The answer? Calculated, profit-seeking cybercrime activity peaks at 35-44 years old, according to threat intelligence data recently collated by Orange Cyberdefense.
Conventional Theories Debunked
Orange Cyberdefense has discovered that teens and young adults are experimental with cybercrime, but older perpetrators are career criminals.
Threat intelligence data from Orange Cyberdefense reveals that cyber offenders are not exclusively, or even primarily, teenagers and young adults, as conventional theories might suggest. In fact, sustained criminal activity persists well into midlife.
The company’s intelligence team analysed 418 publicly announced law enforcement activities conducted between 2021 and mid-2025, revealing that cyber offenders’ engagement in crime peaks between the ages of 35 and 44, with this demographic accounting for 37% of cybercrime cases.
Collectively, the combined age groups of 25-44 make up well over half (58%) of analysed cybercrime cases. This goes against the pop culture image of the ‘teen hacker’. It also contrasts with foundational studies, which generally show that criminal behaviour emerges in adolescence, peaks in the late teens or early adulthood, and then sharply declines.
- 35-44 year olds: 37% of cybercrime cases
- 25-34 year olds: 30% of cybercrime cases
- 18-24 year olds: 21% cybercrime cases
- 12-17 year olds: under 5% cybercrime cases
Profit-motivated cybercrime escalates with age
The report found a notable progression in cybercrime activity as offenders age. Among 18-24 year olds, cybercriminal activity is highly diverse, with a focus on hacking (30%) in particular, followed by selling stolen data and DDoS attacks (10% each). The variety of activities indicates the experimental, multifaceted nature of this demographic’s engagement in cybercrime as they test boundaries and trial tactics.
This begins to shift among offenders aged 25-34, where activities such as selling stolen data (21%) and cyber extortion (14%) and malware deployment (12%) dominate – indicating a move toward profit-motivated activities.
The trend intensifies among the 35-44 cohort, where cyber extortion (22%) is the dominant offence, followed by malware (19%) and cyber espionage (13%), hacking (10%), and money laundering (7%). Together, these categories account for the vast majority of activities by this age group, potentially indicating a focus on high-impact, financially and politically significant actions.
Charl van der Walt, Head of Security Research at Orange Cyberdefense, comments:
“The surge in cyber offences committed by teenagers in recent years may be creating a false impression of the age of today’s cybercriminals. The sensationalist interpretation of cybercrime’s youthfulness makes for a good headline, but these findings appear to tell a different story. While younger, less experienced hackers engage in highly diverse, and often noticed and reported – they may be less likely to engage in calculated, profit seeking activity. Instead, cybercrime careers appear to peak much later into adulthood, accompanied by vastly more sophisticated and intentional techniques.”
The full Security Navigator 2026 report can be accessed here.
