The most underestimated security threat today? Persistent and advanced youth.

In recent years, a new type of cybercrime has emerged, led by a group comprised of money-motivated teenagers. These young individuals, dubbed “advanced persistent teens” by the security community, have executed some of the most notable hacks in history and show no signs of slowing down their activities. Examples like Lapsus$ and Scattered Spider have proven capable of infiltrating major hotel chains, casinos, and tech giants.

Their method is based on crafting convincing emails and phone calls that impersonate company help centers, successfully deceiving unsuspecting employees into revealing their corporate passwords or network access. These attacks have proved extremely effective, resulting in significant data breaches that have affected millions of people and large payouts to criminals to restore normalcy.

The threat posed by these teenagers has led many companies to question the authenticity of individuals accessing their networks, fearing they may be hackers in disguise. During a panel at TechCrunch Disrupt, Darren Gruber, technical advisor at MongoDB’s security office, expressed his concerns: while there was previously perceived risk from adversaries in other sectors, this group of young hackers, who do not feel threatened and operate outside U.S. jurisdictions, can pose a real danger. Furthermore, they possess a key advantage: plenty of free time to experiment and learn.

Gruber shared his experiences dealing with these threats, revealing that MongoDB experienced a breach in late 2023 that resulted in the theft of certain metadata, though there was no evidence of access to client systems or databases. This attack, which employed a phishing tactic, aligns with the methods used by Scattered Spider, highlighting the importance of understanding these attackers to strengthen defenses against future incidents.

Heather Gantt-Evans, head of information security at Marqeta, also spoke about these emerging threats. She emphasized that the motivations of these young people are “incredibly unpredictable” and that their tactics, while not highly sophisticated, such as phishing, remain effective. She noted that the focus of these criminals is often on deceiving people rather than developing complex malware, making identity threat and social engineering critical concerns.

Both experts agreed that the issue is not limited to phishing through emails or text messages but encompasses any system that interacts with employees or customers. Therefore, securing identity and access management is crucial for companies like MongoDB. Gantt-Evans also underscored the importance of the human factor in these attacks, suggesting that the cybersecurity sector needs to adapt and recognize the value of neurodiverse talent, which can offer new perspectives and approaches.