cybercriminals.
A rst approach is to classify cybercriminals into two main groups: the
professionals who make money or any kind of prot from their work, and the
amateurs.
178 Cyberpower
7.2 Towards a classication of cybercriminals
A distinction based on prots
The professionals earn a living from these clandestine revenue-generating
activities, while in contrast, the amateurs are more often searching for social
recognition or have found an amusing way to pass time or play games online.
This distinction is far from adequate for a precise categorization of the
whole eld of cybercriminality, but it allows us to distinguish most of their
motivations.
Professional criminals generally fall into one or more of these categories:
any criminal elements connected or not to organized crime;
direct competitors of the organization targeted;
civil servants;
mercenaries (hackers in the pay of an organization in the private or the
public sector).
Amateur criminals may fall into a number of other categories.
Technicians; these can in some sense be viewed as the descendants of
the original “hackers.” They can be computer or security experts. Some
are motivated by the desire to display their mastery of the technologies
or by the search for glory. Others want to contribute to improving the
robustness of technologies or solutions or to identify and remediate vul-
nerabilities or backdoors implanted in security products;
Snoopers and the curious;
Pranksters, also called “script kiddies” or “kidiots,” who frequently
enjoy a great amount of publicity. The fact that they tend to be the
criminals most frequently unmasked should not lead us, however, to
imagine that they are the only type of hackers;
Minor criminals, people with nothing to do, people looking for revenge,
people looking to demonstrate their power, people wanting to join a
gang, voyeurs, etc.;
The mentally ill or psychologically disturbed individuals, egotists, peo-
ple addicted to digital technologies, etc.;
Activists or terrorists working not for money but for an ideological,
political or religious cause, or national pride (frequently more profes-
sional than purely amateur, or a combination of both).
At the most basic level, cybercriminals are simply criminals who use the
Internet for their purposes. They are no different from traditional criminals of
Understanding Cybercriminals 179
the kind we have always known. They are looking for criminal opportunities
and, when they  nd them, they exploit them according to their abilities or the
abilities of other criminals with whom they can join forces to commit speci c
cyberattacks (Figure 7.1).
Figure 7.1 Cybercriminals: criminals like any others.
They have adjusted to the information society and have optimised their
way of working to take advantage of the possibilities that the Internet offers.
The Internet has changed the game in terms of criminality by widening the
potential market to include every Internet user and every organisation with an
Internet presence (because the Internet itself, the computers, source code and
data can all serve as the means of crimes). The Internet has also allowed the
development of new kinds of crime, with computers or data as targets.
A typology of motivations
Participants in cybercriminality can be distinguished according to criteria
related to their motivations. The underlying motivation of these individuals
may derive from social, technical, political, nancial, political, or govern-
ment-related factors (Figure 7.2).
Social factors are typically the need for peer recognition, often linked to
membership in a gang or group. These hackers want to demonstrate their
importance by living up to the group’s values. Their acts are analogous to
those of urban graf ti artists, and are based on a very simplistic view of a
social hierarchy. This is frequently the case among pranksters who engage in
hacking because it gives them a feeling of superiority and control over institu-
tions that they perceive as dominating in ordinary life.

Get Cyber Power now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.