Crowdsourced cybersecurity company Bugcrowd has released its annual Inside the Mind of a Hacker 2024 report, which analysed responses from 1,300 ethical hackers and security researchers on the Bugcrowd Platform. This report provides a comprehensive overview of the hacking community and their perspectives on topics at the forefront of cybersecurity.
AI adoption and integration has continued its rapid momentum within the hacking community. Nevertheless, it continues to pose both benefits and unfortunate cyber risks. According to the report, 82% of hackers believe that the AI threat landscape is evolving too fast to adequately secure.
AI is the new attack vector
This year’s report revealed a significant shift in the perceived value of AI in hacking compared to the previous year. While only 21% of hackers believed that AI technologies enhance the value of hacking in 2023, 71% reported it to have value in 2024. Additionally, hackers are increasingly using generative AI solutions, with 77% now reporting adopting such tools – a 13% increase from 2023.
While the use and value of AI solutions among hackers have increased, the 2024 report reaffirms that hackers believe AI has limitations. This year’s survey revealed that only 22% of hackers believe that AI technologies outperform human hackers, and only 30% believe that AI can replicate human creativity. These results are consistent with those of the 2023 survey.
“There is no denying that AI remains a strong force within the hacking community, changing the very strategies hackers are using to find and report vulnerabilities,” says Bugcrowd CEO Dave Gerry. “Bugcrowd is in a privileged position to work with a creative, forward-thinking community that thrives on the cutting edge of cybersecurity. Celebrating hackers is part of the core of what we do at Bugcrowd, and these insights can help businesses understand the unique value this community brings to fighting against today’s AI-driven cyberattacks.”
Key findings from the survey include the following:
-
93% of hackers agree that companies using AI tools have created a new attack vector;
-
82% believe that the AI threat landscape is evolving too rapidly to be effectively secured from cyberattacks;
-
86% believe that AI has fundamentally changed their approach to hacking;
-
74% agree that AI has made hacking more accessible, opening the door for newcomers to join the fold; and
-
Despite these threats, 73% of hackers reported being confident in their ability to uncover vulnerabilities in AI-powered apps.
These findings point towards the need for hackers in an organisation’s defence against today’s cyberattacks. Although AI is introducing a new attack vector, most hackers still report confidence in their ability to uncover these vulnerabilities, emphasising the need for organisations to lean on human ingenuity alongside security tooling.
The rise of hardware hacking
The report illuminated the rise of a surprising trend – the increasing prominence of hardware hacking. In the past 12 months, 81% of hardware hackers encountered a new vulnerability they had never seen before, and 64% believe that there are more vulnerabilities now than a year ago.
Additionally, in response to the rise of AI, 83% of hardware hackers are now confident in their ability to hack AI-powered hardware and software, indicating a new potential avenue for exploitation. While those familiar with the field may recognise this growing threat, only 33% of hackers in general identified hardware hacking as one of the most valuable specialties. However, there is a low barrier to entry, with 80% of hardware hackers being self-taught.
“Hardware hacking, or the exploitation of vulnerabilities in the physical components of electronic devices, was once considered a specialised field,” says Bugcrowd Security Operations VP Michael Skelton. “However, the proliferation of inexpensive, vulnerable smart devices has increased interest in hardware hacking among both ethical hackers and cybercriminals.”
A career path for a new generation
This year’s survey results also emphasised hacking as a viable and strong career path, particularly for younger generations. Of the respondents, 88% were between 18 and 34. Additionally, 67% indicated that they are either hacking full-time or actively trying to pursue a full-time hacking career.
Additionally, hacking offers a career path for self-motivated individuals who are eager to learn new skills. While 73% of respondents reported having a college degree or higher, only 29% learned their hacking skills through academic or professional coursework. Instead, 87% reported learning through online resources, 78% through self-study, and 43% through trial and error. Hacking offers younger generations an incredibly desirable career with flexible hours, a remote work environment, and without the requirement of a college degree to achieve success.
The survey included 1,300 respondents from 85 countries, including the United States, India, Bangladesh, Pakistan, Nepal, Egypt, Nigeria, the United Kingdom, Vietnam, and Australia. Building upon the success of previous years, this year’s edition offers the latest demographic data on the hacking community, a detailed analysis of hackers’ daily experiences, and direct insights into hackers’ journeys through extensive interviews with them. Readers of this report will better understand how hackers can reduce risks for organisations, provide one of the most significant security returns on investment, and accelerate digital transformation.