Remember the guy which created Silk Road. People talked about him in mythical terms, that he probably has the op-sec of God, but afterwards facts pointed to major mistakes, like connecting identities to his real name, and suddenly everybody was like "how can he be so stupid, doing this while being the owner of a $100 mil criminal empire"
It's a classic asymmetry: the defender needs to defend all the time, the hacker just needs to get in once. Ditto op-sec, the hacker needs to keep their identity protected at all times, the security services only need to connect the dots once.
Yet as far as I remember he leaked his identify long before anyone even knew Silk Road is even a thing. And someone behind this botnet certainly knew what scale it's going to have before they started it.
In this context criminals are a person or persons who have created ransomware which, in less than three days has infecting more than 230,000 computers in 150 countries, demanding ransom payments in bitcoin in 28 languages.
The meth dealer two houses down who serves people out his front window probably isn't thinking straight. What we're dealing with here is a different category of thinking.
not criminals who get caught, no. a good "criminal" is invisible and manages to get away with their crime. these aren't people you hear about, because then they'd be failures.
