Editor: Angela Sasse, A.Sasse@cs.ucl.ac.uk

IN OUR ORBIT

1540-7993/13/$31.00 © 2013 IEEE Copublished by the IEEE Computer and Reliability Societies September/October 2013 93

Crime Science and the Internet Battlefield:Securing the Analog World from Digital Crime

Kacper Gradon | University of Warsaw and University College London

C rime science is a relatively new field. Based on an ideological

and theoretical framework designed in the late 1990s by a group of sci-entists and practitioners, it took on its current institutional form in the Jill Dando Institute at University College London (originally led by Gloria Laycock and now headed by Richard Wortley) 12 years ago. In the US, Temple University’s Center for Security and Crime Sci-ence (directed by Jerry Ratcliffe) established crime science in 2010. Other eminent scholars include David Kennedy ( John Jay College of Criminal Justice), Marcus Felson and Kim Rossmo (Texas State Uni-versity), Ronald Clarke (Rutgers School of Criminal Justice), and Paul and Patricia Brantingham (Simon Fraser University in Canada).

Thanks to popular TV series, most people think of crime scene investigation or offender profil-ing when they hear the term crime science, but there’s little overlap between the two: rather than solve crimes, crime science scholars try

to identify those factors that make certain crime events more likely to occur in specific situations, and then translate their understand-ing into the development of pro-active crime-prevention strategies and policies. At its core, crime sci-ence is the application of science to crime control (reducing crime by its prevention, disruption, and detec-tion).1 The discipline is focused on crime per se—specifically, its near or immediate causes and circum-stances (that is, where it significantly differs from the traditional crimino-logical approaches). The research is problem driven and evidence based and relies extensively on collect-ing and analyzing empirical (and verifiable) data. It’s also multidis-ciplinary: cooperation with prac-titioners in all relevant fields is of paramount importance (see www.ucl.ac.uk/scs/about-us/#tabs-2).

Coming to TermsThe “crime” part of crime science tends to have a much broader mean-ing than its legal definition and

includes such deeds as deviance, disorder, antisocial behavior, acts of terrorism, and offenses occurring in cyberspace. These latter acts aren’t usually defined as cybercrimes in the popular sense of the word, unless we use a broader definition that describes cybercrime as “behaviour in which computers or networks are a tool, a target, or a place of crimi-nal activity” (emphasis added).2 It’s very important to distinguish between the popular perception of what cybercrime is and its larger and more modern form and capacity.

Until recently, studies about the Internet’s potential as a tool that attackers could use in real life were practically nonexistent. The latest paper that proposes merg-ing the disciplines of crime science and information security analyzed the literature over the past 15 years and found that only a tiny propor-tion of articles mentioned the word “crime.”3 Even then, the source material focused on threats limited to cyberspace such as phishing, fraud, and offensive content.

Although Pieter Hartel and his colleagues were the first to bring for-ward the idea of cybercrime science, they focused on the Internet used only as a location of criminal activ-ity; indeed, in most publications, the Internet’s criminal applications are primarily associated with crimes committed online, principally moti-vated by economic gain.3 Identity theft, social- engineering techniques such as phishing and baiting, wide-spread fraud such as advance-fee, Nigerian, and 419 scams,4 and mass-scale copyright infringements have all developed in parallel with the Web.

But the Internet has also become a platform for other forms of crime, such as cybertorts (ransomware), defamation, and the transfer and exchange of illegal content, and lit-tle by little, the criminal element is incorporating all things cyber into real-world criminal activities. In fact, many criminals now turn to the Inter-net to conduct their illegal activities. To keep up, law enforcement and criminal justice scholars and practi-tioners can start to use crime science to understand the immediate causes and important factors of a particu-lar form of cybercrime by answer-ing why, where, when, by whom, and how a specific offense was commit-ted and determining how to prevent it. Then, they can offer the suitable answers to the problems in question using the most classic crime science approaches, which include increas-ing the effort in committing a crime, increasing the risk of the crime,

reducing the rewards from crime, reducing the provocations that invite criminal behavior, and removing the excuses for criminal behavior. Some of these solutions might be purely technical in nature, while others might simply require appropriate changes in legislation.5

A New Battlefield“Traditional” forms of cybercrime are well analyzed in the academic literature. Even though their effects might be sensed or experienced in the real world, the definitional “place of criminal activity” is still located somewhere in cyberspace. However, in recent years, there has been a substantial shift in the use of the Internet for criminal purposes, and the number of incidents in which the technology is used purely as a tool to commit crime in real-life circumstances has increased. There’s still a considerable and

worrying lack of scientific literature about this newly emerging problem.

The motivation behind the use of cyberspace for illegal purposes is straightforward: it’s an inexpensive instrument that’s readily available, thus it lets criminals prepare and commit their crimes with limited effort and reduced risk. Moreover, for a new generation of offenders, it’s already a natural part of their daily lives as well as the number-one source of information and data. We can safely assume that the prev-alence of Internet-based crime will only increase as new generations of offenders take advantage of upcom-ing technological developments.

In addition, the Internet is a fan-tastic tool for gathering attack infor-mation. Perpetrators use it during multiple stages of criminal behav-ior,6 such as performing reconnais-sance, purchasing tools or weapons, profiling or monitoring victims (establishing if the victim is a high or low risk and learning about his or her lifestyle, customs, income, mental makeup, and even physi-cal fitness, a perfect example of the severely underestimated use of the open source intelligence found on the Internet, particularly on Web 2.0 social networking sites), launch-ing the attack, destroying evidence, preparing an alibi, manipulating or threatening witnesses, broadcast-ing threats or manifestos, recruiting new people to a cause, or setting up a decoy.

Essentially, the Internet is a new battlefield,7 where offenders and law enforcement agencies fight for dominance. The area is continu-ously expanding, taking over several categories of crime that should the-oretically be as “analog” as possible, but we’ve seen the Internet used as a tool in violent crimes (school shootings), sexual crimes (stalk-ing), property crimes (burglary), financial and white collar crimes (insider trading), and national secu-rity crimes (cyberwarfare).

Advertising PersonnelMarian AndersonSr. Advertising CoordinatorEmail: manderson@computer.orgPhone: +1 714 816 2139Fax: +1 714 821 4010

Sandy BrownSr. Business Development Mgr.Email: sbrown@computer.orgPhone: +1 714 816 2144Fax: +1 714 821 4010

Advertising Sales Representa-tives (display)Central, Northwest, Far East:Eric KincaidEmail: e.kincaid@computer.orgPhone: +1 214 673 3742Fax: +1 888 886 8599

Northeast, Midwest, Europe,Middle East:Ann & David SchisslerEmail: a.schissler@computer.org,

d.schissler@computer.orgPhone: +1 508 394 4026Fax: +1 508 394 1707

Southwest, California:Mike HughesEmail: mikehughes@computer.orgPhone: +1 805 529 6790

Southeast:Heather BuonadiesEmail: h.buonadies@computer.orgPhone: +1 973-340-4123Fax: +1 973 585 7071

Advertising SalesRepresentative(Classi� ed Line & Jobs Board)Heather BuonadiesEmail: h.buonadies@computer.orgPhone: +1 973-340-4123Fax: +1 973 585 7071

ADVERTISER INFORMATION • SEPTEMBER/OCTOBER 2013

94 IEEE Security & Privacy September/October 2013

IN OUR ORBIT

The use of online tools by ter-rorist groups requires special atten-tion: such incidents have already occurred with the Lashkar-e-Taiba group attacks in Mumbai (2008) and the attempted bombings of Chicago-bound cargo flights from Yemen (2010). Strong evi-dence supports the thesis that the Internet and technologies linked to it (such as voice-over-IP com-munication and satellite naviga-tion) play an increasing role in terrorist strategies. But modern technologies— smartphones, GPS, digital photography, satellite map-ping, webcams, encryption tools, and Tor networks—in the context of crime and terrorism represent a substantial research gap.

The most important practical problem is that criminal or terrorist acts committed via the Internet are geopolitically border agnostic: their perpetrators can operate simultane-ously in several jurisdictions, and the flexibility and relatively high secrecy available to them hamper the potential for prevention, detec-tion, and prosecution. Even though the EU’s member states and the wider international community aim to harmonize and unify their law enforcement approach, numerous discrepancies still exist and the sheer nature of the threats associated with criminal use of the Internet requires that these divergences be unified with properly designed and tested strategies. Although it might seem natural that such issues should be a domain of politicians and legislators, the design of universal strategies and intervention measures is actually in the hands of scientists, industry, and users. Realistically speaking, it would be naïve to expect the interna-tional legal community to come up with an all-inclusive and up-to-date, universally agreed set of solutions. Until now, no such strategy has been designed, tested, or implemented.

The severity of the threats and their potential consequences

require joint procedures about problem prevention, identification, and recognition; risk detection and assessment; evidence investigation, gathering, and presentation; and crisis management regulations. Not only do legal systems and operational procedures need to be unified to some extent, but law enforcement techniques, tactics, strategies, and methodologies will also need to operate in a similar fashion. Obviously, this will involve handling issues such as civil liberties, privacy laws, and personal rights and freedoms with utmost care. The philosophical and legal conflict of two basic rights protected by law—to privacy and to safety—must be balanced and addressed as well.

The investigative dimension of law enforcement is perhaps the most problematic. The so-called dragnet approach to finding crimi-nal activity on the Internet is impos-sible due to technical limitations and legal constraints; a more plau-sible option might be a targeted harpoon-style approach that uses precise IT instruments to pinpoint threats and identify perpetrators.

I n most cases, law enforcement agencies are at least one step

behind perpetrators, which man-dates strategies designed and cali-brated to improve security and resilience as well as to mitigate the consequences of an attack. The growing community of crime sci-ence experts, scholars, and practi-tioners can collaborate to identify plausible solutions to these issues and perform empirical research to validate them. Crime science, with its multidisciplinary, evidence-based, practice-oriented methodol-ogy, offers the perfect platform for studying contemporary crime.

References1. G. Laycock, “Special Edition on

Crime Science,” Policing: A J. Policy

and Practice, vol. 2, no. 2, 2008, pp. 149–153.

2. G.R. Newman, “Cybercrime,” Hand-book on Crime and Deviance, M.D. Krohn, A.J. Lizotte, and G. Penly Hall, eds., Springer, 2009, p. 557.

3. P. Hartel, M. Junger, and R. Wier-inga, “Cyber-Crime Science = Crime Science + Information Secu-rity,” tech. report TR-CTIT-10-34, Centre for Telematics and Infor-mation Technology, Univ. Twente, Enschede, 2010.

4. M. Blakeslee, Internet Crimes, Torts and Scams: Investigation and Rem-edies, Oxford Univ. Press, 2010.

5. R.J. Anderson, Security Engineer-ing: A Guide to Building Depend-able Distributed Systems, 2nd ed., Wiley, 2008.

6. K. Gradon, “Internet Crime,” Ency-clopedia of Transnational Crime and Justice, M.E. Beare, ed., Sage, 2012, p. 212.

7. K. Gradon, “Internet as a New Criminal Battleground? An Essay on the Future Trends in Crime,” Academic Rev. Disputatio, vol. 12, Dec. 2011, pp. 152–160.

Kacper Gradon is an associate pro-fessor on the Faculty of Law at the University of Warsaw and an honorary senior research associ-ate in the Department of Security and Crime Science at University College London. Contact him at k.gradon@ucl.ac.uk.

Selected CS articles and columns are also available for free at

http://ComputingNow.computer.org.

FOLLOW US@s e cur it ypr ivac y

www.computer.org/security 95