Inside the World of Teen Cybercrime

In 2022, a Finnish psychotherapy center called Vaastamo suffered one of the most intimate data breaches in recent memory. Thousands of therapy patients, people who had sought help at their most vulnerable, found their private session notes stolen and held for ransom. It is with this hack that Joe Tidy opens “Ctrl+ Alt+ Chaos,” and it is an effective place to start. The man behind it, Julius Kivimäki, becomes the book’s central figure, a hacker whose activities, and the reactions he provokes from the wider hacking community, allow Tidy to trace the full arc of cybercrime culture, from its earliest incarnations in the 1980s through to the emergence of the most recent teenage cybercrime gangs. Along the way, Tidy gives voice to all sides of the story, the motivations of the hackers themselves, the experiences of the victims, and the frustrations of the investigators tasked with catching Kivimäki.

Tidy’s book is the latest entry in a growing literature on hacking subculture. Gabriella Coleman’s 2015 study of Anonymous, “Hacker, Hoaxer, Whistleblower, Spy,” remains the most rigorous academic treatment of a hacking group, bringing an anthropologist’s patience to questions of identity and motivation that Tidy largely leaves open. Jonathan Lusthaus’s “Industry of Anonymity” maps the more organized, financially driven end of cybercrime with similar scholarly precision. What Tidy offers is something different: not a shift in our theoretical understanding of why young men are drawn to these subcultures, but an account that makes the phenomenon feel viscerally real in a way academic work rarely achieves.

Reading “Ctrl+ Alt+ Chaos,” one could be forgiven for thinking one had wandered into a Nordic noir thriller. The atmospheric tension and the morally complex characters lurking in digital shadows are reminiscent of Jo Nesbø at his best. That these people are entirely real makes the characterization all the more remarkable. Tidy renders his subjects, hackers and the investigators pursuing them, with a vividness that is rare, especially when writing about cybersecurity.

Tidy is equally skilled at capturing the emotional texture of being on the receiving end of an attack, the palpable fear and creeping anxiety of discovering that your most personal details are in someone else’s hands, that you are being held to ransom by a stranger who knows more about you than you would ever want them to. By grounding these dynamics in real experiences, Tidy transforms what might otherwise feel like an abstract threat into something viscerally human, which is really what is needed to help translate a digital threat into an actionable concern. 

Tidy also has a sharp eye for the peculiar rhythms of the cyber world, the long stretches of boredom and mundanity that characterize so much of cybersecurity work, punctured by sudden moments of fierce intensity, the thrill of breaking something, fixing something, or catching someone in the act. I would consider myself to have a competent, if not confident, understanding of the cybersecurity ecosystem, and there were many things within the book that I learned about the hacking subculture, and cyber incidents I wasn’t aware of. Tidy has clearly immersed himself in the research for many years.

Tidy is well placed to tell this story. As the BBC’s first dedicated cyber correspondent, he has spent the better part of a decade covering major cyberattacks across television, radio, and digital platforms, having previously reported for Sky News. His interest in the world of teenage hackers was sparked by covering the Lizard Squad’s Christmas Day 2014 distributed denial-of-service attack, which took down Xbox and PlayStation. And he has been following the thread ever since—traveling to the U.S., Russia, Ukraine, and beyond to track down key figures in the cybercrime world. “Ctrl+Alt+Chaos” is in many ways the natural culmination of that body of work, a long-form exploration of a subject he knows better than almost anyone in British journalism. 

The first three chapters of “Ctrl+ Alt+ Chaos” follow Tidy’s investigation into one of the most prolific and intriguing figures in recent cybercrime, a hacker known, at the start of the story, only as “Ransom_man,” the architect behind the Vaastamo hack. Ransom_man, also known as Zeekill, was also a key member of Lizard Squad at the time of their Christmas Day 2014 attack. It is a remarkable case study, pursued with real tenacity.

Tidy uses his account of Ransom_man, that is, Julius Kivimäki, in order to sketch a demographic and psychological portrait of the group of teenage hackers who have played an outsize role in pioneering many types of cybercrime. That portrait is striking in its consistency. Usually male, often white, frequently from a reasonably stable home environment, these hackers begin their exploits in their teens. Some have an illness that keeps them housebound; others are simply left alone in their bedrooms for long stretches of time. But their most consistent features are social isolation and a deep immersion in computer gaming. 

Tidy is careful to note that the vast majority of young people who fit this profile never come anywhere near cybercrime. Yet that caveat only sharpens the question he leaves hanging: What is it, exactly, that tips a socially isolated teenage gamer into becoming a callous and prolific hacker? Infamy, Tidy suggests, can become its own reward. He makes a convincing case that lenient sentencing has compounded the problem considerably: When the worst realistic outcome is a confiscated laptop and a suspended sentence, the deterrent effect is minimal. 

There is something about the ethical contortions of the hacker groups Tidy describes, such as LulzSec or LizardCrew, that brings to mind “The Sopranos,” David Chase’s landmark HBO drama following Tony Soprano, a New Jersey mob boss navigating the competing demands of organized crime and suburban family life. Tony is, by any conventional measure, a reprehensible man, yet he operates according to a rigid internal code: Wives and children are off limits, full stop. It is a moral compass that points in an entirely self-determined direction, but it is a compass nonetheless.

The hacking community’s initial reaction to the Vaastamo hack carries a similar quality. When it emerged that Ransom_man had released the private mental health records of therapy patients, some of the most intimate data imaginable, the response from within the community was one of revulsion. Even among groups with a casual relationship to legality and harm, this was a step too far. It was not an isolated moment either. Operating under a variety of pseudonyms—a rotating cast that can, at times, become difficult to track—Ransom_man went on to conduct himself in ways that made him enemies across the hacking community over the following decade. This response is a reminder that even cultures built on transgression draw their own lines, and that crossing them provokes genuine outrage from within. (On a lighter note, readers should be warned that almost every hacker in the book appears to be called Ryan, or to have adopted Ryan as a pseudonym at some point. I am unsure whether this reflects something profound about the demographics of cybercrime, or simply an extraordinary coincidence, as Tidy suggests.)

Chapters 4 to 11 pull back from Tidy’s investigation of Ransom_man/Kivimäki’s origin story to a broader history of hacking culture itself from the early 2000s to the present day. Tidy covers some of the most notorious groups to have shaped the landscape, including Anonymous, LulzSec, Hack the Planet (HTP), and Lizard Crew, mapping a subculture that is at once anarchic, tribal, and guided by its own strange moral logic. 

Tidy also explores the continued evolution of tactics and techniques, a playbook that evolved to add “swatting” (calling armed police to respond to unsuspecting innocent victims), calling in bomb threats, harassment, doxxing (releasing personal details of people online), and cyber stalking. Throughout the book, it is clear just how ill-equipped most legal systems are to deal with the highly technical nature of forensic cybercrime evidence, and the distinct lack of legal tools to deal appropriately with minors who commit hacking offenses.

Chapter 12 onward returns to the Vastaamo hack and Kivimäki’s eventual arrest. The book ends with a look ahead to the continued rise and fall of youth cybercrime gangs, the most recent iterations including Lapsus$ and The Com (short for The Community). 

The continuous cycle of young, primarily men taking to the internet to do horrible things to people for money, reputation, and the urge to create chaos might make someone question what is to be done. Tidy offers a short reflection on various approaches that could be, and have been, employed to tackle youth cybercrime. These include harsher punishments, education, encouragement of diversity in computing subjects in schools, and schemes designed to convert teenage hackers into white hat hackers, hacking “for good.” Although these solutions may have been successful in some ways, there are still many teenage hackers out there, conducting activities that Tidy can continue to write about, and the needle has not been moved significantly.

Tidy is not a neutral observer, and he makes no pretense of being one. His moral assessment of his subjects is open, at one point classifying them as “immature, misguided and cruel boys.” That authentic author’s presence gives the book a charged, personal energy that many books so often iron out. As a researcher, I spend considerable effort moving in the opposite direction, striving for neutrality, careful not to let judgment contaminate analysis. Reading Tidy, then, is a genuinely refreshing experience, a reminder of what is possible when a writer is freed from those constraints and permitted simply to say what he thinks. It is honest, it is direct, and it is, frankly, fun to read. 

As a researcher, however, I finished “Ctrl+Alt+Chaos” with more questions than answers, and I mean that, in large part, as a compliment. Tidy has written a superb contextual piece, one that illuminates the cyber underworld and its impact on people, with clarity and color. The academic in me kept pressing at the edges of the frame, however, wanting Tidy to go further.

Why do certain young men seek out the internet subcultures that so reliably produce misogyny, cruelty, and what might generously be called testosterone-fueled competitions? What structural or psychological conditions make that pull so powerful, and what, if anything, can be done about it? I found myself wanting Tidy to interrogate the internal cultures of these groups more closely. What accounts for the difference between Anonymous’s earnest, if subjective, moral grounding and the casual cruelty of other hacking crews? What turns a group of disaffected young men into digital vigilantes in one instance, and into something far darker in another?

Tidy floats an intriguing thought early on about Twitter’s emergence in 2006 as an inflection point in hacking culture’s evolution, the ability to write anonymously in short form and build branding and followers, a moment at which the desire for fame and infamy began to reshape the crews themselves. It is a compelling hypothesis, but the book leaves the question open, and I suspect the answer to that question, along with others I was left with, would tell us something important not just about hackers, but about the cultures that produce them.

If you want a clear, context-setting piece that opens up the world of cybercrime and teenage hackers, explains strange terminology, cultural oddities, and key personalities, and helps you come to grips with a niche ecosystem in a very enjoyable package, then this is the book for you.