CERT Communication II – The research project with the cryptic title sheds light on a dark chapter: Who are the people who scale Firewalls and penetrate computer systems? The classic hacker really does exist. But also organized professionals and – housewives. Project leader Edith Huber from Danube University Krems and her research team analyzed case records and identified three types.
Hackers, crackers, cyber terrorists, script kiddies, cyber stalkers, bullies, groomers … in the meantime, besides the classic and commonly used general term “hacker” for internet criminals, many more descriptions have joined the club. The number of internet criminals is growing, economic crime in particular is conquering the internet. According to the latest cybercrime report published by the Interior Ministry in 2016, the number of reported incidents rose by more than 30 percent between 2015 and 2016, to 13,103 cases. Trend #1: ransomware, i.e. digital blackmailing people and companies.
What type of people law enforcers have to deal with was the subject of the security research programme KIRAS of the Federal Ministry of Transport, Innovation and Technology sponsored by the CERT-Kommunikation II research project. By means of random sampling it analyzed 399 out of a total of 5,400 recorded offenders and victim profiles, typical modus operandi, successful investigation methods and court rulings. This was based on the cybercrime cases in the official crime statistics of the years 2006 to 2016 concerning criminal convictions by the Vienna regional court.
“As in other types of crime, cybercrime is not committed by any specific group of criminals. In order to obtain a tangible image of the perpetrators nonetheless, these underwent profiling in the project,” says Dr. Edith Huber, who headed the study and, together with colleagues, published the e-book „The Cybercriminals from Vienna“ from the project in the spring of 2018, with results valid for all of Austria. Three types emerged from the cluster analysis according to demographic characteristics.
Type 1: The Business Man
The first perpetrator type accounts for 31 percent of the cases, is always male and on average 35 years of age. They are the most highly educated. Almost a third has a university degree or completed some form of tertiary education, and 26 percent completed secondary education. Approximately half of this type is in regular employment.
Huber: “The Business Man is the type most likely to act from a fixed workplace, often in IT or having formerly worked in IT. They demonstrate a more complex modus operandi, plan their crime well in advance and choose their victims carefully.”
Type 2: The Housewife
The second group makes up 18 percent of the cases and consists almost entirely of women, on average 32 years of age. Only very few – 6 percent – have graduated from university, half have not even completed secondary education. Almost a third of cybercrime housewives do not have regular jobs, and are not on maternity leave or retired.
Type 3: The Loser
The third perpetrator type makes up 51 percent, is always male and responsible for the majority of the cases. Losers are on average 30 years old, have no higher education and no regular job. This group includes the majority of young people under 20. They often come from very troubled family backgrounds, says Edith Huber, or have drug-related problems.
High-tech crime elite
Huber identifies two major developments over the past few years: “First, everyday crime is shifting more and more to the internet; second, a high-tech criminal elite has formed.” According to the social scientist, there has been a dramatic increase in identity theft offences, for example unlawful use of debit/credit cards for payment, illegal shopping in online stores, or illegal money transfers. In the past there were pickpockets; today, online payment data is stolen. Another trend is the huge rise in social engineering attacks, white collar crime and hacking. Professionals are at work here, usually organized in mafia-type structures. Lone perpetrators, on the other hand, usually have personal motives.
Although statistically the main motive is financial gain, the research project also revealed personal motives such as revenge, attention seeking and showing off, or hacktivism.
Even though cybercrime happens all over the world due to the borderless nature of the internet, concentrations are observed in Russia, China, North Korea and the USA. How many cyber attacks come from Austria itself and how many from other countries cannot be determined at this time, says Edith Huber, who in addition to her research work at Danube University Krems heads the Executive Support Team for Research Service and International Affairs. Reporting cybercrime attacks will only become obligatory once the cyber security law (currently still being drafted) comes into force, says Huber.
Web enables larger targets
What does the future of cybercrime look like? Huber: “A forecast is difficult. Generally speaking, the more people and devices become web-enabled, the more networked people become; and the greater the dependencies on this networking, the larger the target for criminals. This starts with the car or the lawn mower, who send data to the manufacturer, and moves through to health or financial data administration. Comprehensive protection will not be possible here.”
For detailed findings of the study, see the e-book:
Edith Huber, Bettina Pospisil „Die Cyberkriminellen aus Wien, 2006-2016, Krems 2018, Tredition - Edition Donau-Universität Krems.
16th Danube University Krems Security Conference
„Digital Disorder“ – „Digitale Unordnung“ – Cybercrime and the Human Factor
24.10.2018, Begin 09:00am, Audimax Danube University Krems