Cybercrime—computer hacking, social engineering, intellectual property theft, electronic fraud, online interpersonal violence, identity theft, and Internet-facilitated sexual victimization—is a leading threat to national security, with millions of victims in both the United States and around the world, and billions of dollars being spent to combat it.
Criminology and related disciplines are just beginning to understand cybercrime and how best to deter and prevent it—or at least reduce its harms. Despite technical solutions and policy suggestions by industry officials and academics, many contemporary attempts to tackle the problem remain best guesses. The field needs more empirical testing, systematic analysis, evaluation, and theory development to address this multifaceted and complex crime.
In response, Criminology & Public Policy has published its first-ever special issue on cybercrime and cybersecurity. Led by special issue editors and cybercrime experts Jin R. Lee (George Mason University) and Thomas J. Holt (Michigan State University), the issue features cutting-edge research and knowledge in this area. Criminology & Public Policy is the flagship policy and practice issue of the American Society of Criminology and is edited by Cynthia Lum (George Mason University) and Christopher S. Koper (George Mason University).
"The human elements of cybercrime and cybersecurity pose unique and complex challenges to criminology," note the editors in the introduction to the special issue. "While the victims of cybercrime are everyday individuals, businesses, and communities, offenders are often international, hard to find, and sometimes state-sponsored.
"This special issue provides examples and ideas," they write, "and we encourage collaboration across disciplines and with private and public sector organizations. Criminology has much to offer—and learn—in the field of cybercrime and cybersecurity."
The 11 studies in the special issue build the knowledge base for understanding and addressing cybercrime and improving cybersecurity by applying theories and methods in criminology and related fields, including:
- In "Dating Hot Spot to Fraud Hot Spot: Targeting the Social Characteristics of Romance Fraud Victims in England and Wales," researchers examined romance fraud in England and Wales, which rose 55% from 2019 to 2021. They conclude that the current national one-size-fits-all approach to these crimes may not be the most effective way to support victims and suggest a tailored approach based on crime patterns and demographic data.
- In "I Knew It Was a Scam": Understanding the Triggers for Recognizing Romance Fraud," a researcher investigated the factors that contribute to a realization of romance fraud victimization based on more than 1,000 reports to an Australian online reporting portal. The author advocates for wider education and awareness campaigns to improve recognition of romance fraud victimization.
- In "'Like Aspirin for Arthritis': A Qualitative Study of Conditional Cyber-Deterrence Associated with Police Crackdowns on the Dark Web," researchers studied nearly 1,800 forum posts by dark web users to determine whether online crackdowns by police deter market behaviors. They found that crackdowns trigger psychological and practical consequences that have a conditional deterrent effect.
- In "Understanding Markers of Trust Within the Online Stolen Data Market: An Examination of Vendors' Signaling Behaviors Relative to Product Price Point," a researcher examined more than 1,000 stolen data products across 40 vendors on the open and dark web to determine whether different product- and vendor-level behaviors predicted vendors' trustworthiness as reflected in their price point. The author suggests that law enforcement may benefit from transmitting mixed signals to complicate trust dynamics within the online stolen data market.
- In "An Examination of Harm Reduction Strategies in Oxycodone and Adderall Buyer Feedback on AlphaBay," researchers explored the extent to which harm reduction occurs in buyers' feedback of illicit drugs purchased on AlphaBay, a darknet market. AlphaBay's harm-reduction policy had little effect on pre-existing harm-reduction communications. Understanding these strategies highlights how street-based harm-reduction programs can apply to online environments to help buyers make safe and informed decisions.
- In "Hydra: Lessons from the World's Largest Darknet Market," researchers describe Hydra, the largest Russian darknet marketplace until its shutdown in 2022, which covered almost 70% of the Russian population and traded many drugs. They address the impact of the market's shutdown and the relevance of limiting the size and growth of darknet marketplaces.
- In "Minor-Focused Sextortion by Adult Strangers: A Crime Script Analysis of Newspaper and Court Cases," researchers examined 130 minor-focused cases of sextortion, a form of image-based sexual abuse in which offenders threaten to distribute sexually explicit images to gain victims' compliance, to learn how adult offenders commit these crimes. Their findings highlight ways to disrupt these behaviors, including educating youth and streamlining reporting for victims.
- In "Why Do Young People Start and Continue with Ethnical Hacking? A Qualitative Study on Individual and Social Aspects in the Lives of Ethnical Hackers," researchers examined individual and social factors that both motivated and stimulated hackers who began ethnical hacking before age 18. Based on their findings, the authors recommend ways to stimulate youth to take an ethical path that improves cybersecurity outcomes.
- In "Assessing Nation-State-Sponsored Cyberattacks Using Aspects of Situational Crime Prevention," researchers analyzed nearly 250 cyberattacks reported to the Extremist CyberCrime Database to identify predictors of nation-state-sponsored cyberattacks using a situational crime prevention framework. The authors call for a more robust national cybersecurity policy framework that moves beyond current approaches to deter nation-state-sponsored cyberattacks from continuing.
- In "What Motivates Users to Adopt Cybersecurity Practices? A Survey Experiment Assessing Protection Motivation Theory," researchers examined the ties between components of protection motivation theory and more than 700 users' intentions to adopt cybersecurity recommendations after learning about risks. With 70% of respondents indicating they were likely to follow cybersecurity recommendations to mitigate a cyber threat, the study can inform efforts to improve cybersecurity, including training programs that are more personalized and adaptable to diverse user needs and characteristics.
- In "The Effect of Online Ad Campaigns on DDoS-Attacks: A Cross-National Difference-in-Differences Quasi-Experiment," researchers evaluated the effects of seven targeted online ad campaigns in six European countries to raise awareness among at-risk populations about distributed denial-of-service (DDoS) attacks. The study's results were mixed, suggesting that these online campaigns may be less effective for prevention.