Hacktivism represents the promotion in the cyber landscape of ideo-logically motivated agendas using hacking techniques. Despiteresearch on the topic has provided some clues on how hacktivistnetworks develop, the processes behind their evolution remain mostlyunknown. This gap in the literature prompted us to research the role ofonline/offline social relationships and of the offender convergencesettings in the creation, recruitment process and development ofhacktivist networks. This study is based on 30 interviews with hackti-vists, and it uses the social opportunity structures framework to ana-lyze the development of 21 hacktivist networks. The results show thatsaid networks can be divided in sub-categories based on the type ofconnections used to create them. Online social relationships andonline convergence settings (particularly social media platforms andIRC channels) seem to play a key role in the development of hacktivistnetworks, while offline contacts are limited. For the recruitment pro-cess, hacktivists use comparable strategies to any organization, butthree different categories were identified when discussing the level ofsophistication applied to the selection of new candidates.
DOCUMENT
Review in het kader van COST Action IS1106 Working group 3 In the review below, we summarize resent empirical research about practising offender supervision in The Netherlands on six theme’s: 1. The roles, characteristics, recruitment and training of key actors in the delivery of offender supervision. 2. Interactions and relationships between key actors in the delivery of offender supervision and other relevant professionals. 3. The delivery/practice/performance of offender supervision. 4. The role of tools and technologies in the delivery of OS. 5. The management, supervision and/or regulation of practitioners and their practice. 6. Reflections / contextual issues Ongoing research is discussed in the descriptions of the different theme’s. We conclude with a short reflection about research on practising supervision in the Netherlands. The review is limited to studies about adults. Studies on community sentences have not yet been addressed, we will do this in the next version.
DOCUMENT
Crime script analysis as a methodology to analyse criminal processes is underdeveloped. This is apparent from the various approaches in which scholars apply crime scripting and present their cybercrime scripts. The plethora of scripting methods raise significant concerns about the reliability and validity of these scripting studies. In this methodological paper, we demonstrate how object-oriented modelling (OOM) could address some of the currently identified methodological issues, thereby refining crime script analysis. More specifically, we suggest to visualise crime scripts using static and dynamic modelling with the Unified Modelling Language (UML) to harmonise cybercrime scripts without compromising their depth. Static models visualise objects in a system or process, their attributes and their relationships. Dynamic models visualise actions and interactions during a process. Creating these models in addition to the typical textual narrative could aid analysts to more systematically consider, organise and relate key aspects of crime scripts. In turn, this approach might, amongst others, facilitate alternative ways of identifying intervention measures, theorising about offender decision-making, and an improved shared understanding of the crime phenomenon analysed. We illustrate the application of these models with a phishing script.
MULTIFILE
Powerpoint presentation Research Seminar Contemporary Cybercrime 2022 15th November and Eurocrim 2022.
DOCUMENT
In most models on terrorism, interaction with other radicals is a key factor. However, systematic empirical evidence that radical ties affect behaviour is scarce. Our access to detailed police information allows us to apply Social Network Analysis (SNA) on a Dutch Salafi-Jihadi network and analyse the social relationships and network positions of 80 actors, out of whom 20 turned to terrorist acts. The results suggest that ties to leaders and terrorist offenders, co-attendance of radicalising settings and greater structural embeddedness relate to the likelihood of individual actors turning to acts of terrorism. However, we also find some individual attributes that may offer competing explanations. In this paper we discuss our findings and address how future research may provide further insights into an important issue for agencies involved in countering terrorism: which radical actors, if any, are more likely to turn to acts of terrorism?
DOCUMENT
Based on the results of two research projects from the Netherlands, this paper explores how street oriented persons adapt and use digital technologies by focusing on the changing commission of instrumental, economically motivated, street crime. Our findings show how social media are used by street offenders to facilitate or improve parts of the crime script of already existing criminal activities but also how street offenders are engaging in criminal activities not typically associated with the street, like phishing and fraud. Taken together, this paper documents how technology has permeated street life and contributed to the ‘hybridization’ of street offending in the Netherlands—i.e. offending that takes place in person and online, often at the same time.
DOCUMENT
This article examines the network structure, criminal cooperation, and external interactions of cybercriminal networks. Its contribution is empirical and inductive. The core of this study involved carrying out 10 case analyses on closed cybercrime investigations – all with financial motivations on the part of the offenders - in the UK and beyond. Each analysis involved investigator interview and access to unpublished law enforcement files. The comparison of these cases resulted in a wide range of findings on these cybercriminal networks, including: a common division between the scam/attack components and the money components; the presence of offline/local elements; a broad, and sometimes blurred, spectrum of cybercriminal behaviour and organisation. An overarching theme across the cases that we observe is that cybercriminal business models are relatively stable.
DOCUMENT
Despite the widely held notion that processes of radicalization tend to happen in relation to others, systematic evidence on the social context in which actors meet and form ties is scarce. This is problematic, as without a more thorough understanding of the relational dimension of radicalization, any strategy to intervene may turn out less effective than perhaps hoped for. Based on our access to detailed police information on eleven Dutch Salafi-Jihadi networks (2001–2014; 273 actors), this article presents a descriptive analysis of the social context in which actors meet and form ties. In most networks, we observe pre-existing family and friendship ties, actors to frequent Salafi mosques and radicalizing settings, and committed actors engaged in functional roles. We also find indications for these elements to facilitate actors to form ties. It is important to note however that we also observe exceptions, both in terms of prevalence and impact of the relational factors we study. In the article, we describe our detailed empirical findings and reflect on the (differential) social context is which actors participating in Dutch Salafi-Jihadi networks meet and form ties.
DOCUMENT
Repeat victimization has been widely studied from the perspective of environmental criminology for several decades. During this period, criminologists have identified a set of repeat victimization premises that are observed for many crimes; however, it is unknown whether these premises are also valid for cybercrime. In this study we rely on more than 9 million Zone-H data records from 2010 to 2017 to test whether these premises apply for the cybercrime of website defacement. We show that the phenomenon of repeat victimization is also observed in defaced cyber places (i.e. websites). In particular, we found that repeats contributed little to crime rates, that repeats occurred even several years after the original incident, that they were committed disproportionately by prolific offenders, and that few offenders returned to victimize previous targets. The results suggest that some traditional premises of repeat victimization may also be valid for understanding cybercrime events such as website defacement, implying that environmental criminology theories also constitute a useful framework for cybercrime analysis. The implications of these results in terms of criminological theory, cybercrime prevention, and the limitations derived from the use of Zone-H data are discussed.
DOCUMENT
Repeat victimization has been widely studied from the perspective of environmental criminology for several decades. During this period, criminologists have identified a set of repeat victimization premises that are observed for many crimes; however, it is unknown whether these premises are also valid for cybercrime. In this study we rely on more than 9 million Zone-H data records from 2010 to 2017 to test whether these premises apply for the cybercrime of website defacement. We show that the phenomenon of repeat victimization is also observed in defaced cyber places (i.e. websites). In particular, we found that repeats contributed little to crime rates, that repeats occurred even several years after the original incident, that they were committed disproportionately by prolific offenders, and that few offenders returned to victimize previous targets. The results suggest that some traditional premises of repeat victimization may also be valid for understanding cybercrime events such as website defacement, implying that environmental criminology theories also constitute a useful framework for cybercrime analysis. The implications of these results in terms of criminological theory, cybercrime prevention, and the limitations derived from the use of Zone-H data are discussed
DOCUMENT
