Calculated, profit-seeking cybercrime activity peaks at 35-44 years old
Orange Cyberdefense discovers that teens and young adults are experimental with cybercrime, but older perpetrators are career criminals Media slider
Threat intelligence data from Orange Cyberdefense reveals that cyber offenders are not exclusively, or even primarily, teenagers and young adults, as conventional theories might suggest. In fact, sustained criminal activity persists well into midlife. The company’s intelligence team analysed 418 publicly announced law enforcement activities conducted between 2021 and mid-2025, revealing that cyber offenders’ engagement in crime peaks between the ages of 35 and 44, with this demographic accounting for 37% of cybercrime cases.
Collectively, the combined age groups of 25-44 make up well over half (58%) of analysed cybercrime cases. This goes against the pop culture image of the ‘teen hacker’. It also contrasts with foundational studies, which generally show that criminal behaviour emerges in adolescence, peaks in the late teens or early adulthood, and then sharply declines.
- 35-44 year olds: 37% of cybercrime cases
- 25-34 year olds: 30% of cybercrime cases
- 18-24 year olds: 21% cybercrime cases
- 12-17 year olds: under 5% cybercrime cases
Profit-motivated cybercrime escalates with age
The report found a notable progression in cybercrime activity as offenders age. Among 18-24 year olds, cybercriminal activity is highly diverse, with a focus on hacking (30%) in particular, followed by selling stolen data and DDoS attacks (10% each). The variety of activities indicates the experimental, multifaceted nature of this demographic’s engagement in cybercrime as they test boundaries and trial tactics.
This begins to shift among offenders aged 25-34, where activities such as selling stolen data (21%) and cyber extortion (14%) and malware deployment (12%) dominate - indicating a move toward profit-motivated activities.
The trend intensifies among the 35-44 cohort, where cyber extortion (22%) is the dominant offence, followed by malware (19%) and cyber espionage (13%), hacking (10%), and money laundering (7%). Together, these categories account for the vast majority of activities by this age group, potentially indicating a focus on high-impact, financially and politically significant actions.
Charl van der Walt, Head of Security Research at Orange Cyberdefense, comments: “The surge in cyber offences committed by teenagers in recent years may be creating a false impression of the age of today's cybercriminals. The sensationalist interpretation of cybercrime's youthfulness makes for a good headline, but these findings appear to tell a different story. While younger, less experienced hackers engage in highly diverse, and often noticed and reported - they may be less likely to engage in calculated, profit seeking activity.
Instead, cybercrime careers appear to peak much later into adulthood, accompanied by vastly more sophisticated and intentional techniques.”
The full Security Navigator 2026 report can be accessed here: https://www.orangecyberdefense.com/uk/security-navigator
About Orange Cyberdefense
Orange Cyberdefense is the expert cybersecurity business unit of the Orange Group, providing managed security, managed threat detection & response services to organizations around the globe. As Europe’s go-to security provider, we strive to build a safer digital society. We are a threat research and intelligence-driven security provider offering unparalleled access to current and emerging threats.
Our organization retains a 25+ year track record in information security, 250+ researchers and analysts 17 SOCs, 15 CyberSOCs and CERTs distributed across 11 location in the world and sales and services support in 160 countries. We are proud to say we can offer global protection with local expertise and support our customers throughout the entire threat lifecycle. Orange Cyberdefense has built close partnerships with numerous industry-leading technology vendors like Microsoft Security.