Centenial Celebration

Transaction Search Form: please type in any of the fields below.

Date: November 22, 2024 Fri

Time: 11:38 am

Results for computer crime

55 results found

Author: Canadian Anti-Counterfeiting Network

Title: Report on Counterfeiting and Piracy in Canada: A Road Map for Change

Summary: In Canada, the political will to address the country's serious IP (internet protocol) crime problem has failed to materialize despite the overwhelming evidence of its harm to Canadian competitiveness and a mounting tide of domestic and international criticism. This report sets out clear actions to strengthen Canada's IP enforcement system to create an environment in which an innovation economy can thrive. Taking strong and decisive action against IP crime represents a tremendous opportunity for the federal government to demonstrate its commitment to combating crime and to Canadian economic prosperity, innovation and competitiveness.

Details: Toronto: Canadian Anti-Counterfeiting Network, 2007

Source:

Year: 2007

Country: Canada

URL:

Shelf Number: 115334

Keywords:
Computer Crime
Counterfeiting
Piracy

Author: Cross, Donna

Title: Australian Covert Bullying Prevalence Study

Summary: The safety of members of the school community is essential to enhance the academic, social development and well being of young people. In line with the United Nations' Convention on the Rights of the Child, the National Safe Schools Framework (NSSF) is regarded as a highly innovative, collaborative effort on behalf of the Commonwealth, State and Territory Governments to foster the development and implementation of a series of whole-of-school initiatives to produce an integrated national policy for the prevention and early intervention of bullying and other aggressive and violent behaviours. Yet despite the impact of the NSSF in terms of reducing direct, face-to-face 'overt' bullying, such as hitting, punching, kicking and teasing, evidence suggests that a less direct form of 'covert' bullying is becoming more prevalent and insidious, fuelled in part by the growth of new forms of Information and Communications Technology (ICT). From this perspective, the Australian Covert Bullying Prevalence Study (ACBPS), commissioned by the Department of Education, Employment and Workplace Relations (DEEWR), represents a significant first step to understand and tackle this phenomenon. The ACBPS investigated young people's experiences with covert bullying including: the nature and types of covert bullying behaviours used by young people, how often and where these behaviours occur, and risk and protective factors that may inhibit or encourage covert bullying behaviour. This report aims to shed new light on covert bullying among school-age children, with the ultimate goal of identifying feasible, effective and sustainable policy and practice to address this phenomenon. While the general concepts and theories underlying covert bullying are not new, research into how to address covert bullying is still in its infancy. This is due in part to the erroneous perception that while covert bullying is unpleasant it is generally considered to be a less harmful form of behaviour. Emerging research indicates, however, that covert bullying has the potential to result in more severe psychological, social, and mental health problems than overt bullying, and is not only more difficult for schools and parents to detect, but also has the capacity to inflict social isolation on a much broader scale than overt bullying. Furthermore, the recent digital media revolution of the last decade has provided an additional platform and encouraged a communication culture within which covert bullying can operate among young people. An companion report -- Covert bullying: A review of national and international research -- states that the safety of all school members is an essential prerequisite to promote effective schools that enhance the academic, emotional, social development and well being of young people. The United Nations Convention on the Rights of the Child reinforces the importance of protecting children's quality of life and their rights to be educated in a safe environment, free from all forms of violence, victimisation, harassment and neglect. In line with this basic right, the Australian community has become increasingly aware of the prevalence, seriousness and negative impacts of school bullying - a form of aggression considered to affect the greatest number of students. Research in Australia has indicated that approximately ten percent of school students reported being bullied most days or even every day at school, with almost one half reporting they were bullied at least once during the past term at school. These rates of bullying between students are among the highest in the world.

Details: Perth: Child Health Promotion Research Centre, Edith Cowan University, 2009. 414p.

Source: Internet Resource: Initial report: https://docs.education.gov.au/system/files/doc/other/australian_covert_bullying_prevalence_study_executive_summary.pdf - Companion report: https://docs.education.gov.au/system/files/doc/other/australian_covert_bullying_prevalence_study_chapter_2.pdf

Year: 2009

Country: Australia

URL: https://docs.education.gov.au/system/files/doc/other/australian_covert_bullying_prevalence_study_executive_summary.pdf

Shelf Number: 117124

Keywords:
Bullying
Computer Crime
Cyberbullying
School Crime

Author: Lemieux, Frederic

Title: Investigating Cyber Security Threats: Exploring National Security and Law Enforcement Perspectives

Summary: This report focuses on how federal agencies define success in computer crime investigations and how they can facilitate the development and refinement of a comprehensive law enforcement strategy for addressing cyber threats. Through interviews with experienced computer crime investigators from the Federal Bureau of Investigation, the U.S. Secret Service, and the Air Force Office of Special Investigations, this project aims to identify how federal agencies conduct investigations related to cyber security and how they define operational success. Our findings show a clear emphasis on threat mitigation, instead of quantitative valuation of prosecutions, as the goal of the investigation. Strategies employ the use of intelligence gathering and sharing to fortify potential targets and identify prolific offenders. These observations are consistent with the current trends in traditional investigation which include the use of an intelligence-led policing model to combat the top national security risks to the United States.

Details: Washington, DC: George Washington University, Cyber Security Policy and Research Institute, 2011. 10p.

Source: Internet Resource: Report GW-CSPRI-2011-2: Accessed April 26, 2011 at: http://www.cspri.seas.gwu.edu/Seminar%20Abstracts%20and%20Papers/2011-2%20Investigating%20Cyber%20Security%20Threats%20Lemieux.pdf

Year: 2011

Country: United States

URL: http://www.cspri.seas.gwu.edu/Seminar%20Abstracts%20and%20Papers/2011-2%20Investigating%20Cyber%20Security%20Threats%20Lemieux.pdf

Shelf Number: 121496

Keywords:
Computer Crime
Computer Security
Cybercrime

Author: Australia. Parliament. Joint Select Committee on Cyber-Safety

Title: High-Wire Act: Cyber-Safety and the Young

Summary: The online environment is an integral part of modern economic and social activities, and a vast resource of education, information, communication and entertainment. Further, the evolution of new technologies is diversifying the ways in which Australians connect with each other and the world. This report focuses on how young people can be empowered and connect to the Internet, and use new technologies with confidence, knowing that they can use them safely, ethically and with full awareness of risks and benefits. The facilitation of safer online environments requires government, industry and the broader community to work together to realise the benefits of the online environment while also protecting Australians from dangers and enabling them to use existing and emerging tools to mitigate risks.

Details: Sydney: Australian Parliament, 2011. 601p.

Source: Internet Resource: Accessed July 8, 2011 at: http://www.aph.gov.au/house/committee/jscc/report.htm

Year: 2011

Country: Australia

URL: http://www.aph.gov.au/house/committee/jscc/report.htm

Shelf Number: 122009

Keywords:
Computer Crime
Cyber-Stalking
Cyberbullying
Cybercrime (Australia)
Internet Crimes
Internet Safety

Author: Shachtman, Noah

Title: Pirates of the ISPs: Tactics for Turning Online Crooks Into International Pariahs

Summary: At the beginning of the 19th century, piracy was an ongoing threat and an accepted military tactic. By the end of the century, it was taboo, occurring solely off the shores of failed states and minor powers. The practice of hijacking did not vanish entirely, of course; it is flourishing now on the world’s computer networks, costing companies and consumers countless billions of dollars. Cybercrime today seems like a nearly insoluble problem, much like piracy was centuries ago. There are steps, however, that can be taken to curb cybercrime’s growth—and perhaps begin to marginalize the people behind it. Some of the methods used to sideline piracy provide a useful, if incomplete, template for how to get it done. Shutting down the markets for stolen treasure cut off the pirates’ financial lifeblood; similar pushes could be made against the companies that support online criminals. Piracy was eventually brought to heel when nations took responsibility for what went on within its borders. Based on this precedent, cybercrime will only begin to be curbed when greater authority — and accountability — is exercised over the networks that form the sea on which these modern pirates sail. In this new campaign, however, private companies, not governments, will have to play the central role, as Harvard’s Tyler Moore and others have suggested. After all, the Internet is not a network of governments; it is mostly an amalgam of businesses that rely almost exclusively on handshake agreements to carry data from one side of the planet to another. The vast majority of the Internet’s infrastructure is in the hands of these 5,000 or so Internet Service Providers (ISPs) and carrier networks, as is the ability to keep crooks off that infrastructure. If this relatively small group can be persuaded to move against online criminals, it will represent an enormous step towards turning these crooks into global pariahs. The most productive thing ISPs can do to curb crime is put pressure on the companies that support and abet these underground enterprises. Currently, registration companies sell criminals their domain names, like “thief.com.” Hosting firms provide the server space and Internet Protocol addresses needed to make malicious content online accessible. But without ISPs, no business, straight or crooked, gets online. A simple statistic underscores the ISPs’ role as a critical intermediary: just 10 ISPs account for around 30 percent of all the spam-spewing machines on the planet. ISPs are well aware of which hosting companies, for example, are the most friendly to criminals; lists of these firms are published constantly. But,currently, ISPs have little motivation to cut these criminal havens off from the rest of the Internet. There is no penalty for allowing illicit traffic to transit over their networks. If anything, there is a strong incentive for maintaining business-as-usual: the hosting company that caters to crooks also has legitimate customers, and both pay for Internet access. So ISPs often turn a blind eye, even though the worst criminal havens are well-known. That is where government could help. It could introduce new mechanisms to hold hosting companies liable for the damage done by their criminal clientele. It could allow ISPs to be held liable for their criminal hosts. It could encourage and regulate ISPs to share more information on the threats they find. Government could also encourage more private businesses to come clean when they are victimized. Today, just three in ten organizations surveyed by the security firm McAfee report all of their data breaches. That not only obscures the true scope of cybercrime; it prevents criminals and criminal trends from being caught earlier. Government can alter that equation by expanding the requirements to report data breaches. It could require its contractors to purchase network security insurance, forcing companies to take these breaches more seriously. And it can pour new resources into and craft new strategies for disrupting criminals’ support networks. These steps will serve as important signals that America will no longer tolerate thieves and con artists operating on its networks. After all, 20 of the 50 most crime-friendly hosts in the world are American, according to the security researchers at HostExploit. As the United States gets serious in curbing these criminals, it can ask more from — and work more closely with — other countries. China, for instance, sees itself as the world’s biggest victim of cybercrime, even as it remains a hotbed for illicit activity. Not coincidentally, China is also only partially connected to the global community of ISPs. Dialogues to bring the Chinese closer into the fold will not only make it easier to marginalize cybercriminals; it will build momentum for broader negotiations on all sorts of Internet security issues.

Details: Washington, DC: John L. Thornton China Center at Brookings, 2011. 44p.

Source: Internet Resource: Cyber Security #1: Accessed August 26, 2011 at: http://www.brookings.edu/~/media/Files/rc/papers/2011/0725_cybersecurity_shachtman/0725_cybersecurity_shachtman.pdf

Year: 2011

Country: International

URL: http://www.brookings.edu/~/media/Files/rc/papers/2011/0725_cybersecurity_shachtman/0725_cybersecurity_shachtman.pdf

Shelf Number: 122561

Keywords:
Computer Crime
Cybercrime
Cybersecurity
Internet Crimes

Author: Kuperus, Jasper

Title: Catching Criminals by Chance: A Probabilistic Approach to Named Entity Recognition using Targeted Feedback

Summary: In forensics, large amounts of unstructured data have to be analyzed in order to nd evidence or to detect risks. For example, the contents of a personal computer or USB data carriers belonging to a suspect. Automatic processing of these large amounts of unstructured data, using techniques like Information Extraction, is inevitable. Named Entity Recognition (NER) is an important rst step in Information Extraction and still a dicult task. A main challenge in NER is the ambiguity among the extracted named entities. Most approaches take a hard decision on which named entities belong to which class or which boundary ts an entity. However, often there is a signi - cant amount of ambiguity when making this choice, resulting in errors by making these hard decisions. Instead of making such a choice, all possible alternatives can be preserved with a corresponding con dence of the probability that it is the correct choice. Extracting and handling entities in such a probabilistic way is called Probabilistic Named Entity Recognition (PNER). Combining the elds of Probabilistic Databases and Information Extraction results in a new eld of research. This research project explores the problem of Probabilistic NER. Although Probabilistic NER does not make hard decisions when ambiguity is involved, it also does not yet resolve ambiguity. A way of resolving this ambiguity is by using user feedback to let the probabilities converge to the real world situation, called Targeted Feedback. The main goal in this project is to improve NER results by using PNER, preventing ambiguity related extraction errors and using Targeted Feedback to reduce ambiguity. This research project shows that Recall values of the PNER results are significantly higher than for regular NER, adding up to improvements over 29%. Using Targeted Feedback, both Precision and Recall approach 100% after full user feedback. For Targeted Feedback, both the order in which questions are posed and whether a strategy attempts to learn from the answers of the user provide performance gains. Although PNER shows to have potential, this research project provides insucient evidence whether PNER is better than regular NER.

Details: Enschede, The Netherlands: University of Twente, 2012. 116p.

Source: Master's Thesis: Internet Resource: Accessed August 1, 2012 at http://essay.utwente.nl/61639/1/MSc_J_Kuperus_DB_CTIT.pdf

Year: 2012

Country: Netherlands

URL: http://essay.utwente.nl/61639/1/MSc_J_Kuperus_DB_CTIT.pdf

Shelf Number: 125827

Keywords:
Computer Crime
Forensic Sciences
Forensics

Author: Dooley, Julian J.

Title: Review of Existing Australian and International Cyber-Safety Research

Summary: This report provides a detailed overview of Australian and international research literature on cyber-safety risks. In general, there are several risks associated with using technology and exposure to these risks, when not properly addressed, is associated with negative consequences. However, the literature (scientific and non-scientific) suggests that some of the most troublesome online risks are strongly associated with offline risks and that these two worlds do not exist independently. Thus, in order to address online risks, it is crucial that offline behaviours also be considered. Finally, the research indicates that as young people increase their use of information and communication technologies, such as the Internet, they increase their risk of being exposed to negative online experiences.

Details: Perth, Australia: Child Health Promotion Research Centre, Edith Cowan University, 2009. 276p.

Source: Internet Resource: Accessed October 13, 2012 at http://www.dbcde.gov.au/__data/assets/pdf_file/0004/119416/ECU_Review_of_existing_Australian_and_international_cyber-safety_research.pdf

Year: 2009

Country: Australia

URL: http://www.dbcde.gov.au/__data/assets/pdf_file/0004/119416/ECU_Review_of_existing_Australian_and_international_cyber-safety_research.pdf

Shelf Number: 126688

Keywords:
Computer Crime
Internet Child Sexual Abuse
Internet Crimes
Internet Safety
Juvenile Victims
Online Grooming
Online Sexual Abuse
Social Networking

Author: Poolen, W.J.

Title: Intentional Disintegration of Cybercriminal Networks: Approaches in Network Strategic Security Modeling

Summary: This thesis assesses whether network strategic security models can be used for disintegration of cybercriminal networks. Strategic models are conceptualized as methods for security intervention that use network mathematical algorithms to define sets of targets in a hostile network that seem crucial to attack in order to disintegrate a cybercriminal network. Two strategic models are constructed that are associated with different types of targets in cybercriminal networks. One model focusses on hubs (computer devices, human operators and other nodes that interact within a network); the other model focusses on the exchange connections between clusters of interacting nodes. After elaboration of the strategic models a set of cases of cybercriminal interventions is invoked to investigate how the theoretical models contribute to real life intervention. In reflection on the cases and theory the main issue that becomes apparent is that the strategic models do not adequately take in account the ability of targeted networks to react to disintegration attempts. The notion of network resilience is considered and a subsequent theoretical attempt interprets network resilience as an effect of the relations that a network maintains with its resource networks. Networks are perceived to be embedded and interconnected in a network environment in which they exchange resources. Finally, a broadening of the theoretical understanding towards the multilayered aspects of a network is suggested to gain a more adequate perspective for network strategic security interventions.

Details: Amsterdam: Vrije Universiteit,, 2012. 69p.

Source: Internet Resource: Thesis: Accessed November 9, 2012 at: http://www.screenwork.nl/PDF/20120910_masterthesis_webversie.pdf

Year: 2012

Country: International

URL: http://www.screenwork.nl/PDF/20120910_masterthesis_webversie.pdf

Shelf Number: 126899

Keywords:
Computer Crime
Computer Security
Criminal Networks
Cyber Security
Cybercrimes
Cybercriminal Networks

Author: Wormeli, Paul

Title: Mitigating Risks in the Application of Cloud Computing in Law Enforcement

Summary: This report comes at an opportune time as the law enforcement community is undergoing a major transformation. Traditionally, communication within law enforcement was often linear and hierarchical. Today, communication happens in real time across jurisdictional boundaries. Because of improved communication and real-time information, the law enforcement community can plan where to place resources ahead of time, instead of only reacting to events after they have occurred. One potential key to this is the advent of cloud computing. Cloud computing can be a cost-effective way to enable improved communication. Cloud computing also provides a potential for cost-savings for law enforcement, since law enforcement organi­zations don’t have to use their tight budgets to build their own information technology infrastructure. According to Steve Ambrosini, executive director of IJIS, there has been a constant search for “emerging and disruptive technology that might posi­tively affect the productivity and efficiency of justice and public safety agencies, and promote better information-sharing in sup­port of their missions.” Ambrosini continues, “Cloud computing has been one of the technologies with potential, but executives in justice and public safety have some general skepticism for concepts embedded in this powerful new infrastructure.” Based on a survey of leaders in the law enforcement community about cloud computing, Wormeli gained an increased under­standing of their major issues, which include concerns about reliability and availability, performance requirements, cost of migration, and the recovery of data. In response to these con­cerns, Wormeli explains how the law enforcement community can effectively respond. The report concludes with six recom­mendations on how law enforcement organizations can success­fully implement a move to cloud computing.

Details: Washington, DC: IBM Center for The Business of Government, 2012. 45p.

Source: Internet Resource: Accessed November 29, 2012 at: http://www.businessofgovernment.org/sites/default/files/Mitigating%20Risks%20in%20the%20Application%20of%20Cloud%20Computing%20in%20Law%20Enforcement_1.pdf

Year: 2012

Country: United States

URL: http://www.businessofgovernment.org/sites/default/files/Mitigating%20Risks%20in%20the%20Application%20of%20Cloud%20Computing%20in%20Law%20Enforcement_1.pdf

Shelf Number: 127039

Keywords:
Cloud Computing
Computer Crime
Computer Security

Author: Libicki, Martin C.

Title: Crisis and Escalation in Cyberspace

Summary: This report presents some of the results of a fiscal year 2011 RAND Project AIR FORCE study on the integration of kinetic and nonkinetic weapons, “U.S. and Threat Non-Kinetic Capabilities.” It discusses the management of cybercrises throughout the spectrum from precrisis to crisis to conflict. The basic message is simple: Crisis and escalation in cyberspace can be managed as long as policymakers understand the key differences between nonkinetic conflict in cyberspace and kinetic conflict in the physical world. Among these differences are the tremendous scope that cyberdefense affords; the near impossibility and thus the pointlessness of trying to disarm an adversary’s ability to carry out cyberwar; and the great ambiguity associated with cyberoperations—notably, the broad disjunction between the attacker’s intent, the actual effect, and the target’s perception of what happened. Thus, strategies should concentrate on (1) recognizing that crisis instability in cyberspace arises largely from misperception, (2) promulgating norms that might modulate crisis reactions, (3) knowing when and how to defuse inadvertent crises stemming from incidents, (4) supporting actions with narrative rather than signaling, (5) bolstering defenses to the point at which potential adversaries no longer believe that cyberattacks (penetrating and disrupting or corrupting information systems, as opposed to cyberespionage) can alter the balance of forces, and (6) calibrating the use of offensive cyberoperations with an assessment of their escalation potential.

Details: Santa Monica, CA: RAND, 2012. 200p.

Source: Internet Resource: Accessed January 24, 2013 at: http://www.rand.org/content/dam/rand/pubs/monographs/2012/RAND_MG1215.pdf

Year: 2012

Country: United States

URL: http://www.rand.org/content/dam/rand/pubs/monographs/2012/RAND_MG1215.pdf

Shelf Number: 127383

Keywords:
Computer Crime
Cyberattacks
Cybercrime (U.S.)
National Security
Terrorism

Author: Australia. Parliament. Joint Select Committee on Cyber-Safety

Title: Cybersafety for Seniors: A Worthwhile Journey. Second Interim Report

Summary: Cyber technology has developed dramatically in the last 20 years and the internet and other new communications technologies have infiltrated lives in ways which would not have been imagined only a few years ago. Australians are now communicating with government, business, family and friends, as well as shopping and banking, online. While many senior Australians may have been reluctant to venture into the cyber world initially, seniors are now the fastest growing online user group in the country. Anyone who uses the internet is vulnerable to cyber security threats but the Committee found that seniors are particularly vulnerable for several reasons. Additionally, seniors are attractive targets for criminals because many seniors own substantial assets and have access to life savings and their superannuation. In many cases, seniors are looking for opportunities to invest their money, so they might be receptive to scams and fraudulent investment opportunities. The Committee spoke to seniors who have enthusiastically embraced the internet and other communications technology, and who act safely online. However, the Committee also received a lot of evidence showing that there are many senior Australians who either are not using the internet at all, or are using it with caution, because they are afraid of becoming involved in cyber security issues. Additionally, many are now too embarrassed to admit to family and others that they have no knowledge of the internet and no idea how they would go about ‘getting online’. For these seniors, education and training will be their key to becoming cyber savvy and cyber safe. Paradoxically, it is often the seniors who could most benefit from being online in their own home—that is, the geographically isolated or those who are housebound through disability or for other reasons—who have been left behind and are not yet online. Many of these seniors are hesitant to venture into the cyber world, if indeed they even knew how to do so. The Committee found that there is a lot of help available for seniors who want to go online, particularly in the more populated parts of the country. Many seniors’ groups, public libraries and government departments around the nation are helping seniors start the journey towards being cyber savvy. Some seniors’ clubs are teaching computing with a cybersafety component and some also teach dedicated cybersafety courses. The Universities of the Third Age are experiencing very high demand for their computer courses. Public libraries around the nation are doing an impressive job of helping seniors to safely use email, smartphones, social networking and to access government sites and services. Over 2,000 Broadband for Seniors kiosks are located around the nation offering free internet access and training for seniors. The Committee has made 13 recommendations in this unanimous report which should help improve cybersafety for senior Australians.

Details: Canberra: Australian Parliament, 2013. 194p.

Source: Internet Resource: Accessed April 25, 2013 at: http://apo.org.au/research/cybersafety-seniors-worthwhile-journey

Year: 2013

Country: Australia

URL: http://apo.org.au/research/cybersafety-seniors-worthwhile-journey

Shelf Number: 128436

Keywords:
Computer Crime
Cubercrime (Australia)
Cybersecurity
Internet Crime

Author: Levin, Avner

Title: International Comparison of Cyber Crime

Summary: This report compares Canada’s international partners and several other countries on measures related to cyber-crime. The main findings are as follows:  Countries distinguish in their policy and strategy documents between cyber-crimes, which are the domain of law enforcement agencies, and cyber-attacks which are increasingly the domain of the military.  Canada’s international partners have turned their focus from the prevention of cyber- crime to the protection of critical national infrastructure from cyber-attacks.  In order to cooperate effectively with its allies Canada must also focus on the protection of critical national infrastructure. However, the risk of this focus is the loss of cooperation with non-traditional allies, such as Russia and China, on the prevention of cyber-crimes.  European countries and the US allow for warrant-less access to electronic information in order to prevent both cyber-crime and cyber-attacks. Other countries do not acknowledge this possibility publicly.  The need for, and practice of, warrant-less lawful access or warrant-less lawful intercept is moot in Canada, given recent policy decisions to abandon such legislation.  Countries have not attempted the creation of a ‘Nav-Canada’ type of agency (private-sector, not-for profit) to implement their cyber-security strategies.  Agencies to combat cyber-crime or cyber-attacks are typically created as an organizational part of the existing law enforcement or military structure.

Details: Ted Rogers School of Management, Ryerson University, 2013. 51p.

Source: Internet Resource: Accessed May 4, 2013 at: http://www.ryerson.ca/tedrogersschool/privacy/documents/Ryerson_International_Comparison_ofCyber_Crime_-March2013.pdf

Year: 2013

Country: Canada

URL: http://www.ryerson.ca/tedrogersschool/privacy/documents/Ryerson_International_Comparison_ofCyber_Crime_-March2013.pdf

Shelf Number: 128664

Keywords:
Computer Crime
Cybercrime (Canada, International)
Internet Crime

Author: Tendulkar, Rohini

Title: Cyber-crime, Securities Markets and Systemic Risk

Summary:  The soundness, efficiency and stability of securities markets relies on the quality of information provided; the integrity of people and service provision; the effectiveness of regulation; and increasingly the robustness of supporting technological infrastructure. Yet, there is limited public, targeted and in-depth study into how one of the more prominent technology-based risks: cyber-crime could and is impacting securities markets.  Cyber-crime can be understood as an attack on the confidentiality, integrity and accessibility of an entity’s online/computer presence or networks – and information contained within. The Evolving Nature of Cyber-Crime  In recent years, cyber-crime has become increasingly sophisticated, making it difficult to combat, detect and mitigate. The rise of a relatively new class of cyber-attack is especially troubling. This new class is referred to as an ‘Advanced Persistent Threat’ (APT).1  The costs of cyber-crime to society so far may already be substantial. Some studies cite figures as high as $388 billion2 or $ 1 trillion3. While these high numbers are contentious due to lack of reliability when it comes to reporting direct and indirect costs, a growing number of high-profile cyber-attacks, high financial losses incurred, and other real-world manifestations suggest a potential for widespread impact. A focus on the world’s exchanges  To gather unique insights into the cyber-crime threat from a securities market perspective, the IOSCO Research Department, jointly with the World Federation of Exchanges Office, conducted a cyber-crime survey (hereafter the WFE/IOSCO survey) to some of our core financial market infrastructures - the world’s exchanges.4  This survey is intended as part of a series of surveys exploring perspectives and experiences with cyber-crime across different groups of securities market actors, financial institutions and regulators.  In this first survey, a vast majority of respondents agree that cyber-crime in securities markets can be considered a potentially systemic risk (89%). The following factors shed light on why:  Size, complexity and incentive structure  Cyber-crime is already targeting a number of exchanges. Over half of exchanges surveyed report experiencing a cyber-attack in the last year (53%).  Attacks tend to be disruptive in nature (rather than aiming for immediate financial gain). The most common forms of attack reported in the survey are Denial of Service attacks and malicious code (viruses). These categories of attack were also reported as the most disruptive. Financial theft did not feature in any of the responses.  This suggests a shift in motive for cyber-crime in securities markets, away from financial gain and towards more destabilizing aims. It also distinguishes cyber-crime in securities markets from traditional crimes against the financial sector e.g. fraud, theft.  Potential effect on market integrity and efficiency; infiltration of non-substitutable and/or interconnected services  The instances of attacks against exchanges means that cyber-crime is already targeting securities markets’ core infrastructures and providers of essential (and non-substitutable services). At this stage, these cyber-attacks have not impacted core systems or market integrity and efficiency. However, some exchanges surveyed suggest that a large-scale, successful attack may have the potential to do so.  Level of transparency and awareness  Transparency in the form of information sharing is occurring widely. 70% of exchanges surveyed note that they share information with authorities, overseers or regulators. However, most of these arrangements are national in nature.  There is also a high level of awareness of the threat across exchanges surveyed. Around 93% of exchanges surveyed report that cyber-threats are discussed and understood by senior management and almost 90% report having in place internal plans and documentation addressing cyber-crime.  Level of cyber-security and cyber-resilience  All exchanges surveyed appear to have in place myriad proactive and reactive defence and preventative measures (see Annex B) and report that cyber-attacks are generally detected immediately. Annual cyber-crime training for general (non-IT) staff is also a staple amongst the majority of respondent exchanges.  However, a small but significant number of exchanges surveyed recognize that 100% security is illusionary, with around a quarter recognizing that current preventative and disaster recovery measures may not be able to stand up against a large-scale and coordinated attack.  Around half of exchanges surveyed report having two separate groups for handling physical and cyber threats. Separation of the two teams could lead to challenges in engaging with cyber-physical threats, however these challenges may be easily overcome (if not already) through efficient and on-going coordination between the two groups. Further information around the level of coordination between these two groups could shed light on this point.  Around 22% of exchanges surveyed report having cyber-crime insurance or something similar. This is mainly due to lack of availability or insufficient coverage of available insurance.  Effectiveness of regulation  A number of respondents expressed doubt over the effectiveness of current regulation in deterring cyber-criminals from damaging markets, since the global nature of the crime makes it difficult to identify and prosecute them. Only 59% of exchanges surveyed report sanctions regimes being in place for cyber-crime, in their jurisdiction. Of these, only half (55%) suggest that current sanction regimes are effective in deterring cyber-criminals. Engaging with the risk  In terms of the future role of securities market regulators in engaging with cyber-crime in securities markets, the following activities were highlighted most frequently by exchanges surveyed:  Updating/implementing regulation and standards (in collaboration with other authorities);  Identifying and providing guidance on best practice, principles and/or frameworks;  Building, partaking in and promoting information sharing networks;  Acting as a repository of knowledge for securities market participants to tap into (e.g. keep up to date with trends, house technical expertise to answer industry questions, collect and record cases, identify biggest risks).  Many of the exchanges surveyed underline a need for further policy but assert that any efforts in this space should:  avoid being prescriptive;  maintain flexibility to adapt to changing risks;  concentrate on information sharing; effective regulations/legislation; providing guidance and principles; and not interfere with an institution’s own tailored internal measures or policy.

Details: Paris: International Organisation of Securities Commissions or the World Federation of Exchanges. 2013. 59p.

Source: Internet Resource: Staff Working Paper: [SWP1/2013]: Accessed July 18, 2013 at: http://www.world-exchanges.org/files/statistics/pdf/IOSCO_WFE_Cyber-crime%20report_Final_16July.pdf

Year: 2013

Country: International

URL: http://www.world-exchanges.org/files/statistics/pdf/IOSCO_WFE_Cyber-crime%20report_Final_16July.pdf

Shelf Number: 129445

Keywords:
Computer Crime
Cybercrime (International)
Financial Crimes
Internet Crime
Securities Markets

Author: Great Britain. House of Commons. Home Affairs Committee

Title: E-crime: Fifth Report of Session 2013-14

Summary: 1. We live in a world where terms like "Cyber crime" no longer belong in the realm of science fiction. Modern devices such as smart phones and tablets have brought the internet not only to our fingertips but to our bedsides, our pockets and to our children. And yet there is strong evidence that access to such technology, with all its opportunities and benefits, can put our businesses and our families at increasing risk of exploitation and internet-based crime (E-crime). 2. Identity theft, industrial espionage, credit card fraud, phishing, child exploitation - criminals use the internet as a means to commit a wide range of crimes. Perpetrators range from lone hackers, activist groups, Nation States sponsoring industrial espionage and organised criminal gangs. Victims include individuals who fall prey to scams and password theft to multinational companies such as, famously Sony. The financial details of 23,000 users of Sony Online Entertainment were stolen when its networks were breached by hackers in March 2011. The cost of the clean-up was reportedly $172m and the events caused a 9 % share price drop. 3. The internet has also been used to great effect by criminals to trade their cyber wares. Investigators have uncovered sophisticated black market operations such as DarkMarket and ShadowCrew who use the internet to trade cloned credit card data and bank account details, hire botnets (infected networks of computers) and deliver hacking tutorials. Although difficulties in establishing precise figures about the rate and the cost of cyber crime are acknowledged there is general agreement on its rapidly growing scale. Norton have calculated its global cost to be $388bn dollars a year in terms of financial losses and time lost. This is significantly more than the combined annual value of $288bn of the global black market trade in heroin, cocaine and marijuana. 4. UK governments have had a centralised approach to cyber crime and wider cyber threats since the launch of the UK's first Cyber Security Strategy in June 2009 and the corresponding National Cyber Security Programme (NCSP) launched in November 2011. In the course of this inquiry we have looked specifically at the Home Office's remit under its much heralded Cyber Security Strategy.

Details: London: The Stationery Office Limited, 2013. 165p.

Source: Internet Resource: Accessed August 8, 2013 at: http://www.publications.parliament.uk/pa/cm201314/cmselect/cmhaff/70/70.pdf

Year: 2013

Country: United Kingdom

URL: http://www.publications.parliament.uk/pa/cm201314/cmselect/cmhaff/70/70.pdf

Shelf Number: 129591

Keywords:
Computer Crime
Cybercrime (U.K.)
Internet Crime
Technology and Crime

Author: United Nations Office on Drugs and Crime

Title: Comprehensive Study on Cybercrime

Summary: In 2011, at least 2.3 billion people, the equivalent of more than one third of the world's total population, had access to the internet. Over 60 per cent of all internet users are in developing countries, with 45 per cent of all internet users below the age of 25 years. By the year 2017, it is estimated that mobile broadband subscriptions will approach 70 per cent of the world's total population. By the year 2020, the number of networked devices (the 'internet of things') will outnumber people by six to one, transforming current conceptions of the internet. In the hyper-connected world of tomorrow, it will become hard to imagine a 'computer crime', and perhaps any crime, that does not involve electronic evidence linked with internet protocol (IP) connectivity. 'Definitions' of cybercrime mostly depend upon the purpose of using the term. A limited number of acts against the confidentiality, integrity and availability of computer data or systems represent the core of cybercrime. Beyond this, however, computer-related acts for personal or financial gain or harm, including forms of identity-related crime, and computer content-related acts (all of which fall within a wider meaning of the term 'cybercrime') do not lend themselves easily to efforts to arrive at legal definitions of the aggregate term. Certain definitions are required for the core of cybercrime acts. However, a 'definition' of cybercrime is not as relevant for other purposes, such as defining the scope of specialized investigative and international cooperation powers, which are better focused on electronic evidence for any crime, rather than a broad, artificial 'cybercrime' construct. In many countries, the explosion in global connectivity has come at a time of economic and demographic transformations, with rising income disparities, tightened private sector spending, and reduced financial liquidity. At the global level, law enforcement respondents to the study perceive increasing levels of cybercrime, as both individuals and organized criminal groups exploit new criminal opportunities, driven by profit and personal gain. Upwards of 80 percent of cybercrime acts are estimated to originate in some form of organized activity, with cybercrime black markets established on a cycle of malware creation, computer infection, botnet management, harvesting of personal and financial data, data sale, and 'cashing out' of financial information. Cybercrime perpetrators no longer require complex skills or techniques. In the developing country context in particular, subcultures of young men engaged in computer-related many of whom begin involvement in cybercrime in late teenage years. Globally, cybercrime acts show a broad distribution across financial-driven acts, and computer-content related acts, as well as acts against the confidentiality, integrity and accessibility of computer systems. Perceptions of relative risk and threat vary, however, between Governments and private sector enterprises. Currently, police-recorded crime statistics do not represent a sound basis for cross-national comparisons, although such statistics are often important for policy making at the national level. Two-thirds of countries view their systems of police statistics as insufficient for recording cybercrime. Police-recorded cybercrime rates are associated with levels of country development and specialized police capacity, rather than underlying crime rates. Victimization surveys represent a more sound basis for comparison. These demonstrate that individual cybercrime victimization is significantly higher than for 'conventional' crime forms. Victimization rates for online credit card fraud, identity theft, responding to a phishing attempt, and experiencing unauthorized access to an email account, vary between 1 and 17 per cent of the online population for 21 countries across the world, compared with typical burglary, robbery and car theft rates of under 5 per cent for these same countries. Cybercrime victimization rates are higher in countries with lower levels of development, highlighting a need to strengthen prevention efforts in these countries. Private sector enterprises in Europe report similar victimization rates - between 2 and 16 per cent - for acts such as data breach due to intrusion or phishing. Criminal tools of choice for these crimes, such as botnets, have global reach. More than one million unique IP addresses globally functioned as botnet command and control servers in 2011. Internet content also represented a significant concern for Governments. Material targeted for removal includes child pornography and hate speech, but also content related to defamation and government criticism, raising human rights law concerns in some cases. Almost 24 per cent of total global internet traffic is estimated to infringe copyright, with downloads of shared peer-to-peer (P2P) material particularly high in countries in Africa, South America, and Western and South Asia.

Details: Vienna: UNODC, 2013. 320p.

Source: Internet Resource: Draft: Accessed November 7, 2013 at: http://www.unodc.org/documents/organized-crime/UNODC_CCPCJ_EG.4_2013/CYBERCRIME_STUDY_210213.pdf

Year: 2013

Country: International

URL: http://www.unodc.org/documents/organized-crime/UNODC_CCPCJ_EG.4_2013/CYBERCRIME_STUDY_210213.pdf

Shelf Number: 131602

Keywords:
Computer Crime
Cybercrime (International)
Financial Crimes
Internet Crime

Author: McGuire, Mike

Title: Cyber Crime: A Review of the Evidence. Summary of Key Findings and Implications

Summary: This review focuses on evidence relating to cyber-dependent crimes (for example, the spread of viruses and other malware; hacking and DDoS attacks) and cyber-enabled crimes (for example, cyber-enabled fraud and theft; and sexual offending against children, including grooming and indecent imagery). The review also considers the available evidence regarding victims, offenders and the costs of cyber crime. The final chapter highlights various challenges with the cyber crime evidence base, and proposes further steps for improving the measurement of cyber crime.

Details: London: Home Office, 2013. 30p. Summary, and four separate reports.

Source: Internet Resource: Research Report 75: Accessed March 11, 2014 at: https://www.gov.uk/government/publications/cyber-crime-a-review-of-the-evidence

Year: 2013

Country: United Kingdom

URL: https://www.gov.uk/government/publications/cyber-crime-a-review-of-the-evidence

Shelf Number: 131859

Keywords:
Computer Crime
Cybercrime
Internet Crime

Author: Center for Strategic and International Studies

Title: Net Losses: Estimating the Global Cost of Cybercrime. Economic Impact of Cybercrime II

Summary: Putting a number on the cost of cybercrime and cyber-espionage is the headline, but the dollar figure begs important questions about the damage to the victims from the cumulative effect of losses in cyberspace. The cost of cybercrime includes the effect of hundreds of millions of people having their personal information stolen-incidents in the last year include more than 40 million people in the US, 54 million in Turkey, 20 million in Korea, 16 million in Germany, and more than 20 million in China. One estimate puts the total at more than 800 million individual records in 2013. This alone could cost as much as $160 billion per year. Criminals still have difficulty turning stolen data into financial gain, but the constant stream of news contributes to a growing sense that cybercrime is out of control. For developed countries, cybercrime has serious implications for employment. The effect of cybercrime is to shift employment away from jobs that create the most value. Even small changes in GDP can affect employment. In the United States alone, studies of how employment varies with export growth suggest that the losses from cybercrime could cost as many as 200,000 American jobs, roughly a third of 1% decrease in employment for the US. Using European Union data, which found that 16.7 workers were employed per million Euros in exports to the rest of the world,6 Europe could lose as many as 150,000 jobs due to cybercrime (adjusting for national differences in IP-intensive jobs), or about 0.6% of the total unemployed. These are not always a "net" loss if workers displaced by cyberespionage find other jobs, but if these jobs do not pay as well or better. If lost jobs are in manufacturing (and "the main engine for job creation") or other high-paying sectors, the effect of cybercrime is to shift workers from high-paying to low-paying jobs or unemployment. While translating cybercrime losses directly into job losses is not easy, the employment effect cannot be ignored. The most important cost of cybercrime, however, comes from its damage to company performance and to national economies. Cybercrime damages trade, competitiveness, innovation, and global economic growth. What cybercrime means for the world is: - The cost of cybercrime will continue to increase as more business functions move online and as more companies and consumers around the world connect to the Internet. - Losses from the theft of intellectual property will also increase as acquiring countries improve their ability to make use of it to manufacture competing goods. - Cybercrime is a tax on innovation and slows the pace of global innovation by reducing the rate of return to innovators and investors. - Governments need to begin serious, systematic effort to collect and publish data on cybercrime to help countries and companies make better choices about risk and policy.

Details: Santa Clara, CA: Intel Security, McAffee, 2016. 24p.

Source: Internet Resource: Accessed June 18, 2014 at: http://www.mcafee.com/hk/resources/reports/rp-economic-impact-cybercrime2.pdf

Year: 2014

Country: International

URL: http://www.mcafee.com/hk/resources/reports/rp-economic-impact-cybercrime2.pdf

Shelf Number: 132501

Keywords:
Computer Crime
Costs of Crime
Crimes Against Businesses
Cybercrime
Economics of Crime
Employment
Espionage
Jobs

Author: Lavorgna, Anita

Title: Transit Crimes in the Internet Age: How new online criminal opportunities affect the organization of offline transit crimes

Summary: There is a general consensus that the Internet has expanded possibilities for so-called transit crimes-i.e., traditional trafficking activities. However, the extent to which the Internet is exploited by offenders to carry out transit crimes and the way in which it has changed those offenders' behaviors and the criminal processes remains under-investigated. The aim of this thesis is to understand what kind of criminal opportunities the Internet offers for conducting transit crimes and how these opportunities affect the organization of transit crimes, as concerns both the carrying out of the criminal activity and the patterns of relations in and among criminal networks. In order to achieve this goal, a model of script analysis-a way to highlight the sequence of actions that are carried out for a determinate criminal activity to occur- was developed in order to classify the criminal opportunities that the Internet supplies for selected transit crimes (wildlife trafficking, trafficking in counterfeit medicines, sex trafficking, and trafficking in recreational drugs), to identify cyber-hotspots, and to allow a richer and deeper understanding of the dynamics of Internet-mediated transit crimes. The data were collected by means of case study research and semi-structured interviews to law enforcement officers and acknowledged experts. For each criminal activity considered, through the script framework it has been possible to identify different types of criminal opportunities provided by the Internet. The empirical evidence presented demonstrates that the criminal markets considered have become-even if to a different extent-hybrid markets which combine the traditional social and economic opportunity structures with the new one provided by the Internet. Among other findings, this research indicates that not only has the Internet opened the way for new criminal actors, but it also has reconfigured relations among suppliers, intermediaries, and buyers. Furthermore, results were compared across transit crimes to illustrate whether and to what extent Internet usage impacts them differently. The differences seem to depend primarily on the social perception of the seriousness of the criminal activity, on the place it fills in the law enforcement agenda, and on the characteristics of the actors involved. This study, albeit with limitations, provides an accurate description of the Internet as crime facilitator for transit crimes. It concludes by highlighting the possibilities of environmental criminology as a theoretical framework to investigate Internet-mediated transit crimes, offering some final observations on how relevant actors behave online, and suggesting new directions for research.

Details: Trento, Italy: University of Trento, Doctoral School of International Studies, 2013. 212p.

Source: Internet Resource: Dissertation: Accessed June 19, 2014 at: http://eprints-phd.biblio.unitn.it/1185/1/PhD_Dissertation_Lavorgna.pdf

Year: 2013

Country: International

URL: http://eprints-phd.biblio.unitn.it/1185/1/PhD_Dissertation_Lavorgna.pdf

Shelf Number: 132532

Keywords:
Computer Crime
Criminal Networks
Drug Trafficking
Internet Crimes
Organized Crime
Sex Trafficking
Wildlife Trafficking

Author: Libicki, Martin C.

Title: Hackers Wanted: An Examination of the Cybersecurity Labor Market

Summary: There is a general perception that there is a shortage of cybersecurity professionals within the United States, and a particular shortage of these professionals within the federal government, working on national security as well as intelligence. Shortages of this nature complicate securing the nation's networks and may leave the United States ill-prepared to carry out conflict in cyberspace. RAND examined the current status of the labor market for cybersecurity professionals - with an emphasis on their being employed to defend the United States. This effort was in three parts: first, a review of the literature; second, interviews with managers and educators of cybersecurity professionals, supplemented by reportage; and third, an examination of the economic literature about labor markets. RAND also disaggregated the broad definition of "cybersecurity professionals" to unearth skills differentiation as relevant to this study. In general, we support the use of market forces (and preexisting government programs) to address the strong demand for cybersecurity professionals in the longer run. Increases in educational opportunities and compensation packages will draw more workers into the profession over time. Cybersecurity professionals take time to reach their potential; drastic steps taken today to increase their quantity and quality would not bear fruit for another five to ten years. By then, the current concern over cybersecurity could easily abate, driven by new technology and more secure architectures. Pushing too many people into the profession now could leave an overabundance of highly trained and narrowly skilled individuals who could better be serving national needs in other vocations.

Details: Santa Monica, CA: RAND, 2014. 106p.

Source: Internet Resource: Accessed July 3, 2014 at: http://www.rand.org/pubs/research_reports/RR430.html

Year: 2014

Country: International

URL: http://www.rand.org/pubs/research_reports/RR430.html

Shelf Number: 132617

Keywords:
Computer Crime
Cyberattacks
Cybercrime (U.S.)
Cybersecurity
Internet Crime
National Security
Terrorism

Author: Shull, Aaron

Title: Global Cybercrime: The Interplay of Politics and Law

Summary: Examining global cybercrime as solely a legal issue misses an important facet of the problem. Understanding the applicable legal rules, both domestically and internationally, is important. However, major state actors are using concerted efforts to engage in nefarious cyber activities with the intention of advancing their economic and geostrategic interests. This paper explores the recent unsealing of a 31-count indictment against five Chinese government officials and a significant cyber breach, perpetrated by Chinese actors against Western oil, energy and petrochemical companies. The paper concludes by noting that increased cooperation among governments is necessary, but unlikely to occur as long as the discourse surrounding cybercrime remains so heavily politicized and securitized. If governments coalesced around the notion of trying to prevent the long-term degradation of trust in the online economy, they may profitably advance the dialogue away from mutual suspicion and toward mutual cooperation.

Details: Waterloo, ON, Canada: Centre for International Governance Innovation (CIGI), 2014. 23p.

Source: Internet Resource: Internet Governance Papers, Paper no. 8: Accessed July 21, 2014 at: http://www.cigionline.org/sites/default/files/no8_1.pdf

Year: 2014

Country: International

URL: http://www.cigionline.org/sites/default/files/no8_1.pdf

Shelf Number: 132725

Keywords:
Computer Crime
Cybercrime
Internet Crime

Author: Hartwig, Robert P.

Title: Cyber Risks: The Growing Threat

Summary: Amid a rising number of high profile mega data breaches-most recently at eBay, Target and Neiman Marcus-government is stepping up its scrutiny of cyber security. This is leading to increased calls for legislation and regulation, placing the burden on companies to demonstrate that the information provided by customers and clients is properly safeguarded online. Despite the fact that cyber risks and cyber security are widely acknowledged to be a serious threat, many companies today still do not purchase cyber risk insurance. However, this is changing. Recent legal developments underscore the fact that reliance on traditional insurance policies is not enough, as companies face growing liabilities in this fast-evolving area. Specialist cyber insurance policies have been developed by insurers to help businesses and individuals protect themselves from the cyber threat. Market intelligence suggests that the types of specialized cyber coverage being offered by insurers are expanding in response to this fast-growing market need. There is also growing evidence that in the wake of the Target data breach and other high profile breaches, the number of policies is increasing, and that insurance has a key role to play as companies and individuals look to better manage and reduce their potential financial losses from cyber risks in future.

Details: Insurance Information Institute, 2014. 27p.

Source: Internet Resource: White Paper: Accessed July 23, 2014 at: http://www.iii.org/sites/default/files/docs/pdf/paper_cyberrisk_2014.pdf

Year: 2014

Country: United States

URL: http://www.iii.org/sites/default/files/docs/pdf/paper_cyberrisk_2014.pdf

Shelf Number: 132740

Keywords:
Computer Crime
Cyber Security
Cybercrime
Identity Theft
Internet Crime

Author: Katz, Ilan

Title: Research on youth exposure to, and management of, cyberbullying incidents in Australia

Summary: The Social Policy Research Centre was commissioned by the Australia Government, as part of its commitment to Enhance Online Safety for Children External Links icon , to investigate youth exposure to cyberbullying and how it is being managed. The report was developed in collaboration with National Children's and Youth Law Centre, the University of South Australia, the Young and Well Cooperative Research Centre, and the University of Western Sydney. The research shows that each year, one in five young Australians aged 8-17 are victims of cyberbullying. This behaviour is most prominent in children aged 10-15 years, with prevalence decreasing for 16-17 year-olds. The estimated number of children and young people who were victims of cyberbullying last year was approximately 463,000, with around 365,000 in the 10-15 age group. The report also notes that the prevalence of cyberbullying has 'rapidly increased' since it first emerged as a behaviour. The report indicates that the most appropriate way of addressing cyberbullying is to introduce a series of responses including restorative approaches, educating young people about the consequences of cyberbullying, and requiring social networking sites to take down offensive material. The findings are presented in three parts. Please click on the links below for the separate sections or see the synthesis report for the collated findings. Part A: The estimated prevalence of cyberbullying incidents involving Australian minors, based on a review of existing published research including how such incidents are currently being dealt with. Part B: The estimated prevalence of cyberbullying incidents involving Australian minors that are reported to police, community legal advice bodies and other related organisations, the nature of these incidents, and how such incidents are currently being dealt with. Part C: An evidence-based assessment to determine, if a new, simplified cyberbullying offence or a new civil enforcement regime were introduced, how such an offence or regime could be implemented, in conjunction with the existing criminal offences, to have the greatest material deterrent effect. Appendix A: Literature review - International responses to youth cyberbullying and current Australian legal context Appendix B: Findings of research with adult stakeholders Appendix C: Findings of research with youth Appendix D: Supplementary data and analysis

Details: Sydney: Social Policy Research Centre, UNSW Australia, 2014. 8 parts

Source: Internet Resource: Accessed August 14, 2014 at: https://www.sprc.unsw.edu.au/research/projects/cyberbullying/

Year: 2014

Country: Australia

URL: https://www.sprc.unsw.edu.au/research/projects/cyberbullying/

Shelf Number: 133046

Keywords:
Bullying
Computer Crime
Cyberbullying (Australia)
Cybercrime
Internet Crime
Juvenile Offenders
Online Communications
Online Safety
Social Networks

Author: Panda Security

Title: The Cyber-Crime Black Market: Uncovered

Summary: Many of us in the team at Panda Security spend a lot of time traveling and attending all types of events: from specialized IT industry fairs and congresses, to those aimed at businesses, end-users, etc. Yet even though it is becoming more common to hear about the arrest of hackers that steal information and profit from it in many different ways, there are still many members of the public, not necessarily dedicated to IT security, who ask us: "Why would anyone want to steal information from me? I don't have anything of interest..." Another factor to bear in mind is that today's profit-oriented malware is designed to steal data surreptitiously, so the first indication that you have been a victim is when you get your bank or Paypal account statement. Moreover, there is a general perception that this problem only affects home users, and that businesses are immune. The result of our research, as you will read below, shows that this is not the case: Today nobody - neither home users nor businesses- is safe from confidential data theft (and the consequent fraud). This is despite the increased effort in recent years to improve awareness and education in IT security, initiated by governmental agencies in many countries, and of course, thanks to the security industry as a whole, along with other institutions, organizations, media, blogs, etc., who have been assisting with the task for some time now. Although we don't have precise data, we believe that this nefarious business has expanded with the economic crisis. Previously it was in no way easy to locate sites or individuals dedicated to this type of business, yet now it's relatively simple to come across these types of offers on underground forums.

Details: Madrid: Panda Security, 2011. 44p.

Source: Internet Resource: Accessed February 18, 2015 at: http://www.wgains.com/Assets/Attachments/The-Cyber-Crime-Black-Market.pdf

Year: 2011

Country: International

URL: http://www.wgains.com/Assets/Attachments/The-Cyber-Crime-Black-Market.pdf

Shelf Number: 134636

Keywords:
Computer Crime
Computer Security
Cyber Security
Cybercrime
Internet Crime
Internet Security

Author: Gu, Lion

Title: The Mobile Cybercriminal Underground Market in China

Summary: The mobile Web is significantly changing the world. More and more people are replacing their PCs with various mobile devices for both work and entertainment. This change in consumer behavior is affecting the cybercriminal underground economy, causing a so-called "mobile underground" to emerge. This research paper provides a brief overview of some basic underground activities in the mobile space in China. It describes some of the available mobile underground products and services with their respective prices. Note that the products and services and related information featured in this paper were obtained from various sites and QQ chats.

Details: Irving, TX: Trend Micro, 2014. 17p.

Source: Internet Resource: Cybercriminal Underground Economy Series: Accessed May 15, 2015 at: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-mobile-cybercriminal-underground-market-in-china.pdf

Year: 2014

Country: China

URL: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-mobile-cybercriminal-underground-market-in-china.pdf

Shelf Number: 135688

Keywords:
Computer Crime
Cybercrime
Internet Crime
Underground Economy

Author: Goncharov, Max

Title: Russian Underground 101

Summary: This research paper intends to provide a brief summary of the cybercriminal underground and shed light on the basic types of hacker activity in Russia. The bulk of the information in this paper was based on data gathered from online forums and services used by Russian cybercriminals. We also relied on articles written by hackers on their activities, the computer threats they create, and the kind of information they post on forums' shopping sites. Online fraud has long since moved from being a mere hobby to a means for cybercriminals to earn a living. This paper examines what is being sold on the most popular cybercrime forums like antichat.ru, xeka.ru, and cardingcc.com; which items are in demand; and what services professional fraudsters offer. The fraudsters consider the Internet a playing field. It has many vulnerable sites and a great deal of unprotected data. While "protected" data do exist, the places they are stored in can still be hacked. Some cybercriminals shared their experience in hacking; generating traffic; and writing code for Trojans, exploits, and other malware via online articles. This paper discusses fundamental concepts that Russian hackers follow and the information they share with their peers. It also examines prices charged for various types of services, along with how prevalent the given services are in advertisements. The primary features of each type of activity and examples of associated service offerings are discussed as well. Each section of this paper focuses on a specific type of criminal activity, good, or service in the Russian underground market.

Details: Irving, TX: Trend Micro, 2012. 29p.

Source: Internet Resource: Accessed May 16, 2015 at: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-russian-underground-101.pdf

Year: 2012

Country: Russia

URL: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-russian-underground-101.pdf

Shelf Number: 135689

Keywords:
Computer Crime
Cybercrime
Fraud
Internet Crime
Underground Economy
Underground Markets

Author: Goncharov, Max

Title: Russian Underground Revisited

Summary: In 2012, we published "Russian Underground 101," which provided a brief summary of the cybercriminal underground and shed light on the basic types of hacker activity in the region. This year, we revisited the Russian cybercriminal underground market to update the information we provided then. As in the 2012 paper, the bulk of the information in this paper was based on data gathered from online forums and services used by cybercriminals in the region. We also relied on articles written by hackers on their activities, the computer threats they create, and the kind of information they post on forums' shopping sites. It also discusses fundamental concepts that hackers follow and the information they share with their peers and compares product and service prices from 2011 to 2013. Primary features of each product or service and examples are also provided. This paper is divided into five main sections - introduction, what characterizes the Russian underground market unique, products, services, and cybercriminal ware offerings in the market. This section discusses how we gathered data, normalized prices, and classified an offering as either a product or a service to answer questions we received when we published the 2012 paper. The second section characterizes the Russian underground market. It differentiates the region's underground market from others. The third and fourth sections, meanwhile, provide detailed descriptions of the most common products and services, respectively, offered in the Russian underground market. The last section provides pricing information on the products and services sold in the market. The cybercriminal underground economy, much like any other type of business economy, experiences pricing highs and lows, depending on demand and supply. In the Russian cybercriminal underground market's case, the huge demand for credit card credentials drives prices up. Then again, incidents such as the massive breaches involving popular retailers a few months ago, which increased the supply of such credentials, drive prices down. Unlike legitimate businesspeople, however, cybercriminals need to keep their identities secret and, as much as possible, hide all traces of their "business" transactions. Factors like this make real-time transactions almost impossible to do in the underground market. That said, business dealings in cybercriminal underground markets are much slower than in the legitimate business world. Even though the prices of most products and services sold in the Russian underground market have been decreasing, that does not mean that business is not doing well for cybercriminals. It can even mean that the market is growing, as we see more and more product and service offerings as time passes. Cybercriminals, like legitimate businesspeople, are also automating processes, resulting in lower product and service prices. Of course, "boutique" products and services remain expensive because these involve specialized knowledge and skills to develop that only a few bad guys have. What we all need to keep in mind is that as long as profit can be made, cybercriminals will continue to offer products and services that can make life easier for themselves and their peers. And as long as customers exist, the cybercriminal underground will thrive. As users and potential victims, we all need to keep an eye out for the latest misdeeds to stay safe from all kinds of digital threats.

Details: Irving, TX: Trend Micro, 2014. 25p.

Source: Internet Resource: Cybercriminal Underground Economy Series: Accessed May 16, 2015 at: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-russian-underground-revisited.pdf

Year: 2014

Country: Russia

URL: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-russian-underground-revisited.pdf

Shelf Number: 135690

Keywords:
Computer Crime
Cybercrime
Fraud
Internet Crime
Underground Economy
Underground Markets

Author: Gu, Lion

Title: The Chinese Underground in 2013

Summary: Places in the Internet where cybercriminals converge to sell and buy different products and services exist. Instead of creating their own attack tools from scratch, they can instead purchase what they need from peers who offer competitive prices. Like any other market, the laws of supply and demand dictate prices and feature offerings. But what's more interesting to note is that recently, prices have been going down. Over the years, we have been keeping tabs on major developments in the cybercriminal underground in an effort to stay true to our mission - to make the world safe for the exchange of digital information. Constant monitoring of cybercriminal activities for years has allowed us to gather intelligence to characterize the more advanced markets we have seen so far and to come up with comprehensive lists of offerings in them. The barriers to launching cybercrime have decreased. Toolkits are becoming more available and cheaper; some are even offered free of charge. Prices are lower and features are richer. Underground forums are thriving worldwide, particularly in Russia, China, and Brazil. These have become popular means to sell products and services to cybercriminals in the said countries. Cybercriminals are also making use of the Deep Web to sell products and services outside the indexed or searchable World Wide Web, making their online "shops" harder for law enforcement to find and take down. All of these developments mean that the computing public is at risk of being victimized more than ever and must completely reconsider how big a part security should play in their everyday computing behaviors. We have been continuously monitoring the Chinese underground market since 2011. And by the end of 2013, we have seen more than 1.4 million instant chat messages related to activities in the market from QQ Groups alone. This research paper reviews these millions of messages, along with trends observed and product and service price updates seen in the Chinese underground market throughout 2013.

Details: Irving, TX: Trend Micro, 2014. 21p.

Source: Internet Resource: Cybercriminal Underground Economy Series: Accessed May 16, 2015 at: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-chinese-underground-in-2013.pdf

Year: 2014

Country: China

URL: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-chinese-underground-in-2013.pdf

Shelf Number: 135691

Keywords:
Computer Crime
Cybercrime
Fraud
Internet Crime
Underground Economy
Underground Markets

Author: Merces, Fernando

Title: The Brazilian Underground: A Market for Cybercriminal Wannabes?

Summary: The Cybercriminal Underground Economy Series (CUES) has established that there is a booming underground market where cybercriminals can buy and sell products and services they use for their activities. This thriving market has provided attackers with the tools and knowledge needed to break barriers and launch cybercrime attacks. Very much like any other market, the laws of supply and demand dictate prices of the products and services being offered. The availability of materials used to inflict harm has increased: toolkits are more visible and their prices are getting cheaper. Interestingly enough, as the prices went lower, the features grew richer. In our continuing effort to closely observe booming underground markets scattered in different countries across the globe, this Trend Micro research paper closely looks at the continuing maturity of the Brazilian underground despite the lack of development in available tools and tactics. Similar to other cybercriminal underground markets like those that exist in China and Russia, the Brazilian underground possesses unique characteristics such as the use of popular social media platforms to commit fraud instead of hiding in the deep recesses of the Web with tools that ordinary users normally don't have access to. Cybercrooks in Brazil make use of popular mediums such as social networks like Facebook, YouTube, Twitter, Skype, and WhatsApp, as these have turned out to be effective venues. Notably, the underground scene in Brazil also has players that market number generators and checkers or testers for more than just credit cards. They offer tools created for attacks against products and services exclusive in Brazil while also offering training services for cybercriminal wannabes. The Underground Market Scene: Product Offerings: Banking Trojans: Brazil has been known for banking Trojans created by Brazilians to target banking customers in the country. Various Trojan-based techniques are being used to steal user credentials from bolware, including domain name system poisoning, fake browser windows, malicious browser extensions, and malicious proxies. Business application account credentials: Confidential data is of utmost value in Brazil, as in any underground market. In their cybercriminal underground market, credentials for popular business application services provided by Unitfour and Serasa Experian are being sold. Unitfour's online marketing service, InTouch, has the capability to keep and access potential or existing customers' personal information, which made it a target for cybercrooks. Such is the case with Serasa Experia, where plenty of information are used and sold for nefarious purposes. Online service account credential checkers: These are essentially tools used to validate account numbers for online services which they obtain by getting log in information from phishing campaigns. Phishing pages: In Brazil, creating phishing pages is simple-cybercriminals copy everything on the legitimate pages they wish to phish and change the destination the data collected goes to, such as a free webmail account that they own. This is how victims are redirected from legitimate websites without noticing it. Phone number lists: Phone number lists per town or city are usually offered by cybercriminals who sell spamming software and hardware. A mobile phone number list for a small town can be bought as well as home phone number lists used in phone-based scams. The list above is by no means comprehensive.

Details: Irving, TX: Trend Micro, 2014.

Source: Internet Resource: Cybercriminal Underground Economy Series: Accessed May 16, 2015 at: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-brazilian-underground-market.pdf

Year: 2014

Country: Brazil

URL: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-brazilian-underground-market.pdf

Shelf Number: 135692

Keywords:
Computer Crime
Cybercrime
Fraud
Internet Crime
Underground Economy
Underground Markets

Author: Finklea, Kristin

Title: Dark Web

Summary: The layers of the Internet go far beyond the surface content that many can easily access in their daily searches. The other content is that of the Deep Web, content that has not been indexed by traditional search engines such as Google. The furthest corners of the Deep Web, segments known as the Dark Web, contain content that has been intentionally concealed. The Dark Web may be used for legitimate purposes as well as to conceal criminal or otherwise malicious activities. It is the exploitation of the Dark Web for illegal practices that has garnered the interest of officials and policy makers. Individuals can access the Dark Web by using special software such as Tor (short for The Onion Router). Tor relies upon a network of volunteer computers to route users' web traffic through a series of other users' computers such that the traffic cannot be traced to the original user. Some developers have created tools - such as Tor2web - that may allow individuals access to Torhosted content without downloading and installing the Tor software, though accessing the Dark Web through these means does not anonymize activity. Once on the Dark Web, users often navigate it through directories such as the "Hidden Wiki," which organizes sites by category, similar to Wikipedia. Individuals can also search the Dark Web with search engines, which may be broad, searching across the Deep Web, or more specific, searching for contraband like illicit drugs, guns, or counterfeit money. While on the Dark Web, individuals may communicate through means such as secure email, web chats, or personal messaging hosted on Tor. Though tools such as Tor aim to anonymize content and activity, researchers and security experts are constantly developing means by which certain hidden services or individuals could be identified or "deanonymized." Anonymizing services such as Tor have been used for legal and illegal activities ranging from maintaining privacy to selling illegal goods - mainly purchased with Bitcoin or other digital currencies. They may be used to circumvent censorship, access blocked content, or maintain the privacy of sensitive communications or business plans. However, a range of malicious actors, from criminals to terrorists to state-sponsored spies, can also leverage cyberspace and the Dark Web can serve as a forum for conversation, coordination, and action. It is unclear how much of the Dark Web is dedicated to serving a particular illicit market at any one time, and, because of the anonymity of services such as Tor, it is even further unclear how much traffic is actually flowing to any given site. Just as criminals can rely upon the anonymity of the Dark Web, so too can the law enforcement, military, and intelligence communities. They may, for example, use it to conduct online surveillance and sting operations and to maintain anonymous tip lines. Anonymity in the Dark Web can be used to shield officials from identification and hacking by adversaries. It can also be used to conduct a clandestine or covert computer network operation such as taking down a website or a denial of service attack, or to intercept communications. Reportedly, officials are continuously working on expanding techniques to deanonymize activity on the Dark Web and identify malicious actors online.

Details: Washington, DC: Congressional Research Service, 2015. 18p.

Source: Internet Resource: CRS:R55101: Accessed July 20, 2015 at: https://www.fas.org/sgp/crs/misc/R44101.pdf

Year: 2015

Country: International

URL: https://www.fas.org/sgp/crs/misc/R44101.pdf

Shelf Number: 136120

Keywords:
Computer Crime
Dark Web
Illegal Behavior
Illicit Goods
Internet Crime
Online Communications

Author: Broadband Commission for Digital Development

Title: Cyber Violence against Women and Girls: A world-wide wake-up call

Summary: Violence Against Women and Girls (VAWG) is already a problem of pandemic proportion; research shows that one in three women will experience some form of violence in her lifetime. Now, the new problem of cyber crime could significantly increase this staggering number, as our research suggests that 73% of women have already been exposed to or have experienced some form of online violence. With social networks still in their relative infancy, this is a problem that urgently needs to be addressed if the Net is to remain an open and empowering space for all. - The sheer volume of cyber VAWG has severe social and economic implications for women's status on the Internet. Threats of rape, death, and stalking put a premium on women's emotional bandwidth, take-up time and financial resources including legal fees, online protection services, and missed wages. Cyber VAWG can have a profoundly chilling effect on free speech and advocacy. - Women aged 18 to 24 are at a heightened risk of being exposed to every kind of cyber VAWG; they are uniquely likely to experience stalking and sexual harassment, while also not escaping the high rates of other types of harassment common to young people in general, like physical threats. - In the EU-28, 18 per cent of women have experienced a form of serious Internet violence at ages as young as 15. This corresponds to about 9 million women. - Complacency and failure to address and solve cyber VAWG could significantly impede the uptake of broadband by women everywhere; without action, an unprecedented surge of 21st century violence could run rampant if steps are not urgently taken to rein in the forms of online violence that are escalating unchecked.

Details: Geneva, SWIT: The Commission, 2015. 70p.

Source: Internet Resource: Accessed September 30, 2015 at: http://www.broadbandcommission.org/Documents/reports/bb-wg-gender-report2015.pdf

Year: 2015

Country: International

URL: http://www.broadbandcommission.org/Documents/reports/bb-wg-gender-report2015.pdf

Shelf Number: 136923

Keywords:
Computer Crime
Cybercrime
Internet Crime
Online Victimization
Violence Against Women, Girls

Author: European Commission. Directorate-General for Home Affairs

Title: Cyber Security

Summary: This report brings together the results of the Special Eurobarometer public opinion survey on "Cyber security" in the 28 European Union countries. Cybercrime is a borderless problem, consisting of criminal acts that are committed online by using electronic communications networks and information systems, including crimes specific to the Internet, online fraud and forgery, and illegal online content. Whilst the value of the cybercriminal economy as a whole is not precisely known, the losses are thought to represent billions of euros per year. The scale of the problem is itself a threat to law enforcement response capability - with more than 150,000 viruses and other types of malicious code in circulation and a million people victims of cybercrime every day. Given the development of cybercrime in recent years, the European Commission has designed a coordinated policy in close co-operation with European Union (EU) Member States and the other EU institutions. EU legislative actions contributing to the fight against cybercrime address issues such as attacks against information systems, online offensive material and child pornography, online privacy, and online fraud and counterfeiting. The aim of this survey is to understand EU citizens' experiences and perceptions of cyber security issues. The survey examines the nature and frequency of Internet usage; their awareness and experience of cybercrime; and the level of concern that they feel about this type of crime. The findings from this survey update a previous survey which was carried out in May-June 2013 (Special Eurobarometer 404). The 2014 survey repeats most of the questions asked in 2013 in order to provide insight into the evolution of knowledge, behaviour and attitudes towards cyber security in the European Union.

Details: Luxembourg: European Commission, 2015. 171p.

Source: Internet Resource: Special Eurobarometer 423: Accessed February 8, 2016 at: http://ec.europa.eu/public_opinion/archives/ebs/ebs_423_en.pdf

Year: 2015

Country: Europe

URL: http://ec.europa.eu/public_opinion/archives/ebs/ebs_423_en.pdf

Shelf Number: 137810

Keywords:
Computer Crime
Cyber Security
Cybercrime
Internet Crime
Internet Safety
Online Victimization

Author: Organization of American States

Title: Cybersecurity: Are We Ready in Latin America and the Caribbean?

Summary: The manner in which nation states and regions address cybersecurity capacity is essential for effective, efficient, and sustainable cybersecurity. The 2016 Cybersecurity Report is the result of the collaboration between the Inter-American Development Bank (IDB), the Organization of American States (OAS), and the Global Cyber Security Capacity Centre (GCSCC) at the University of Oxford. The report presents a complete picture and update on the status of cybersecurity (risks, challenges, and opportunities) of Latin America and the Caribbean countries. The first section consists of a series of essays on cybersecurity trends in the region contributed by internationally recognized experts in the field. The second examines the "cyber maturity" of each country through the Cybersecurity Capability Maturity Model (CMM), which approaches cybersecurity considerations through five dimensions of capacity and evaluates them along five maturity stages for each of its 49 indicators. The CMM is the first of its kind in terms of the breadth and depth in each aspect of cybersecurity capacity. It is built on a foundation of multi-stakeholder consultation and respect for human rights, carefully balancing the need for security to enable economic growth and sustainability while respecting the right of freedom of expression and the right to privacy.

Details: Washington, DC: Inter-American Development Bank (IDB); Organization of American States, 2016. 193p.

Source: Internet Resource: Accessed March 23, 2016 at: https://publications.iadb.org/handle/11319/7449

Year: 2016

Country: Latin America

URL: https://publications.iadb.org/handle/11319/7449

Shelf Number: 138397

Keywords:
Computer Crime
Cybercrime
Cybersecurity
Internet Crime

Author: Adams, Samantha

Title: The governance of cybersecurity: A comparative quick scan of approaches in Canada, Estonia, Germany, the Netherlands and the UK

Summary: Society's increased dependency on networked technologies and infrastructures in nearly all sectors poses a new challenge to governments and other actors to ensure the sustainability and security of all things 'cyber'. Cybersecurity is a particularly complex field, where multiple public and private actors must work together, often across state borders, not only to address current weaknesses, but also to anticipate and prevent or pre-empt a number of different kinds of threats. This report examines how public policy and regulatory measures are used to organise such processes in five countries: Canada, Estonia, Germany, the Netherlands and the UK.

Details: Tilburg, NETH: Tilburg University, Tilburg Institute for Law, Technology, and Society, 2015. 167p.

Source: Internet Resource: Accessed March 30, 2016 at: https://pure.uvt.nl/ws/files/8719741/TILT_Cybersecurity_Report_Final.pdf

Year: 2015

Country: International

URL: https://pure.uvt.nl/ws/files/8719741/TILT_Cybersecurity_Report_Final.pdf

Shelf Number: 138497

Keywords:
Computer Crime
Cybercrime
Cybersecurity
Internet Crime

Author: McAfee

Title: McAfee Labs Threats Report

Summary: Our McAfee Labs 2016 Threats Predictions Report, published in late November, has been widely read and quoted in the media. Some of the most interesting media coverage comes from The Wall Street Journal, Good Morning America, Silicon Valley Business Journal, and CXO Today. The report includes both near- and long-term views of our cyber security future. And now, as winter's storms have passed, we have published the McAfee Labs Threats Report: March 2016. In this quarterly threats report, we highlight two Key Topics: Intel Security interviewed almost 500 security professionals to understand their views and expectations about the sharing of cyber threat intelligence. We learned that awareness is very high and that 97% of those who share cyber threat intelligence see value in it. We explore how the Adwind Java-based backdoor Trojan attacks systems through increasingly clever spam campaigns, leading to a rapid increase in the number of Adwind .jar file submissions to McAfee Labs. These two Key Topics are followed by our usual set of quarterly threat statistics.

Details: Santa Clara, CA: McAfee Labs, 2016. 46p.

Source: Internet Resource: Accessed March 31, 2016 at: http://www.mcafee.com/us/resources/reports/rp-quarterly-threats-mar-2016.pdf

Year: 2015

Country: International

URL: http://www.mcafee.com/us/resources/reports/rp-quarterly-threats-mar-2016.pdf

Shelf Number: 138504

Keywords:
Computer Crime
Computer Security
Cybercrime
Cybersecurity
Internet Crime

Author: Wittes, Benjamin

Title: Sextortion: Cybersecurity, teenagers, and remote sexual assault

Summary: This paper represents an effort to our knowledge the first to study in depth and across jurisdictions the problems of sextortion. In it, we look at the methods used by perpetrators and the prosecutorial tools authorities have used to bring offenders to justice. We hope that by highlighting the scale and scope of the problem, and the brutality of these cases for the many victims they affect, to spur a close look at both state and federal laws under which these cases get prosecuted. Our key findings include: - Sextortion is dramatically understudied. While it's an acknowledged problem both within law enforcement and among private advocates, no government agency publishes data on its prevalence; no private advocacy group does either. The subject lacks an academic literature. Aside from a few prosecutors and investigators who have devoted significant energy to the problem over time, and a few journalists who have written-often excellently- about individual cases, the problem has been largely ignored. - Yet sextortion is surprisingly common. We identified 78 cases that met our definition of the crime-and a larger number that contained significant elements of the crime but that, for one reason or another, did not fully satisfy our criteria. These cases were prosecuted in 29 states and territories of the United States and three foreign jurisdictions. - Sextortionists, like other perpetrators of sex crimes, tend to be prolific repeat players. Among the cases we studied, authorities identified at least 10 victims in 25 cases. In 13 cases, moreover, there were at least 20 identified victims. And in four cases, investigators identified more than 100 victims. The numbers get far worse if you consider prosecutorial estimates of the number of additional victims in each case, rather than the number of specifically identified victims. In 13 cases, prosecutors estimated that there were more than 100 victims; in two, prosecutors estimated that there had been "hundreds, if not thousands" of victims. - Sextortion perpetrators are, in the cases we have seen, uniformly male. Victims, by contrast, vary. Virtually all of the adult victims in these cases are female, and adult sextortion therefore appears to be a species of violence against women. On the other hand, most sextortion victims in this sample are children, and a sizable percentage of the child victims turn out to be boys. - There is no consistency in the prosecution of sextortion cases. Because no crime of sextortion exists, the cases proceed under a hodgepodge of state and federal laws. Some are prosecuted as child pornography cases. Some are prosecuted as hacking cases. Some are prosecuted as extortions. Some are prosecuted as stalkings. Conduct that seems remarkably similar to an outside observer produces actions under the most dimly-related of statutes. - These cases thus also produce wild, and in in our judgment indefensible, disparities in sentencing. Many sextortionists, particularly those who prey on minors, receive lengthy sen - tences under child pornography laws. On the other hand, others-like Mijangos-receive sentences dramatically lighter than they would get for multiple physical attacks on even a fraction of the number of people they are accused of victimizing. In our sample, one perpetrator received only three years in prison for victimizing up to 22 young boys. 36 Another received only 30 months for a case in which federal prosecutors identified 15 separate victims. 37 - Sentencing is particularly light in one of two key circumstances: (1) when all victims are adults and federal pros - ecutors thus do not have recourse to the child pornography statutes, or (2) in cases prosecuted at the state level. - Sextortion is brutal. This is not a matter of playful consensual sexting-a subject that has received ample attention from a shocked press. Sextortion, rather, is a form of sexual exploitation, coercion, and violence, often but not always of children. In many cases, the perpetrators seem to take pleasure in their victims' pleading and protes - tations that they are scared and underage. In multiple cases we have reviewed, victims contemplate, threaten, or even attempt suicide-sometimes to the apparent pleasure of their tormentors. 38 At least two cases involve either a father or stepfather tormenting children living in his house. 39 Some of the victims are very young. And the impacts on victims can be severe and likely lasting. Many cases result, after all, in images permanently on the Internet on multiple child pornography sites following extended periods of coercion. - Certain jurisdictions have seen a disproportionate number of sextortion cases. This almost certainly reflects devoted investigators and prosecutors in those locales, and not a higher incidence of the offense. Rather, our data suggest that sextortion is taking place anywhere social media penetration is ubiquitous. The paper proceeds in several distinct parts. We begin with a literature review of the limited existing scholarship and data on sextortion. We then outline our methodology for collecting and analyzing data for the present study. We then offer a working definition of sextortion. In the subsequent section, we provide a sketch of the aggregate sta - tistics revealed by our data concerning the scope of the sextortion problem, and we examine the statutes used and sentences delivered in federal and state sextortion cases. We then turn to detailing several specific case studies in sextortion. In our last empirical section, we look briefly at the victim impact of these crimes. Finally, we offer several recommendations for policymakers, law enforcement, parents, teachers, and victims.

Details: Washington, DC: Center for Technology Innovation, Brookings Institution, 2016. 47p.

Source: Internet Resource: Accessed September 3, 2016 at: https://www.brookings.edu/wp-content/uploads/2016/05/sextortion1-1.pdf

Year: 2016

Country: United States

URL: https://www.brookings.edu/wp-content/uploads/2016/05/sextortion1-1.pdf

Shelf Number: 140158

Keywords:
Child Pornography
Computer Crime
Cybersecurity
Online Victimization
Sex Crimes
Sexting
Sextortion

Author: Wittes, Benjamin

Title: Closing the sextortion sentencing gap: A legislative proposal

Summary: On the surface, at least, the sextortion case of Joseph Simone seems far more egregious than does that of Joshua Blankenship. Simone was a wrestling coach at a prestigious preparatory high school in Providence, Rhode Island. He was charged with sextorting "numerous" minor males; prosecutors estimated that he had exploited at least 22 young boys through a social media manipulation scheme, pretending to be a young girl when soliciting initial nude images, and then threatening to release those initial images on Facebook if the boys did not perform more sex acts. Blankenship also ran a social media manipulation scheme - but in this instance, against a single minor female in Maryland, convincing her that she had broken the law herself by sending out a nude photo, and demanding more images in exchange for not telling the police. But Blankenship was sentenced in federal court, whereas Simone faced trial in state court in Rhode Island, specifically in the Providence Superior Court. The result? The man with at least 22 victims was sentenced to one year in prison and two more in home confinement. By contrast, Blankenship, who had only one victim, received 12 years in prison after pleading guilty to federal child exploitation charges. What sort of sentence does conduct like Simone's get a man in federal court? Another sextortionist, William T. Koch, was convicted in a federal court in Ohio on charges that he too extorted 20 minor males, with one victim as young as 11-years-old. Koch was sentenced to 20 years in prison on federal charges of extortion, exploitation of a minor, and receipt and distribution of child pornography. Sextortionists dont get to decide which jurisdiction prosecutes them. They do, however, get to choose their victims. And it matters a great deal which ones they choose. Mark Reynolds was sentenced to 14 years in prison on one federal charge of possession of child pornography for sextorting one minor female using a social media manipulation scheme. Contrast that with Adam Paul Savader, who sextorted between 15 and 45 adult women and received a paltry sentence of two-and-a-half years in federal prison. Savader was convicted on charges of interstate extortion and stalking. Reynolds received eleven-and-a-half years more in prison than did Savader, even though Savader potentially had up to 44 more victims. Federal law seems to care a great deal more about children than it does about adult women.

Details: Washington, DC: Center for Technology Innovation, Brookings Institution, 2016. 18p.

Source: Internet Resource: Accessed September 17, 2016 at: https://www.brookings.edu/wp-content/uploads/2016/05/sextortion2.pdf

Year: 2016

Country: United States

URL: https://www.brookings.edu/wp-content/uploads/2016/05/sextortion2.pdf

Shelf Number: 147931

Keywords:
Child Pornography
Computer Crime
Cybersecurity
Online Victimization
Sex Crimes
Sexting
Sextortion
Sexual Violence

Author: McAfee

Title: McAfee Labs Threats Report: September 2016

Summary: In the McAfee Labs Threats Report: September 2016 we discuss three key topics: We analyze survey data from a primary research study to gain a deeper understanding of the entities behind data theft, the types of data being stolen, and the ways in which it gets outside of organizations. We investigate Q1/Q2 ransomware attacks on hospitals and discover that they were successful targeted attacks, though relatively unsophisticated. We define machine learning and discuss its practical application in cybersecurity.

Details: Santa Clara, CA: McAfee, 2016. 50p.

Source: Internet Resource: Accessed September 24, 2016 at: http://www.mcafee.com/us/resources/reports/rp-quarterly-threats-sep-2016.pdf

Year: 2016

Country: International

URL: http://www.mcafee.com/us/resources/reports/rp-quarterly-threats-sep-2016.pdf

Shelf Number: 140447

Keywords:
Computer Crime
Cybercrime
Cybersecurity
Data Theft

Author: Libicki, Martin C.

Title: The Defender's Dilemma: Charting a Course Toward Cybersecurity

Summary: Cybersecurity is a constant, and, by all accounts growing, challenge. Although software products are gradually becoming more secure and novel approaches to cybersecurity are being developed, hackers are becoming more adept, their tools are better, and their markets are flourishing. The rising tide of network intrusions has focused organizations' attention on how to protect themselves better. This report, the second in a multiphase study on the future of cybersecurity, reveals perspectives and perceptions from chief information security officers; examines the development of network defense measures and the countermeasures that attackers create to subvert those measures; and explores the role of software vulnerabilities and inherent weaknesses. A heuristic model was developed to demonstrate the various cybersecurity levers that organizations can control, as well as exogenous factors that organizations cannot control. Among the report's findings were that cybersecurity experts are at least as focused on preserving their organizations' reputations as protecting actual property. Researchers also found that organizational size and software quality play significant roles in the strategies that defenders may adopt. Finally, those who secure networks will have to pay increasing attention to the role that smart devices might otherwise play in allowing hackers in. Organizations could benefit from better understanding their risk posture from various actors (threats), protection needs (vulnerabilities), and assets (impact). Policy recommendations include better defining the role of government, and exploring information sharing responsibilities. Key Findings Common Knowledge Confirmed Security postures are highly specific to company type, size, etc.; and there often aren't good solutions for smaller businesses. Quarantining certain parts of an organization offline can be a useful option. Responding to the desire of employees to bring their own devices and connect them to the network creates growing dilemmas. Chief information security officers (CISOs) feel that attackers have the upper hand, and will continue to have it. Reasonable Suppositions Validated Customers look to extant tools for solutions even though they do not necessarily know what they need and are certain no magic wand exists. CISOs want information on the motives and methods of specific attackers, but there is no consensus on how such information could be used. Current cyberinsurance offerings are often seen as more hassle than benefit, only useful in specific scenarios, and providing little return. Surprising Findings A cyberattack's effect on reputation (rather than more direct costs) is the biggest cause of concern for CISOs. The actual intellectual property or data that might be affected matters less than the fact that any intellectual property or data is at risk. In general, loss estimation processes are not particularly comprehensive. The ability to understand and articulate an organization's risk arising from network penetrations in a standard and consistent matter does not exist and will not exist for a long time. Recommendations Know what needs protecting, and how badly protection is needed. It was striking how frequently reputation was cited by CISOs as a prime cause for cybersecurity spending, as opposed to protecting actual intellectual property. Knowing what machines are on the network, what applications they are running, what privileges have been established, and with what state of security is also crucial. The advent of smart phones, tablets, and so forth compounds the problem. Know where to devote effort to protect the organization. A core choice for companies is how much defense to commit to the perimeter and how much to internal workings. Consider the potential for adversaries to employ countermeasures. As defenses are installed, organizations must realize they are dealing with a thinking adversary and that measures installed to thwart hackers tend to induce countermeasures as hackers probe for ways around or through new defenses. Government efforts aren't high on CISO's lists, but governments should be prepared to play a role. By and large, CISOs we interviewed did not express much interest in government efforts to improve cybersecurity, other than a willingness to cooperate after an attack. Yet it seems likely that government should be able to play a useful role. One option is to build a body of knowledge on how systems fail (a necessary prerequisite to preventing failure), and then share that information. A community that is prepared to share what went wrong and what could be done better next time could produce higher levels of cybersecurity.

Details: Santa Monica, CA: RAND, 2015. 162p.

Source: Internet Resource: Accessed September 28, 2016 at: http://www.rand.org/content/dam/rand/pubs/research_reports/RR1000/RR1024/RAND_RR1024.pdf

Year: 2015

Country: United States

URL: http://www.rand.org/content/dam/rand/pubs/research_reports/RR1000/RR1024/RAND_RR1024.pdf

Shelf Number: 140475

Keywords:
Computer Crime
Cyberattacks
Cybercrime (U.S.)
Cybersecurity
Internet Crime
National Security
Terrorism

Author: Collins, Brian

Title: Cyber Trust and Crime Prevention: A Synthesis of the State-of-the-Art Science Reviews

Summary: This report provides a synthesis of theoretical and empirical work in the sciences and social sciences that indicates the drivers, opportunities, threats, and barriers to the future evolution of cyberspace and the feasibility of crime prevention measures. It is based on 10 state-of-the-art science reviews commissioned by the Foresight Project. Each of the papers highlights the current state of knowledge in selected areas as well as gaps in the evidence base needed to address issues of cyber trust and crime prevention in the future. Complexity and System Behaviour The analysis in this report shows that the whole of cyberspace is subject to unpredictable and emergent system behaviour. This gives rise to considerable uncertainty about future developments and this is especially at the interfaces between the components of the system. This review of developments in cyberspace technologies and the social system demonstrates that there will be new opportunities for crime and that strategies to minimise these will involve numerous choices. The solutions for improving cyber trust and crime prevention in a pervasive computing environment will differ from those in use today. New paradigms for cyberspace security, privacy protection, risk assessment and crime prevention will be needed, together with a stronger cross-disciplinary research effort.

Details: London: Home Office, 2004. 101p.

Source: Internet Resource: Accessed February 4, 2017 at: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/299219/04-1147-cyber-trust-reviews.pdf

Year: 2004

Country: United Kingdom

URL: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/299219/04-1147-cyber-trust-reviews.pdf

Shelf Number: 145875

Keywords:
Computer Crime
Computer Security
Crime Prevention
Cybercrime

Author: Bulanova-Hristova, Gerganga, ed.

Title: Cyber-OC-Scope and Manifestations in Selected EU Member States

Summary: The threats arising from different types of cybercrime are real and constantly evolving, as the internet with its anonymity and borderless reach provides new opportunities for physical and virtual criminal activities. We can see complex cybercriminal networks connecting subgroups and also single individuals that are active on, through and against the internet. At the same time there are also 'offline' criminal organisations using the internet to facilitate their activities and to increase their profit. Even so-called 'traditional' organised crime groups are widening their criminal portfolios by committing cybercrime. By constantly evolving online opportunities, their acts of 'traditional crimes' become even more far-reaching and damaging, thus benefiting the criminal organisation. It is not only the involvement of organised crime in cybercrime that is dangerous, but also cybercrime committed in an organised manner. Cyber-OC represents the convergence of these two phenomena. Despite the huge threat arising from its cumulative character, Cyber-OC is frequently underestimated and differently defined even by law enforcement authorities.

Details: Wiesbaden: Bundeskriminalamt, 2016. 298p.

Source: Internet Resource: Accessed February 16, 2017 at: http://eucpn.org/sites/default/files/content/download/files/52._cyber-oc_-_scope_and_manifestations_in_selected_eu_member_states.pdf

Year: 2016

Country: Europe

URL: http://eucpn.org/sites/default/files/content/download/files/52._cyber-oc_-_scope_and_manifestations_in_selected_eu_member_states.pdf

Shelf Number: 141043

Keywords:
Computer Crime
Computer Security
Cybercrime
Organized Crime

Author: Diniz, Gustavo

Title: Deconstructing Cyber Security in Brazil: Threats and Responses

Summary: Brazil is doubling down on its cyber-security architecture while simultaneously consolidating its emerging power status. Although organized crime is one of the major threats to Brazilian cyberspace, resources are focused instead on military solutions better suited to the exceptional case of warfare. There is less emphasis on expanding law enforcement capabilities to identify and respond to cyber-crime and related digital malfeasance. Due to the absence of a unified government position on the issue or reliable data, Brazil has evolved an imbalanced approach to cyber-security. If Brazil is to re-balance its approach, it needs to fill knowledge gaps. At a minimum, policy makers require a better understanding of the strategies, tactics and resources of hackers and cyber-crime groups, the ways in which traditional crime is migrating online and the implications of new surveillance technologies. The government should also encourage a broad debate with a clear communications strategy about the requirements of cyber-security and what forms this might take. More critical reflection on the form and content of measured and efficient strategies to engage cyber threats is also needed. Improved coordination between state police forces to better anticipate and respond to cyber-crime is essential. If Brazil is to build a robust and effective cyber-security strategy, an informed debate must begin immediately.

Details: Rio de Janeiro: Instituto Igarapé , 2014. 35p.

Source: Internet Resource: Strategic Paper 11: Accessed March 4, 2017 at: https://igarape.org.br/wp-content/uploads/2014/11/Strategic-Paper-11-Cyber2.pdf

Year: 2014

Country: Brazil

URL: https://igarape.org.br/wp-content/uploads/2014/11/Strategic-Paper-11-Cyber2.pdf

Shelf Number: 141328

Keywords:
Computer Crime
Cyber Security
Cybercrime
Internet Crime
Surveillance Technology

Author: Finklea, Kristin

Title: Dark Web: Updated

Summary: The layers of the Internet go far beyond the surface content that many can easily access in their daily searches. The other content is that of the Deep Web, content that has not been indexed by traditional search engines such as Google. The furthest corners of the Deep Web, segments known as the Dark Web, contain content that has been intentionally concealed. The Dark Web may be used for legitimate purposes as well as to conceal criminal or otherwise malicious activities. It is the exploitation of the Dark Web for illegal practices that has garnered the interest of officials and policymakers. Individuals can access the Dark Web by using special software such as Tor (short for The Onion Router). Tor relies upon a network of volunteer computers to route users’ web traffic through a series of other users’ computers such that the traffic cannot be traced to the original user. Some developers have created tools—such as Tor2web—that may allow individuals access to Torhosted content without downloading and installing the Tor software, though accessing the Dark Web through these means does not anonymize activity. Once on the Dark Web, users often navigate it through directories such as the “Hidden Wiki,” which organizes sites by category, similar to Wikipedia. Individuals can also search the Dark Web with search engines, which may be broad, searching across the Deep Web, or more specific, searching for contraband like illicit drugs, guns, or counterfeit money. While on the Dark Web, individuals may communicate through means such as secure email, web chats, or personal messaging hosted on Tor. Though tools such as Tor aim to anonymize content and activity, researchers and security experts are constantly developing means by which certain hidden services or individuals could be identified or “deanonymized.” Anonymizing services such as Tor have been used for legal and illegal activities ranging from maintaining privacy to selling illegal goods—mainly purchased with Bitcoin or other digital currencies. They may be used to circumvent censorship, access blocked content, or maintain the privacy of sensitive communications or business plans. However, a range of malicious actors, from criminals to terrorists to state-sponsored spies, can also leverage cyberspace and the Dark Web can serve as a forum for conversation, coordination, and action. It is unclear how much of the Dark Web is dedicated to serving a particular illicit market at any one time, and, because of the anonymity of services such as Tor, it is even further unclear how much traffic is actually flowing to any given site. Just as criminals can rely upon the anonymity of the Dark Web, so too can the law enforcement, military, and intelligence communities. They may, for example, use it to conduct online surveillance and sting operations and to maintain anonymous tip lines. Anonymity in the Dark Web can be used to shield officials from identification and hacking by adversaries. It can also be used to conduct a clandestine or covert computer network operation such as taking down a website or a denial of service attack, or to intercept communications. Reportedly, officials are continuously working on expanding techniques to deanonymize activity on the Dark Web and identify malicious actors online.

Details: Washington, DC: Congressional Research Service, 2017. 19p.

Source: Internet Resource: R44101: Accessed March 17, 2017 at: https://fas.org/sgp/crs/misc/R44101.pdf

Year: 2017

Country: United States

URL: https://fas.org/sgp/crs/misc/R44101.pdf

Shelf Number: 144490

Keywords:
Computer Crime
Dark Web
Illegal Behavior
Illicit Goods
Internet Crime
Online Communications

Author: Moura, Giovane Cesar Moreira

Title: Internet Bad Neighborhoods

Summary: A significant part of current Internet attacks originates from hosts that are distributed all over the Internet. However, there is evidence that most of these hosts are, in fact, concentrated in certain parts of the Internet. This behavior resembles the crime distribution in the real world: it occurs in most places, but it tends to be concentrated in certain areas. In the real world, high crime areas are usually labeled as "bad neighborhoods". The goal of this dissertation is to investigate Bad Neighborhoods on the Internet. The idea behind the Internet Bad Neighborhood concept is that the probability of a host in behaving badly increases if its neighboring hosts (i.e., hosts within the same subnetwork) also behave badly. This idea, in turn, can be exploited to improve current Internet security solutions, since it provides an indirect approach to predict new sources of attacks (neighboring hosts of malicious ones). In this context, the main contribution of this dissertation is to present the first systematic and multifaceted study on the concentration of malicious hosts on the Internet. We have organized our study according to two main research questions. In the first research question, we have focused on the intrinsic characteristics of the Internet Bad Neighborhoods, whereas in the second research question we have focused on how Bad Neighborhood blacklists can be employed to better protect networks against attacks. The approach employed to answer both questions consists in monitoring and analyzing network data (traces, blacklists, etc.) obtained from various real world production networks. One of the most important findings of this dissertation is the verification that Internet Bad Neighborhoods are a real phenomenon, which can be observed not only as network prefixes (e.g., /24, in CIDR notation), but also at different and coarser aggregation levels, such as Internet Service Providers (ISPs) and countries. For example, we found that 20 ISPs (out of 42,201 observed in our data sets) concentrated almost half of all spamming IP addresses. In addition, a single ISP was found having 62% of its IP addresses involved with spam. This suggests that ISP-based Bad Neighborhood security mechanisms can be employed when evaluating e-mail from unknown sources. This dissertation also shows that Bad Neighborhoods are mostly application specific and that they might be located in neighborhoods one would not immediately expect. For example, we found that phishing Bad Neighborhoods are mostly located in the United States and other developed nations - since these nations hosts the majority of data centers and cloud computing providers - while spam comes from mostly Southern Asia. This implies that Bad Neighborhood based security tools should be application-tailored. Another finding of this dissertation is that Internet Bad Neighborhoods are much less stealthy than individual hosts, since they are more likely to strike again a target previously attacked. We found that, in a one-week period, nearly 50% of the individual IP addresses attack only once a particular target, while up to 90% of the Bad Neighborhoods attacked more than once. Consequently, this implies that historical data of Bad Neighborhoods attacks can potentially be successfully employed to predict future attacks. Overall, we have put the Internet Bad Neighborhoods under scrutiny from the point of view of the network administrator. We expect that the findings provided in this dissertation can serve as a guide for the design of new algorithms and solutions to better secure networks.

Details: Twente, NETH: University of Twente, 2013. 245p.

Source: Internet Resource: Dissertation: Accessed April 11, 2017 at: http://doc.utwente.nl/84507/1/thesis_G_Moura.pdf

Year: 2013

Country: International

URL: http://doc.utwente.nl/84507/1/thesis_G_Moura.pdf

Shelf Number: 144779

Keywords:
Computer Crime
Computer Security
Internet Crimes
Internet Safety
Internet Security
Spam

Author: Wespieser, Karen

Title: Young people and e-safety. The results of the 2015 London Grid for Learning e-safety survey

Summary: The focus of the survey was to look at the wide and common online activities of London's young people. As found in previous LGfL surveys, children and young people use technology to have fun, study and communicate with others. Most children and young people have positive experiences online. On the whole they are sensible online and do not put themselves 'at risk'. However, there remain a number of areas where schools can support young people - and their families - in increasing their online safety. Nine out of ten young people access the Internet at home. Ten per cent of pupils therefore do not. Just over a third of young people would like more opportunity to use computers at school. As found in previous LGfL surveys , children and young people use technology to have fun, study and communicate with others. Most children and young people have positive experiences online. They are sensible online and do not put themselves 'at risk'. An increasing number of young people own their own device. Young people access the Internet through a range of devices but there are significant differences between boys and girls; boys use games consoles more than girls and more girls have a mobile device than boys. Very few young people report that they use these devices to access the Internet away from home. The home is therefore the key location for going online, outside of school. Forty per cent of 7-year-olds report that their parents always know what they do online; a percentage that (understandably) drops with age. Just over half of young people use a password on their device at home. This is slightly lower for devices that young people use at school. Of those that use a password, half report that someone else knows it, although the majority identified this person as a family member at home. Of those that use a password, a majority reported they do not change it regularly. Over half say that they never change it. Young people report that they spend their time online doing school work or studying. Three-quarters of young people report that they like playing games online but as they get older they play games less and spend more time on social networks and chat sites. Overall, the use of the Internet becomes more diverse as young people get older. There are also gender differences. More girls than boys listen or download music and use instant messaging. Conversely, more boys than girls report using YouTube and playing games. Many children play games not suitable for their age and a small but concerning minority play 18+ rated games. Of the young people playing age inappropriate games, two-thirds are boys. Furthermore, the greatest proportion of children who report playing these games also report they have parental consent. Unsuitable games include titles such as 'Grand Theft Auto' and 'Call of Duty'.

Details: Slough: National Foundation for Educational Research, 2015. 44p.

Source: Internet Resource: Accessed April 22, 2017 at; https://www.lgfl.net/downloads/online-safety/LGfL-OS-2015-E-Safety-Survey-Final-Report.pdf

Year: 2015

Country: United Kingdom

URL: https://www.lgfl.net/downloads/online-safety/LGfL-OS-2015-E-Safety-Survey-Final-Report.pdf

Shelf Number: 145162

Keywords:
Child Protection
Computer Crime
Internet Crime
Online Safety
Online Victimization
Social Media

Author: McAfee

Title: Tilting the Playing Field: How Misaligned Incentives Work Against Cybersecurity

Summary: Cybercriminals have the advantage. This has been true since the internet was commercialized 20 years ago. The incentives for cybercrime have made it a big business and a dynamic marketplace. Defenders are hard pressed to keep up. Misaligned incentives explain much of this - both within organizations and between attackers and defenders in cyberspace. Misaligned incentives between attackers and defenders mean that the decentralized market in which cybercriminals operate makes them adapt and innovate faster and more efficiently than defenders, whose incentives are shaped by bureaucracies and top-down decision making. Some of the advantage cybercriminals have over defenders is due to technology - we now all know that the internet was never designed to be secure. Some is due to policy. There are countries that tolerate, shelter, and maybe even encourage cybercrime. Governments and companies know they are at a disadvantage, but they are playing catch-up. Managing the risk posed by cyberthreats has become a priority, but the best criminals still seem able to stay ahead, even as companies allocate more resources to cybersecurity. This does not mean cybercrime will always win. It does mean that companies and governments will need to rethink how they measure, reward and incentivize defense. Markets send signals by creating prices and rewards, creating incentives for action. The cybercrime market is efficient, and the incentives for cybercriminals are clear and compelling. The same is not true for defenders. Criminals flourish in this market, but most defenders work in bureaucracies. In most companies, cybersecurity is the responsibility of a diverse range of groups and individuals using different (and sometimes conflicting) metrics for success. Incentives are not only misaligned between attackers and defenders, but within companies. To examine this misalignment of incentives, we conducted a survey of 800 respondents from companies ranging in size from 500 employees to more than 5,000 across five major industry sectors, including finance, healthcare, and the public sector. Our survey targeted respondents with executive level responsibility for cybersecurity, as well as operators that have technical and implementation responsibilities for cybersecurity. The results provide insight into how each group views cyber risk in making decisions about an organization's cyber-risk management strategy. Better calibrating the misaligned incentives we uncovered may yield a more coherent and effective cybersecurity posture for companies worldwide.

Details: Santa Clara, CA: McAfee Security, Center for Strategic and International Studies, 2017. 34p.

Source: Internet Resource: Accessed August 7, 2017 at: https://www.mcafee.com/us/resources/reports/rp-misaligned-tilting-playing-field.pdf

Year: 2017

Country: International

URL: https://www.mcafee.com/us/resources/reports/rp-misaligned-tilting-playing-field.pdf

Shelf Number: 146755

Keywords:
Computer Crime
Cybercrime
Cybersecurity
Internet Crime

Author: Great Britain. HM Government

Title: National Cyber Security Strategy 2016-2021

Summary: The National Cyber Security Strategy 2016 to 2021 sets out the government's plan to make Britain secure and resilient in cyberspace. The UK is one of the world's leading digital nations. Much of our prosperity now depends on our ability to secure our technology, data and networks from the many threats we face. Yet cyber attacks are growing more frequent, sophisticated and damaging when they succeed. So we are taking decisive action to protect both our economy and the privacy of UK citizens. Our National Cyber Security Strategy sets out our plan to make Britain confident, capable and resilient in a fast-moving digital world. Over the lifetime of this five-year strategy, we will invest L1.9 billion in defending our systems and infrastructure, deterring our adversaries, and developing a wholesociety capability - from the biggest companies to the individual citizen. From the most basic cyber hygiene, to the most sophisticated deterrence, we need a comprehensive response. We will focus on raising the cost of mounting an attack against anyone in the UK, both through stronger defences and better cyber skills. This is no longer just an issue for the IT department but for the whole workforce. Cyber skills need to reach into every profession. The new National Cyber Security Centre will provide a hub of world-class, user-friendly expertise for businesses and individuals, as well as rapid response to major incidents. Government has a clear leadership role, but we will also foster a wider commercial ecosystem, recognising where industry can innovate faster than us. This includes a drive to get the best young minds into cyber security. The cyber threat impacts the whole of our society, so we want to make very clear that everyone has a part to play in our national response. It's why this strategy is an unprecedented exercise in transparency. We can no longer afford to have this discussion behind closed doors. Ultimately, this is a threat that cannot be completely eliminated. Digital technology works because it is open, and that openness brings with it risk. What we can do is reduce the threat to a level that ensures we remain at the vanguard of the digital revolution. This strategy sets out how.

Details: London: HM Government, 2017. 80p.

Source: Internet Resource: Accessed September 13, 2017 at: https://www.gov.uk/government/publications/national-cyber-security-strategy-2016-to-2021

Year: 2017

Country: United Kingdom

URL: https://www.gov.uk/government/publications/national-cyber-security-strategy-2016-to-2021

Shelf Number: 147232

Keywords:
Computer Crime
Cybercrime
Cybersecurity
Internet Crimes
National Security

Author: Millward Brown Ulster

Title: Public Confidence in the Policing of Cybercrime. Summary Report of Findings

Summary: The Northern Ireland Policing Board commissioned Millward Brown Ulster to undertake three elements of a programme of research under the umbrella of 'Confidence in Northern Ireland Policing'. This report addresses the following element on Cybercrime. How can the PSNI engage the community on the risks posed by cybercrime without causing undue alarm and build confidence in their strategy for dealing with this crime that those most vulnerable are adequately protected?

Details: Belfast: Northern Ireland Policing Board, 2014. 74p.

Source: Internet Resource: Accessed November 20, 2017 at: https://www.nipolicingboard.org.uk/sites/nipb/files/media-files/Cybercrime-report.pdf

Year: 2014

Country: United Kingdom

URL: https://www.nipolicingboard.org.uk/sites/nipb/files/media-files/Cybercrime-report.pdf

Shelf Number: 148267

Keywords:
Computer Crime
Cybercrime
Police Effectiveness
Public Opinion

Author: Great Britain. Home Office. Science Advisory Council

Title: Understanding the costs of cyber crime: A report of key findings from the Costs of Cyber Crime Working Group

Summary: The Home Office today published the findings that came out of the 'Costs of Cyber Crime Working Group' that ran from 2014-2016. The group, attended by techUK, was composed following a commitment in the 2013 Serious and Organised Crime Strategy that aimed to improve the quality of data that is used when estimating the cost of cyber-crime incidents. The report is intended to help take the research community closer towards achieving better estimates of the costs of cyber-crime as part of future studies. The report sets out the framework that will now be used for estimating costs and also makes a number of recommendations on the design of future research into the costs of cyber-crime, including: - Calling for researchers designing future costs of cyber-crime to approach their research design in a systematic fashion using the framework in the report; identify gaps in the costs of cyber-crime framework and tailor research questions so that they can fill these specific gaps - That future studies should further investigate the costs and profits to offenders of engaging in cyber-crime - That future studies investigate the financial impact of cyberattacks on a businesses' reputation - That future research consider how to estimate the monetary cost of the fear of cyber crime

Details: London: Home Office, 2018. 82p.

Source: Internet Resource: Research Report 96: Accessed January 18, 2018 at: http://www.techuk.org/insights/news/item/12135-home-office-publishes-understanding-the-costs-of-cyber-crime-report

Year: 2018

Country: United Kingdom

URL: http://www.techuk.org/insights/news/item/12135-home-office-publishes-understanding-the-costs-of-cyber-crime-report

Shelf Number: 148868

Keywords:
Computer Crime
Costs of Crime
Cybercrime
Internet Crime

Author: London Assembly. Police and Crime Committee

Title: Tightening the net: The Metropolitan Police Service's response to online theft and fraud

Summary: The internet is changing the nature of crime -- The internet has revolutionised the way that we live our lives. But it has also changed the way that criminals operate: increasingly, there is a cyberdimension to almost all types of crime. Our investigation focused on how the internet has enabled criminals to commit acquisitive crimes - those that involve taking goods or money from a victim - in different ways. We found that, while crimes such as burglary are falling, a whole new collection of online crimes have emerged. One crime in particular has been transformed by the internet: fraud. Around 70 per cent of frauds are now "cyber-enabled" and the internet provides an opportunity for fraudsters to expand their activities on a huge scale. Unlike in the past, fraudsters can target large numbers of victims, often at next to no cost. The types of online scams are wide-ranging. Cyber-criminals tailor frauds to the individual; as one expert told us, we are all at risk. We do not know enough about the perpetrators of online crime. What is clear is that cyber-criminals do not fit into a typical mould. Organised crime groups are responsible for an element of online crime in London. But - in addition to these groups - many local, known criminals have expanded their day-to-day criminal activities into London's cyberspace. Computer literacy is no barrier to becoming a cyber-criminal - in fact, you need no more skill than to be able to log on. This, combined with a lower personal risk of being caught, makes online crime appealing to another, perhaps less expected, group of perpetrators: those new to crime. Committing crime using the internet offers anonymity - many would not commit a similar crime if it involved face-to-face contact with the victim. Like the perpetrators of online crime, its victims no longer fit into a typical group or category. Our research found that victims came from different ethnic groups, social grades and areas of London. We also found that becoming a victim of an online crime can be just as distressing as if it were a traditional crime, even when there has been no financial loss. Even the mere thought that someone had impersonated or tricked them can cause a great deal of stress for the victim. A greater understanding and sensitivity to victims' experiences will be an essential part of the police's response to online crime. We do not know the extent of online theft and fraud Crime statistics should help us to measure the extent - and the trend - of online crime. The Office for National Statistics (ONS) uses two headline measures for trends in total crime over time: police-recorded crime and the Crime Survey for England and Wales. Both sets of data tell a similar story crime in England and Wales has fallen sharply in the last decade. But both measures contain flaws, not least that they are failing to capture a range of crimes committed using the internet. Many online crimes will not appear in police-recorded statistics because often victims choose not to report crimes to the police in the first place. This may be because victims feel embarrassed at being tricked by a fraudster or that there is little the police can do to catch the perpetrator. Due to the hidden nature of many online frauds, often victims cannot report the offence immediately because they are unaware that it has been committed against them in the first place. The Crime Survey for England and Wales is not capturing trends in online crime either. It has failed to keep up as the public's experience of victimisation has evolved: the survey does not currently ask respondents about a range of crimes committed using the internet and excludes many crimes, such as fraud, from its headline results. The effect of this omission on the overall level of crime that the survey measures is significant. In light of the current limitations with both police-recorded crime and the Crime Survey, we commissioned our own victimisation survey to better understand the extent of online crime in London. Our findings paint an alarming picture of the balance between old and new crimes. Among the 1,004 Londoners we surveyed, we found that a higher proportion had been a victim of an online crime than of a more traditional form of property crime. Perceptions differ too: higher proportions of respondents felt online crimes have increased in recent years relative to traditional crimes. And respondents were also more worried about online crimes than they were traditional crimes. The police should reflect on our results as it develops its approach to online crime. The police service has been slow to respond to the emergence of online crime The police are behind the curve when it comes to tackling online crime. The research base for policing the cyber-threat is not as well developed as in other areas of policing and, in some cases, there is a lack of appetite among police forces and officers to tackle offences such as cyber-fraud, often not seen as exciting crimes to investigate. In order to improve the police service's response, the Government changed the system for reporting fraud. Action Fraud - the UK's national reporting centre for fraud and internet crime - has had a number of successes, such as improving the level of crime reporting and the ways in which positive outcomes are sought for victims. But, while the new system represents an improvement on that which preceded it, one problem stands out: there is still a need to raise awareness among the public - and even among parts of the police - about Action Fraud. To increase reporting of crime in London, the Mayor, MOPAC and the Met should all work with the City of London Police to help to raise awareness about online crime and the role of Action Fraud. Better co-operation between the police and other organisations is needed as well. The police service has claimed that banks and others do not routinely report offences because they do not wish to reveal how vulnerable they are. Some have argued that these and other organisations should be encouraged or even compelled to share fraud data with law enforcement agencies. MOPAC and the Met have started to take the problem seriously The Mayor's Office for Policing and Crime (MOPAC) recognises that online crime is a significant problem in London. So far, MOPAC's approach has focused mainly on online crimes against businesses. This is important: some small businesses are particularly vulnerable. But MOPAC must not let the Met lose focus on individual victims of online crime. And, to help the Met to avoid viewing cyber-crime in isolation, all MOPAC's future strategies should directly address pertinent internet risks, something missing in its recently published Hate Crime Reduction Strategy for London. Like MOPAC, the Met is also aware of the difficulty in tackling online crime. It has created a new Fraud and Linked Crime Online (FALCON) command, with substantially increased resources, to reduce the harm caused by fraud and cyber-criminals in London. Given the potential scale of online crime, FALCON must make choices to meet this objective and secure the best value for money from its resources. Since many online crimes do not align with policing, national or international boundaries, enforcing the law can be difficult. As the FALCON command matures, it needs to develop its methods for disrupting criminals and preventing crimes from happening in the first place. It must also build a workforce with the right balance between police officers and civilian staff: piling in loads of uniformed officers is not the way to deal with online fraud. One of the reasons that many victims of online crime do not report the offence to the police is that they do not think the police will do anything about it. In order to show that they are taking online crime seriously, MOPAC and the Met need to demonstrate that they are making a difference. Measuring the level of online victimisation through prevalence surveys is perhaps the most effective way of doing that. We ask that MOPAC collects data in its future surveys and publishes the results on a regular basis. The Met faces challenges in the future The Met's decision to establish a new command to tackle fraud and online crime clearly demonstrates that it is taking these threats seriously. But this approach is not without risks. We are concerned that the FALCON command might become siloed from the rest of the Met. Given that that there is increasingly a cyber-dimension to almost all crimes, the Met needs to ensure that all of its officers and staff are as comfortable policing London's cyberspace as they are London's streets; it must not be left to specialists alone. Both inside and outside of the FALCON command, the Met needs to determine what skills and training its workforce needs to tackle the challenge of online crime. Aside from formal training, we heard that the Xbox and PlayStation generation of police officers are already well prepared to fight online crime. The Met should tap into this resource which is already among its ranks.

Details: London: The Assembly, 2015. 58p.

Source: Internet Resource: Accessed February 8, 2018 at: https://www.london.gov.uk/sites/default/files/Tightening%20the%20net_0.pdf

Year: 2015

Country: United Kingdom

URL: https://www.london.gov.uk/sites/default/files/Tightening%20the%20net_0.pdf

Shelf Number: 149034

Keywords:
Acquisitive Crimes
Computer Crime
Cybercrime
Fraud
Internet Crime
Online Victimization
Property Crime
Theft

Author: Christin, Nicolas

Title: An EU-focused analysis of drug supply on the AlphaBay marketplace

Summary: Online anonymous marketplaces are a relatively recent technological development that enables sellers and buyers to transact online with far stronger anonymity guarantees than on traditional electronic commerce platforms. This has led certain individuals to engage in transactions of illicit or illegal goods. The AlphaBay marketplace, which was in operation between December 2014 and July 2017, reportedly became the leading marketplace during that time. In this report, we present an analysis of sales on AlphaBay, with a focus on drug supply coming from the European Union. Keeping in mind the limitations inherent to such data collection, we found that, for the period and the marketplaces considered: - AlphaBay did become a very large marketplace, with daily sales overall exceeding 600,000 euros at its peak in early 2017. By itself, it grossed at least as much revenue over 2014-2017 as all other marketplaces combined between 2011-2015. - EU-based suppliers represent approximately a quarter of all drug sales; this is down from 46% for marketplaces previously studied in the 2011-2015 interval. - EU-originating drugs primarily came from Germany, the Netherlands, and the United Kingdom. - Cannabis, cocaine and other stimulants altogether represented a majority of all EU-based drug sales. - Supply of New Psychoactive Substances (NPS) remained very modest with revenues below EUR 2,500 per day at market peak. - Marketplace vendors primarily catered in the retail space, but there was evidence of larger (bulk-level) sales. Volume-based discounting tended to occur, albeit at relatively modest levels. - Half of the vendors specialized in one type of drug; and half of the drug sellers tended to stick to a given weight echelon. - Save for the decreasing share of European sales, most of the trends observed in this report confirm what we had previously found for other marketplaces in the 2011-2015 interval. In other words, the ecosystem, as a whole, appears relatively stable over time.

Details: Lisbon: European Monitoring Centre for Drugs and Drug Addiction (EMCDDA), 2017. 34p.

Source: Internet Resource: Accessed April 16, 2018 at: http://www.emcdda.europa.eu/system/files/attachments/6622/AlphaBay-final-paper.pdf

Year: 2017

Country: Europe

URL: http://www.emcdda.europa.eu/system/files/attachments/6622/AlphaBay-final-paper.pdf

Shelf Number: 149803

Keywords:
Black Markets
Computer Crime
Cybercrime
Darknet
Drug Markets
Electronic Commerce
Online Transactions

Author: Christin, Nicolas

Title: An EU-focused analysis of drug supply on the online anonymous marketplace ecosystem

Summary: Online anonymous marketplaces are a relatively recent technological development that enables sellers and buyers to transact online with far stronger anonymity guarantees than on traditional electronic commerce platforms. This has led certain individuals to engage in transactions of illicit or illegal goods. This reports presents an analysis of the online anonymous marketplace data collected by Soska and Christin [13] over late 2011-early 2015. In this report, we focus on drug supply coming from the European Union. Keeping in mind the limitations inherent to such data collection, we found that, for the period and the marketplaces considered: EU-based suppliers represented a significant share of all drug revenue-approximately 46% of all drug sales. EU-originating drugs primarily came from Germany, the Netherlands, and the United Kingdom. Cocaine and other stimulants altogether represented a majority of all EU-based drug sales. Supply of New Psychoactive Substances (NPS) was heavily concentrated in the United Kingdom, and remained very modest with revenues in the order of EUR 3,000 per day at market peak. Marketplace vendors primarily catered in the retail space, but there was evidence of larger (bulk-level) sales. Volume-based discounting tended to occur, albeit at relatively modest levels. Half of the vendors specialized in one type of drug; and half of the drug sellers tended to stick to a given weight echelon.

Details: Lisbon: European Monitoring Centre for Drugs and Drug Addiction (EMCDDA), 2017. 25p.

Source: Internet Resource: Accessed April 16, 2018 at: http://www.emcdda.europa.eu/system/files/attachments/6624/EU-focused-analysis-of-drug-supply-on-the-anomymous-online-marketplace.pdf

Year: 2017

Country: Europe

URL: http://www.emcdda.europa.eu/system/files/attachments/6624/EU-focused-analysis-of-drug-supply-on-the-anomymous-online-marketplace.pdf

Shelf Number: 149804

Keywords:
Black Markets
Computer Crime
Cybercrime
Darknet
Drug Markets
Electronic Commerce
Online Transactions

Author: International Fund for Animal Welfare

Title: Out of Africa: Byting Down on Wildlife Cybercrime

Summary: The International Fund for Animal Welfare (IFAW) has been researching the threat that online wildlife trade poses to endangered species since 2004. During that time, our research in over 25 countries around the globe has revealed the vast scale of trade in wildlife and their parts and products on the world's largest marketplace, the Internet - a market that is open for business 24 hours a day, 365 days a year. Whilst legal trade exists in respect of many species of wildlife, online platforms can provide easy opportunities for criminal activities. Trade over the Internet is often largely unregulated and anonymous, often with little to no monitoring or enforcement action being taken against wildlife cybercriminals. In addition, cyber-related criminal investigations are complicated by jurisdictional issues, with perpetrators in different geographical locations and laws differing from country to country. This poses a serious threat to the survival of some of the world's most iconic species and the welfare of individual animals. This report outlines the results of new IFAW research in seven different countries in Africa, exploring the availability of wild animals and their products in an area of the world with a rapid growth in access to the Internet. This research is part of a broader project to address wildlife cybercrime in Africa, funded by the US government's Department of State's Bureau of International Narcotics and Law Enforcement Affairs (INL). The wider project included researching trade in elephant, rhino and tiger products over the 'Darknet'; providing training on investigating wildlife cybercrime to enforcers in South Africa and Kenya; ensuring policy makers addressed the threat of wildlife cybercrime through adopting Decision 17.92 entitled Combatting Wildlife Cybercrime at the CoP17 of the Convention on International Trade in Endangered Species of Wild Fauna and Flora (CITES) in Johannesburg 2016; carrying out a review of legislation as it pertains to wildlife cybercrime; and providing training to online technology companies to assist with the effective implementation of their policies. Research focused on online marketplaces and social media platforms utilised by traders stating they were based in Ethiopia, Ivory Coast, Kenya, Nigeria, South Africa, Tanzania and Uganda. In most cases, this meant focusing on trading platforms based in those specific countries, but researchers also identified traders stating they were based in South Africa using international Alibaba and eBay sites.

Details: Washington, DC: IFAW, 2017. 32p.

Source: Internet Resource: Accessed April 20, 2018 at: https://s3.amazonaws.com/ifaw-pantheon/sites/default/files/legacy/(Pixelated%20Webversion)SAInvestigationReport_lores.pdf

Year: 2017

Country: Africa

URL: https://s3.amazonaws.com/ifaw-pantheon/sites/default/files/legacy/(Pixelated%20Webversion)SAInvestigationReport_lores.pdf

Shelf Number: 149865

Keywords:
Computer Crime
Cybercrime
Illegal Wildlife Trade
Internet Crime
Wildlife Crime

Author: Romanosky, Sasha

Title: Law Enforcement Cyber Center: Final Technical Report

Summary: Cybercrime and cyber threats place many demands on law enforcement agencies, ranging from investigating cyber incidents to securing their own information systems. In addition, law enforcement agencies are required to collect and handle the constantly increasing volume of digital evidence. The Bureau of Justice Assistance established the Law Enforcement Cyber Center (LECC) in October 2014 to help state and local law enforcement better combat cybercrime. The LECC, which completed in September 2017, was tasked to serve as an online portal and a clearinghouse of information, directing users to existing resources developed and managed by subject-matter experts, professional organizations, and government agencies. The LECC was managed by a consortium of organizations led by the RAND Corporation as the main grantee. Partner organizations in the LECC team were the International Association of Chiefs of Police and the Police Executive Research Forum. Although doing so was not formally part of the LECC grant, the project team also collaborated with the National White Collar Crime Center, a nonprofit organization. This technical report provides an account of LECC activities since its inception in October 2014 to its completion in September 2017. Key Findings The LECC Met Its Objectives and Completed All Its Planned Tasks The LECC project team set up the LECC website, identified training and training needs for various stakeholders, contributed to better links among crime units, enhanced prevention education, and developed technical assistance materials for relevant audiences. The project team also organized the LECC Justice Executive Cyber Roundtable, which provided a unique forum to bring together police chiefs, prosecutors, and judges to address the fight against cybercrime. The Metrics Employed by the Project Team Demonstrated the Usefulness of the Type of Services Provided by the LECC As the LECC web traffic data demonstrate, the content provided on the LECC website was successful in attracting traffic to the website. The volume of traffic visiting the website grew over time, suggesting that it is possible to attract new users as well as retain existing visitors by providing a continuously updated set of relevant information. The presentation of the LECC and its website at various meetings, fora, and conferences received interest and enthusiasm, indicating a perceived need for such a resource among various stakeholders. The LECC's resources were also designed to foster greater links among crime units; for example, the LECC team compiled a list of regional capabilities relevant for combatting cybercrime, such as forensics labs or training facilities. The LECC team developed a report on the implementation of the Utah Model of cybercrime prevention, summarizing lessons and best practices from the implementation of a new cybercrime unit in Utah. Recommendation Future endeavors to assist state and local law enforcement and prosecutors with cybercrime prevention, investigation, and prosecution should continue to broker the exchange of knowledge within and across law enforcement stakeholder groups.

Details: Santa Monica, CA: RAND, 2017. 48p.

Source: Internet Resource: Accessed May 25, 2018 at: https://www.rand.org/content/dam/rand/pubs/research_reports/RR2300/RR2320/RAND_RR2320.pdf

Year: 2017

Country: United States

URL: https://www.rand.org/content/dam/rand/pubs/research_reports/RR2300/RR2320/RAND_RR2320.pdf

Shelf Number: 150370

Keywords:
Computer Crime
Costs of Crime
Crime Prevention
Criminal Investigation
Cybercrime
Internet Crime

Author: Wingard, James R.

Title: Catch Me If You Can: Legal Challenges to illicit wildlife trafficking over the internet

Summary: Although illicit internet trade falls into the larger universe of cybercrime, it is better described as a cyber-enabled crime - in other words, a traditional crime that uses new technologies with the traditional part being the illegal capture of wildlife and the associated physical forms of trade. In addition to the many legal and enforcement challenges associated with conventional wildlife crimes, internet-based illegal wildlife trade (IWT) poses another set of problems for officials, forcing them to operate in a trans-jurisdictional, virtual space that they, and the law, are largely unprepared to manage. On the practical side, they face substantial difficulties merely distinguishing legal from illegal trade, including: - knowing which species are involved and which countries' laws apply to the activity in question (e.g. advertising, sale and purchase, arrangement of logistics); - determining trade quantities and making decisions on whether to invest resources in the pursuit of crimes; and - knowing which specific legal basis may apply to the species being traded. In terms of their legal authorities and practices, officials also confront further problems, in that they may have no specific power to carry out covert investigations; no, or limited, access to cybercrime units; and no, or limited, experience with cybercrime laws and digital forensics to conduct necessary investigations. Concerning the legal frameworks directed at illicit wildlife trade, they face: - criminal and related laws that do not adequately address all parts of the digital trade chain by expressly criminalizing the advertising of illicit wildlife trade or related offences; - differing investigative authorities between jurisdictions that compromise transnational enforcement efforts; and - inconsistent regulation of and limitations to subject matter and personal jurisdiction that create 'digital safe havens' and prevent prosecutions. Taken as a whole, the overall ability of enforcement authorities to adequately identify, investigate and prosecute the advertising of illicit wildlife on the internet is severely compromised. Key efforts to improve this situation have been included in the conclusion and recommendations to this brief.

Details: Geneva, SWIT: Global Initiative Against Transnational Organized Crime, 2018. 31p.

Source: Internet Resource: Accessed August 23, 2018 at: http://globalinitiative.net/wp-content/uploads/2018/07/Wingard-and-Pascual-Digital-Dangers-Catch-me-if-you-can-July-2018.pdf

Year: 2018

Country: International

URL: http://globalinitiative.net/wp-content/uploads/2018/07/Wingard-and-Pascual-Digital-Dangers-Catch-me-if-you-can-July-2018.pdf

Shelf Number: 151245

Keywords:
Computer Crime
Cybercrime
Illegal Wildlife Trade
Illicit Trade
Internet Crime
Trafficking in Wildlife
Wildlife Crime
Wildlife Trafficking

Author: Anderson, Monica

Title: A Majority of Teens Have Experienced Some Form of Cyberbullying

Summary: Name-calling and rumor-spreading have long been an unpleasant and challenging aspect of adolescent life. But the proliferation of smartphones and the rise of social media has transformed where, when and how bullying takes place. A new Pew Research Center survey finds that 59% of U.S. teens have personally experienced at least one of six types of abusive online behaviors. The most common type of harassment youth encounter online is name-calling. Some 42% of teens say they have been called offensive names online or via their cellphone. Additionally, about a third (32%) of teens say someone has spread false rumors about them on the internet, while smaller shares have had someone other than a parent constantly ask where they are, who they're with or what they're doing (21%) or have been the target of physical threats online (16%). While texting and digital messaging are a central way teens build and maintain relationships, this level of connectivity may lead to potentially troubling and non-consensual exchanges. One-quarter of teens say they have been sent explicit images they didn't ask for, while 7% say someone has shared explicit images of them without their consent. These experiences are particularly concerning to parents. Fully 57% of parents of teens say they worry about their teen receiving or sending explicit images, including about one-quarter who say this worries them a lot, according to a separate Center survey of parents. The vast majority of teens (90% in this case) believe online harassment is a problem that affects people their age, and 63% say this is a major problem. But majorities of young people think key groups, such as teachers, social media companies and politicians are failing at tackling this issue. By contrast, teens have a more positive assessment of the way parents are addressing cyberbullying. These are some of the key findings from the Center's surveys of 743 teens and 1,058 parents living in the U.S. conducted March 7 to April 10, 2018. Throughout the report, "teens" refers to those ages 13 to 17, and "parents of teens" are those who are the parent or guardian of someone in that age range.

Details: Washington, DC: Pew Research Center, 2018. 19p.

Source: Internet Resource: Accessed October 3, 2018 at: http://www.pewinternet.org/wp-content/uploads/sites/9/2018/09/PI_2018.09.27_teens-and-cyberbullying_FINAL.pdf

Year: 2018

Country: United States

URL: http://www.pewinternet.org/wp-content/uploads/sites/9/2018/09/PI_2018.09.27_teens-and-cyberbullying_FINAL.pdf

Shelf Number: 151778

Keywords:
Bullying
Computer Crime
Cyber Crime
Cyberbullying
Online Victimization
Social Media
Teenagers