Contents The Global Cybercrime Industry and Its Structure: Relevant Actors, Motivations, Threats, and Countermeasures

Transcription

1 Contents 1 The Global Cybercrime Industry and Its Structure: Relevant Actors, Motivations, Threats, and Countermeasures The Rapidly Rising Global Cybercrime Industry Cybercrime: Definitional Issues Economic, Social, and Political Impacts of Cybercrimes Social Impacts Political and National Security Impacts Methodological, Conceptual, Logical, and Statistical Problems in Estimating Cybercrime Trends in Cybercrimes Social Engineering Skills Types and Classification of Cybercrimes Targeted vs. Opportunistic Attacks Predatory Cybercrimes vs. Market-Based Cybercrimes Relevant Actors Associated with Cybercrimes Cyber-Criminals, Cyber-Terrorists, and State Actors Involved in Cyberattacks Cybercrime Victims and Targets RegulatorsandGovernments Supranational Organizations Voluntary, Nonprofit, and Non-government Organizations Motivations Associated with Cybercrimes IntrinsicMotivation ExtrinsicMotivation CombinationofMotivations TrendTowardExtrinsicallyMotivatedCrimes Businesses Countermeasures to Combat Cybercrimes Concluding Comments Notes References ix

2 x Contents 2 Simple Economics of Cybercrime and the Vicious Circle Introduction Economic Factors Affecting Crimes Target Attractiveness Economic Conditions Facing an Offender Economic Processes Motivating a Cyber-Criminal s Behavior SelectionofTargets Structure of Cybercrimes: The Vicious Circle The Cybercrime Market Law-Enforcement Agencies Cyber-Criminals Cybercrime Victims Inter-jurisdictional Issues A Cyber-Criminal s Cost Benefit Calculus The Benefit Side TheCostSide Concluding Comments Note References An Institutional Perspective on Cybercrimes Introduction Institutional Theory Regulative Institutions Normative Institutions Cognitive Institutions Interrelationships Among Institutional Pillars Exogenous and Endogenous Institutions Neoinstitutionalism Institutions Operating at Various Levels Viewing Cybercrimes Through the Prism of the Literature on Institutions FormalConstraintsandCrimes InformalConstraintsandCrimes Institutions at Different Levels Influencing Cyberattacks International-Level Institutions and Cyberattacks National-Level Institutions and Cyberattacks Institutions at the Industry/Professional/ Inter-organizational Level and Cyberattacks Institutions at the Network Level and Cyberattacks Institutions at the Intra-organizational Level and Cyberattacks Concluding Comments Notes References... 69

3 Contents xi 4 Increasing Returns and Externality in Cybercrimes Introduction Increasing Returns and Feedback Loops in Cybercrimes Economic Feedback Sociopolitical Feedbacks Cognitive Feedback Mechanisms Associated with Externality in Cybercrimes Path Dependence and Externality Inefficiency and Congestion in the Law-Enforcement System Diffusion of Cybercrime Know-How and Technology Increased Predisposition Toward Cybercrime Concluding Comments Notes References Institutional Field Evolved Around Cybercrimes Introduction The Theoretical Framework: Institutional Field Institutional Field Change Mechanisms Exogenous Shocks Changes in Organizational Logics Gradual Change in Field Structure Institutional Evolution Regulative Pillar Related to Cybercrime Normative and Cognitive Pillars Related to Cybercrime Institutional Field Formed Around Cybercrimes The Formation of Regulative Pillar Around Cybercrime The Formation of Normative Pillar Around Cybercrime The Formation of Cognitive Pillar Around Cybercrime Concluding Comments Notes References Information and Communications Technologies, Cyberattacks, and Strategic Asymmetry Introduction StrategicAsymmetryandICTs Institutional and Organizational Factors Linked withpositiveandnegativeasymmetries Institutions, ICTs, and National Security Ability to Create Positive Asymmetry and Minimize Vulnerabilities of Negative Asymmetry.. 131

4 xii Contents 6.4 Concluding Comments Notes References Global Heterogeneity in the Pattern of the Cybercrime Industry Introduction The Global Digital Security Threat: A Brief Survey Pattern of the Global Cyber-War and Crime: A Proposed Model Characteristics of the Source Nation ProfileofTargetOrganization Concluding Comments Notes References Structure of Cybercrime in Developing Economies Introduction A Brief Survey of Cybercrimes in Developing Countries Broadband Connections and Increase in Cybercrimes Economic and Institutional Factors Related to Cybercrimes in Developing Economies Formal Institutions: Permissiveness of RegulatoryRegimes Informal Institutions: Social Legitimacy and Cybercrime Defense Mechanisms Against Cybercrimes Concentration of Crimes Path Dependence Externalities Generated by Conventional Crimes and Cybercrimes Cybercrime Business Models in Developing Economies Motivations Behind Cybercrimes Concluding Comments Notes References Institutional and Economic Foundations of Cybercrime Business Models Criminal Entrepreneurship and Business Models inthedigitalworld Business Model and Their Components: Applying in the Context of the Cybercrime Industry Configuration of Competencies Company and Firm Boundaries The Internet and Organized Crime Groups Reinvention of Business Models

5 Contents xiii 9.4 Cybercrime Operators and Legitimate Businesses: Selling Concept vs. Marketing Concept MarketingMixofC2Cvs.C2VOperators Quality Uncertainty, Technological Information, andmarketinformation The Problem of Quality Uncertainty inane-marketplace Technological Information and Market Informationinane-Marketplace Development of Dynamic Capabilities Concluding Comments References The Global Click Fraud Industry Introduction Clicks and Value Creation in the Internet Economy ASurveyofClickFraud A Click Fraudster s Cost Benefit Calculus The Offenders TheVictims Concluding Comments References Concluding Remarks and Implications WhereDoWeGofromHere? ImplicationsforBusinesses All Firms Are Not Equally Susceptible to the Vulnerability of Various ICT-Created Security Risks Some Firms Are More Affected by the Government smeasure Consideration of Security Risks in ICT and Competitive Strategies TheRankEffect Importance of Reporting Measures to Avoid Positive Feedbacks to Cyber-Criminals Combining Technological and Behavioral/Perceptual Measures Managing Market Information Collaborating with Government Agencies Harnessing the Power of Attachment in Online Communities Employing Online Security as a Competitive AdvantageTool

6 xiv Contents 11.3 ImplicationsforConsumers Revisiting a Cognitive Framework Related to Cybercrimes Tracking the Performance Indicators Frequently Minimizing Activities, Websites, Channels, and Networks Associated with Cybercrimes Understanding Communication Modes of Legitimate and Criminal Enterprises Need to Be Watchful for e-commerce Activities That Have Relatively High Incidence of Cybercrimes and Cyber-frauds StayingSafeOffline Monitoring Children s Online Activities Assessing the Credibility and Reputation of Parties Involved in Economic Transactions Knowing About How Information Is Handled bypartiesinvolvedinvarioustransactions ImplicationsforPolicyMakers Cooperation and Collaboration Among National Governments, Computer Crime Authorities, and Businesses Paying Attention to Wider Institutional Fields Measures to Increase Reporting Rate Certainty vs. Severity of Punishment Developing Economies Negative International Image and Exclusion from the DigitalWorld Helping Small and Poor Countries Develop Anti-cybercrime Capabilities Collaborations with Businesses Measures to Educate Consumers and Increase the Distribution of and Access to Information Broadband Penetrations and Cybercrime in Developing Economies Dealing with Various Types of Online Communities DirectionsforFutureResearch Institutional Analysis of Cybercrime EmpiricalAnalysis Inter-organizational Studies ICT-Created Positive and Negative Asymmetries Modus Operandi of Various Types of Cyber-Criminals ExaminationofNon-stateActors LongitudinalAnalysisofHackers

7 Contents xv The Nature of Hot Products Portability in Cybercrimes Applying a Game-Theoretic Approach Developing a Typology of Cybercrimes Country-Level Case Studies of Cybercrimes Cybercrime Operations as a Born Global Phenomenon Final Thought References

8