Forensic and behavioural science are often seen as two different disciplines. However, there is a growing realization that the two disciplines should be more strongly integrated. Incorporating psychological theories on human behaviour in forensic science could help solving investigative problems, especially at the crime scene. At the crime scene it is not just about applying scientific methods to analyse traces; these traces must first be perceived and categorized as relevant. At the crime scene, the behavioural perspective of an investigative psychologist could play an important role. In this study, we examine to what extent (1) investigative psychologists detect deviant behavioural cues compared to forensic examiners when investigating a crime scene, (2) forensic examiners can find the relevant traces that can be associated with this behaviour and (3) the availability of a psychological report highlighting these behavioural cues helps forensic examiners in finding more relevant traces. To this end, a total of 14 investigative psychologists and 40 forensic examiners investigated a virtual 3D mock crime scene. The results of this study show that investigative psychologists see significantly more deviant behavioural cues than forensic examiners, and that forensic examiners who receive a psychological report on these cues recognize and collect significantly more traces that can be linked to deviant behaviour and have a high evidential value than examiners who did not receive this information. However, the study also demonstrates that behavioural information is likely to be ignored when it contradicts existing beliefs.
Prior research on network attacks is predominantly technical, yet little is known about behavioral patterns of attackers inside computer systems. This study adopts a criminological perspective to examine these patterns, with a particular focus on data thieves targeting organizational networks. By conducting interviews with cybersecurity experts and applying crime script analysis, we developed a comprehensive script that describes the typical progression of attackers through organizational systems and networks in order to eventually steal data. This script integrates phases identified in previous academic literature and expert-defined phases that resemble phases from industry threat models. However, in contrast to prior cybercrime scripts and industry threat models, we did not only identify sequential phases, but also illustrate the circular nature of network attacks. This finding challenges traditional perceptions of crime as a linear process. In addition, our findings underscore the importance of considering both successful and failed attacks in cybercrime research to develop more effective cybersecurity strategies.
MULTIFILE
In our highly digitalized society, cybercrime has become a common crime. However, because research into cybercriminals is in its infancy, our knowledge about cybercriminals is still limited. One of the main considerations is whether cybercriminals have higher intellectual capabilities than traditional criminals or even the general population. Although criminological studies clearly show that traditional criminals have lower intellectual capabilities, little is known about the relationship between cybercrime and intelligence. The current study adds to the literature by exploring the relationship between CITO-test scores and cybercrime in the Netherlands. The CITO final test is a standardized test for primary school students - usually taken at the age of 11 or 12 - and highly correlated with IQ-scores. Data from Statistics Netherlands were used to compare CITO-test scores of 143 apprehended cybercriminals with those of 143 apprehended traditional criminals and 143 non-criminals, matched on age, sex, and country of birth. Ordinary Least Squares regression analyses were used to compare CITO test scores between cybercriminals, traditional criminals, and non-criminals. Additionally, a discordant sibling design was used to control for unmeasured confounding by family factors. Findings reveal that cybercriminals have significantly higher CITO test scores compared to traditional criminals and significantly lower CITO test scores compared to non-criminals.
