Abstract
Cybercrime may destabilise organisations and society due to the social, financial, emotional, psychological, and physical impacts. The purpose of this paper was to investigate cybercrime reporting behaviour and the factors that influence it. South African state-owned entities were the focus of attention given their strategic role, which requires that attention be given to improving their cybersecurity practices, such as cybercrime reporting in an increasingly digital society. The conceptual framework was developed using themes from the cybercrime literature, and the Theory of Planned Behaviour (TPB) as a lens. The study used a quantitative method, and data was collected online using a questionnaire survey. One hundred and three complete responses were received from employees working in South African state-owned entities. Factors that were identified as influencing cybercrime reporting behaviour were self-efficacy and facilitating conditions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abdullah, A.T.M., Jahan, I.: Causes of cybercrime victimization: a systematic literature review. Int. J. Res. Rev. 7(5), 89–98 (2020)
Ahmad, A., Ahmad, R., Hashim, K.F.: Innovation traits for business intelligence successful deployment. J. Theor. Appl. Inf. Technol. 89(1), 96 (2016)
Ajzen, I.: The theory of planned behavior. Organ. Behav. Hum. Decis. Process. 50(2), 179–211 (1991)
Al-Khater, W.A., Al-Maadeed, S., Ahmed, A.A., Sadiq, A.S., Khan, M.K.: ComÂprehensive review of cybercrime detection techniques. IEEE Access 8, 137293–137311 (2020)
Almazkyzy, K., Esteusizov, Y.N.: The essence and content of cybercrime in modern times. J. Adv. Res. Law Econ. 9, 834 (2018)
Alotaibi, N.B.: Cyberbullying and the expected consequences on the students’ academic achievement. IEEE Access 7, 153417–153431 (2019)
Alrwais, O., Alhodaib, E.: What derives people to use reporting functions on social networks? Int. J. Appl. Inf. Syst. 12(25), 10–16 (2019)
Apau, R., Koranteng, F.N.: Impact of cybercrime and trust on the use of eÂcommerce technologies: an application of the theory of planned behavior. Int. J. Cyber Criminol. 13(2), 228–254 (2019)
Baror, S.O., Ikuesan, R.A., Venter, H.S.: A defined digital forensic criteria for cybercrime reporting. In: International Conference on Cyber Warfare and Security, pp. 617 626. Academic Conferences International Limited (2020). https://doi.org/10.34190/ICCWS.20.056
Bell, A.J.C., Rogers, M.B., Pearce, J.M.: The insider threat: Behavioral indicators and factors influencing likelihood of intervention. Int. J. Crit. Infrastruct. Prot. 24, 166–176 (2019). https://doi.org/10.1016/j.ijcip.2018.12.001
Bhattacherjee, A.: Social Science Research: Principles, Methods, and Practices. University of South Florida (2012)
Bidgoli, M., Grossklags, J.: End-user cybercrime reporting: what we know and what we can do to improve it. In: 2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF), pp. 1–6. IEEE (2016)
Burns, S., Roberts, L.: Applying the theory of planned behaviour to predicting online safety behaviour. Crime Prev. Community Saf. 15(1), 48–64 (2013). https://doi.org/10.1057/cpcs.2012.13
Cheng, C., Chan, L., Chau, C.L.: Individual differences in susceptibility to cyber-crime victimization and its psychological aftermath. Comput. Hum. Behav. 108, 106311 (2020)
Christou, G.: The challenges of cybercrime governance in the European Union. Eur. Polit. Soc. 19(3), 355–375 (2018)
Collier, B., Thomas, D.R., Clayton, R., Hutchings, A., Chua, Y.T.: Influence, infrastructure, and recentering cybercrime policing: evaluating emerging approaches to online law enforcement through a market for cybercrime services. Policing Soc. 32(1), 103–124 (2021)
Cross, C.: Expectations vs reality: responding to online fraud across the fraud justice network. Int. J. Law Crime Justice 55, 1–12 (2018)
DeKimpe, L., Ponnet, K., Walrave, M., Snaphaan, T., Pauwels, L., Hardyns, W.: Help, I need somebody: examining the antecedents of social support seeking among cybercrime victims. Comput. Hum. Behav. 108, 106310 (2020)
Dlamini, S., Mbambo, C.: Understanding policing of cybercrime in South Africa: the phenomena, challenges and effective responses. Cogent Soc. Sci. 5(1), 1675404 (2019)
Dremliuga, R.I., Korobeev, A.I., Mamychev, A.Y., Miroshnichenko, O.I.: Trends and methods of fighting cybercrime in the Russian Federation in terms of the transition to a digital economy. Laplage em Rev. 7(2), 191–200 (2021)
Eboibi, F.E.: Concerns of cybercriminality in South Africa, Ghana, Ethiopia and Nigeria: rethinking cybercrime policy implementation and institutional accountability. Commonw. Law Bull. 46(1), 78–109 (2020)
FBI IC3: Internet Crime Report 2021. Technical report I, FBI Internet Crime Complaint Center (IC3) (2021)
Fissel, E.R.: The reporting and help-seeking behaviors of cyberstalking victims. J. Interpers. Violence 36(11–12), 5075–5100 (2021)
Hadlington, L.: Human factors in cybersecurity; examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviours. Heliyon 3(7), e00346 (2017)
Hall, T., Sanders, B., Bah, M., King, O., Wigley, E.: Economic geographies of the illegal: the multiscalar production of cybercrime. Trends Organized Crime 24(2), 282–307 (2021)
Hite, D.M., Voelker, T., Robertson, A.: Measuring perceived anonymity: the development of a context-independent instrument. J. Methods Meas. Soc. Sci. 5(1), 22–39 (2014)
Humaidi, N., Balakrishnan, V.: Indirect effect of management support on users’ compliance behaviour towards information security policies. Health Inf. Manag. J. 47(1), 17–27 (2018)
Ibrahim, S.: Social and contextual taxonomy of cybercrime: socioeconomic theory of Nigerian cybercriminals. Int. J. Law Crime Justice 47, 44–57 (2016)
Internet live stats: internet live stats-internet usage social media statistics (2020)
Jadoon, A.K., Iqbal, W., Amjad, M.F., Afzal, H., Bangash, Y.A.: Forensic analysis of Tor browser: a case study for privacy and anonymity on the web. Forensic Sci. Int. 299, 59–73 (2019)
Jerome, B.: Criminal investigation and criminal intelligence: example of adaptation in the prevention and repression of cybercrime. Risks 8(3), 99 (2020)
Jhaveri, M.H., Cetin, O., Gaiian, C., Moore, T., Eeten, M.V.: Abuse reporting and the fight against cybercrime. ACM Comput. Surv. (CSUR) 49(4), 1–27 (2017)
Kemp, S.: Fraud reporting in Catalonia in the Internet era: determinants and motives. Eur. J. Criminol. 1477370820941405 (2020)
Kshetri, N.: The simple economics of cybercrimes. IEEE Secur. Priv. 4(1), 33–39 (2006)
Kwak, Y., Lee, S., Damiano, A., Vishwanath, A.: Why do users not report spear-phishing emails? Telematics Inform. 48, 101343 (2020)
Lagazio, M., Sherif, N., Cushman, M.: A multi-level approach to understanding the impact of cybercrime on the financial sector. Comput. Secur. 45, 58–74 (2014)
MacDermott, A., Baker, T., Buck, P., Iqbal, F., Shi, Q.: The Internet of Things: challenges and considerations for cybercrime investigations and digital forensics. Int. J. Digital Crime Forensics 12(1), 1–13 (2020)
Mcanyana, W., Brindley, C., Seedat, Y.: Insight into the cyberthreat landscape in South Africa. Technical report (2020). https://www.accenture.com/_acnmedia/PDF-125/Accenture-Insight-Into-The-Threat-Landscape-Of-South-Africa-V5.pdf
Monteith, S., Bauer, M., Alda, M., Geddes, J., Whybrow, P.C., Glenn, T.: Increasing cybercrime since the pandemic: concerns for psychiatry. Curr. Psychiatry Rep. 23(4), 1–9 (2021)
Riek, M., Bohme, R.: The costs of consumer-facing cybercrime: an empirical exploration of measurement issues and estimates. J. Cybersecurity 4(1), tyy004 (2018)
Robinson, M., Jones, K., Janicke, H., Maglaras, L.: Developing cyber-peacekeeping: observation, monitoring and reporting. Gov. Inf. Q. 36(2), 276–293 (2019)
RSA National Treasury: Public Institutions Listed in Pfma Schedule 1 , 2 , 3a, 3B , 3C and 3D As At 30 April 2015. Technical report May, RSA National Treasury (2015). http://www.treasury.gov.za/legislation/pfma/publicentities/2015-04-30PublicinstitutionsSch1-3D.pdf
Saunders, M.: Research Methods for Business Students. Pearson (2014)
Stratton, G., Powell, A., Cameron, R.: Crime and justice in digital society: towards a ‘digital criminology’? Int. J. Crime Justice Soc. Democr. 6(2), 17 (2017)
Straub, D., Boudreau, M.C., Gefen, D.: Validation guidelines for IS positivist research. Commun. Assoc. Inf. Syst. 13(1), 24 (2004)
Tan, M.T., Teo, T.S.: Factors influencing the adoption of Internet banking. J. Assoc. Inf. Syst. 1(1), 5 (2000)
Touhill, G.: New study reveals cybercrime may be widely underreported even when laws mandate disclosure (2019)
Umlauf, M.G., Mochizuki, Y.: Predatory publishing and cybercrime targeting academics. Int. J. Nurs. Pract. 24, e12656 (2018)
Venkatesh, V., Brown, S.A., Bala, H.: Bridging the qualitative-quantitative divide: Guidelines for conducting mixed methods research in infomation systems. MIS Quart. Manag. Inf. Syst. 37(1), 21–54 (2013). https://doi.org/10.25300/MISQ/2013/37.1.02
Wang, H., He, D., Liu, Z., Guo, R.: Blockchain-based anonymous reporting scheme with anonymous rewarding. IEEE Trans. Eng. Manage. 67(4), 1514–1524 (2020). https://doi.org/10.1109/TEM.2019.2909529
Van de Weijer, S., Leukfeldt, R., Van der Zee, S.: Reporting cybercrime victimization: determinants, motives, and previous experiences. Policing 43(1), 17–34 (2020). https://doi.org/10.1108/PIJPSM-07-2019-0122/FULL/XML
Van de Weijer, S.G., Leukfeldt, R., Bernasco, W.: Determinants of reporting cybercrime: a comparison between identity theft, consumer fraud, and hacking. Eur. J. Criminol. 16(4), 486–508 (2019). https://doi.org/10.1177/1477370818773610
Srirama, S.N., Lin, J.-W., Bhatnagar, R., Agarwal, S., Reddy, P.K. (eds.): BDA 2021. LNCS, vol. 13147. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-93620-4
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix A: Research Instrument
Appendix A: Research Instrument
Item | Description [Italicised Items dropped] |
---|---|
LEA1 LEA2 LEA3 LEA4 LEA5 LEA6 | The Law Enforcement Agencies lack the capacity to deal with cybercrime effectively Cybercriminals are more advanced than Law Enforcement Agencies Law Enforcement Agencies are too busy to deal with cybercrime The Law Enforcement Agencies know how to catch cybercriminals (R) The Law Enforcement Agencies do their utmost to help address cybercrime (R) The Law Enforcement Agencies are easy to approach for cybercrime cases (R) |
EM1 EM2 EM3 EM4 EM5 EM6 EM7 EM8 EM9 | I fear becoming a victim of cybercrime I am concerned that I can become a victim of cybercrime If I became a victim of cybercrime, it could have serious consequences I want cybercriminals to be caught I want to prevent cybercriminals from doing harm to the organisation I want to prevent cybercrime incidents from happening to me I am afraid cybercriminals can take revenge I would be ashamed if I fell victim to the cybercrime I think cybercrime victimisation would be my own fault |
AWA1 AWA2 AWA3 AWA4 | I am aware of my role in keeping the company protected from potential cybercriminals It is hard to know how I can help protect the organisation from cybercrime I understand the risks of cybercrime to individuals in the organisation I do not pay attention to company material about cybercrime threats |
CB1 CB2 CB3 | Cybercrime might damage the reputation of the company affecting revenue Reporting cybercrime will get the cybercrime damage compensated Cybercriminals only target a company when there is a financial gain |
SN1 SN2 SN3 SN4 | I will report cybercrime if I see people around me report it I would never report cybercrime regardless of how many colleagues report it I feel like I should do according to what my colleagues think about cybercrime reporting My colleagues would disapprove of me not reporting cybercrime |
SE1 SE2 SE3 | I feel confident that I could quickly retrieve accurate contact information of who to report cybercrime I am confident of my ability to report cybercrime I am confident that I would be able to report the signs of cybercrime |
FC1 FC2 FC3 | I have the necessary resources to report cybercrime I have the necessary knowledge to report cybercrime I have enough experience to report cybercrime incidents |
AR1 AR2 AR3 AR4 AR5 | When I report cybercrime in my organisation, I am confident that others do not know who I am When I report cybercrime in my organisation, I believe that my personal identity remains unknown to others When I report cybercrime in my organisation, I am easily identified as an individual by others (R) When I report cybercrime in my organisation, others are likely to know who I am (R) When I report cybercrime in my organisation, my personal identity is known to others (R) |
BI1 BI2 BI3 | I intend to report cybercrime to inform against its illegal activities My reporting against cybercrime would positively benefit the victim My non-involvement in cybercrime reporting saves lives, prevents trauma, distress, depression, and discomfort to others |
CRB1 CRB2 CRB3 CRB4 | I assist my colleagues in reporting cybercrime I always recommend other colleagues to report cybercrime I practise recommended cybercrime reporting behaviour as much as possible I comply with cybercrime reporting policies when performing my daily work |
Rights and permissions
Copyright information
© 2022 IFIP International Federation for Information Processing
About this paper
Cite this paper
Pilane, K., Ruhwanya, Z., Brown, I. (2022). Factors Influencing Cybercrime Reporting Behaviour in South African State-Owned Entities. In: Clarke, N., Furnell, S. (eds) Human Aspects of Information Security and Assurance. HAISA 2022. IFIP Advances in Information and Communication Technology, vol 658. Springer, Cham. https://doi.org/10.1007/978-3-031-12172-2_23
Download citation
DOI: https://doi.org/10.1007/978-3-031-12172-2_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-12171-5
Online ISBN: 978-3-031-12172-2
eBook Packages: Computer ScienceComputer Science (R0)