Chair: Tamar Berenblum
Author: Van de Weijer Steve, NSCR
Title: Predictors of Cybercrime Victimization: Causal Effects or Biased Associations?
During the last two decades the prevalence of cybercrime has increased rapidly and cybercrime has become part of everyday life of citizens. Victim surveys show that a large number of citizens become a victim of cybercrime (e.g., hacking, online consumer fraud, malware-infection) each year. Several studies have shown that a low self-control and specific online activities can predict cybercrime victimization. However, these studies are based on cross-sectional, observational data and it remains therefore unknown whether these predictors also cause victimization or simply reflect an association. In the current study, two quasi-experimental research techniques will be applied on longitudinal data (2008-2016) from the LISS panel, a large representative sample of Dutch households. First, fixed effects panel models will be used to examine whether changes in predictors over time precede changes in cybercrime victimization over time, controlling for all between-individual differences (i.e., all time-constant bias). Second, discordant sibling models will be used to examine the relationship between cybercrime victimization and it’s predictors, while controlling for genetic confounding and bias caused by shared environmental factors. Using these quasi-experimental research designs this study will give a better estimate of the true effect of low self-control and online routine activities on cybercrime victimization.
Keywords: Cybercrime, victims, victimization
Author: Notté Raoul, The Hague University of Applied Sciences / NSCR
Lisanne Slot MSc, The Hague University of Applied SciencesRutger Leukfeldt, NSCR / The Hague University of Applied SciencesSusanne van 't Hoff-de Goede MSc, The Hague University of Applied Sciences
Title: Cybercrime Victimization of Smes: Prevalence and Risk Factors
Cybercrime is a growing problem in our current society. More and more research is been done into victims of cybercrime. Most studies focus on students, civilians or organizations that are part of the vital infrastructure (e.g. the banking industry). Small and medium enterprises (SME) are understudied. However, SMEs account for 99 percent of all companies in the Netherlands and 66 percent of the gross domestic product. Therefore, this study focusses on cybercrime victimization under SMEs. In total, 799 SMEs participated in our survey. The first analysis indicate that cybercrime is a serious problem for SMEs. One out of every 5 SMEs fell victim to one or more forms of cybercrime. Organizations are confronted with a wide range of cybercrimes, from cyber-dependent forms of cybercrime as hacking and malware, to cyber-enabled forms of cybercrime like ransomware and phishing. The extent to which SMEs become victim show coherence with specific characteristics of organizations, for example the number of employees. The results further indicate that SMEs mainly implement technical crime preventive measure and refrain from taking measures aimed at the behavior of employees.
Keywords: Cybercrime, victimization, risk factors, organisations
Author: Paoli Letizia, KU Leuven
Jonas Visschers, Leuven Institute of Criminology, KU Leuven
Title: Cybercrime: a Growing Threat for Businesses? the Results of Two Business Victimization Surveys in Belgium
The paper presents the findings of a 2017-2018 survey on the victimization and impact of cybercrime among Belgian businesses (n = 277) and compares these findings with those of a survey conducted among the same population (n = 310) in 2016. Both surveys draw from a thorough conceptualization of cybercrime and impact. Our conceptualization of cybercrime consists of five types (i.e., illegal access to IT systems, cyber espionage, data/system interference, cyber extortion and internet fraud) and is, unlike others, technology-neutral and fully compatible with the legislation. Drawing on Greenfield and Paoli’s (2013) Harm Assessment Framework, we understand impact as the overall harm, that is, the “sum” of the harms to material support, or costs, and the harms to other interest dimensions i.e., functional (or operational) integrity, reputation and privacy. We are convinced that only the former harms can be monetized and the latter harms should be expressed in non-monetary terms. Although the analysis of the 2017-2018 survey data is not yet finalized, a preliminary comparison reveals that, compared to the 2016 sample, the victimization rates of illegal access to IT systems, data/system interference and cyber extortion are (strikingly) lower in the 2017-2018 sample, whereas the rate of cyber espionage is substantially higher in the latter sample. The victimization rate of internet fraud is similar in both samples. The paper also compares the impact of cybercrime in both samples.
Keywords: Cybercrime, victims, victimization
Author: Berenblum Tamar, The Hebrew University
Rutger Leukfeldt (NSCR)Wouter Steenbeek (NSCR)David Maimon (University of Maryland)Shai Amram (The Hebrew University)David Weisburd (The Hebrew University)
Title: Criminological Theory and Computer Network Vulnerabilities
While empirical research on computer-focused crimes has increased, little is known about the communities most at risk. In this research project, we seek to identify whether vulnerabilities to Wi-Fi access point trespassing are spatially clustered and we assess whether sociodemographic and socioeconomic characteristics of communities correlate with their risk of having their privacy compromised. Using wardriving methodology, vulnerabilities of private Wi-Fi access points in Tel Aviv and Amsterdam were mapped and spatial statistics were used to assess the spatial clustering of this cybersecurity threat. Our findings and its implication for the susceptibility to cybercrime victimization will be presented.
Keywords: Cybercrime, victims, wifi, wardriving, spatial clustering
Author: Munk Tine, Middlesex University-The Criminology and Sociology Department-The School of Law
Title: Death of the online privacy myth
The right to privacy protects citizens against unnecessary and heavy-handed state surveillance and intrusion into citizens personal life. However, online privacy should be extended to cover all aspect of online activities. In the current online environment, social media platforms, online businesses and Internet service providers are managing users’ personal data with little regard to their privacy. The Facebook/ Cambridge Analytica data scandal (2018) has revealed a scary reality, where social media user’s data are being misused beyond the original consent given according to 'terms and conditions'. Online users are aware of state surveillance and meta-data collection for various reasons. Yet, online users seem largely unaware and undisturbed about social media platforms and Internet businesses practices of data-collection, user profiles and the sales of data to third parties. There seems to be a disproportionate relationship between online users' right to privacy vs business interests. Moreover, the current debate about data ownership has revealed an unpleasant reality about social media’s insufficient privacy and data protection. 2018 has been a watershed moment where information about data and privacy has moved into the public sphere. This paper will explore the right to privacy vs Internet businesses’ use of data. The paper will focus on the lack of regulation and data control vs. the rights of online users.
Keywords: Online privacy, Facebook, data ownership, regulation, Internet businesses, social media