The contemporary cybercrime ecosystem: A multi-disciplinary overview of the state of affairs and developments

This article provides a multi-disciplinary overview of the contemporary cybercrime ecosystem and its developments. It does so by reviewing and synthesising recent cybercrime research from fields such as cybersecurity, law and criminology. The article also examines ways in which gaps between the aforementioned fields arise and how to lessen them to increase cybersecurity. This article is divided into four main parts. The first part offers background on cybercrime and some of its main elements. It defines terminology, sets out a legal taxonomy of cybercrime offences and presents the estimated costs, threat agents and characteristics of various illicit activities and technical aspects of cybercrime. Parts two, three and four build on this preceding analysis by (separately) examining three prominent threat vectors within the ecosystem – malware, the darknet and Bitcoin and other cryptocurrencies. For each threat vector, the article identifies and investigates features, history, functions and current and expected states of development within the ecosystem. Through its attention to and synthesis of current research and results from different fields, this article offers a synoptic account of the cybercrime ecosystem, which can bridge potential knowledge gaps between fields.     

Cybercrime Tendencies and Legislation in the Republic of Macedonia

The advancement of information and communication technologies opens new venues and ways for cybercriminals to commit crime. There are several different types of cybercrime offences that need to be treated in a separate and different manner. The major international source that provides guidelines for treatment of cybercrime is the Convention on Cybercrime adopted by the Council of Europe and the European Commission Action Plan. The purpose of the paper is to present, discuss and analyze the Macedonian legislation treating cybercrime, with respect to the specific cases typically encountered in practice and the international guidelines concerning cybercrime. The major source of cybercrime legislation in Macedonia is the Criminal Code with provisions thereof in ten of its articles; it addresses cybercrimes such as personal data abuse, copyright and piracy issues, production and distribution of child pornography, computer viruses, intrusions into computer systems, computer fraud and computer forgery. We also present and analyze reports on cybercrime complaints and victims from Macedonia, issued by the Internet Crime Complaint Center and the Macedonian Ministry of Internal Affairs. The reports reveal the unusually high number of complaints for perpetrators and victims originating from Macedonia. Furthermore, we highlight several recent cybercrime cases reported in Macedonia. All things considered, the Macedonian penal legislation is modern and it follows the current European and world standards. It provides guidelines for successful resolution of cybercrime committed in the Republic of Macedonia. However, it could be improved by a more active inclusion of Macedonian authorities in the global response to cybercrime and by stronger enforcement of cybercrime prevention measures and strategies.     

The impact of cybercrime on businesses: a novel conceptual framework and its application to Belgium

Despite growing indications and fears about the impact of cybercrime, only few academic studies have so far been published on the topic to complement those published by consultancy firms, cybersecurity companies and private institutes. The review of all these studies shows that there is no consensus on how to define and measure cybercrime or its impact. Against this background, this article pursues two aims: 1) to develop a thorough conceptual framework to define and operationalize cybercrime affecting businesses as well as its impact, harms, and costs; and 2) to test this conceptual framework with a survey of businesses based in Belgium, which was administered in summer 2016 and elicited 310 valid responses. Consisting of five types, our conceptualization of cybercrime is, unlike others, technology-neutral and fully compatible with the legislation. Drawing on Greenfield and Paoli’s Harm Assessment Framework (The British Journal of Criminology, 53, 864–885, 2013), we understand impact as the overall harm of cybercrime, that is, the “sum” of the harms to material support, or costs, and the harms to other interest dimensions i.e., functional (or operational) integrity, reputation and privacy. Whereas we ask respondents to provide a monetary estimate of the costs, respondents are invited to rate the severity of the harms on the basis of an ordinal scale. We claim that this “double track” gives a fuller, more valid assessment of cybercrime impact. Whereas most affected businesses do not report major costs or harm, 15% to 20% of them rate the harms to their internal operational activities as serious or more, with cyber extortion regarded as most harmful.     

The European Union-Turkey Controversy over Cyprus or a Tale of Two Treaty Declarations

When the European Council in 2004 decided to open accessionnegotiations with Turkey, it linked Turkey's accession processwith the Cyprus problem and made the signature of an AdditionalProtocol to the EC-Turkey Customs Union Agreement extendingthis Agreement to the ten new Member States of the Union, includingthe Republic of Cyprus, a precondition for the start of accessionnegotiations. Not having been recognizing the Republic of Cyprussince 1963, Turkey had to avoid everything that could be interpretedas a recognition of the Republic of Cyprus when concluding theAdditional Protocol. This led Turkey in September 2005 to makea "Declaration on Cyprus" when signing the Protocol which, inturn, triggered a counter declaration by the European Communityand its Member States. The two declarations do not qualify asreservations but are general statements of policy or, at best,interpretative declarations that do not have any effect on thesubstance of the Protocol and that are not binding upon theparties.     

Concerns of cyber criminality in South Africa,Ghana, Ethiopia and Nigeria: rethinking cybercrime policy implementation and institutional accountability

Undoubtedly, some African states have put in place cybercrime legal frameworks and institutional policies to combat cybercrime and curtail the proliferation of the crime globally. Although the cybercrime policy implementation gap is a global problem, this paper notes that these African States have a peculiar challenge of implementation gap or lack of implementation of cybercrime legal frameworks and policies as a basis for cybercrime proliferation and this poses great concerns for internet users. Incentive is comparatively drawn from the United States of America and the United Kingdom in determining what these African governments and institutions should do towards fighting cybercrime.     

The Global Dimension of Cybercrime

Cyberspace and thus cybercrime know no boundaries. This chapter reviews some of the basic forms of cybercrime, draws specific attention to the issues that arise when offences occur across borders and in relation to organised criminal groupings, and provides illustrations based on some of the more celebrated cases of the past few years. The borderless nature of cyberspace and the exponential take-up of digital technology throughout the world guarantee that transnational cybercrime will remain a challenge. Fortunately, many nations are rising to this challenge, individually and collectively, but the web of international cooperation does have its holes and those nations that lag behind the leaders risk becoming havens for cybercriminals of the future.     

Cybercrime investigation in Finland

Nordic police cooperation concerning cybercrimes has been developed during the last few years, e.g. through the Nordic Computer Forensics Investigators (NCFI) and Nordplus training programmes. More empirical research is needed in order to enhance cybercrime investigation and address the training needs of police officers. There is a knowledge gap concerning organizational models for the police’s cybercrime investigation: How the function is organized, what the professional characteristics of the staff are and how to combine computer forensics with crime investigation? The purpose of this paper was to study the organization of cybercrime investigation in Finland. Data were collected by a questionnaire from all 11 local police districts and the National Bureau of Investigation in July–August 2014. In addition, six thematic interviews of cybercrime investigators were conducted in 2014. Three investigation models of computer integrity crimes were found: (1) Computer forensic investigators conduct the entire pre-trial examination, (2) Computer forensic investigators conduct only the computer forensics, and tactical investigation is done by an occasional investigator, (3) Computer forensic investigators conduct only the computer forensics and tactical investigation is centralized to designated investigators. The recognition of various organizational models and educational backgrounds of investigators will help to develop cybercrime investigation training.     

An analysis of cybersecurity in Dutch annual reports of listed companies

In this paper we study the disclosure of cybersecurity information in Dutch annual reports, such as cybersecurity measures and cyber incidents, from a financial law and economics perspective. We start our discussion with an analysis of the requirements in financial law to disclose cybersecurity information in annual reports. Hereafter, we discuss the incentives for the board regarding disclosing cybersecurity related information and its effect on stakeholders and shareholders. We draft hypotheses regarding the actual disclosure of cybersecurity information and propose a research design of an exploring empirical study. The results of our study show that although there is no strict legal obligation to do so, 87% of the companies mention cybersecurity or similar words in their annual report in 2018. However, only 4 out of 75 companies disclosed more than six specific cybersecurity measures, while openness would generate the highest surplus for society from a social welfare perspective. Some major Dutch banks and employment agencies did not disclose any specific information with regard to their cybersecurity strategy, while those companies are highly vulnerable for cybersecurity incidents. This hampers the protection of creditors, investors and other stakeholders. Our analysis aims to propel the debate on stimulation of self-regulation or possible obligations in financial law concerning cybersecurity in annual reports.     

What Could a New Crime Commission Accomplish?

Even though the crime rate in the United States has dropped since the U.S. President's Commission on Law Enforcement and Administration of Justice under President Johnson issued its report in 1967, the total number of serious crimes in the nation has increased, and public concern about the subject remains high. The 1960s Commission did not fully consider several major subjects that have emerged after it reported, including mental illness, immigration, cybercrime and other white collar crimes, indigent defense, crime victims, and evidence‐based crime policy. Many observers believe that the need to deal with these subjects in addition to those discussed by other researchers in this volume warrants an examination of crime and justice by a new commission. Congress has considered proposals for such a study for nearly a decade, but they are yet to be acted on amid ideological disputes over other criminal justice issues. If Congress fails to establish a new commission, it is still possible that one could be formed with the support of state, county, and local governments, as well as with the support of private foundations.     

Cybercrime: Towards an Assessment of its Nature and Impact

This paper discusses some approaches for a comprehensive analysis of cybercrime for both a better understanding of the phenomenon and policies to control it. We first discuss the nature of cybercrime, and review some of the related research issues. In view of its newness, we develop taxonomies for a more systematic classification of the different types of cybercrimes. Next, we explore some of the main empirical questions that need to be studied regarding cybercrime and describe some modeling approaches as well as the data requirements for a better understanding.     

Presidential rhetoric on cybercrime: links to terrorism?

Abstract

Presidents often give speeches about crime issues as a way to convince the public that there are significant problems for which an easy solution can be found. Studies have shown that presidential rhetoric on crime not only influences the public’s perception of the problem, but also the perception of the best solution. More recent research has demonstrated that presidents sometimes draw on the public’s fear of crime as a way to further affect the public’s perception of crime. In other words, presidents link crime with the public’s anxiety about other fearful events as a way to further impact the public’s perception of a problem (and thus further their agenda). This study examines presidential rhetoric on cybercrime to determine if executives link cybercrime with other issues such as national security. The findings provide credibility to both Cavelty’s threat frames approach as well as assertions made regarding the politics of fear.     

A Comparative Analysis of Cybercrimes and Governmental Law Enforcement in China and the United States

Cybercrime has become a growing national and international concern because of its potential for widespread and devastating financial impact. Gauging the effect of cybercrimes is extremely difficult because of its multi-faceted nature and evolving definitions, especially in cross-culture analyses. Using data generated from cybercrime reports from two leading national newspapers during the past ten years, this study compares major cybercrimes and law enforcement in China and the United States. Similarities and differences between the two nations are highlighted and policy implications are presented based on these findings.     

The effect of self-control on victimization in the cyberworld

In light of the differences between traditional forms of victimization and cybercrime victimization, this study examined whether the expansion of self-control theory to the field of victimization could help explain cybercrime victimization as well. This study found that self-control had a weak relationship with multiple forms of cybercrime victimization, but it did not have a direct effect on victimization after controlling for offending measures. Considering that this was incongruent with previous victimization research, these findings raise theoretical and empirical questions for the entire field of victimization regarding the importance of self-control when controlling for relevant peer offending.     

Laws of encryption: An emerging legal framework

This article examines the emerging legal framework of encryption. It reviews the different categories of law that make up this legal framework, namely: export control laws, substantive cybercrime laws, criminal procedure laws, human rights laws, and cybersecurity laws. These laws are analysed according to which of the three regulatory subjects or targets they specifically address: the technology of encryption, the parties to encryption, or encrypted data and communications. For each category of law, illustrative examples of international and national laws are discussed. This article argues that understanding the legal framework of encryption is essential to determining how this technology is currently regulated and how these regulations can be improved. It concludes that the legal framework is the key to discerning the present state and future direction of encryption laws and policies.     

Developments in cybercrime law and practice in Ethiopia

With increasing access to information and communication technologies such as the Internet, Ethiopia has recently taken responsive legislative measures. One such legislative measure is enactment of cybercrime rules as part of the Criminal Code of 2004. These rules penalize three items of computer crimes namely hacking, dissemination of malware and denial of service attacks. The cybercrime rules are however slightly outdated due to changes that have occurred in the field of cybercrime since the enactment of the Code. The surge of new varieties of cybercrimes previously uncovered under the Code and the need to legislate tailored evidentiary and procedural rules for investigation and prosecution of cybercrimes have recently prompted the Ethiopian government to draft modern and comprehensive cybercrime legislation, but the draft law still needs further work on cybercrimes in light of other major legislative developments at regional and national levels. This article closely examines major developments in cybercrime law and practice in Ethiopia since the enactment of the first set of cybercrime rules and proffers recommendations towards a unified cybercrime regime.     

国际反网络犯罪立法及其对我国的启示——以《网络犯罪公约》为中心

《网络犯罪公约》作为国际社会反对网络犯罪、加强国际合作的重要产物，第一次明确了网络犯罪行为的种类及行为人的责任，规定了有关电子证据调查的特殊程序法制度，并确立了网络犯罪管辖的基本原则。但也存在网络犯罪圈划定范围过大、人权与自由保护不足、管辖权过分包容并易导致冲突等问题。因此对该公约需理性看待，应发掘、借鉴其闪光点来推动我国的网络犯罪立法。     

Redefining borders: The challenges of cybercrime

Cybercrime is the newest securitythreat in the world today, and is distinct from anyother threat facing the world. This paper attempts toplace cybercrime in relation to other securitythreats, as well as illustrate the uniquecharacteristics of cybercrime. First, aninvestigation of the major elements of cybercrime willbe conducted. After the parameters of cybercrime havebeen laid out, cybercrime will be analyzed as asecurity threat on both domestic and internationallevels. Finally, current security structures will beexamined for their effectiveness in controlling thethreat posed by cybercrime.     

Cybercrime jurisdiction

The principles that govern a sovereign’s exercise of jurisdiction to prohibit conduct and to sanction those who violate such prohibitions are well-established as to conduct occurring in the real, physical world. These principles evolved over the last several millennia, as law increased in sophistication and life became more complex. Real-world crime is, almost exclusively, a local phenomenon; the perpetrator(s) and victim(s) are all physically present at a specific geographical point when a crime is committed. The principles that govern the exercise of criminal jurisdiction are therefore predicated on the assumption that “crime” is a territorial phenomenon. Cybercrime makes these principles problematic in varying ways and in varying degrees. Unlike real-world crime, it is not physically grounded; cybercrime increasingly tends not to occur in a single sovereign territory. The perpetrator of a cybercrime may physically be in Country A, while his victim is in Country B, or his victims are in Countries B, C, D and so on. The perpetrator may further complicate matters by routing his attack on the victim in Country B through computers in Countries F and G. The result of these and other cybercrime scenarios is that the cybercrime is not committed “in” the territory of a single sovereign state; instead, “pieces” of the cybercrime occur in territory claimed by several different sovereigns.     

Exploration of the Cyberbullying Victim/Offender Overlap by Sex

As usage of the Internet has grown to approximately 657 million users worldwide, criminality online has become more prevalent. Termed “cybercrime,” this form of criminal behavior can occur in several different. While cybercrime in general is fairly new comparably to crimes in the physical realm, one of the most recently recognized forms of cybercrime is cyberbullying. The present study will examine the victimoffender relationship. Results indicate that both males and females with lower levels of self-control were more likely to participate in cyberbullying by posting hurtful messages or pictures to Facebook. Second, both sexes were more likely to cyerbullying via Facebook if they had been cyberbullied as well.     

Diffusion of the Budapest Convention on cybercrime and the development of cybercrime legislation in Pacific Island countries: ‘Law on the books’ vs ‘law in action’

The Council of Europe Convention on Cybercrime,¹ referred to as the Budapest Convention on Cybercrime, has been diffused globally, and is serving as a benchmark or a ‘model law’ for drafting national cybercrime legislation in many countries worldwide. This paper argues that, through the mechanism of ‘state socialization’ combined with incentives, e.g. assistance in building law enforcement capacity, the diffusion of the Budapest Convention has had a profound influence on the development of cybercrime legislation in a number of Pacific Island Countries (PICs).² Some PICs have expressed their great interest in acceding to the Convention and ‘imported’ several provisions from the Convention. This article, nevertheless, contends that these PICs do not seem to consider carefully whether the ‘imported’ law is applicable to their existing law enforcement capacity. It is evident that various domestic factors, such as lack of resources, have deterred the enforcement of cybercrime laws in these countries. As the result, although those PICs would have adequate cybercrime laws ‘on the books’, ‘law in action’ is still feeble.