Cyber Crime Offender
Profiling (CyberCOP)
the human factor examined
NCSRA Symposium, June 2nd, 2014
Marleen Weulen Kranenbarg
(MWeulenKranenbarg@nscr.nl)
Netherlands Institute for the Study of Crime and Law
Enforcement (NSCR)
This research received funding from the Netherlands Organisation for Scientific Research
(NWO) in the framework of the Cyber Security research program
Today
• Introduction
– Definition
– Literature
•
•
•
•
•
Demografics
Education / socioeconomic status
Self-control
Deterrence
Discussion
Introduction
• Cyber crime narrowly defined:
“Criminal behavior that could not be committed
without the use of ICT”
“Strafbare gedragingen die niet zonder tussenkomst of gebruik van ICT gepleegd zouden kunnen worden”
(Nationaal Cyber Security Centrum, 2012)
• Empirical literature
– Definition
– Only descriptive, no comparisons
– Sampling
• Discussion!
Demografics
The “offline” criminal
• Male
– Very high proportion
• Age-crime-curve
– Peak late adolescence/
early adulthood
– Gradual decline after
• Higher proportion of nonDutch origin
The cyber criminal
• “mostly” male
– Increasingly female
• Undefined age-crimecurve
– Start young(er)
– More life-course-persistant
– On average older
• More “whites”, Asians,
eastern-Europeans, or
comparable?
Education / SES
The “offline” criminal
• Low education / IQ
• Low socioeconomic
status (SES)
The cyber criminal
• Higher education
• Higher IQ
• More average SES
– Live at parents, students
Self-control
The “offline” criminal
• Low self-control
– Immediate benefits
– Long-term costs
The cyber criminal
• Broad definition:
– Hedonistic morality
– Low self-control
• Narrow definition:
– Self-learned: higher
– Learned from peers: low
Deterrence
The “offline” criminal
• No trade off between
costs and benefits
• No effect of punishment
severity
• Risk of being caught
The cyber criminal
• More planning
• Minimize risk
• Risk of being caught is
low
Discussion
• In practice
• How do you think we can give cyber
criminals an incentive to use their skills in
a legitimate instead of a illegitimate way?
• Any questions?
Thank you for your attention!
Marleen Weulen Kranenbarg
MWeulenKranenbarg@nscr.nl
+31 (0)20 59 87 665
References
Bachmann, M., & Corzine, J. (2010). Insights into the hacking underground. In T. Finnie, T. Petee & J. Jarvis
(Eds.), The Future Challenges of Cybercrime. Volume 5: Proceedings of the Futures Working Group 2010. (pp.
31-41). Quantico, VA: FBI.
Bossler, A. M., & Burruss, G. W. (2010). The general theory of crime and computer hacking: low self-control
hackers? In T. J. Holt & B. H. Schell (Eds.), Corporate hacking and technology-driven crime: Social dynamics and
implications (pp. 38-67). New York: Information Science Reference.
Chiesa, R., Ducci, S., & Ciappi, S. (2008). Who are hackers? Part 1. In R. Chiesa, S. Ducci & S. Ciappi (Eds.),
Profiling hackers: the science of criminal profiling as applied to the world of hacking. Boca Raton: CRC Press.
Holt, T. J., Bossler, A. M., & May, D. C. (2012). Low self-control, deviant peer associations, and juvenile
cyberdeviance. American Journal of Criminal Justice, 37(3), 378-395.
Leukfeldt, E. R., Domenie, M. M. L., & Stol, W. P. (2010). Verkenning cybercrime in Nederland 2009. Den Haag:
Boom Juridisch Uitgevers.
Lickiewicz, J. (2005). Psychological characteristics of persons committing computer crimes. Problems of Forensic
Sciences, 61, 30-41.
Maimon, D., Alper, M., Sobesto, B., & Cukier, M. (2014). Restrictive deterrent effects of a warning banner in an
attacked computer system. Criminology, 52(1), 33-59.
Nationaal Cyber Security Centrum. (2012). Cybercrime. Van herkenning tot aangifte. Den Haag: Nationaal Cyber
Security Centrum, Ministerie van Veiligheid en Justitite.
White, K. (2013). The rise of cybercrime 1970 trough 2010. A tour of the conditions that gave rise to cybercrime
and the crimes themselves.
Willison, R. (2006). Understanding the offender/environment dynamic for computer crimes. Information
Technology & People, 19(2), 170-186.