This article describes the development of foreign fighters’ preparatory modes of operation between 2000 and 2013, based on an analysis of 17 closed police investigations and 21 semi-structured interviews with police investigators, public prosecutors, and lawyers. Through the use of grounded theory methods and a crime script analysis, we find that the phenomenon is not as new as is often portrayed. It changes over time as changing opportunity structures have an impact on the activities foreign fighters undertake during the preparation phase. We demonstrate how geopolitical changes, social opportunity structures, and technological developments affect themodus operandiover time. One of the implications of our findings is that the dynamic nature of the foreign fighting phenomenon requires flexible and tailored prevention measures.
DOCUMENT
Illicit data markets have emerged on Telegram, a popular online instant messaging application, bringing together thousands of users worldwide in an unregulated exchange of sensitive data. These markets operate through vendors who offer enormous quantities of such data, from personally identifiable information to financial data, while potential customers bid for these valuable assets. This study describes how Telegram data markets operate and discusses what interventions could be used to disrupt them. Using crime script analysis, we observed 16 Telegram meeting places encompassing public and private channels and groups. We obtained information about how the different meeting places function, what are their inside rules, and what tactics are employed by users to advertise and trade data. Based on the crime script, we suggest four feasible situational crime prevention measures to help disrupt these markets. These include taking down the marketplaces, reporting them, spamming and flooding techniques, and using warning banners. This is a post-peer-review, pre-copyedit version of an article published in Trends in organized crime . The final authenticated version is available online at https://doi.org/10.1007/s12117-024-09532-6
DOCUMENT
Prior research on network attacks is predominantly technical, yet little is known about behavioral patterns of attackers inside computer systems. This study adopts a criminological perspective to examine these patterns, with a particular focus on data thieves targeting organizational networks. By conducting interviews with cybersecurity experts and applying crime script analysis, we developed a comprehensive script that describes the typical progression of attackers through organizational systems and networks in order to eventually steal data. This script integrates phases identified in previous academic literature and expert-defined phases that resemble phases from industry threat models. However, in contrast to prior cybercrime scripts and industry threat models, we did not only identify sequential phases, but also illustrate the circular nature of network attacks. This finding challenges traditional perceptions of crime as a linear process. In addition, our findings underscore the importance of considering both successful and failed attacks in cybercrime research to develop more effective cybersecurity strategies.
MULTIFILE
