Prior research on network attacks is predominantly technical, yet little is known about behavioral patterns of attackers inside computer systems. This study adopts a criminological perspective to examine these patterns, with a particular focus on data thieves targeting organizational networks. By conducting interviews with cybersecurity experts and applying crime script analysis, we developed a comprehensive script that describes the typical progression of attackers through organizational systems and networks in order to eventually steal data. This script integrates phases identified in previous academic literature and expert-defined phases that resemble phases from industry threat models. However, in contrast to prior cybercrime scripts and industry threat models, we did not only identify sequential phases, but also illustrate the circular nature of network attacks. This finding challenges traditional perceptions of crime as a linear process. In addition, our findings underscore the importance of considering both successful and failed attacks in cybercrime research to develop more effective cybersecurity strategies.
MULTIFILE
In the present study, how crime scene investigators are informed before going to a crime scene was investigated. In order to gain more insight in the flow of information from emergency call to crime scene, semi-structured interviews were conducted in three different police regions with six crime scene investigators, six forensic team leaders, and six crime scene investigators.Results indicate that information that crime scene investigators receive before going to a crime scene is usually limited. Most information is provided on-site by the uniformed police officers, forensic medical examiner, and tactical investigation team. This information flow is underexposed, and there are no guidelines about how it is recorded.Even though all parties are provided with limited information, incidents are quickly labelled by emergency call responders and forensic team leaders. The influence of the framing process that occurs as a result is underestimated. Furthermore, emergency call responders and forensic team leaders have different goals in the investigative process and hardly take into account the specific needs of the crime scene investigator. In order to better meet the needs of crime scene investigators, further research about the content of the provided information, as well as at what moment it should be shared, is needed. Also, in order to determine afterward what role information may have played in the decision-making at the crime scene the recording of information should be better safeguarded.
Organized crime differs substantially from high-volume crime, at least theoretically. But do offenders differ as well? This study makes an extensive comparison between offenders who engage in organized crime at a particular moment in their lives and general offenders, based on various dimensions of their criminal careers. Many organized crime offenders do not have judicial contacts before adulthood. Surprisingly, this turns out to be the case for the comparison group as well. However, organized crime offenders do more often have previous judicial contacts, and those previous contacts are also far more serious. These general findings are robust; they also hold when the comparisons are restricted to organized crime offenders and general offenders who have engaged in drug crimes and fraud cases.
Every year the police are confronted with an ever increasing number of complex cases involving missing persons. About 100 people are reported missing every year in the Netherlands, of which, an unknown number become victims of crime, and presumed buried in clandestine graves. Similarly, according to NWVA, several dead animals are also often buried illegally in clandestine graves in farm lands, which may result in the spread of diseases that have significant consequences to other animals and humans in general. Forensic investigators from both the national police (NP) and NWVA are often confronted with a dilemma: speed versus carefulness and precision. However, the current forensic investigation process of identifying and localizing clandestine graves are often labor intensive, time consuming and employ classical techniques, such as walking sticks and dogs (Police), which are not effective. Therefore, there is an urgent request from the forensic investigators to develop a new method to detect and localize clandestine graves quickly, efficiently and effectively. In this project, together with practitioners, knowledge institutes, SMEs and Field labs, practical research will be carried out to devise a new forensic investigation process to identify clandestine graves using an autonomous Crime Scene Investigative (CSI) drone. The new work process will exploit the newly adopted EU-wide drone regulation that relaxes a number of previously imposed flight restrictions. Moreover, it will effectively optimize the available drone and perception technologies in order to achieve the desired functionality, performance and operational safety in detecting/localizing clandestine graves autonomously. The proposed method will be demonstrated and validated in practical operational environments. This project will also make a demonstrable contribution to the renewal of higher professional education. The police and NVWA will be equipped with operating procedures, legislative knowledge, skills and technological expertise needed to effectively and efficiently performed their forensic investigations.
Ambtenaren openbare orde en veiligheid spelen een centrale rol in de zorg voor maatschappelijke veiligheid. Hun focus ligt van oudsher op de preventie van slachtofferschap van veelvoorkomende criminaliteit (zoals diefstal, vernielingen en vandalisme) en high impact crime (zoals woninginbraak, overvallen en straatroven) binnen hun verzorgingsgebied. Intussen heeft de digitalisering van de samenleving een ongeëvenaarde gelegenheid voor criminaliteit gecreëerd. De totale maatschappelijke schade van cybercrime werd voor 2018 op 10 miljard euro geschat (1% van BNP). Uit cijfers van het CBS blijkt dat tussen 2012 en 2018 het slachtofferschap van hacken zelfs hoger lag dan dat van fietsendiefstal. Nederlandse gemeenten hebben cybercrime in de afgelopen twee jaar dan ook breed als beleidsprioriteit omarmd. Maar in de vertaling van deze beleidsprioriteit naar concrete acties gaat het mis. Duidelijk is dat de ambtenaren openbare orde en veiligheid een taak voor zichzelf zien in de preventie van cybercrime, maar waar te beginnen? In dit project bundelen professionals uit twaalf gemeenten en vier regionale veiligheidsnetwerken hun slagkracht met onderzoekers van twee hogescholen en het NSCR voor de cyberweerbaarheid van de samenleving. De hoofdvraag van dit project luidt: Met welke interventies kunnen ambtenaren openbare orde en veiligheid de cyberweerbaarheid van burgers en bedrijven binnen hun gemeente vergroten? Middels actieonderzoek werken professionals van gemeenten en regio’s samen met onderzoekers aan het verbeteren van bestaande en het ontwikkelen van nieuwe interventies. Daarbij verscherpen zij hun beeld van de omvang en achtergronden van slachtofferschap van cybercrime. Ook onderzoeken zij achtergronden en verklaringen voor het risicobewustzijn en preventief gedrag onder doelgroepen. Deze inzichten worden in verschillende iteraties aangevuld met effectstudies, om tot een set beproefde interventies te komen waarmee de cyberweerbaarheid van burgers en bedrijven zal toenemen.
Door aanhoudende digitalisering nemen de mogelijkheden voor data-analyse toe. In de private sector wordt hier al veelvuldig gebruik van gemaakt, maar in de publieke sector is men nog voorzichtig. Met name in het veiligheidsdomein wordt nog voorzichtig omgesprongen met technologieën zoals dashboards, big data en kunstmatige intelligentie. De reden hiervoor is de balans die bewaard moet worden tussen de soms vergaande bevoegdheden van overheden en de bescherming van burgers, die zich soms in een kwetsbare positie bevinden.
