Editor’s note 2-5-24: This story has been updated to include a statement from Wizz.
The rise in the number of teenagers committing serious cybercrime on a large scale – and the process causing real harm – has become difficult to ignore. What’s driving this scary trend?
Recent reports include a 17-year-old from California who cops say was behind hundreds of crushes and bomb threats against various targets, including mosques, FBI offices and agents, and historically black universities, according to CNN.
Then, there is Wizz, a dating app for teens similar to Tinder. It was pulled from the Google Play and Apple stores in late January after it was discovered that cybercriminals were using the platform to trick children into participating and becoming victims of “financial sextortion,” according to reports.
“Apple and Google are seeking more information about our app, and we are working closely with their teams to clarify our platform’s broad safeguards for users,” a Wizz company spokesperson said in a statement provided to Dark Reading. “We hope to resolve this matter soon.”
Also at the end of January, “King Bob”, the name of a nineteen-year-old hacker living in Florida named Noah Michael Urban, was indicted for wire fraudaggravated identity theft and more, for his role in an $800,000 SIM-swapping cryptocurrency scam, according to local Daytona reports Beach News-Journal.
And who could forget the infamous gang of ransomware teen criminals called Scattered Spider (aka Oktapus), accused of being behind the audacious breaches of MGM Resorts and Caesars casino operations last fall?
What drives teenagers into cybercrime?
There are age-old explanations for why teenagers delve into the world of cybercrime at such a young age.
“Curiosity, isolation, financial pressure, the thrill of challenge, misguided idealism, and even peer pressure can all play a role in attracting teens to cybercrime,” according to Sarah Jones, research analyst on cyber threats at Critical Start. “Teens may innocently explore vulnerabilities, seek acceptance in online communities (even those focused on cybercrime), be tempted by fast money, see it as a game, or hold misplaced beliefs about their actions in support of a cause.”
Today’s teenagers have also grown up with gaming and piracy, normalizing the activity, points out John Bambenek of Bambenek Consulting. There is little deterrent even when it comes to online crime, he adds, and kids are paying attention to this fact.
“Part of the appeal of cybercrime is that for many there is no real risk of prosecution, so crime pays… at least online,” says Banbenek. “The sad reality is that as the world became aware of the potential for artificial intelligence (AI) to be used for various forms of sexual harassment and misconduct with the proliferation of Taylor Swift synthetic pornography last week, this technology had been used for months in high schools across the United States by teenage boys targeting their classmates. And most of the time they get away with that too.”
Stacy Thayer, a professor of cyberpsychology at Norfolk State University, says that in other cases, teenagers are actively targeted for recruitment by cybercrime networks.
“There are some who specifically go after teenagers because the sanctions are lighter against teenagers,” Dr. Thayer says. “So they’re essentially able to take teenagers into the darkest parts of the internet.”
How to stop youth cybercrime
The tech sector’s fundamental volatility continues to create a relatively easy path for those with the skills to make a quick buck from cybercrime, explains Casey Ellis, founder and chief strategy officer of Bugcrowd.
“Creating low-friction channels for young people with these skills is a significant part of finding a solution that can help them not fall into a life of crime,” Ellis says. “Beyond that, vendors must be accountable for the vulnerabilities that enable this type of crime in the first place and do everything reasonable to find, fix and prevent them.”
But ultimately, Thayer says, it’s up to parents to monitor their children’s online activities to stop teen cybercrime.
“COVID has taken some training wheels off of using technology,” he says. “Before COVID, popular opinion was that excessive amounts of screen time were something to be concerned about. While that may still be the case, when children were required to use computers and technology for their education, usage increased .”
But Thayer doesn’t see the latest wave of teen cybercrime as anything new.
“Even before the cyber age, children have been testing limits and breaking rules and, unfortunately, breaking laws,” he adds. “What used to be prank calls, shoplifting, breaking windows, etc., have now entered the digital realm.”
In fact, some of the cybersecurity giants started out as teenage cybercriminals, who were eventually able to use their talents to stop future cyberattacks. Kevin Mitnick, who at the time of his death in 2023 was one of the most sought-after cybersecurity minds, spent the 1990s as one of the world’s most wanted cybercriminals. His first arrest for computer hacking occurred when he was only 17 years old.
If history can teach us anything, the kids are probably fine. But they too would need a little help from adults.