Online victimization risk and self-protective strategies: developing police-led cyber fraud prevention programs

ABSTRACT

The prevalence and impact of cyber fraud continues to increase exponentially with new and more innovative methods developed by offenders to target and exploit victims for their own financial reward. Traditional crime reaction methods used by police have proved largely ineffective in this context, with offenders typically located outside of the police jurisdiction of their victims. Given this, some police agencies have begun to adopt a victim focused, crime prevention approach to cyber fraud. The current research explores with a sample of two hundred and eighteen potential cyber fraud victims, the relationship between online victimization risk, knowledge and use of crime prevention strategies. The study found those most at risk of cyber fraud victimization despite accurate perceptions of risk and knowledge of self-protective behaviors in the online environment underutilise online prevention strategies. This research has important implications for police agencies who are designing and delivering cyber fraud education. It provides guidance for the development of effective prevention programs based on practical skills development.     

Patching the patchwork: appraising the EU regulatory framework on cyber security breaches

Breaches of security, a.k.a. security and data breaches, are on the rise, one of the reasons being the well-known lack of incentives to secure services and their underlying technologies, such as cloud computing. In this article, I question whether the patchwork of six EU instruments addressing breaches is helping to prevent or mitigate breaches as intended. At a lower level of abstraction, the question concerns appraising the success of each instrument separately. At a higher level of abstraction, since all laws converge on the objective of network and information security – one of the three pillars of the EU cyber security policy – the question is whether the legal ‘patchwork’ is helping to ‘patch’ the underlying insecurity of network and information systems thus contributing to cyber security. To answer the research question, I look at the regulatory framework as a whole, from the perspective of network and information security and consequently I use the expression cyber security breaches. I appraise the regulatory patchwork by using the three goals of notification identified by the European Commission as a benchmark, enriched by policy documents, legal analysis, and academic literature on breaches legislation, and I elaborate my analysis by reasoning on the case of cloud computing. The analysis, which is frustrated by the lack of adequate data, shows that the regulatory framework on cyber security breaches may be failing to provide the necessary level of mutual learning on the functioning of security measures, awareness of both regulatory authorities and the public on how entities fare in protecting data (and the related network and information systems), and enforcing self-improvement of entities dealing with information and services. I conclude with some recommendations addressing the causes, rather than the symptoms, of network and information systems insecurity.     

The impact of China's 2016 Cyber Security Law on foreign technology firms,and on China's big data and Smart City dreams

Chinese officials are increasingly turning to a policy known as Informatisation, connecting industry online, to utilise technology to improve efficiency and tackle economic developmental problems in China. However, various recent laws have made foreign technology firms uneasy about perceptions of Rule of Law in China. Will these new laws, under China's stated policy of “Network Sovereignty” (“网络主权” “wangluo zhuquan”) affect China's ability to attract foreign technology firms, talent and importantly technology transfers? Will they slow China's technology and Smart City drive? This paper focuses on the question of whether international fears of China's new Cyber Security Law are justified. In Parts I and II, the paper analyses why China needs a cyber security regime. In Parts III and IV it examines the law itself.     

基于SCP范式的集中度与研发度相关性研究——以中国高技术产业为例

市场结构和技术创新一直是中国产业发展中的两个热点问题,它们对产业的发展都有重要影响。该文以中国高技术产业发展实际情况为基础,结合国内相关外学者的研究成果,对集中度与研发度的相关性进行了分析。实证结果表明,目前产业集中度对中国高技术产业R＆D强度的影响是负向显著的,这一结果是与中国高技术产业发展的特定历史阶段相联系的。     

Political security: from the 1990s to the Arab Spring

The 1994 Human Development Report (HDR) set out the definition and parameters of political security in fewer than 400 words. It was defined as the prevention of government repression, systematic violation of human rights and threats from militarization. This was intended to establish an agenda that would protect people against states that continued to practice political repression, systematic torture, ill treatment and disappearance. Yet, the concept of political security has evolved in both theory and practice. This has been done through an ongoing debate, which has been shaped more by immediate crises and the practice of international relations, than the parameters set out in the 1994 HDR report. In practice, achieving the ambitions of the political security agenda has become tied to questions of humanitarian assistance and intervention. This was narrowly interpreted throughout the 1990s as a debate surrounding the nature and legitimacy of humanitarian intervention. In the 2000s, this was institutionalized into a Responsibility to Protect agenda, only to see the second decade of the twenty-first century reveal the need for a far more complex and nuanced debate about how this should be carried out.     

政策分析的主要类型及其评述

通过梳理托马斯·戴逸、卡尔·帕顿、大卫·沙维奇、威廉·邓恩、斯图亚特·S.内格尔、叶海卡·德罗尔、戈登等代表人物的重要观点,可以认为政策分析理论从不同角度看存在政策分析与政策倡议、研究型分析与快速分析、前瞻性分析与回溯性分析、内容分析与过程分析、微观分析与宏观分析、政策的分析与为政策进行的分析等六大类型。通过类型研究,可以更多了解政策分析的范畴、多样性和目标差异等。     

混合斑中精子DNA抽提方法的改进

目的改善混合斑中精子DNA的抽提效率。方法对不同条件下的混合斑采用不同方法提取精子DNA,进行PCR扩增及STR分型。结果联合运用Chelex法和商品化试剂盒进行精子DNA抽提,可比普通Chelex法快速、准确。结论Chelex法与商品化试剂盒的联合运用可提高混合斑DNA分型的成功率。     

A typology of hackers: Classifying cyber malfeasance using a weighted arc circumplex model

Cyber attacks continue to increase in frequency and variety, making cyber malfeasance a rising area of study and a major policy issue. Categorizing cyber attackers aids targeted organizations in efficiently directing resources to enhance security. However, extant hacker typologies do not fully account for the multifaceted nature of cyber malfeasance, including the rise in socially and ideologically motivated hacking (e.g. crowdsourcing, hacktivism). I clarify the current state of the field by uniting recent case studies on hackers with existing categorization techniques. Previous researchers have employed circumplex models—visualizations which depict relationships and boundaries between groups—as a way to organize hacker types. I propose an updated model—a weighted arc circumplex model—that is designed to represent the multidimensional nature of contemporary hacker types by offering a means of visually representing multiple motivations simultaneously. Finally, I demonstrate how archetypical circumplex models can be wed with sociograms to depict social and technical relationships between hacker groups.     

当前贵州R&D投入强度形势分析及思考

2010年以来,贵州省RD资源开发势头良好,但RD经费投入强度形势较为严峻,存在RD人才总量不足、工业企业RD投入强度下降、财政科技投入对全社会RD活动的带动作用较弱、RD人员待遇偏低、一半以上市、州RD经费总量小、地区生产总值增速明显高于RD经费支出增速等问题,据此,给出了相关建议。     

Cyber terrorism challenges: The need for a global response to a multi-jurisdictional crime

With the widespread concerns about cyber terrorism and the frequent use of the term “cyber terrorism” at the present time, many international organisations have made efforts to combat this threat. Since cyber terrorism is an international crime, local regulations alone are not able to defend against such attacks; they require a transnational response. Therefore, an attacked country will invoke international law to seek justice for any damage caused, through the exercise of universal jurisdiction. Without the aid of international organisations, it is difficult to prevent cyber terrorism. At the same time, international organisations determine which state court, or international court, has the authority to settle a dispute. The objective of this paper is to analyse and review the effectiveness and sufficiency of the current global responses to cyber terrorism through the exercise of international jurisdiction. This article also touches upon the notion of cyber terrorism as a transnational crime and an international threat; thus, national regulations alone cannot prevent it. The need for an international organisation to prevent and defend nations from cyber terrorism attacks is pressing. This paper finds that, as cyber terrorism is a transnational crime, it should be subjected to universal jurisdiction through multinational cooperation, and this would be the most suitable method to counter future transnational crimes such as cyber terrorism.