In 2018 RISCS expanded its interdisciplinary research community to develop further collaboration between the social sciences and cyber security professions. This was complemented by development of a new cyber crime-focused research programme, commissioned by the Home Office, via funding from the National Cyber Security Programme. The research programme comprises both longer-term, multi-year research projects and also shorter-term research.
AMoC: Advanced Modelling of Cyber Criminal Careers – New technology and intelligence from online evidence bases
Cyber crime is not a solitary and anti-social activity, but one where social interaction plays a critical role in the recruitment, training and professional advancement of criminals. AMoC’s multidisciplinary approach will form a detailed understanding of the characteristics of cyber offenders, their behavioural patterns and their career progression and lifecycle in cyber crime by combining expertise in intelligent technologies and security informatics with methodological social science approaches in psychology, (socio)linguistic theory and law enforcement.
The overall aim of this project is to tackle cyber crime by understanding the social and economic development of cyber criminal careers, and will be achieved by: analysing different evidential sources to engender a better understanding of the characteristics of cyber offenders and how communities thereof react to interventions and; developing new techniques and software tools that support law enforcement agencies to detect and investigate cyber offenders, cyber threats and online networks.
Project Lead: Prof Awais Rashid, University of Bristol
Case by Case: Building a database on Cybercriminal Business Models
This project focuses on the business models of cybercriminal groups. Its goal is to build a database of closed cybercrime cases that illustrates different group structures. This will move the discussion of cybercriminal organisations from generalities to a richer micro-level understanding, thereby making it more feasible for law enforcement to identify vulnerabilities in organisational structures and to target disruptive interventions effectively.
Project Lead: Dr Jonathan Lusthaus, University of Oxford
Connecting delayed pre-commitment with cyber awareness in order to address the perception gap and present bias
This project is looking at how to improve cyber-security in small businesses (less than 50 employees) and charities. The focus is on the human-aspects of the cyber-security and the barriers that small organizations face in adopting cyber best practice.
As part of the project small organizations are being asked to complete a cyber-security health check with KITC Solutions (the University of Kent student led IT consultancy). The health check is built around the NCSC Small Business Guide. At the end of the health-check intervention will be trialed that is designed to help overcome procrastination. Before and 3 months after the health check the participants will be surveyed about cyber behavior in their organization. This allows exploration of the effect of the health-check and intervention. As part of the project a typology of small business behavior is being developed, which also considers how amenable businesses might be to cyber advice and the adoption of behavioural tools to overcome procrastination.
The project involves co-ordination with the regional cyber protect officers in Kent and the Midlands, as well as regional business and charity support organisations such as Voluntary Action Leicestershire, Coventry Council, Coventry and Warwickshire Chambers of Commerce. More information about the project is available at https://cyberprotect.our.dmu.ac.uk.
Project Lead: Dr Anna Cartwright, Coventry University
Evaluating Criminal Transactional Methods in Cyberspace as Understood in an International Context
This project is an exploration of what is currently known in the academic and grey literature about the financial aspects of various cybercriminal business models. Our project has three prominent characteristics: it is multilingual (English, Russian, Chinese, Spanish and French); it provides background on education, law enforcement strategy, and regulation vis-à-vis cybercrime in countries with significant internet user bases; and it analyses how cybercriminals conduct financial transactions, to the extent of our understanding of these transactions. To understand transactions in reference to cybercrime, this research will also develop a typology of economic ecosystems and transaction types that cybercriminals use, identifying the products and services that cybercriminals leverage to transact value and how cybercriminals access these products and deploy them.
Project Lead: Dr Rajeev Gundar, Flinders University
Gentle Interventions for Security (GIFS)
Users are still at the centre of cyber security and are responsible for making a large number of security related decisions on a daily basis, despite a lack of understanding of the risks involved. Drawing from the literature and theoretical frameworks surrounding habit formation in health-related behaviours and from successful ambient “nudge” interventions in the areas of work-breaks and health, this project aims to explore the potential for ambient displays (such as small, desktop light boxes) to gently encourage more secure habits in workplace office contexts at times tied specifically to the behaviour in question. One of the important features of this project is a user-centred approach, aiming to identify what security behaviours should be the focus, and the form the ambient displays should take through the research itself, and iterating the displays before conducting a final evaluation. To this end, taking a mixed methods approach, this project aims to:
identify how security behaviours could be encouraged or discouraged through ambient displays,
identify the most effective ambient features to use in such interventions,
develop an ambient display in line with this research and finally,
evaluate the effectiveness of such a display on security behaviours.
Project Lead: Dr Emily Collins, University of Cardiff
Online Ties Taking Over? (OTTO) – A longitudinal study into actual vs perceived cybercriminal behaviour of offline vs online social ties among youth
This longitudinal project aims to address the research question ‘To what extent is there a causal relationship between individuals’ social ties and their cybercriminal behavior?’. The project also investigates whether peer effects differ for cyber delinquent and traditional delinquent behavior. Research from traditional crime areas suggests there is a strong relationship between an individual’s criminal behavior and the criminal behavior of their social ties. This project aims to explore whether this is true also of cyber offenders, building on initial evidence suggesting that cyber criminals tend to have more cyber criminal social ties than non-offenders. However, this project aims to address some methodological issues with previous research by employing more reliable longitudinal methodologies and obtaining direct measures of peer offending behaviours (for peers at school), rather than just measuring perceptions.
The research includes young people in the Netherlands, with survey data to be collected in 3 waves. Surveys at IT-schools examine self-reported cyber criminal behaviour of a high-risk sample of juveniles and young adults (aged 12-23) together with those of respondents’ social peers. It will distinguish between online and offline social peers. As a result, it will explore the extent of any causal relationship between social ties (either traditional or online) and cyber criminal behaviour. The longitudinal aspect will help to distinguish between peer influence and peer selection as shifting social relationships (and changes in self-reported behaviour) are explored over time.
The findings from this research will help to build the evidence base regarding our understanding of cyber offenders and the factors that influence cyber offending behavior. This in turn will help to inform policymakers, schools, and law enforcement regarding how interventions could be designed to target these factors and prevent young people from becoming involved in cyber crime.
Project Lead: Dr Marleen Weulen Kranenbarg, Vrije Universiteit (VU) Amsterdam
Understanding, Preventing and Responding to Cybercrime: Investigative interviewing of cybercrime victims to gain best evidence
This project aims to study and improve techniques for police interviewing of cybercrime victims. There is a range of evidence available regarding best practice in terms of how police can best interview traditional crime victims. However, the experience of being a victim of cyber crime is likely to differ in a number of ways to traditional crime, for example, in terms of eliciting technical information regarding the crime and the potential impacts on victim cognitive function and memory retrieval from use of digital devices. Alongside difficulties with the apparent anonymity of offenders and the need to build rapport with victims, these types of issues may potentially present law enforcement different types of challenges when it comes to interviewing cyber crime victims, as compared to victims of traditional crime. This research will therefore focus on better understanding the types of interviews with victims being conducted by law enforcement, how they are conducted, the challenges interviewers face and how they could be improved (for example whether more cognitive interview techniques should be employed).
Project Lead: Eerke Boiten, De Montfort University
Victims of Computer Misuse Crime
The aim of this project is to investigate the experiences of victims of computer misuse offences. The changes in questions to the Crime Survey for England and Wales (CSEW) had exposed almost half of all crime was now accounted for by fraud and computer misuse offences. Both areas have been lightly researched compared to other volume crimes, but for the latter the gaps in knowledge are even more stark with very few studies.
This project embarked with the broad aims to:
• To examine the nature and impact of computer misuse related crime on victims; and
• To assess the support provided to such victims and identify better means to prevent such crime.
• To examine the experiences and perceptions of those victims who have experienced a law enforcement response.
The project approach involves an online survey of 252 individual victims of computer misuse and 52 depth interviews with 38 individual and 14 SME/O victims; along with stakeholder interviews, a review of the literature and analysis of websites where victims report.
Project Lead: Mark Button, University of Portsmouth