This article examines the network structure, criminal cooperation, and external interactions of cybercriminal networks. Its contribution is empirical and inductive. The core of this study involved carrying out 10 case analyses on closed cybercrime investigations – all with financial motivations on the part of the offenders - in the UK and beyond. Each analysis involved investigator interview and access to unpublished law enforcement files. The comparison of these cases resulted in a wide range of findings on these cybercriminal networks, including: a common division between the scam/attack components and the money components; the presence of offline/local elements; a broad, and sometimes blurred, spectrum of cybercriminal behaviour and organisation. An overarching theme across the cases that we observe is that cybercriminal business models are relatively stable.
DOCUMENT
Accurate and reliable decision-making in the criminal justice system depends on accurate expert reporting and on the correct interpretation of evidence by the judges, prosecutors, and defense lawyers. The present study aims to gain insight into the judiciary's capability to assess the accuracy and reliability of forensic expert reports by first examining the extent to which criminal justice professionals are able to differentiate between an accurate (or sound) expert report and an inaccurate (or unsound) expert report. In an online questionnaire, 133 participants assessed both a sound and an unsound expert report. The findings show that, on average, participants were unable to significantly distinguish between sound and unsound forensic expert reports. Second, the study explored the influence of institutional authority on the evaluation of forensic expert reports. Reports that were not recognized as flawed—particularly those originating from well-known and reputable institutions—were subjected to less critical examination, increasing the risk of evaluation errors. These results suggest that the perceived institutional authority influences the assessment of forensic evidence. The study highlights the need for tools to support criminal justice professionals in evaluating forensic evidence, particularly when experts are unregistered. Recommendations include adhering to established quality standards, consulting counter-expert evaluations, improving courtroom communication, and enhancing forensic knowledge through training. Overall, the findings underscore the importance of critical evidence evaluation to reduce the risk of misinterpretation and wrongful convictions in the judicial process.
DOCUMENT
In most models on terrorism, interaction with other radicals is a key factor. However, systematic empirical evidence that radical ties affect behaviour is scarce. Our access to detailed police information allows us to apply Social Network Analysis (SNA) on a Dutch Salafi-Jihadi network and analyse the social relationships and network positions of 80 actors, out of whom 20 turned to terrorist acts. The results suggest that ties to leaders and terrorist offenders, co-attendance of radicalising settings and greater structural embeddedness relate to the likelihood of individual actors turning to acts of terrorism. However, we also find some individual attributes that may offer competing explanations. In this paper we discuss our findings and address how future research may provide further insights into an important issue for agencies involved in countering terrorism: which radical actors, if any, are more likely to turn to acts of terrorism?
DOCUMENT
Despite their various appealing features, drones also have some undesirable side-effects. One of them is the psychoacoustic effect that originates from their buzzing noise that causes significant noise pollutions. This has an effect on nature (animals run away) and on humans (noise nuisance and thus stress and health problems). In addition, these buzzing noises contribute to alerting criminals when low-flying drones are deployed for safety and security applications. Therefore, there is an urgent demand from SMEs for practical knowledge and technologies that make existing drones silent, which is the main focus of this project. This project contributes directly to the KET Digital Innovations\Robotics and multiple themes of the top sectors: Agriculture, Water and Food, Health & Care and Safety. The main objective of this project is: Investigate the desirability and possibilities of extremely silent drone technologies for agriculture, public space and safety This is an innovative project and there exist no such drone technology that attempts to reduce the noises coming from drones. The knowledge within this project will be converted into the first proof-of-concepts that makes the technology the first Minimum Viable Product suitable for market evaluations. The partners of this project include WhisperUAV, which has designed the first concept of a silent drone. As a fiber-reinforced 3D composite component printer, Fiberneering plays a crucial role in the (further) development of silent drone technologies into testable prototypes. Sorama is involved as an expert company in the context of mapping the sound fields in and around drones. The University of Twente is involved as a consultant and co-developer, and Research group of mechatronics at Saxion is involved as concept developer, system and user requirement verifier and validator. As an unmanned systems innovation cluster, Space53 will be involved as innovation and networking consultant.
Despite the benefits of the widespread deployment of diverse Internet-enabled devices such as IP cameras and smart home appliances - the so-called Internet of Things (IoT) has amplified the attack surface that is being leveraged by cyber criminals. While manufacturers and vendors keep deploying new products, infected devices can be counted in the millions and spreading at an alarming rate all over consumer and business networks. The objective of this project is twofold: (i) to explain the causes behind these infections and the inherent insecurity of the IoT paradigm by exploring innovative data analytics as applied to raw cyber security data; and (ii) to promote effective remediation mechanisms that mitigate the threat of the currently vulnerable and infected IoT devices. By performing large-scale passive and active measurements, this project will allow the characterization and attribution of compromise IoT devices. Understanding the type of devices that are getting compromised and the reasons behind the attacker’s intention is essential to design effective countermeasures. This project will build on the state of the art in information theoretic data mining (e.g., using the minimum description length and maximum entropy principles), statistical pattern mining, and interactive data exploration and analytics to create a casual model that allows explaining the attacker’s tactics and techniques. The project will research formal correlation methods rooted in stochastic data assemblies between IoT-relevant measurements and IoT malware binaries as captured by an IoT-specific honeypot to aid in the attribution and thus the remediation objective. Research outcomes of this project will benefit society in addressing important IoT security problems before manufacturers saturate the market with ostensibly useful and innovative gadgets that lack sufficient security features, thus being vulnerable to attacks and malware infestations, which can turn them into rogue agents. However, the insights gained will not be limited to the attacker behavior and attribution, but also to the remediation of the infected devices. Based on a casual model and output of the correlation analyses, this project will follow an innovative approach to understand the remediation impact of malware notifications by conducting a longitudinal quasi-experimental analysis. The quasi-experimental analyses will examine remediation rates of infected/vulnerable IoT devices in order to make better inferences about the impact of the characteristics of the notification and infected user’s reaction. The research will provide new perspectives, information, insights, and approaches to vulnerability and malware notifications that differ from the previous reliance on models calibrated with cross-sectional analysis. This project will enable more robust use of longitudinal estimates based on documented remediation change. Project results and methods will enhance the capacity of Internet intermediaries (e.g., ISPs and hosting providers) to better handle abuse/vulnerability reporting which in turn will serve as a preemptive countermeasure. The data and methods will allow to investigate the behavior of infected individuals and firms at a microscopic scale and reveal the causal relations among infections, human factor and remediation.
