This article examines the network structure, criminal cooperation, and external interactions of cybercriminal networks. Its contribution is empirical and inductive. The core of this study involved carrying out 10 case analyses on closed cybercrime investigations – all with financial motivations on the part of the offenders - in the UK and beyond. Each analysis involved investigator interview and access to unpublished law enforcement files. The comparison of these cases resulted in a wide range of findings on these cybercriminal networks, including: a common division between the scam/attack components and the money components; the presence of offline/local elements; a broad, and sometimes blurred, spectrum of cybercriminal behaviour and organisation. An overarching theme across the cases that we observe is that cybercriminal business models are relatively stable.
DOCUMENT
Computer games and organizations are becoming increasingly interwoven in the 21st century. Sophisticated computer games connected by networks are turning into spaces for organizing. Therefore, it may not be surprising that conventional organizations are now scrounging these games for novel ways to enhance efficiency. The result is the formation of game/organization hybrids; uneasy recontextualizations of partly incompatible ideas, values and practices. We begin this essay by elucidating what it is socially that makes something a game by exploring the notion’s anthropological foundations. We then introduce two examples of actual game/organization hybrids; raiding in computer games and gamification in formal organizations. We conclude by discussing the implications of such hybridization and suggest venues for how organization and management scholars can benefit from studying computer games and theories of play.
LINK
Computer security incident response teams (CSIRTs) respond to a computer security incident when the need arises. Failure of these teams can have far-reaching effects for the economy and national security. CSIRTs often have to work on an ad hoc basis, in close cooperation with other teams, and in time constrained environments. It could be argued that under these working conditions CSIRTs would be likely to encounter problems. A needs assessment was done to see to which extent this argument holds true. We constructed an incident response needs model to assist in identifying areas that require improvement. We envisioned a model consisting of four assessment categories: Organization, Team, Individual and Instrumental. Central to this is the idea that both problems and needs can have an organizational, team, individual, or technical origin or a combination of these levels. To gather data we conducted a literature review. This resulted in a comprehensive list of challenges and needs that could hinder or improve, respectively, the performance of CSIRTs. Then, semi-structured in depth interviews were held with team coordinators and team members of five public and private sector Dutch CSIRTs to ground these findings in practice and to identify gaps between current and desired incident handling practices. This paper presents the findings of our needs assessment and ends with a discussion of potential solutions to problems with performance in incident response. https://doi.org/10.3389/fpsyg.2017.02179 LinkedIn: https://www.linkedin.com/in/rickvanderkleij1/
MULTIFILE
