Het platform voor open en praktijkgericht onderzoek

product

Opfererfahrungen im Internet – Schutz- und Risikofaktoren

Der Anstieg der Opfererfahrungen durch Internetkriminalität unterstreicht die Notwendigkeit zu verstehen, wie sich Menschen online verhalten und wie unsicheres Online-Verhalten mit Viktimisierung zusammenhängen kann. Bisherige Studien haben sich oft auf selbstberichtete Verhaltensweisen oder Einstellungen zu vorsichtigem Online-Verhalten verlassen. Studien, die sowohl das tatsächliche Online-Verhalten als auch erklärende Faktoren in einer grossen Stichprobe gemessen haben, sind rar. In diesem Beitrag wird das Forschungsinstrument der Online Behaviour and Victimization Study vorgestellt. Das Kapitel skizziert die Entwicklung dieses Instruments, das ein bevölkerungsbasiertes Befragungsexperiment verwendet. Mit diesem Instrument kann das tatsächliche Verhalten von Internetnutzern gemessen werden. Während des Ausfüllens der Umfrage werden die Befragten mit (fiktiven) Cyber-Risikosituationen konfrontiert, wodurch die Forscher analysieren können, wie die Befragten mit diesen Situationen umgehen. Darüber hinaus wurden auf der Grundlage von Theorien und einer umfangreichen Literaturstudie, die in diesem Beitrag kurz skizziert wird, Messungen für zahlreiche erklärende Faktoren in die Studie aufgenommen, darunter Wissen (Bewusstsein), Gelegenheit und Motivation. Schließlich wird die frühere Viktimisierung durch Cyberkriminalität gemessen, was es ermöglicht, den Zusammenhang zwischen dem tatsächlichen Online-Verhalten und der Online-Viktimisierung zu untersuchen.

MULTIFILE

Opfererfahrungen im Internet – Schutz- und Risikofaktoren

product

The Hybridization of Street Offending in the Netherlands

Based on the results of two research projects from the Netherlands, this paper explores how street oriented persons adapt and use digital technologies by focusing on the changing commission of instrumental, economically motivated, street crime. Our findings show how social media are used by street offenders to facilitate or improve parts of the crime script of already existing criminal activities but also how street offenders are engaging in criminal activities not typically associated with the street, like phishing and fraud. Taken together, this paper documents how technology has permeated street life and contributed to the ‘hybridization’ of street offending in the Netherlands—i.e. offending that takes place in person and online, often at the same time.

PDF

The Hybridization of Street Offending in the Netherlands

product

Determinants of reporting cybercrime

Although the prevalence of cybercrime has increased rapidly, most victims do not report these offenses to the police. This is the first study that compares associations between victim characteristics and crime reporting behavior for traditional crimes versus cybercrimes. Data from four waves of a Dutch cross-sectional population survey are used (N = 97,186 victims). Results show that cybercrimes are among the least reported types of crime. Moreover, the determinants of crime reporting differ between traditional crimes and cybercrimes, between different types of cybercrime (that is, identity theft, consumer fraud, hacking), and between reporting cybercrimes to the police and to other organizations. Implications for future research and practice are discussed. doi: https://doi.org/10.1177/1477370818773610 This article is honored with the European Society of Criminology (ESC) Award for the “Best Article of the Year 2019”. Dit artikel is bekroond met de European Society of Criminology (ESC) Award for the “Best Article of the Year 2019”.

MULTIFILE

product

Detection of Botnet Command and Control Traffic by the Identification of Untrusted Destinations

We present a novel anomaly-based detection approach capable of detecting botnet Command and Control traffic in an enterprise network by estimating the trustworthiness of the traffic destinations. A traffic flow is classified as anomalous if its destination identifier does not origin from: human input, prior traffic from a trusted destination, or a defined set of legitimate applications. This allows for real-time detection of diverse types of Command and Control traffic. The detection approach and its accuracy are evaluated by experiments in a controlled environment.

PDF

Detection of Botnet Command and Control Traffic by the Identification of Untrusted Destinations

product

Examining the cyclical nature of crimes: A looped crime script of data theft from organizational networks

Prior research on network attacks is predominantly technical, yet little is known about behavioral patterns of attackers inside computer systems. This study adopts a criminological perspective to examine these patterns, with a particular focus on data thieves targeting organizational networks. By conducting interviews with cybersecurity experts and applying crime script analysis, we developed a comprehensive script that describes the typical progression of attackers through organizational systems and networks in order to eventually steal data. This script integrates phases identified in previous academic literature and expert-defined phases that resemble phases from industry threat models. However, in contrast to prior cybercrime scripts and industry threat models, we did not only identify sequential phases, but also illustrate the circular nature of network attacks. This finding challenges traditional perceptions of crime as a linear process. In addition, our findings underscore the importance of considering both successful and failed attacks in cybercrime research to develop more effective cybersecurity strategies.

MULTIFILE

Examining the cyclical nature of crimes: A looped crime script of data theft from organizational networks

product

Introducing object-oriented modelling to cybercrime scripting: visualisation for improved analysis

Crime script analysis as a methodology to analyse criminal processes is underdeveloped. This is apparent from the various approaches in which scholars apply crime scripting and present their cybercrime scripts. The plethora of scripting methods raise significant concerns about the reliability and validity of these scripting studies. In this methodological paper, we demonstrate how object-oriented modelling (OOM) could address some of the currently identified methodological issues, thereby refining crime script analysis. More specifically, we suggest to visualise crime scripts using static and dynamic modelling with the Unified Modelling Language (UML) to harmonise cybercrime scripts without compromising their depth. Static models visualise objects in a system or process, their attributes and their relationships. Dynamic models visualise actions and interactions during a process. Creating these models in addition to the typical textual narrative could aid analysts to more systematically consider, organise and relate key aspects of crime scripts. In turn, this approach might, amongst others, facilitate alternative ways of identifying intervention measures, theorising about offender decision-making, and an improved shared understanding of the crime phenomenon analysed. We illustrate the application of these models with a phishing script.

MULTIFILE

Introducing object-oriented modelling to cybercrime scripting: visualisation for improved analysis

product

Cybercrime during the COVID-19 pandemic

The outbreak of the COVID-19 virus in December 2019 and the restrictive measures that were implemented to slow down the spread of the virus have had a significant impact on our way of life. The sudden shift from offline to online activities and work may have resulted in new cybersecurity risks. The present study therefore examined changes in the prevalence, nature and impact of cybercrime among Dutch citizens and SME owners, during the pandemic. Qualitative interviews with ten experts working at various public and private organizations in the Netherlands that have insights into cybercrime victimization and data from victim surveys administrated in 2019 and 2021 were analyzed. The results show that there was only a small, non-statistically significant increase in the prevalence of cybercrime during the pandemic among citizens and SME owners. Nevertheless, the COVID-19 pandemic did have an impact on the modus operandi of cybercriminals: victims indicated that a considerable proportion of the offenses was related to the COVID-19 pandemic, particularly in the case of online fraud. Moreover, the use of new applications and programs for work was associated with an increased risk of cybercrime victimization during the COVID-19 crisis. These results suggest that increases in rates of registered cybercrime that were found in previous studies might be the consequence of a reporting effect and that cybercriminals adapt their modus operandi to current societal developments.

PDF

product

Coping with cybercrime victimization: An exploratory study into impact and change

In order to find out whether victims adequately recover from cybercrime incidents, it is important to gain insight into its effects and impact on users. However, as it stands now, there is not much literature on the impact of cybercrime. We address this gap by qualitatively examining the impact of two types of cybercrime, namely phishing and malware attacks targeting online banking customers. We used the coping approach as a framework to study how victims deal with the negative events they have experienced. In order to study the impact of cybercrime and how victims cope with it, 30 cybercrime victims were interviewed. We observed that, next to financial damage, victims described different forms of psychological and emotional effects. Victims also reported various kinds of secondary impacts, such as time loss and not being treated properly when handling the incident. In addition, the interview data provided insight into cognitive and behavioral change, which potentially offers opportunities for cybercrime prevention. Our study demonstrates that the level of impact varies among cybercrime victims, ranging from little or no impact to severe impact. In addition, while some victims were only affected for a few days, some were still feeling the effects. The effects and impact of these fraudulent schemes on victims should therefore not be underestimated. We conclude that the coping approach provides a useful framework to study the effects and impact of cybercrime victimization and how victims recover from it. The results of our study provide a steppingstone for future studies on this topic. https://www.linkedin.com/in/rutgerleukfeldt/

PDF

Coping with cybercrime victimization: An exploratory study into impact and change

product

Cybercrime on the menu?

Criminologists have frequently debated whether offenders are specialists, in that they consistently perform either one offense or similar offenses, or versatile by performing any crime based on opportunities and situational provocations. Such foundational research has yet to be developed regarding cybercrimes, or offenses enabled by computer technology and the Internet. This study address this issue using a sample of 37 offender networks. The results show variations in the offending behaviors of those involved in cybercrime. Almost half of the offender networks in this sample appeared to be cybercrime specialists, in that they only performed certain forms of cybercrime. The other half performed various types of crimes on and offline. The relative equity in specialization relative to versatility, particularly in both on and offline activities, suggests that there may be limited value in treating cybercriminals as a distinct offender group. Furthermore, this study calls to question what factors influence an offender's pathway into cybercrime, whether as a specialized or versatile offender. The actors involved in cybercrime networks, whether as specialists or generalists, were enmeshed into broader online offender networks who may have helped recognize and act on opportunities to engage in phishing, malware, and other economic offenses.

PDF

Zoekresultaten

Producten 71

Opfererfahrungen im Internet – Schutz- und Risikofaktoren