Cybercrime: Understanding and addressing the concerns of stakeholders

Cybercrime and cybercriminal activities continue to impact communities as the steady growth of electronic information systems enables more online business. The collective views of sixty-six computer users and organizations, that have an exposure to cybercrime, were analyzed using concept analysis and mapping techniques in order to identify the major issues and areas of concern, and provide useful advice. The findings of the study show that a range of computing stakeholders have genuine concerns about the frequency of information security breaches and malware incursions (including the emergence of dangerous security and detection avoiding malware), the need for e-security awareness and education, the roles played by law and law enforcement, and the installation of current security software and systems. While not necessarily criminal in nature, some stakeholders also expressed deep concerns over the use of computers for cyberbullying, particularly where younger and school aged users are involved. The government's future directions and recommendations for the technical and administrative management of cybercriminal activity were generally observed to be consistent with stakeholder concerns, with some users also taking practical steps to reduce cybercrime risks.

[1]  Roger Thompson,et al.  Why spyware poses multiple threats to security , 2005, CACM.

[2]  Rahul Bhaskar State and local law enforcement is not ready for a cyber Katrina , 2006, CACM.

[3]  John Pirc,et al.  Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats , 2011 .

[4]  B. Loader,et al.  Cybercrime : law enforcement, security and surveillance in the information age , 2000 .

[5]  Leaunda Hemphill,et al.  Responding to Cyber Bullying: An Action Tool for School Leaders , 2011 .

[6]  Samuel C. McQuade,et al.  Cyber Bullying: Protecting Kids and Adults from Online Bullies , 2009 .

[7]  M. Asokhia Enhancing National Development and Growth through Combating Cybercrime/Internet Fraud: A Comparative Approach , 2010 .

[8]  Vanessa Rogers,et al.  Cyberbullying: Activities to Help Children and Teens to Stay Safe in a Texting, Twittering, Social Networking World , 2010 .

[9]  Markus Jakobsson,et al.  Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft , 2006 .

[10]  Gary McGraw,et al.  Attacking Malicious Code: A Report to the Infosec Research Council , 2000, IEEE Software.

[11]  Markus Jakobsson,et al.  Social phishing , 2007, CACM.

[12]  Nick Nykodym,et al.  The managers guide to understanding, detecting, and thwarting computer crime: An international performance issue , 2010 .

[13]  Jeff Hecht Review: Storm World by Chris Mooney , 2007 .

[14]  Justin W. Patchin,et al.  Bullying Beyond the Schoolyard: Preventing and Responding to Cyberbullying , 2008 .

[15]  R. Mansell,et al.  Trust and Crime in Information Societies , 2007 .

[16]  John P. Rice,et al.  Profiling Enterprise Risks in Large Computer Companies Using the Leximancer Software Tool , 2007 .

[17]  Rose J. Setze,et al.  Using concept mapping to develop a conceptual framework of staff's views of a supported employment program for individuals with severe mental illness. , 1994, Journal of consulting and clinical psychology.

[18]  Jeff Hecht When web browsers turn bad , 2007 .

[19]  Charles P. Pfleeger,et al.  Security in computing , 1988 .

[20]  Tom Martin,et al.  Mobile phones as computing devices: the viruses are coming! , 2004, IEEE Pervasive Computing.

[21]  Atul Jain Cyber crime issues threats and management , 2005 .

[22]  Neal Leavitt,et al.  Mobile phones: the next frontier for hackers? , 2005, Computer.

[23]  Butler W. Lampson,et al.  31. Paper: Computer Security in the Real World Computer Security in the Real World , 2022 .

[24]  Bill McCarty,et al.  Botnets: Big and Bigger , 2003, IEEE Secur. Priv..

[25]  Peter K. Smith,et al.  Cyberbullying: its nature and impact in secondary school pupils. , 2008, Journal of child psychology and psychiatry, and allied disciplines.

[26]  cyberdetective Convention on Cybercrime , 2007 .

[27]  Jeffrey A. Johnsen,et al.  Concept mapping in mental health: uses and adaptations , 2000 .

[28]  Eugene H. Spafford,et al.  Computer Viruses as Artificial Life , 1994, Artificial Life.

[29]  W. Trochim,et al.  Setting Objectives for Community and Systems Change: An Application of Concept Mapping for Planning a Statewide Health Improvement Initiative , 2004, Health promotion practice.

[30]  Frank Schmalleger,et al.  Crimes of the Internet , 2008 .

[31]  Everett C. Johnson Awareness Training: Security awareness: switch to a better programme , 2006 .

[32]  Nick Nykodym,et al.  Criminal profiling and insider cyber crime , 2005, Digit. Investig..

[33]  Bill McCarty,et al.  Automated Identity Theft , 2003, IEEE Secur. Priv..

[34]  Chris Pounder The Council of Europe Cyber-Crime Convention , 2001, Comput. Secur..

[35]  Robin M. Kowalski,et al.  Cyber Bullying: Bullying in the Digital Age , 2007 .

[36]  Helen Thomson Steal a march on a criminal career , 2007 .

[37]  Lech J. Janczewski,et al.  Cyber Warfare and Cyber Terrorism , 2007 .

[38]  Robin M. Kowalski,et al.  Students' perspectives on cyber bullying. , 2007, The Journal of adolescent health : official publication of the Society for Adolescent Medicine.

[39]  Fred Cohen,et al.  Computer viruses—theory and experiments , 1990 .

[40]  Eugene Schultz Security training and awareness - fitting a square peg in a round hole , 2004, Comput. Secur..

[41]  Steve Gibson,et al.  Spyware was inevitable , 2005, CACM.

[42]  Bernadette H. Schell,et al.  Cybercrime: A Reference Handbook , 2004 .

[43]  G. Isabeau “Stakeholder Theory and “The Corporate Objective Revisited““, ... , 2010 .

[44]  Edward G. Amoroso,et al.  Fundamentals of computer security technology , 1994 .

[45]  E. Eugene Schultz,et al.  What infosec changes are likely to result from the recent US election? , 2007, Comput. Secur..

[46]  Robert J. Hammond,et al.  Identity Theft: How to Protect Your Most Valuable Asset , 2003 .

[47]  Andrew E. Smith,et al.  Evaluation of unsupervised semantic mapping of natural language with Leximancer concept mapping , 2006, Behavior research methods.

[48]  Rossouw von Solms,et al.  Information security awareness: educating your users effectively , 1998, Inf. Manag. Comput. Secur..

[49]  J. Clough Principles of Cybercrime , 2010, The Military Law and the Law of War Review.

[50]  Eirik Albrechtsen,et al.  A qualitative study of users' view on information security , 2007, Comput. Secur..

[51]  Phil Spurling,et al.  Promoting security awareness and commitment , 1995, Inf. Manag. Comput. Secur..

[52]  Ed Skoudis,et al.  Malware: Fighting Malicious Code , 2003 .

[53]  Anthony Riem Cybercrimes Of The 21st Century: Crimes against the individual — Part 1 , 2001 .

[54]  K. Brown,et al.  Cyber-Bullying: Developing Policy to Direct Responses that are Equitable and Effective in Addressing This Special Form of Bullying. , 2006 .

[55]  Mikko T. Siponen,et al.  A conceptual foundation for organizational information security awareness , 2000, Inf. Manag. Comput. Secur..

[56]  Mikko T. Siponen,et al.  Five dimensions of information security awareness , 2001, CSOC.

[57]  Hal Berghel,et al.  Identity theft, social security numbers, and the Web , 2000, CACM.

[58]  L. Preston,et al.  The Stakeholder Theory of the Corporation: Concepts, Evidence, and Implications , 1995 .

[59]  Shihchieh Chou,et al.  Cybercrime & Cybercriminals: An Overview of the Taiwan Experience , 2006, J. Comput..

[60]  Bruce D. Johnson,et al.  Behind the scenes: insights into the human dimension of covert bullying , 2008 .

[61]  Andrew C. Inkpen,et al.  The Corporate Objective Revisited , 2001, Organ. Sci..

[62]  Michael E. Whitman Enemy at the gate: threats to information security , 2003, CACM.

[63]  Brian Randell,et al.  Protecting IT Systems from Cyber Crime , 1998, Comput. J..

[64]  John W. Creswell,et al.  Research Design: Qualitative, Quantitative, and Mixed Methods Approaches , 2010 .

[65]  Anthony Riem Cybercrimes Of The 21st Century , 2001 .

[66]  R. Burns,et al.  Assessing law enforcement preparedness to address Internet fraud , 2004 .

[67]  N. Denzin,et al.  Handbook of Qualitative Research , 1994 .

[68]  David Geer Is it time for clockless chips? [Asynchronous processor chips] , 2005, Computer.

[69]  Matthew Chalmers,et al.  Bead: explorations in information visualization , 1992, SIGIR '92.

[70]  Andreas Terzis,et al.  A multifaceted approach to understanding the botnet phenomenon , 2006, IMC '06.

[71]  William M. K. Trochim,et al.  An introduction to concept mapping for planning and evaluation. , 1989 .

[72]  Rebecca T. Mercuri Scoping identity theft , 2006, CACM.

[73]  James Earl Davis Construct validity in measurement: A pattern matching approach , 1989 .

[74]  David Geer,et al.  Malicious bots threaten network security , 2005, Computer.

[75]  Steven Furnell,et al.  Cybercrime: Vandalizing the Information Society , 2003, ICWE.

[76]  Chris Pounder Cyber crime: the backdrop to the Council of Europe Convention , 2001, Comput. Secur..

[77]  Kallol Kumar Bagchi,et al.  An Analysis of the Growth of Computer and Internet Security Breaches , 2003, Commun. Assoc. Inf. Syst..

[78]  Klaus Krippendorff,et al.  Content Analysis: An Introduction to Its Methodology , 1980 .

[79]  E. Eugene Schultz,et al.  The human factor in security , 2005, Comput. Secur..

[80]  Jeffrey M. Stanton,et al.  Analysis of end user security behaviors , 2005, Comput. Secur..

[81]  P. Sommer The future for the policing of cybercrime , 2004 .

[82]  J. Stockman Electronic Bullying Among Middle School Students , 2009 .

[83]  R. Power CSI/FBI computer crime and security survey , 2001 .

[84]  Niels Provos,et al.  Cybercrime 2.0: When the Cloud Turns Dark , 2009, ACM Queue.

[85]  Susan T. Dumais,et al.  Inductive learning algorithms and representations for text categorization , 1998, CIKM '98.

[86]  Ashish Garg,et al.  Quantifying the financial impact of IT security breaches , 2003, Inf. Manag. Comput. Secur..

[87]  Alan D. Smith,et al.  Issues in cybersecurity; understanding the potential risks associated with hackers/crackers , 2002, Inf. Manag. Comput. Secur..

[88]  Nick Nykodym,et al.  COMMUNICATION: A VITAL TOOL TO COMBAT CYBER CRIME , 2009 .

[89]  Joan Hash,et al.  Building an Information Technology Security Awareness and Training Program , 2003 .

[90]  Steven Philippsohn Trends In Cybercrime An Overview Of Current Financial Crimes On The Internet , 2001, Comput. Secur..

[91]  Marjie T. Britz Computer Forensics and Cyber Crime: An Introduction , 2003 .

[92]  William M. K. Trochim,et al.  Concept Mapping as an Alternative Approach for the Analysis of Open-Ended Survey Responses , 2002 .

[93]  Shaheen Shariff Confronting Cyber-Bullying: What Schools Need to Know to Control Misconduct and Avoid Legal Consequences , 2009 .

[94]  Angus M. Marshall,et al.  Identity theft in an online world , 2005, Comput. Law Secur. Rev..

[95]  Brian D Loader,et al.  Cybercrime: Security and Surveillance in the Information Age , 2000 .

[96]  Nick Nykodym,et al.  Fighting Cybercrime , 2006 .

[97]  Karen Heyman New Attack Tricks Antivirus Software , 2007, Computer.

[98]  John R. Vacca,et al.  Identity Theft , 2002 .

[99]  David L. Speer Redefining borders: The challenges of cybercrime , 2000 .

[100]  Peter H. Rossi,et al.  Using Theory to Improve Program and Policy Evaluations. , 1993 .