Measuring Cybercrime

Pieter Hartel

Cyber-crime Science2

How?

Victim reporting initiatives» FBI Internet Criminal Complaint Centre

Population and business surveys» CBS (Statistics Netherlands)

Technology based information» Verizon Risk team

Meta analyses» United Nations Office of Drugs & Crime

Police recorded crime statistics» Lecture 5

Cyber-crime Science3

Cyber-crime Science

Victim reporting initiatives

2012 was the 13th year Almost 300,000 complaints in 2012 500M$ loss 91% US, 1.4% CA, 0.14% NL Numerous investigations, arrests

4

[IC312] IC3. 2012 Internet Crime Report. Internet Crime Complaint center, Mar 2013. http://www.ic3.gov/media/annualreport/2012_IC3Report.pdf.

Cyber-crime Science

Method

5

Cyber-crime Science6

Complaint form

See https://complaint.ic3.gov/ Description of the actors

» Target Information (name, …)» Offender information (name, IP…)» Witnesses (name, …)» Local police office (name, …)

Description of the incident» Related to an online service? (mail, …)» Monetary Loss ($)» Means of payment (Cash, PayPal, …)

Cyber-crime Science

Frequently reported crimes

Complaint Female Male Total

Auto fraud 6,282 10,877 17,159

Real estate fraud 8,929 5,503 14,432

FBI impersonation email 5,911 8,230 14,141

Intimidation/extortion 5,134 3,190 8,324

Romance scams 2,549 1,927 4,476

Scareware/Randomware 644 1,325 1,969

Hit man 629 725 1,354

Total 30,078 31,777 61,855

7

Cyber-crime Science

Discussion

And the other 240,000 complaints? Is this the tip of the iceberg? How effective is case matching? How many arrests?

8

Cyber-crime Science9

Cyber-crime Science

Population and business surveys

2012 was the 5st year N=78,000, response 38% Uniform geographical distribution 95% confidence interval <2%

10

[CBS13] CBS. Veiligheidsmonitor 2012. Centraal Bureau voor de Statistiek, Den Haag, 2013. http://www.cbs.nl/nl-NL/menu/themas/veiligheid-recht/publicaties/publicaties/archief/2013/2013-veiligheidsmonitor-2012-pub.htm.

Cyber-crime Science

Method

Random sample from NL population 15+» First letter with link to online form» Second letter two weeks later with paper form» Phone reminder again two weeks later

11

Cyber-crime Science

Question 13: Hacking

During the last 12 MONTHS has it ever happened that somebody with malicious intent broke in or logged in on a computer, email account, website or profile site (e.g. Hyves, Facebook, Twitter) of your own of anyone else in your household?a) Someone broke in / logged in on a computer

b) Someone broke in / logged in on an email account

c) Someone broke in / logged in on a website

12

Cyber-crime Science

Victimization in NL

% of the population affected 2012

Property crime 13%

Vandalism 8%

Violent crime 3%

Traditional Crime 20%

Hacking 6%

Cyber bullying 3%

E-commerce fraud 3%

Identity theft 2%

Cyber crime 12%

13

Cyber-crime Science

Crime drops

14

[Far11] G. Farrell, A. Tseloni, J. Mailley, and N. Tilley. The crime drop and the security hypothesis. Journal of Research in Crime and Delinquency, 48(2):147-175, May 2011. http://dx.doi.org/10.1177/0022427810391539.

Cyber-crime Science

Discussion

Do the respondents understand the cyber questions?

Should the cyber questions be integrated?

15

Cyber-crime Science16

Cyber-crime Science

Technology based information

2013 was the 9th year 47,000 incidents Of which 621 confirmed data breaches

17

[Ver13] Verizon. Data Breach Investigations report. Verizon Risk Team, 2013. http://www.verizonenterprise.com/DBIR/2013/.

Cyber-crime Science

Method

19 partners First-hand forensic evidence Reviewed and validated

18

Cyber-crime Science19

Who?

Threat actor categories trend

N=621

Cyber-crime Science20

What?

Threat action categories

N=47626

Cyber-crime Science

Discovery

Late and by someone else!

21

Cyber-crime Science

Discussion

What does this say about the population? Why are incidents discovered so late and by

others?

22

Cyber-crime Science23

Cyber-crime Science

Meta analysis

1st year Global connectivity revolution Much of the Internet is privately owned

24

[UNO13] UNODC. Chapter 2 of Comprehensive Study on Cybercrime. United Nations Office on Drugs and Crime, Feb 2013. http://www.unodc.org/documents/organized-crime/UNODC_CCPCJ_EG.4_2013/CYBERCRIME_STUDY_210213.pdf.

Cyber-crime Science

Method

Surveys from 69 countries, 40 businesses, 16 universities, and 11 organizations

Caveat

25

Number of specialised police per 100,000Poli

ce r

ecor

ded

offe

nce

per

100,

000

Cyber-crime Science

Cybercrime is increasing

More in the news than homicide Law enforcement sees increasing trends Increasing use of ICT creates opportunity

» More suitable targets online» Few opportunities for guardianship» Reduced self control

26

Cyber-crime Science27

Compared to conventional crime%

res

pond

ents

rep

orti

ng

vict

imiz

atio

n in

last

yea

r, 2

011

or la

test

ava

ilab

le

Emailacc.hacked

Phish-ing

Iden-tity theft

Online creditcard fraud

Burg-lary

Rob-bery

Car theft

Cyber-crime Science

Conclusions

“Cyber” creates opportunity Cybercrime is increasing Measuring cybercrime correctly is hard

28