Skip to main content

Über dieses Buch

This book comprises an authoritative and accessible edited collection of chapters of substantial practical and operational value. For the very first time, it provides security practitioners with a trusted reference and resource designed to guide them through the complexities and operational challenges associated with the management of contemporary and emerging cybercrime and cyberterrorism (CC/CT) issues.

Benefiting from the input of three major European Commission funded projects the book's content is enriched with case studies, explanations of strategic responses and contextual information providing the theoretical underpinning required for the clear interpretation and application of cyber law, policy and practice, this unique volume helps to consolidate the increasing role and responsibility of society as a whole, including law enforcement agencies (LEAs), the private sector and academia, to tackle CC/CT.

This new contribution to CC/CT knowledge follows a multi-disciplinary philosophy supported by leading experts across academia, private industry and government agencies. This volume goes well beyond the guidance of LEAs, academia and private sector policy documents and doctrine manuals by considering CC/CT challenges in a wider practical and operational context. It juxtaposes practical experience and, where appropriate, policy guidance, with academic commentaries to reflect upon and illustrate the complexity of cyber ecosystem ensuring that all security practitioners are better informed and prepared to carry out their CC/CT responsibilities to protect the citizens they serve.



Approaching Cybercrime and Cyberterrorism Research


Megatrends and Grand Challenges of Cybercrime and Cyberterrorism Policy and Research

What are grand challenges of cybercrime and cyberterrorism policy and research for the coming one or two decades? To answer this question, we first need to grasp some major trends that influence the future of cybercrime and cyberterrorism, and the combatting thereof, in fundamental ways. This chapter therefore starts with sketching seven megatrends in technology and society: Internet as the infrastructure of everything, autonomic technologies, datafication, the onlife world, the transformation of crime, the fourth generation of cybercrime as attacks on the Internet of Things and People, and the gradual erosion of privacy. Against this background, seven grand challenges for keeping societies secure and inclusive against the threats of CC/CT are presented: underground marketplaces, hiding technologies, ubiquitous data, smart regulation, smart organisation, designing technology, and preserving the human rights framework in a volatile context.
Bert-Jaap Koops

Towards a Systematic View on Cybersecurity Ecology

Current network security systems are progressively showing their limitations. One credible estimate suggests that only about 45 % of new threats are detected. Therefore it is vital to find a new direction that cybersecurity development should follow. We argue that the next generation of cybersecurity systems should seek inspiration in nature. This approach has been used before in the first generation of cybersecurity systems; however, since then cyber threats and environment have evolved significantly, and accordingly the first-generation systems have lost their effectiveness. A next generation of bio-inspired cybersecurity research is emerging, but progress is hindered by the lack of a framework for mapping biological security systems to their cyber analogies. In this paper, using terminology and concepts from biology, we describe a cybersecurity ecology and a framework that may be used to systematically research and develop bio-inspired cybersecurity.
Wojciech Mazurczyk, Szymon Drobniak, Sean Moore

Challenges Priorities and Policies: Mapping the Research Requirements of Cybercrime and Cyberterrorism Stakeholders

The following chapter provides an in depth look at a broad selection challenges related to Cybercrime and Cyberterrorism, as identified through prolonged engagement with a multitude of horizontal and vertical cyber-security stakeholders. Out of six critical areas identified, the two leading causes, were through the evolving rate of technology, and, the subsequent lack of education, awareness and training. These two underlying factors further influenced and affected the severity of the additional four critical areas; the capability of investigators, cooperation and information sharing, legislative systems and data protection, and, organisational and societal resilience. Through the consultation and elicitation of information from over 90 individual domain experts, practitioners and security stakeholders, the research of this chapter is dedicated towards improving international awareness towards leading threats, vulnerabilities, and challenges to the continually evolving sphere of cybersecurity.
Douglas Wells, Ben Brewster, Babak Akhgar

A (Cyber)ROAD to the Future: A Methodology for Building Cybersecurity Research Roadmaps

We describe the roadmapping method developed in the context of the CyberROAD EU FP7 project, the aim of which was to develop a research roadmap for cybercrime and cyberterrorism. To achieve this aim we build on state-of-the-art methodologies and guidelines, as well as related projects, and adapt them to the specific characteristics of cybercrime and cyberterrorism. The distinctive feature is that cybercrime and cyberterrorism co-evolve with their contextual environment (i.e., technology, society, politics and economy). This poses specific challenges to a roadmapping effort. Our approach could become a best practice in the field of cybersecurity, and could also be generalised to phenomena that exhibit a similar, strong co-evolution with their contextual environment. In this chapter, we define our route to developing the CyberROAD research roadmap and contextualise it with an example of Enterprise 2.0.
Davide Ariu, Luca Didaci, Giorgio Fumera, Giorgio Giacinto, Fabio Roli, Enrico Frumento, Federica Freschi

Legal, Ethical and Privacy Considerations


Data Protection Law Compliance for Cybercrime and Cyberterrorism Research

Data protection is perhaps the most important area in which legal requirements determine whether and how research into cybercrime and cyberterrorism may take place. Data protection laws apply whenever personal data are processed for the purposes of research. There are legal risks of non-compliance with data protection regimes emanating from strict legal frameworks and from rules on data security and data transfer. Researchers are strongly recommended to explore the possibilities of anonymisation as well as all obligations relating to notification and consent, which affect the legitimacy of data processing. The presentation of findings, with implications for research carried out in the area of cybercrime and cyberterrorism, begins with exploring definitions of data protection and privacy. We introduce the most relevant aspects of data protection for cybercrime and cyberterrorism research before an overview of the applicable legal and regulatory frameworks is presented. The way in which data protection interacts with other fundamental rights, namely freedom of speech, academic freedom and security, is considered in order to highlight important issues which may affect researchers. Another key feature of data protection law is the difference between countries in the way it is applied; member states have a degree of autonomy in this respect which is summarised and an overview provided. General conclusions are drawn from all findings and implications of the research undertaken for this chapter and key recommendations for those involved in research are presented.
Arnold Roosendaal, Mari Kert, Alison Lyle, Ulrich Gasper

Non-discrimination and Protection of Fundamental Rights in Cybercrime and Cyberterrorism Research

This chapter presents and explores the legal issues surrounding the fundamental human rights of victims and in relation to non-discrimination, in the context of cybercrime (CC) and cyberterrorism (CT) research. In relation to non-discrimination, the focus is on social inclusion, minimising disparities and avoiding marginalisation of groups, particularly when presenting results of studies involving identified sections of society. The importance of victims’ rights in relation to CC/CT research is then explored and the most relevant aspects as a possible limiting factor in this area are outlined. The infinite value of awareness of these considerations as well as independence and neutrality of research is emphasised.
Francesca Bosco, Elise Vermeersch, Vittoria Luda, Giuseppe Vaciago, Ulrich Gasper, Alison Lyle

Risks Related to Illegal Content in Cybercrime and Cyberterrorism Research

What follows here is an examination of the risks and issues related to illegal content within, and related to, the context of cybercrime and cyberterrorism research. Before any useful analysis can take place, it is necessary to create an understanding of the subject matter; therein lies the first challenge. The problem of establishing what the term ‘illegal content’ encompasses is addressed throughout. By outlining the particular relevance of illegal content with regard to research, we set out the key considerations which will assist in understanding what is required to successfully carry out valuable research and to understand the possible limitations. Some of these are related to the fact that the nature of much illegal content means that victim considerations are of utmost importance. Just as there is no specific definition of illegal content, there is no specific legislation addressing this type of criminal activity, therefore a wide range is presented and considered, which further assists in illustrating different perspectives. Countries too, have different perspectives and an in-depth examination of two of them reveal both similarities and differences. The general conclusion draws together the findings and the issues that have been addressed and provides a holistic view of the main points before key recommendations are presented.
Alison Lyle, Benn Kemp, Albena Spasova, Ulrich Gasper

Technologies, Scenarios and Best Practices


Cybercrime Economic Costs: No Measure No Solution

Governments need reliable data on crime in order to both devise adequate policies, and allocate the correct revenues so that the measures are cost-effective, i.e., the money spent in prevention, detection, and handling of security incidents is balanced with a decrease in losses from offenses. The availability of multiple contrasting figures on cyber-attacks checks the accurate assessment of the cost-effectiveness of current and future policies for cyber space. What factors contribute to the costing equation is not clearly understood with wide variation in methodologies used. The most relevant literature in this field is reviewed and analysed against quantitative insights provided by the CyberROAD survey to stakeholders. Research gaps are highlighted to determine the issues that need addressing to provide a solid ground for future legislative and regulatory actions at national and international levels.
Jart Armin, Bryn Thompson, Piotr Kijewski

Towards the Development of a Research Agenda for Cybercrime and Cyberterrorism – Identifying the Technical Challenges and Missing Solutions

Cybercrime and cyberterrorism research faces a number of challenges, such as the rate of change in technology, field complexity and interdisciplinarity. This chapter aims at identifying the major technical challenges that require solutions to be developed for the successful prevention and fight against such contemporary problems. The following solutions have been elicited as a leading contribution towards the design of a cybersecurity research agenda. The identified and selected solutions include technologies and techniques for computer fraud prevention, investigation and detection methods and tools, and crime prevention methods that address human elements.
Borka Jerman-Blažič, Tomaž Klobučar

The Never-Ending Game of Cyberattack Attribution

Exploring the Threats, Defenses and Research Gaps
In this article we approach the problem of attributing a cyberattack to real world actors, and the social context of the problem. The basic premise is that while it is socially acceptable to assign attribution of cybercrime after the act, society expects law enforcement to attribute the possibility of cyberterrorist acts to perpetrators in advance, and to disrupt them in the making. This blends the cyberattack attribution problem with the much wider problem of fighting terrorism and organized cybercrime, far beyond the limits of “cyber” understood as the fifth domain of warfare. The main contribution of the paper is identifying research gaps and attributing complexities derived from key problems such as offline criminal activity, as well as practical difficulties in researching cybercrime and cyberterrorism. To get to those conclusions, we analysed the attribution problem from the point of view of the perpetrator, using the SWOT methodology, which gave us insight on tactics of cyberattacks that give the most protection against attribution and prosecution, which led us to identifying current research gaps.
Piotr Kijewski, Przemyslaw Jaroszewski, Janusz A. Urbanowicz, Jart Armin

Emerging Cyber Security: Bio-inspired Techniques and MITM Detection in IoT

The major goal of this chapter is to overview and present selected emerging technologies for cybersecurity. In the first part we show the practical realisations of the bio-inspired concepts for cybersecurity. We do not focus on discussing the bio-inspired techniques on a high and abstract level, but we focus on our own practical developments. We want to present concrete solutions with the magazine-like language understandable to all readers. Our goal is to prove that the bio-inspired techniques can be really implemented to protect networks and that the readiness level of such technology is constantly increasing. In this chapter, we present and focus on our own results and give references to our past and on-going cyber security projects where we successfully implemented different nature-inspired solutions.
Michał Choraś, Rafał Kozik, Iwona Maciejewska

Cyber Situational Awareness Testing

In the cyber security landscape, the human ability to comprehend and adapt to existing and emerging threats is crucial. Not only technical solutions, but also the operator’s ability to grasp the complexities of the threats affect the level of success or failure that is achieved in cyber defence. In this paper we discuss the general concept of situation awareness and associated measurement techniques. Further, we describe the cyber domain and how it differs from other domains, and show how predictive knowledge can help improve cyber defence. We discuss how selected existing models and measurement techniques for situation awareness can be adapted and applied in the cyber domain to measure actual levels of cyber situation awareness. We identify generic relevant criteria and other factors to consider, and propose a methodology to set up cyber situation awareness measurement experiments within the context of simulated cyber defence exercises. Such experiments can be used to test the viability of different cyber solutions. A number of concrete possible experiments are also suggested.
Joel Brynielsson, Ulrik Franke, Stefan Varga

Policy Development and Roadmaps for Cybercrime and Cyberterrorism Research


How the Evolution of Workforces Influences Cybercrime Strategies: The Example of Healthcare

Healthcare was an early adopter of ICT with the goal of improving physicians’ work. The digital revolution of healthcare started several years ago with the introduction of informatics into hospitals. Today healthcare is again at the forefront: as one of the most attacked and promising areas of exploitation for cybercriminals and cyberterrorists due to the abundance of valuable information and for its role in critical infrastructure. Patients’ world also changed radically and went through an ICT revolution; nowadays healthcare operators and patients’ worlds are highly digitalized, modifying how healthcare operators and patients offer and use services. This chapter, starting from an introduction to the new paradigms of the modern workforces, will introduce the concepts of Hospital 2.0, the patient ecosystem and will explore specific cybercrime and cyberterrorism threats.
Enrico Frumento, Federica Freschi

European Public-Private Partnerships on Cybersecurity - An Instrument to Support the Fight Against Cybercrime and Cyberterrorism

A European Public-Private Partnership (PPP) is an important instrument for boosting innovation and consolidating the European market and offering in a given sector. When it comes to cybersecurity, the establishment of a PPP is driven by the need to stimulate the competitiveness and innovation capacities of the digital security and privacy industry in Europe, and ensuring a sustained supply of innovative cybersecurity products and services in Europe. Given the growth and severity of cyber-attacks, such an initiative must take into account developments in cybercrime and cyberterrorism, including threats to particularly vulnerable and high impact areas such as critical industrial systems, the issue of trust and privacy, as well as the role of specific threat agents. It is therefore important that all relevant departments of the European institutions and agencies coordinate their efforts and bring in the perspective of Member States so that the full range of cybersecurity issues are considered from the public side, enabling the private sector to focus its efforts on developing a European cybersecurity industry through the adoption of an approach linked to the high and fast growth of technological competence and competitiveness. Only with strong governance and a dynamic approach can a PPP on cybersecurity develop a sustainable Digital Single Market ecosystem in Europe, making it a real and global cybersecurity leader.
Nina Olesen

Are We Doing All the Right Things to Counter Cybercrime?

In this paper we present the discussion about the future ideas, needs and trends for cyber security technologies. Our focus is on the future technologies which should be developed in order to further enhance the protection of the cyberspace. Similarly to our work in the FP7 CAMINO project, we follow the comprehensive approach looking at broad range of possible technologies and problems. We termed our approach as THOR since we considered the following dimensions: Technical, Human, Organisational and Regulatory. In this paper we also discuss the idea of the comprehensive approach, since we believe only holistic view on cyber security can improve protection from the cyber threats.
Michal Choraś, Rafal Kozik, Andrew Churchill, Artsiom Yautsiukhin

Consolidated Taxonomy and Research Roadmap for Cybercrime and Cyberterrorism

In this concluding chapter, we consolidate the broad spectrum of challenges discussed throughout this book towards the formulation of a number key priority topics to be addressed by future research related to cybercrime and cyberterrorism. During this process many of the specific areas that need to be addressed are defined across four interlinked dimensions; technological, regulatory, organisational and human. In the process of identifying the nature of the challenges posed, the scope of the research and initiatives needed in order to progress measures targeting them, as well as the required impacts needed in order to ensure the significance of those initiatives. Initial sections of the chapter recapture, from a definitional perspective, the definitions of cybercrime and its constituent elements towards establishing a harmonised taxonomy of terms that we can use to inform the future work being proposed.
Babak Akhgar, Michał Choraś, Ben Brewster, Francesca Bosco, Elise Vermeersch, Vittoria Luda, Damian Puchalski, Douglas Wells


Weitere Informationen

Premium Partner