Origin, growth and criminal capabilities of cybercriminal networks. An international empirical analysis
- 811 Downloads
Two recent studies which are part of the Dutch Research Program on the Safety and Security of Online Banking, present empirical material regarding the origin, growth and criminal capabilities of cybercriminal networks carrying out attacks on customers of financial institutions. This article extrapolates upon the analysis of Dutch cases and complements the existing picture by providing insight into 22 cybercriminal networks active in Germany, the United Kingdom and the United States. The analysis regarding origin and growth shows that social ties play an important role in the majority of networks. These networks usually originate and grow either by means of social contacts alone or by the combined use of social contacts and forums (to recruit specialists). Equally, however, forums play a vital role within the majority of the networks by offering a place where co-offenders can meet, recruit and trade criminal ‘services’. Moreover, those networks where origin and growth is primarily based on forums appear capable of creating more flexible forms of cooperation between key members and enablers, thereby facilitating a limited number of core members to become international players. Analysis of the capabilities of criminal networks shows that all networks are primarily targeted towards customers of financial institutions, but most networks are not restricted to one type of crime. Core members are often involved in other forms of offline and online crime. The majority of networks fall into the high-tech category of networks, mostly international, high-tech networks. These are networks with core members, enablers, and victims originating from different countries.
KeywordsCybercrime Criminal networks Social opportunity structures Offender convergence settings Phishing Malware
- 5.Leukfeldt, E.R., Kleemans, E.R., & Stol, W.P. (2016b). A typology of cybercriminal networks: From low tech locals to high tech specialists. Crime, Law and Social Change. doi: 10.1007/s10611-016-9646-2.
- 6.Lu, Y., Luo, X., Polgar, M., & Cao, Y. (2010). Social network analysis of a criminal hacker community. Journal of Computer Information Systems, 51(2), 31–41.Google Scholar
- 7.Peretti, K. K. (2008). Data breaches: what the underground world of “carding” reveals. Santa Clara Computer and High Technology Law Journal, 25(2), 345–414.Google Scholar
- 9.Yip, M., Shadbolt, N., & Webber, C. (2012). Structural Analysis of Online Criminal Social Networks. Proceedings of the IEEE International Conference on Intelligence and Security Informatics (ISI) 2012, 60–65. June 11–14, 2012, Washington.Google Scholar
- 10.Kleemans, E. R., van de Bunt, H. G., & van den Berg, E. A. I. M. (1998). Georganiseerde criminaliteit in Nederland. Rapportage op basis van de WODC Monitor [Organized Crime in the Netherlands]. The Hague: Ministry of Justice / WODC.Google Scholar
- 11.Kruisbergen, E. W., van de Bunt, H. G., & Kleemans, E. R. (2012). Georganiseerde criminaliteit in Nederland. Vierde rapportage op basis van de Monitor Georganiseerde Criminaliteit [Organized Crime in the Netherlands]. The Hague: WODC.Google Scholar
- 12.Lastdrager, E. E. H. (2014). Achieving a consensual definition of phishing based on a systematic review of the literature. Crime Science, 3(9), 1–6.Google Scholar
- 13.Leukfeldt, E. R. (2014). Cybercrime and social ties. Phishing in Amsterdam. Trends in Organized Crime, 17(4), 231–249.Google Scholar
- 14.Kleemans, E. R. (2014). Organized crime research: Challenging assumptions and informing policy. In J. Knutsson & E. Cockbain (Eds.), Applied police research: challenges and opportunities. Crime science series. Cullompton: Willan.Google Scholar