Lecture-29

Cyber Criminology

What is criminology?

Criminology is an interdisciplinary science that gathers and analyzes data on various

aspects of criminal delinquent, and general anti-social behaviour. It is different from the
discipline of criminal justice. Criminal justice is concerned with how the criminal justice
system investigates, prosecutes, and supervises individuals who have committed crime, while
criminologist wants to know why those individuals committed crime. As with all specific
disciplines, the goal of criminology is to understand its subject matter and to determine how
that understanding can benefit human kind.

Criminology as a branch of knowledge is concerned with those particular conducts of

human behaviour which are prohibited by society. It is, therefore, a socio-legal study which
seeks to discover the causes of criminality and suggest remedies to reduce crimes.
Sociologist, however , differ in their view about criminology. In their opinion, every anti-
social act emanates from some criminogenic tendency which needs to be cured by society.
Thus, they attempt to correlate the concept of crime with other sociological and
environmental factors.

Thus, criminology deals with the legal psychiatric aspect or the medico-
psychological, biological, pedagogical or socio-legal aspect of criminality and the factors
related therewith. Dr. Kenny defines criminology as a branch of criminal service which deals
with crime causation, analysis and prevention of crime. And this can be accepted as the most
simple and workable definition of criminology.

Cyber Criminology:

Victimization through the Internet is becoming more prevalent as cyber criminals

have developed more effective ways to remain anonymous. And as more personal
information than ever is stored on networked computers, even the occasional or non-user is at
risk. Cyber Criminology is a multidisciplinary field that encompasses researchers from
various fields such as Criminology, Victimology, Sociology, Internet Science, and Computer
Science. Jaishankar (2007) is the founder of the academic discipline Cyber Criminology and
he coined and defined Cyber Criminology as “the study of causation of crimes that occur in
 the cyberspace and its impact in the physical space”. Jaishankar (2007) academically coined
the term Cyber Criminology for two reasons. First, the body of knowledge that deals with
cyber crimes should not be confused with investigation and be merged with cyber forensics;
second, there should be an independent discipline to study and explore cyber crimes from a
social science perspective. Since the launch of the International Journal of Cyber
Criminology, the term Cyber Criminology has taken its academic roots in the online as well
as offline academic circles.

Advances in information and communications technologies have created a range of

new crime problems that did not exist two decades ago. Opportunities for various criminal
activities to pervade the Internet have led to the growth and development of cyber
criminology as a distinct discipline within the criminology framework.

Computers and the Internet play an increasingly pivotal role in daily life, making it
vitally important to understand the dynamics of cybercrime and those victimized by it. The
anthology Cybercrime and Criminological Theory: Fundamental Readings on Hacking,
Piracy, Theft, and Harassment explores the predictors for participation in various forms of
cybercrime and deviance, from common problems like media piracy, to more distinct
offenses such as computer hacking. Most criminological theories were developed to account
for street crimes, so it is unclear how these theories may apply to virtual offending. This text
provides critical insight into the utility of multiple theories to account for cybercrimes.

Cybercrime and Criminological Theory gives direct insight into the rates and
prevalence of cybercrime offenses using data sets from populations across the United States.
It gives readers a fundamental understanding of, and appreciation for various forms of
cybercrime, and outlines prospective predictors of both offending and victimization. The
selected readings identify research questions that must be addressed in order to improve the
legal, technical, and policy responses to cybercrimes.

Cybercrime and Criminological Theory begins with an introduction to cybercrime and

virtual criminality.

 Routine Activities Theory

 Deterrence Theory
 Social Learning and Self Control
 General Strain Theory
 Space-transition theory

Routine Activity Theory:

Cybercrime and the threat it creates are growing in its reach, in accordance with
similar growth in information technology. Some countries account for more of the variation
in cybercrime activity than others, which affects less criminally involved nations as well,
considering that cybercrime does not respect national borders over the Internet. Routine
activity theory (RAT) has been used to explain cybercrime at the individual level, but not at
the national level. Much research has focused on high cybercrime countries, but this research
is often conducted by cyber security firms and is exclusively descriptive, making no
inferences. This research sought to determine what characteristics predict whether a nation is
high in either spamming activity or phishing activity. In a sample of 132 countries, it was
found that wealthier nations with more Internet users per capita had higher cybercrime
activity. Unemployment was also found to interact with Internet users such that the effect of
the proportion of Internet users on spam was strongest in nations with higher unemployment.

A great deal of criminological research has attempted to understand and identify the
causes of victimization using the lifestyle-routine activities theory. Recent researchers have
argued that the lifestyle-routine activities theory may be able to explain the increasingly
significant phenomenon of computer and cybercrime. This claim has been contested by Yar
(2005), however, who argues that routine activities theory is limited in explaining
cybercrime. Few empirical tests exist to address this important issue. Thus, this study
attempts to explore this gap in the research literature by examining a specific form of
cybercrime, on-line harassment. Using a sample of students at a south eastern university, this
analysis found some support for elements of lifestyle-routine activities theory. Individual and
peer involvement in computer crime and deviance also significantly increased the risk of
victimization.

Deterrent Theory:

The global cyber threat landscape is expanding exponentially, challenging national

security officials and corporate executives in the United States and around the world to adapt
to more sophisticated and diverse attack methods at the rapidly bending curve of
technological change. Recently we have witnessed an uptick in major cyber attacks against
American interests both public and private. Although this has led the current Administration
to take strides to improve our cyber security posture, much remains to be done in terms of
developing cyber policies that are bold and advanced enough to reliably disarm and deter
malicious actors. America does not enjoy the luxury of time in confronting this issue. Instead,
commitment and urgency are key factors in the race to propel American cyber capabilities
ahead of those of its adversaries, and to assume a role of leadership and superiority in this
new realm of defense strategy.

While American cyber security is already benefitting from the strength of government
relationships with the private sector, focus on improving these vital partnerships must remain
a priority. Of course, in order for the United States to become the most capable cyber power
in the world, it is also necessary that it invest in the training of a skilled cyber workforce.
Finally, it is paramount for America’s leaders to use these emerging assets to create an
environment in which this nation and its interests are not only secure from cyber attacks but
can also benefit from a robust strategy of cyber deterrence.

Social learning and self control theory;

Unlike most criminology theories that purport to explain why people offend, control
theory offers the justification for why people obey rules. Control theory provides an
explanation for how behaviour conforms to that which is generally expected in society. Some
control theories emphasize the developmental processes during childhood by which internal
constraints develop. Social control theories, however, focus primarily on external factors and
the processes by which they become effective. Deviance and crime occur because of
inadequate constraints. For social control theory, the underlying view of human nature
includes the conception of free will, thereby giving offenders the capacity of choice, and
responsibility for their behavior. As such, social control theory is aligned more with the
classical school of criminology than with positivist or determinist perspectives. For the most
part, social control theory postulates a shared value or belief in social norms. Even those who
break laws or violate social norms are likely to share the general belief that those rules should
be followed. Crime and deviance are considered predictable behaviours that society has not
curtailed.

Cyberspace presents an exciting new frontier for criminologists. Virtual reality and
computer mediated communications challenge the traditional discourse of criminology,
introducing new forms of deviance, crime, and social control. Since the 1990s, academics
have observed how the cyberspace has emerged as a new locus of criminal activity, but in
general, criminology has been remiss in its research into the phenomena of cyber crime and
has been slow to recognize the importance of cyberspace in changing the nature and scope of
offending and victimization. As such, very few theoretical explanations of cyber crime exist.

General strain theory:

Recent scholarship demonstrates that the cyber world provides an environment in

which individuals can easily vent their frustration and anger at others without having to make
direct contact, thus decreasing risk of injury. In fact, limited tests of general strain theory in
the virtual world have primarily focused on cyber bullying. Agnew (2011) in fact, limited
tests of general strain theory in the virtual world have primarily focused on cyber bullying.
Previously identified bullying as a particular relevant strain that increases the risk of
delinquent behaviour based on four conditions;

 Bullying is perceived as unjust by the victim.

 The importance of peer relationships between victim and offender will place a high
level of significance on the bullying.
 Bullying typically occurs away from traditional forms of social control, such as
parents.
 Bullying provides a model for the victim to express his or her own aggressive
behaviour.

Research on bullying on and off-line supports these propositions, as youth who

experience high level of strains, including doing poorly in school, perceiving unfair
treatment from individuals in authority, and experiencing negative life events, are more
likely to bully others both in the physical and virtual worlds. In addition, several scholars
have studied the effect of experiencing stress from cyber bullying. The effect of cyber
bullying on future offending was greater than that of physical bullying Wright (2013)
found that cyber bullying victimization and peer rejection led to increased online
aggression even when controlling for past cyber-aggressive behaviour.

Although scholars have demonstrated general strain theory’s utility in addressing

cyber bullying offending and victimization, it has received little examination for other
types of cyber-offending. Online predatory crimes, such as certain forms of computer
hacking, may logically be explained by stress and negative emotions. General strain
theorists may argue that experiencing life events, such as breaking up with long-time
boyfriend and girlfriend, losing a job, doing poorly in a school, or having issue with
authority, may lead individuals to experience negative emotions. In turn, an individual
may attempt to guess an individual’s social media profile via password guessing or gain
access to another’s computer in order to cause damage to those who they feel have
wronged them. Thus, scholars need to both theoretically and empirically address the ways
that general strain theory can be applied to various forms of cyber crime.

Space-transition theory;

Another unique theory proposed to account for cyber crimes is K. Jaishakar’s

(2008) space-transition theory , which integrates various theoretical paradigm into single
model. This theory operates on the basic argument that people behave differently while
online than they otherwise would in physical space, leading to different behaviour
patterns in online environments which are not identified by traditional theories of crime.
Jaishankar presents seven basic propositions about behaviour on and off-line:

1. Individuals who repress their desire to engage in crime in the real world due to either
status or position have a propensity to engage in crimes online.
2. Offenders may be more likely to engage in cybercrime because of the ability to utilize
various identities, hide their location, and the lack of deterrence in online spaces.
3. Crime in online spaces is likely to move into physical space, and vice versa.
4. Cyber criminals may have the opportunity to desist because of the temporary nature
of the internet and its spatio-temporal disconnect from the real world.
5. The nature of technology allows strangers to come together in cyberspace in order to
plan and commit offences in real world, and those who know one another in real
world may partner in order to engage in cyber crimes.
6. Closed societies may produce greater level of cybercrime than open societies due to
repressive nature of government regime.
7. The disconnect between norms and values of a society in real world and those of the
internet may lead some individuals to engage in cybercrime.

Although several of the propositions are sensible and are supported by basic
characteristics of the internet, other propositions are somewhat difficult to test and may
 be contrary to either the current research on cyber crime, or be specific to a certain form
of cyber crime.

Prevention of Cyber Crimes;

Prevention will be always your best line of defense against cyber criminals. Like any
other criminal activity, those most vulnerable tend to be the first targeted. Ideally, you’ll want
to work with a IT security expert to assess your specific needs and vulnerabilities, but there
are certainly some universal steps you can take that will greatly reduce your likelihood of
attack.

Cybercrime prevention can be straight-forward - when armed with a little technical

advice and common sense, many attacks can be avoided. In general, online criminals are
trying to make their money as quickly and easily as possible. The more difficult you make
their job, the more likely they are to leave you alone and move on to an easier target. The tips
below provide basic information on how you can prevent online fraud.

Keep your computer current with the latest patches and updates.

One of the best ways to keep attackers away from your computer is to apply patches andother
software fixes when they become available. By regularly updating your computer, you block
attackers from being able to take advantage of software flaws (vulnerabilities) that they could
otherwise use to break into your system.

While keeping your computer up-to-date will not protect you from all attacks, it
makes it much more difficult for hackers to gain access to your system, blocks many basic
and automated attacks completely, and might be enough to discourage a less-determined
attacker to look for a more vulnerable computer elsewhere.

Make sure your computer is configured securely.

Keep in mind that a newly purchased computer may not have the right level of security for
you. When you are installing your computer at home, pay attention not just to making your
new system function, but also focus on making it work securely.

Choose strong passwords and keep them safe.

 Passwords are a fact of life on the Internet today—we use them for everything from ordering
flowers and online banking to logging into our favorite airline Web site to see how many
miles we have accumulated. The following tips can help make your online experiences
secure:

 Selecting a password that cannot be easily guessed is the first step toward keeping
passwords secure and away from the wrong hands. Strong passwords have eight characters
or more and use a combination of letters, numbers and symbols Avoid using any of the
following as your password: your login name, anything based on your personal
information such as your last name, and words that can be found in the dictionary. Try to
select especially strong, unique passwords for protecting activities like online banking.

 Keep your passwords in a safe place and try not to use the same password for every service
you use online.

 Change passwords on a regular basis, at least every 90 days. This can limit the damage
caused by someone who has already gained access to your account. If you notice
something suspicious with one of your online accounts, one of the first steps you can take
is to change your password.

Protect your computer with security software.

Several types of security software are necessary for basic online security. Security
software essentials include firewall and antivirus programs. A firewall is usually your
computer's first line of defense-it controls who and what can communicate with your
computer online. You could think of a firewall as a sort of "policeman" that watches all the
data attempting to flow in and out of your computer on the Internet, allowing
communications that it knows are safe and blocking "bad" traffic such as attacks from ever
reaching your computer.

Protect your personal information.

Exercise caution when sharing personal information such as your name, home address, phone
number, and email address online. To take advantage of many online services, you will
inevitably have to provide personal information in order to handle billing and shipping of
purchased goods. Since not divulging any personal information is rarely possible, the
 following list contains some advice for how to share personal information safely online:

 Don't respond to email messages that ask for personal information. Legitimate
companies will not use email messages to ask for your personal information. When in
doubt, contact the company by phone or by typing in the company Web address into your
Web browser. Don't click on the links in these messages as they make take you to a
fraudulent, malicious Web sites.
 Pay attention to privacy policies on Web sites and in software. It is important to
understand how an organization might collect and use your personal information before
you share it with them.
 Guard your email address. Spammers and phishers sometimes send millions of messages
to email addresses that may or may not exist in hopes of finding a potential victim.
Responding to these messages or even downloading images ensures you will be added to
their lists for more of the same messages in the future. Also be careful when posting your
email address online in newsgroups, blogs or online communities.

Online offers that look too good to be true usually are.

The old saying "there's no such thing as a free lunch" still rings true today.
Supposedly "free" software such as screen savers or smileys, secret investment tricks sure to
make you untold fortunes, and contests that you've surprisingly won without entering are the
enticing hooks used by companies to grab your attention.

While you may not directly pay for the software or service with money, the free
software or service you asked for may have been bundled with advertising software
("adware") that tracks your behaviour and displays unwanted advertisements. You may have
to divulge personal information or purchase something else in order to claim your supposed
content winnings. If an offer looks so good it's hard to believe, ask for someone else's
opinion, read the fine print, or even better, simply ignore it.

Review bank and credit card statements regularly.

The impact of identity theft and online crimes can be greatly reduced if you can catch
it shortly after your data is stolen or when the first use of your information is attempted. One
of the easiest ways to get the tip-off that something has gone wrong is by reviewing the
monthly statements provided by your bank and credit card companies for anything out of the
ordinary.

In concluding remarks we can say cyber crimes are increasing day by day all over the
world. Advances in information and communications technologies have created a range of
new crime problems that did not exist two decades ago. Opportunities for various criminal
activities to pervade the Internet have led to the growth and development of cyber
criminology as a distinct discipline within the criminology framework.

Computers and the Internet play an increasingly pivotal role in daily life, making it
vitally important to understand the dynamics of cybercrime and those victimized by it. It’s
high time to understand that what are the causes of these crimes and how we can prevent
ourselves from being the victim of cyber attacks.