This module is a resource for lecturers
Cybercrime in brief
There is no universally accepted definition of cybercrime. However, the following definition includes elements common to existing cybercrime definitions. Cybercrime is an act that violates the law, which is perpetrated using information and communication technology (ICT) to either target networks, systems, data, websites and/or technology or facilitate a crime (e.g., Goodman, and Brenner, 2002; Wall, 2007; Wilson, 2008; ITU, 2012; Maras, 2014; Maras, 2016). Cybercrime differs from traditional crime in that it "knows no physical or geographic boundaries" and can be conducted with less effort, greater ease, and at greater speed than traditional crime (although this depends on the type of cybercrime and type of crime it is being compared to) (Maras, 2014; for information about different types of cybercrime, see Cybercrime Module 2 on General Types of Cybercrime).
Europol (2018) differentiates cybercrime into cyber-dependent crimes (i.e., "any crime that can only be committed using computers, computer networks or other forms of information communication technology;" McGuire and Dowling, 2013, p. 4; Europol, 2018, p. 15) and cyber-enabled crimes (i.e., traditional crimes facilitated by the Internet and digital technologies). The key distinction between these categories of cybercrime is the role of ICT in the offence - whether it is the target of the offence or part of the modus operandi (or M.O.; i.e., method of operation) of the offender (UNODC, 2013, p. 15). When ICT is the target of the offence, this cybercrime negatively affects the confidentiality, integrity and/or availability of computer data or systems (UNODC, 2013). Confidentiality, integrity and availability make up what is known as the "CIA Triad" (Rouse, 2014): put simply, private information should stay private, it should not be changed without permission from the owner, and data, services, and systems should be accessible to the owner at all times. When the ICT is part of the M.O., the cybercrime involves a traditional crime (e.g., fraud and theft) facilitated in some way by the Internet and digital technologies. These categories and the types of cybercrime that fall under them are explored in greater detail in Cybercrime Module 2 on General Types of Cybercrime.
Cybercrime can be perpetrated by individuals, groups, businesses, and nation-states. While these actors may use similar tactics (e.g., using malicious software) and attack similar targets (e.g., a computer system), they have different motives and intent for committing cybercrimes (Wall, 2007). Various studies of cybercrimehave been conducted (see, for example, studies published by Deviant Behavior and the International Journal of Cyber Criminology). These studies have examined cybercrime through the lens of psychology, sociology, and criminology, as well as other academic disciplines (Jaishankar, 2011; Chapter 11, Holt, Bossler, and Seigfried-Spellar, 2018; see also Chapters 5-9, Maras, 2016, for a review of cybercrime studies from multiple disciplines). Some literature explains criminals' actions as an outcome of rational and free choice, while other literature considers criminality as a product of internal and/or external forces (see, for example, key and classical works on criminology included in Mclaughlin and Muncie, 2013; see also Organized Crime Module 6 on Causes and Facilitating Factors of Organized Crime, for information about some of these theories). Other works have examined the role of "space" in cybercrime, particularly the role of online spaces and online communities in the cultural transmission of criminal and/or delinquent values (Evans, 2001; see also Chapter 6, Maras, 2016). These scientific studies on cybercrime seek to shed light on the impact of cybercrime, "the nature and extent of cybercrime, assess reactions to cybercrime and the implications of these reactions, and evaluate the efficacy of existing methods used in the control, mitigation, and prevention of cybercrime" (Maras, 2016, p. 13).
The Cybercrime University Module Series covers the application of some of these theories on cybercrime and cybercrime-related issues in Module 5 on Cybercrime Investigation, Module 8 on Cybersecurity and Cybercrime: Strategies, Policies and Programmes, Module 9 on Cybersecurity and Cybercrime Prevention: Practical Applications and Measures, Module 11 on Cyber-Enabled Intellectual Property Crime, and Module 12 on Interpersonal Cybercrime. There are too many theories to be able to cover them in the overviews of the topics provided in the Cybercrime Modules. However, the core and advanced readings featured in the Cybercrime Modules include studies from various disciplines that can be reviewed and the material from these studies can be incorporated in the lecture material based on and developed from the Modules.
Next: Cybercrime trends