Presentation Nederlandse Vereniging voor Criminologie Congres 2022
DOCUMENT
Presentation SECREV 2022
DOCUMENT
The organizational aspects of hacktivist networks are seldom studied, withresearch mainly focused on exploratory and descriptive case studies. Tonarrow the gap, we have used the sociological model for the social organiza-tion of deviants developed by Best and Luckenbill (1994). Said model illus-trates how hacktivist networks are organized and contributes to a clear-cutcategorization useful when dealing with hacktivism. Our study uses a richdataset obtained from 32 semi-structured qualitative interviews conductedwithin 23 different networks. By expanding on past research on cybercrim-inal and hacktivist networks, the results show that hacktivists operate atvarying levels of sophistication, favoring small, well-organized teams whereroles and tasks are clearly divided. While there are differences among net-works, our analysis reveals the importance of individual actions within largeroperations: being affiliated with like-minded people, the existence of internalrules, and the importance of hacking skills to determine, if not hierarchies,then who is the most influential. Most of the networks analyzed wereclassified as “peers” or “teams,” although the landscape shows considerableheterogeneity. Compared to other cybercriminal networks, hacktivists seemto have lower level of sophistication, while embracing the hacking subcul-ture that places importance on the role of the individual within the network.
DOCUMENT
Hacktivism represents the promotion in the cyber landscape of ideo-logically motivated agendas using hacking techniques. Despiteresearch on the topic has provided some clues on how hacktivistnetworks develop, the processes behind their evolution remain mostlyunknown. This gap in the literature prompted us to research the role ofonline/offline social relationships and of the offender convergencesettings in the creation, recruitment process and development ofhacktivist networks. This study is based on 30 interviews with hackti-vists, and it uses the social opportunity structures framework to ana-lyze the development of 21 hacktivist networks. The results show thatsaid networks can be divided in sub-categories based on the type ofconnections used to create them. Online social relationships andonline convergence settings (particularly social media platforms andIRC channels) seem to play a key role in the development of hacktivistnetworks, while offline contacts are limited. For the recruitment pro-cess, hacktivists use comparable strategies to any organization, butthree different categories were identified when discussing the level ofsophistication applied to the selection of new candidates.
DOCUMENT
At the end of the 20th century, hacking was bleeding edge. When the ideas, practices and pranks of this experimental niche of technophiles attracted the attention of a handful of activists in Italy, they understood that information and communication were what would give shape and voice to social, political, and cultural processes in the near future.+KAOS is a cut and paste of interviews, like a documentary film transposed on paper. It describes the peculiar relationship between hacktivism and activism, in Italy and beyond, highlighting the importance of maintaining digital infrastructures. While this may not sound as glamorous as sneaking into a server and leaking data, it is a fundamental topic: not even the most emblematic group of hacktivists can operate without the services of radical server collectives.
MULTIFILE
In this essay a new form of Internet activism is proposed: stacktivism. Building onhacktivist practices, this form of code and standard development as political struggle is envisioned to connect different layers of the techno-protological stack (also known as the Internet)in order build bridges between different, still isolated institutional levels and disciplinary practices such as grassroots wifi-access initiatives, interface design, geeks, computer scientistsand governance experts. How do we envision a public stack that goes beyond the structuressuch ICANN, IETF and IGF that can take up the task to rebuild the Internet as a decentralized,federated, public infrastructure?
DOCUMENT
In deze studie onderzoeken we de ontwikkelingstrajecten van hackers, op basis van zelfgerapporteerde web defacements. Tijdens een web defacement wordt ongewenst de inhoud van een website aangepast. In totaal hebben we 50.330 defacements van websites met een Nederlandse extensie (.nl websites) geanalyseerd, die door 3640 verschillende defacers zijn uitgevoerd tussen januari 2010 en maart 2017. Met behulp van trajectory-modellen kunnen er zes groepen defacers worden onderscheiden in de analyses: twee groepen chronische daders en vier groepen daders die slechts gedurende een korte periode defacements uitvoerden. Deze groepen verschillen ook van elkaar in hun motivaties en modus operandi. De groep hoogfrequente chronische daders bestaat uit minder dan 2% van de daders, maar is verantwoordelijk voor meer dan de helft van alle defacements. Het zou dan ook het meest efficiënt zijn wanneer toekomstige interventies zich met name richten op deze kleine groep chronische daders. Voor vervolgonderzoek zou het interessant zijn om de inhoudelijke boodschap van de web defacements te onderzoeken.
DOCUMENT
Repeat victimization has been widely studied from the perspective of environmental criminology for several decades. During this period, criminologists have identified a set of repeat victimization premises that are observed for many crimes; however, it is unknown whether these premises are also valid for cybercrime. In this study we rely on more than 9 million Zone-H data records from 2010 to 2017 to test whether these premises apply for the cybercrime of website defacement. We show that the phenomenon of repeat victimization is also observed in defaced cyber places (i.e. websites). In particular, we found that repeats contributed little to crime rates, that repeats occurred even several years after the original incident, that they were committed disproportionately by prolific offenders, and that few offenders returned to victimize previous targets. The results suggest that some traditional premises of repeat victimization may also be valid for understanding cybercrime events such as website defacement, implying that environmental criminology theories also constitute a useful framework for cybercrime analysis. The implications of these results in terms of criminological theory, cybercrime prevention, and the limitations derived from the use of Zone-H data are discussed.
DOCUMENT
Repeat victimization has been widely studied from the perspective of environmental criminology for several decades. During this period, criminologists have identified a set of repeat victimization premises that are observed for many crimes; however, it is unknown whether these premises are also valid for cybercrime. In this study we rely on more than 9 million Zone-H data records from 2010 to 2017 to test whether these premises apply for the cybercrime of website defacement. We show that the phenomenon of repeat victimization is also observed in defaced cyber places (i.e. websites). In particular, we found that repeats contributed little to crime rates, that repeats occurred even several years after the original incident, that they were committed disproportionately by prolific offenders, and that few offenders returned to victimize previous targets. The results suggest that some traditional premises of repeat victimization may also be valid for understanding cybercrime events such as website defacement, implying that environmental criminology theories also constitute a useful framework for cybercrime analysis. The implications of these results in terms of criminological theory, cybercrime prevention, and the limitations derived from the use of Zone-H data are discussed
DOCUMENT
De constatering dat onderzoek naar de menselijke factor binnen cybercrime en cybersecurity nog in de kinderschoenen staat, terwijl er een grote vraag is naar evidence-based praktisch toepasbare kennis is de reden dat De Haagse Hogeschool (HHs) en het Nederlands Studiecentrum Criminaliteit en Rechtshandhaving (NSCR) de handen ineengeslagen hebben voor de totstandkoming van dit lectoraat. Het lectoraat richt zich daarbij op een specifieke doelgroep: het midden- en kleinbedrijf (mkb). Het mbk is de backbone van de Nederlandse economie. Mkb’ers worden echter relatief vaak slachtoffer van cyberaanvallen en hebben niet de capaciteit om zich te weren tegen dergelijke aanvallen. Dit staat in schril contrast met het onderzoek dat wordt uitgevoerd op dit gebied. Onderzoek naar deze doelgroep ontbreekt bij de start van dit lectoraat nagenoeg compleet. Het doel van het lectoraat is om de kennispositie van het mkb op het gebied van cybercrime en cybersecurity te vergroten om zo het slachtofferschap en de impact van cyberaanvallen onder mkb’ers te verlagen. Omdat er nagenoeg geen studies zijn gedaan naar cybersecurity in het mkb zullen eerst basale vragen beantwoord moeten worden. Zo is inzicht nodig in slachtofferschap onder mkb’ers. Hoe vaak komen aanvallen op mkb bedrijven voor? Welke mkb bedrijven worden slachtoffer van cyberaanvallen en zijn er factoren die risicoverhogend of risicoverlagend werken? Wat is de werkwijze van criminelen? En van welke zwakke plekken maken criminelen gebruik om hun aanvallen uit te voeren? Tegelijkertijd moet worden onderzocht hoe mkb’ers zichzelf weerbaarder kunnen maken. Weten mkb’ers welke risico’s ze lopen, hoe ze aanvallen kunnen detecteren en afslaan? Welke factoren beïnvloeden de weerbaarheid? Welke interventiemogelijkheden zijn er om de weerbaarheid te verhogen? De bescherming van het mkb tegen cyberaanvallen ligt echter niet alleen bij het mkb zelf. Ook andere partijen hebben hierbij een rol. Daarom moet onderzocht worden welke rol politie en justitie nog hebben bij de aanpak van cybercrime gericht op het mkb.
DOCUMENT
