1932

Abstract

Online crime has increased in severity and frequency over the past two decades. However, although several scientific disciplines have commonly employed criminological theories to explain this phenomenon, mainstream criminology has devoted relatively scant attention to the investigation of cyber-criminals and their victims. Drawing on this assumption that more criminological attention should be given to this important type of crime, this article presents an interdisciplinary review of the current state of research on cyber-dependent crimes (i.e., crimes that require the use of computer technology to exist, such as hacking). We begin with a brief discussion of the ecosystem of cyber-dependent crimes and the key actors who operate within it, including the online offenders and enablers, targets and victims, and guardians. Next, we review empirical scholarship that pertains to each actor while distinguishing between nontheoretical research and theoretically driven studies. We then detail methodological and theoretical avenues that should be pursued by future research and discuss why criminological research should lead policy initiatives and guide the design of technical tools that improve the scientific community's ability to generate a safer and more secure cyber-environment. We conclude by discussing potential ways in which cyber-dependent crime research could pave the way for the advancement of mainstream criminological theory and research.

Loading

Article metrics loading...

/content/journals/10.1146/annurev-criminol-032317-092057
2019-01-13
2024-04-20
Loading full text...

Full text loading...

/deliver/fulltext/criminol/2/1/annurev-criminol-032317-092057.html?itemId=/content/journals/10.1146/annurev-criminol-032317-092057&mimeType=html&fmt=ahah

Literature Cited

  1. Afroz S, Garg V, McCoy D, Greenstadt R 2013. Honor among thieves: a common's analysis of cybercrime economies. eCrime Res. Summit 2013:1–11
    [Google Scholar]
  2. Akers RL 1973. Deviant Behavior: A Social Learning Approach Belmont, CA: Wadsworth Publ.
  3. Al-Ghaith W 2016. Extending protection motivation theory to understand security determinants of anti-virus software usage on mobile devices. Int. J. Comput. 10:125–38
    [Google Scholar]
  4. Atzeni A, Lioy A 2006. Why to adopt a security metric? A brief survey.. Quality of Protection. Advances in Information Security 23 D Gollmann, F Massacci, A Yautsiukhin 1–12 Boston: Springer
    [Google Scholar]
  5. Bachmann M 2010. The risk propensity and rationality of computer hackers. Int. J. Cyber Criminol. 4:643–56
    [Google Scholar]
  6. Barlow JB, Warkentin M, Ormond D, Dennis AR 2013. Don't make excuses! Discouraging neutralization to reduce IT policy violation. Comput. Secur. 39:145–59
    [Google Scholar]
  7. Bell J, Burke B 1992. Cruising Cooper Street Situational Crime Prevention: Successful Case Studies Guilderland, NY: Harrow and Heston. , 2nd ed..
    [Google Scholar]
  8. Blakley B 2002. The measure of information security is dollars. Proceedings of the First Annual Workshop on the Economics of Information Security Berkeley, CA: Univ. Calif. Press
    [Google Scholar]
  9. Boss SR, Galletta DF, Lowry PB, Moody GD, Polak P 2015. What do users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors. MIS Q. 39:837–64
    [Google Scholar]
  10. Bossler AM 2017. Need for debate on the implications of honeypot data for restrictive deterrence policies in cyberspace. Criminol. Public Policy 16:681–88
    [Google Scholar]
  11. Bossler AM, Burruss GW 2011. The general theory of crime and computer hacking: low self-control hackers. Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications TJ Holt, BH Schell 38–67 Hershey, PA: IGI Glob.
    [Google Scholar]
  12. Bossler AM, Holt TJ 2009. On-line activities, guardianship, and malware infection: an examination of routine activities theory. Int. J. Cyber Criminol. 3:400–20
    [Google Scholar]
  13. Bossler AM, Holt TJ 2010. The effect of self-control on victimization in the cyberworld. J. Crim. Justice 38:227–36
    [Google Scholar]
  14. Bossler AM, Holt TJ 2013. Assessing officer perceptions and support for online community policing. Secur. J. 26:349–66
    [Google Scholar]
  15. Briar S, Piliavin I 1965. Delinquency, situational inducements, and commitment to conformity. Soc. Probl. 13:35–45
    [Google Scholar]
  16. Bringer ML, Chelmecki CA, Fujinoki H 2012. A survey: recent advances and future trends in honeypot research. Int. J. Comput. Network Inf. Secur. 4:63–75
    [Google Scholar]
  17. Br. Crime Surv. (BCS). 2017. Table E1: Fraud and computer misuse by loss (of money or property) - number and rate of incidents and number and percentage of victims, year ending September 2017 CSEW (Official Statistics).
  18. Broadhurst R 2006. Developments in the global law enforcement of cyber‐crime. Polic. Int. J. Police Strateg. Manag. 29:408–33
    [Google Scholar]
  19. Broadhurst R, Grabosky P, Alazab M, Bouhours B, Chon S 2014. An analysis of the nature of groups engaged in cyber crime. Int. J. Cyber Criminol. 8:1–20
    [Google Scholar]
  20. Brookson C, Farrell G, Mailley J, Whitehead S, Zumerle D 2007. ICT product proofing against crime. ETSI White Paper 5:1–33
    [Google Scholar]
  21. Bunting RJ, Chang OY, Cowen C, Hankins R, Langston S et al. 2018. Spatial patterns of larceny and aggravated assault in Miami-Dade County, 2007–2015. Prof. Geogr. 70:34–46
    [Google Scholar]
  22. Chen H, Chiang RH, Storey VC 2012. Business intelligence and analytics: from big data to big impact. MIS Q 36:1165–88
    [Google Scholar]
  23. Cheng L, Li Y, Li W, Holm E, Zhai Q 2013. Understanding the violation of IS security policy in organizations: an integrated model based on social control and deterrence theory. Comput. Secur. 39:447–59
    [Google Scholar]
  24. Chu B, Holt TJ, Ahn GJ 2010. Examining the Creation, Distribution, and Function of Malware On-line Washington, DC: Natl. Inst. Justice
  25. Choi KS 2008. Computer crime victimization and integrated theory: an empirical assessment. Int. J. Cyber Criminol. 2:308–33
    [Google Scholar]
  26. Chua YT, Holt TJ 2016. A cross-national examination of the techniques of neutralization to account for hacking behaviors. Vict. Offenders 11:534–55
    [Google Scholar]
  27. Clarke RV 1995. Situational crime prevention. Crime Justice 1:91–150
    [Google Scholar]
  28. Cohen LE, Felson M 1979. Social change and crime rate trends: a routine activity approach. Am. Sociol. Rev. 44:588–608
    [Google Scholar]
  29. Coles-Kemp L, Theoharidou M 2010. Insider threat and information security management. Insider Threats in Cyber Security J Hunker, D Gollman 45–71 Boston: Springer
    [Google Scholar]
  30. Coleman EG 2013. Coding Freedom: The Ethics and Aesthetics of Hacking Princeton, NJ: Princeton Univ. Press
  31. Cornish DB, Clarke RV 2003. Opportunities, precipitators and criminal decisions: a reply to Wortley's critique of situational crime prevention. Crime Prev. Stud. 16:41–96
    [Google Scholar]
  32. D'Arcy J, Devaraj S 2012. Employee misuse of information technology resources: testing a contemporary deterrence model. Decis. Sci. 43:1091–124
    [Google Scholar]
  33. D'Arcy J, Herath T 2011. A review and analysis of deterrence theory in the IS security literature: making sense of the disparate findings. Eur. J. Inf. Syst. 20:643–58
    [Google Scholar]
  34. D'Arcy J, Hovav A, Galletta D 2009. User awareness of security countermeasures and its impact on information systems misuse: a deterrence approach. Inf. Syst. Res. 20:79–98
    [Google Scholar]
  35. Décary-Hétu D, Dupont B 2012. The social network of hackers. Glob. Crime 13:160–75
    [Google Scholar]
  36. Deibert GR, Miethe TD 2003. Character contests and dispute-related offenses. Deviant Behav 24:245–67
    [Google Scholar]
  37. Denning D, Baugh W 2000. Hiding crimes in cyberspace. Cybercrime: Law Enforcement’ Security and Surveillance in the Information Age D Thomas, D Loader 105–32 London: Routledge
    [Google Scholar]
  38. Dey D, Lahiri A, Zhang G 2012. Hacker behavior, network effects, and the security software market. J. Manag. Inf. Syst. 29:77–108
    [Google Scholar]
  39. Diamond B, Bachmann M 2015. Out of the beta phase: obstacles, challenges, and promising paths in the study of cyber criminology. Int. J. Cyber Criminol. 9:24–34
    [Google Scholar]
  40. Dupont B, Côté AM, Boutin JI, Fernandez J 2017. Darkode: recruitment patterns and transactional features of “the most dangerous cybercrime forum in the world. .” Am. Behav. Sci. 61:1219–43
    [Google Scholar]
  41. Dupont B, Côté AM, Savine C, Décary-Hétu D 2016. The ecology of trust among hackers. Glob. Crime 17:129–51
    [Google Scholar]
  42. Duncan OD 1961. From social system to ecosystem. Sociol. Inq. 31:140–49
    [Google Scholar]
  43. Dunlap RE, Catton WR Jr. 1979. Environmental sociology. Annu. Rev. Sociol. 5:243–73
    [Google Scholar]
  44. Eivazi K 2011. Computer use monitoring and privacy at work. Comput. Law Sec. Rev. 27:516–23
    [Google Scholar]
  45. Eur. Comm. Public Opin. (ECPO). 2017. Eurobarometer: Europeans' Attitudes Towards Cyber Security Brussels, Belg.: Eur. Union
  46. Fafinski S, Dutton WH, Margetts H 2010. Mapping and measuring cybercrime Oxf. Int. Inst. Work. Pap. No. 18
  47. Fagan J, Wilkinson DL 1998. Social contexts and functions of adolescent violence. Violence in American Schools: A New Perspective DS Elliott, BA Hamburg, KR Williams 55–93 New York: Cambridge Univ. Press
    [Google Scholar]
  48. Farrington DP, Burrows JN 1993. Did shoplifting really decrease. ? Br. J. Criminol. 33:57–69
    [Google Scholar]
  49. Fed. Bur. Investig. (FBI). 2017. 2016 IC3 Annual Report Washington, DC: Bur. Justice Stat http://www.ic3.gov/media/annualreport/2016_IC3Report.pdf
  50. Furnell S 2002. Cybercrime: Vandalizing the Information Society Boston: Addison-Wesley
    [Google Scholar]
  51. Furnell S, Emm D, Papadaki M 2015. The challenge of measuring cyber-dependent crimes. Comput. Fraud Secur. 2015:5–12
    [Google Scholar]
  52. Garg V, Afroz S, Overdorf R, Greenstadt R 2015. Computer-supported cooperative crime. Int. Conf. Financ. Cryptogr. Data Secur. 2015:32–43
    [Google Scholar]
  53. Gibbs J 1975. Crime, Punishment, and Deterrence New York: Elsevier
  54. Glenny M 2011. Darkmarket: Cyberthieves, Cybercops and You New York: Random House
    [Google Scholar]
  55. Gordon S 2000. Virus writers: the end of the innocence? Paper presented at the 10th Annual Virus Bulletin Conference (VB2000) Orlando, FL: Sept. 28–29
    [Google Scholar]
  56. Gottfredson MR, Hirschi T 1990. A General Theory of Crime Stanford: Stanford Univ. Press
  57. Grabosky P 2016. The evolution of cybercrime, 2006–2016. Cybercrime Through an Interdisciplinary Lens TJ Holt 15–37 New York: Routledge
    [Google Scholar]
  58. Graif C, Sampson RJ 2009. Spatial heterogeneity in the effects of immigration and diversity on neighborhood homicide rates. Homicide Stud 13:242–60
    [Google Scholar]
  59. Harknett RJ, Callaghan JP, Kauffman R 2010. Leaving deterrence behind: war-fighting and national cybersecurity. J. Homel. Secur. Emerg. Manag. 7:22
    [Google Scholar]
  60. Hartley RD 2015. Ethical hacking pedagogy: an analysis and overview of teaching students to hack. J. Int. Technol. Inf. Manag. 24:95–104
    [Google Scholar]
  61. Herath T, Rao HR 2009. Protection motivation and deterrence: a framework for security policy compliance in organisations. Eur. J. Inf. Syst. 18:106–25
    [Google Scholar]
  62. Hirschi T 1969. Causes of Delinquency Piscataway, NJ: Transaction Publ.
  63. Holt TJ 2007. Subcultural evolution? Examining the influence of on- and off-line experiences on deviant subcultures. Deviant Behav 28:171–98
    [Google Scholar]
  64. Holt TJ 2017. On the value of honeypots to produce policy recommendations. Criminol. Public Policy 16:739–47
    [Google Scholar]
  65. Holt TJ, Bossler AM 2013. Examining the relationship between routine activities and malware infection indicators. J. Contemp. Crim. Justice 29:420–36
    [Google Scholar]
  66. Holt TJ, Bossler AM 2014. An assessment of the current state of cybercrime scholarship. Deviant Behav 35:20–40
    [Google Scholar]
  67. Holt TJ, Bossler AM 2016. Cybercrime in Progress: Theory and Prevention of Technology-Enabled Offenses New York: Routledge
  68. Holt TJ, Bossler AM, May DC 2012. Low self-control deviant peer associations and juvenile cyberdeviance. Am. J. Crim. Justice 37:378–95
    [Google Scholar]
  69. Holt TJ, Burruss GW, Bossler AM 2016. Assessing the macro-level correlates of malware infections using a routine activities framework. Int. J. Offender Ther. Comp. Criminol. 62:1720–41
    [Google Scholar]
  70. Holt TJ, Kilger M 2008. Techcrafters and makecrafters: a comparison of two populations of hackers. IEEE Information Security Threats Data Collection and Sharing Workshop67–78 New York: IEEE
    [Google Scholar]
  71. Holt TJ, Lampke E 2010. Exploring stolen data markets online: products and market forces. Crim. Justice Stud. 23:33–50
    [Google Scholar]
  72. Holz T, Engelberth M, Freiling F 2009. Learning more about the underground economy: A case-study of keyloggers and dropzones. Eur. Symp. Res. Comput. Secur. 2009:1–18
    [Google Scholar]
  73. Hovav A, D'Arcy J 2012. Applying an extended model of deterrence across cultures: an investigation of information systems misuse in the US and South Korea. Inf. Manag. 49:99–110
    [Google Scholar]
  74. Hsiao DK, Kerr DS, Madnick SE 2014. Computer Security Cambridge, MA: Academic Press
  75. Hu Q, Xu Z, Dinev T, Ling H 2011. Does deterrence work in reducing information security policy abuse by employees. ? Commun. ACM 54:54–60
    [Google Scholar]
  76. Hughes LA, DeLone GJ 2007. Viruses, worms, and trojan horses: serious crimes, nuisance, or both. ? Soc. Sci. Comput. Rev. 25:78–98
    [Google Scholar]
  77. Hui KL, Kim SH, Wang QH 2017. Cybercrime deterrence and international legislation: evidence from distributed denial of service attacks. MIS Q 41:497–523
    [Google Scholar]
  78. Hutchings A, Clayton R 2016. Exploring the provision of online booter services. Deviant Behav 37:1163–78
    [Google Scholar]
  79. Hutchings A, Holt TJ 2015. A crime script analysis of the online stolen data market. Br. J. Criminol. 55:596–614
    [Google Scholar]
  80. Jeffrey CR, Hunter RD, Griswold J 1987. Crime prevention and computer analysis of convenience store robberies in Tallahassee. Fla. Police J. 34:65–69
    [Google Scholar]
  81. Jeong ES, Kim IS, Lee DH 2016. SafeGuard: a behavior based real-time malware detection scheme for mobile multimedia applications in android platform. Multimed. Tools Appl. 76:18153–73
    [Google Scholar]
  82. Johnston AC, Warkentin M 2010. Fear appeals and information security behaviors: an empirical study. MIS Q 34:549–66
    [Google Scholar]
  83. Jordan T, Taylor P 1998. A sociology of hackers. Sociol. Rev. 46:757–80
    [Google Scholar]
  84. Karami M, Park Y, McCoy D 2016. Stress testing the booters: understanding and undermining the business of DDoS services. Proceedings of the 25th International Conference on World Wide Web1033–43 Geneva, Switz.: Int. World Wide Web Conf. Steer. Comm.
    [Google Scholar]
  85. Kigerl A 2012. Routine activity theory and the determinants of high cybercrime countries. Soc. Sci. Comput. Rev. 30:470–86
    [Google Scholar]
  86. Kraemer-Mbula E, Tang P, Rush H 2013. The cybercrime ecosystem: online innovation in the shadows. ? Technol. Forecast. Soc. Change 80:541–55
    [Google Scholar]
  87. Kremling J, Parker AM 2017. Cyberspace, Cybersecurity, and Cybercrime Thousand Oaks, CA: SAGE
  88. Lauritsen JL, Rezey ML 2018. Victimization trends and correlates: Macro- and microinfluences and new directions for research. Annu. Rev. Criminol. 1:103–21
    [Google Scholar]
  89. Lessig L 2009. Code: And Other Laws of Cyberspace, Version 2.0 New York: Basic Books
    [Google Scholar]
  90. Leukfeldt R, Kleemans E, Stol W 2017. Origin, growth and criminal capabilities of cybercriminal networks. An international empirical analysis. Crime Law Soc. Change 67:39–53
    [Google Scholar]
  91. Leukfeldt ER, Yar M 2016. Applying routine activity theory to cybercrime: a theoretical and empirical analysis. Deviant Behav 37:263–80
    [Google Scholar]
  92. Lévesque LF, Nsiempba J, Fernandez JM, Chiasson S, Somayaji A 2013. A clinical study of risk factors related to malware infections. Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security97–108 New York: ACM
    [Google Scholar]
  93. Lévesque FL, Fernandez JM, Batchelder D, Young G 2016. Are they real? Real-life comparative tests of antivirus products. Virus Bulletin Conference1–11 Abingdon, UK: Virus Bull.
    [Google Scholar]
  94. Lewis JA 2018. Economic impact of cybercrime: at $600 billion and counting—no slowing down CSIS Rep., Cent. Strateg. Int. Stud. Washington, DC: https://www.csis.org/analysis/economic-impact-cybercrime
  95. Louderback ER, Antonaccio O 2017. Exploring cognitive decision-making processes, computer-focused cyber deviance involvement and victimization: the role of thoughtfully reflective decision-making. J. Res. Crime Delinquency 54:639–79
    [Google Scholar]
  96. Luckenbill DF 1977. Criminal homicide as a situated transaction. Soc. Probl. 25:176–86
    [Google Scholar]
  97. Luo X, Liao Q 2009. Ransomware: a new cyber hijacking threat to enterprises. Handbook of Research on Information Security and Assurance JND Gupta, S Sharma 1–6 Hershey, PA: IGI Glob.
    [Google Scholar]
  98. Macdonald M, Frank R 2017. The network structure of malware development, deployment and distribution. Glob. Crime 18:49–69
    [Google Scholar]
  99. Maimon D, Alper M, Sobesto B, Cukier M 2014. Restrictive deterrent effects of a warning banner in an attacked computer system. Criminology 52:33–59
    [Google Scholar]
  100. Maimon D, Kamerdze A, Cukier M, Sobesto B 2013. Daily trends and origin of computer-focused crimes against a large university computer network. Br. J. Criminol. 53:319–43
    [Google Scholar]
  101. Marcum CD, Higgins GE, Ricketts ML, Wolfe SE 2014. Hacking in high school: cybercrime perpetration by juveniles. Deviant Behav 35:581–91
    [Google Scholar]
  102. McGuire M 2012. Organised Crime in the Digital Age London: John Grieve Cent. Polic. Secur.
  103. McGuire M, Dowling S 2013. Cyber crime: a review of the evidence. Summary of key findings and implications Home Off. Res. Rep., Home Off. London:
    [Google Scholar]
  104. McHugh J 2000. Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln laboratory. ACM Trans. Inf. Syst. Secur. 3:262–94
    [Google Scholar]
  105. Meier RF, Kennedy LW, Sacco VF 2001. The Process and Structure of Crime New York: Routledge
  106. Moore T, Clayton R, Anderson R 2009. The economics of online crime. J. Econ. Perspect. 23:3–20
    [Google Scholar]
  107. Morris MR, Ryall K, Shen C, Forlines C, Vernier F 2004. Beyond social protocols: multi-user coordination policies for co-located groupware. Proceedings of the 2004 ACM Conference on Computer Supported Cooperative Work262–65 New York: ACM
    [Google Scholar]
  108. Morris RG 2011. Computer hacking and the techniques of neutralization: an empirical assessment. Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications TJ Holt, BH Schell 1–17 Hershey, PA: IGI Glob.
    [Google Scholar]
  109. NCA. 2016. NCA strategic cyber industry group cyber crime assessment 2016 NCA Rep., Natl. Crime Agency Strateg. Cyber Ind. Group London: http://www.nationalcrimeagency.gov.uk/publications/709-cyber-crime-assessment-2016/file
  110. Ngo F, Paternoster R 2011. Cybercrime victimization: an examination of individual and situational level factors. Int. J. Cyber Criminol. 5:773–93
    [Google Scholar]
  111. NIST. 2014. Framework for improving critical infrastructure cybersecurity: version 1.0 NIST Rep., Natl. Inst. Stand. Technol. Gaithersburg, MD: https://www.nist.gov/sites/default/files/documents/cyberframework/cybersecurity-framework-021214.pdf
    [Google Scholar]
  112. Ooi KW, Kim SH, Wang QH, Hui KL 2012. Do hackers seek variety? An empirical analysis of website defacements. Proceedings of the 33rd Interanational Conference on Information Systems1–10 Atlanta, GA: AIS
    [Google Scholar]
  113. Overvest B, Straathof B 2015. What drives cybercrime? Empirical evidence from DDoS attacks CPB Disc. Pap. 306, CPB Neth. Bur. Econ. Policy Anal. Hague:
  114. Papanikolaou A, Vlachos V, Venieris A, Ilioudis C, Papapanagiotou K, Stasinopoulos A 2013. A framework for teaching network security in academic environments. Inf. Manag. Comput. Secur. 21:315–38
    [Google Scholar]
  115. Park JH, Yi KJ, Jeong Y-S 2014. An enhanced smartphone security model based on information security management system (ISMS). Electron. Commerce Res. 14:321–48
    [Google Scholar]
  116. Paternoster R, Pogarsky G 2009. Rational choice, agency and thoughtfully reflective decision making: the short and long-term consequences of making good choices. J. Quant. Criminol. 25:103–27
    [Google Scholar]
  117. Police Exec. Res. Forum (PERF). 2014. The Role of Local Law Enforcement Agencies in Preventing and Investigating Cybercrime Washington, DC: PERF
  118. Pratt TC, Cullen FT 2000. The empirical status of Gottfredson and Hirschi's general theory of crime: a meta‐analysis. Criminology 38:931–64
    [Google Scholar]
  119. Priv. Rights Clearinghouse (PRCH). 2017. Privacy rights clearinghouse. PRCH http://www.privacyrights.org
  120. Rantala RR 2008. Cybercrime against businesses, 2005 Bur. Justice Stat. Spec. Rep. NCJ 221943, US Dep. Justice Washington, DC: http://www.justiceacademy.org/iShare/Library-BJS/CyberCrimes.pdf
    [Google Scholar]
  121. Reyns BW 2015. A routine activity perspective on online victimisation: results from the Canadian General Social Survey. J. Financ. Crime 22:396–411
    [Google Scholar]
  122. Riffkin R 2014. Hacking tops list of crimes Americas worry about most. Gallup Oct 27. https://news.gallup.com/poll/178856/hacking-tops-list-crimes-americans-worry.aspx
  123. Richards K, LaSalle R, Devost M, van den Dool F, Kennedy-White J 2017. 2017 cost of cybercrime study. Accenture https://www.accenture.com/us-en/insight-cost-of-cybercrime-2017
  124. Rogers RW 1975. A protection motivation theory of fear appeals and attitude change. J. Personal. 91:93–114
    [Google Scholar]
  125. Rogers MK 2006. A two-dimensional circumplex approach to the development of a hacker taxonomy. Digit. Investig. 3:97–102
    [Google Scholar]
  126. Sampson RJ 2012. Great American City: Chicago and the Enduring Neighborhood Effect Chicago: Univ. Chicago Press
    [Google Scholar]
  127. Sampson RJ, Laub JH 1993. Crime in the Making: Pathways and Turning Points Through Life Cambridge, MA: Harvard Univ. Press
  128. Schell BH, Dodge JL 2002. The Hacking of America: Who's Doing It, Why, and How Westport, CT: Greenwood Publ.
    [Google Scholar]
  129. Scott MS 2003. The Benefits and Consequences of Police Crackdowns Washington, DC: Off. Comm. Oriented Polic. Serv.
  130. Seebruck R 2015. A typology of hackers: classifying cyber malfeasance using a weighted arc circumplex model. Digit. Investig. 14:36–45
    [Google Scholar]
  131. Short JF 1998. The level of explanation problem revisited: the American Society of Criminology 1997 presidential address. Criminology 36:3–6
    [Google Scholar]
  132. Siponen M, Pahnila S, Mahmood MA 2010. Compliance with information security policies: an empirical investigation. Computer 43:64–71
    [Google Scholar]
  133. Siponen M, Vance A 2010. Neutralization: new insights into the problem of employee information systems security policy violations. MIS Q 34:487–502
    [Google Scholar]
  134. Siponen M, Willison R 2009. Information security management standards: problems and solutions. Inf. Manag. 46:267–70
    [Google Scholar]
  135. Skinner WF, Fream AM 1997. A social learning theory analysis of computer crime among college students. J. Res. Crime Delinquency 34:495–518
    [Google Scholar]
  136. Sloan-Howitt M, Kelling GL 1990. Subway graffiti in New York City: Gettin’ up versus meanin’ it and cleanin’ it. Secur J 1:131–36
    [Google Scholar]
  137. Spano R, Freilich JD 2009. An assessment of the empirical validity and conceptualization of individual level multivariate studies of lifestyle/routine activities theory published from 1995 to 2005. J. Crim. Justice 37:305–14
    [Google Scholar]
  138. Steinmetz KF 2015. Craft(y)ness: an ethnographic study of hacking. Br. J. Criminol. 55:125–45
    [Google Scholar]
  139. Stockman M, Heile R, Rein A 2015. An open-source honeynet system to study system banner message effects on hackers. Proceedings of the 4th Annual ACM Conference on Research in Information Technology19–22 New York: ACM
    [Google Scholar]
  140. Storm D 2015. MEDJACK: hackers hijacking medical devices to create backdoors in hospital networks. Computerworld June 8. https://www.computerworld.com/article/2932371/cybercrime-hacking/medj1ack-hackers-hijacking-medical-devices-to-create-backdoors-in-hospital-networks.html
  141. Sykes GM, Matza D 1957. Techniques of neutralization: a theory of delinquency. Am. Sociol. Rev. 22:664–70
    [Google Scholar]
  142. Taylor PA 1999. Hackers: Crime in the Digital Sublime London: Routledge
    [Google Scholar]
  143. Testa A, Maimon D, Sobesto B, Cukier M 2017. Illegal roaming and file manipulation on target computers. Criminol. Public Policy 16:689–726
    [Google Scholar]
  144. Torres JM, Sarriegi JM, Santos J, Serrano N 2006. Managing information systems security: critical success factors and indicators to measure effectiveness. International Conference on Information Security530–45 Berlin: Springer
    [Google Scholar]
  145. Tseloni A, Mailley J, Farrell G, Tilley N 2010. Exploring the international decline in crime rates. Eur. J. Criminol. 7:375–94
    [Google Scholar]
  146. Valnour. 2009. Revenge is a dish best served cold. Hacker Q 26:32
    [Google Scholar]
  147. Van Wilsem J 2013. Hacking and harassment—do they have something in common? Comparing risk factors for online victimization. J. Contemp. Crim. Justice 29:437–53
    [Google Scholar]
  148. Waldrop MM 2016. How to hack the hackers: the human side of cybercrime. Nature 533:164–67
    [Google Scholar]
  149. Wall DS 2001. Crime and the Internet New York: Routledge
  150. Wall DS 2007. Policing cybercrimes: situating the public police in networks of security within cyberspace. Police Practice Res 8:183–205
    [Google Scholar]
  151. Wall DS 2013. Enemies within: redefining the insider threat in organizational security policy. Secur. J. 26:107–24
    [Google Scholar]
  152. Wang J, Gupta M, Rao HR 2015. Insider threats in a financial institution: analysis of attack-proneness of information systems applications. MIS Q 39:91–112
    [Google Scholar]
  153. Wilbur KC, Zhu Y 2009. Click fraud. Mark. Sci. 28:293–308
    [Google Scholar]
  154. Wilcox P, Cullen FT 2018. Situational opportunity theories of crime. Annu. Rev. Criminol. 1:123–48
    [Google Scholar]
  155. Wilson T, Maimon D, Sobesto B, Cukier M 2015. The effect of a surveillance banner in an attacked computer system: additional evidence for the relevance of restrictive deterrence in cyberspace. J. Res. Crime Delinquency 52:829–55
    [Google Scholar]
  156. Willison R, Siponen M 2009. Overcoming the insider: reducing employee crime through Situational Crime Prevention. Commun. ACM 52:133–37
    [Google Scholar]
  157. Wolfe SE, Higgins GE, Marcum CD 2008. Deterrence and digital piracy: a preliminary examination of the role of viruses. Soc. Sci. Comput. Rev. 26:317–33
    [Google Scholar]
  158. Workman M, Bommer WH, Straub D 2008. Security lapses and the omission of information security measures: a threat control model and empirical test. Comput. Hum. Behav. 24:2799–816
    [Google Scholar]
  159. Yar M 2005. The novelty of cybercrime: an assessment in light of routine activity theory. Eur. J. Criminol. 2:407–27
    [Google Scholar]
  160. Yip M, Shadbolt N, Webber C 2013. Why forums? An empirical analysis into the facilitating factors of carding forums. Proceedings of the 5th Annual ACM Web Science Conference453–62 New York: ACM
    [Google Scholar]
  161. Young R, Zhang L, Prybutok VR 2007. Hacking into the minds of hackers. Inf. Syst. Manag. 24:281–87
    [Google Scholar]
  162. Yu S 2014. Fear of cyber crime among college students in the United States: an exploratory study. Int. J. Cyber Criminol. 8:36–46
    [Google Scholar]
  163. Yucedal B 2010. Victimization in cyberspace: an application of Routine Activity and Lifestyle Exposure theories PhD Diss., Kent State Univ. Kent, OH:
    [Google Scholar]
  164. Zimring WD 2006. The Great American Crime Decline New York: Oxford Univ. Press
/content/journals/10.1146/annurev-criminol-032317-092057
Loading
  • Article Type: Review Article
This is a required field
Please enter a valid email address
Approval was a Success
Invalid data
An Error Occurred
Approval was partially successful, following selected items could not be processed due to error