An Economic Map of Cybercrime
The rise of cybercrime in the last decade is an economic case of individuals responding to monetary and psychological incentives. Two main drivers for cybercrime can be identi fied: the potential gains from cyberattacks are increasing with the growth of importance of the Internet, and malefactors' expected costs (e.g., the penalties and the likelihood of being apprehended and prosecuted) are frequently lower compared with traditional crimes. In short, computer-mediated crimes are more convenient, and pro table, and less expensive and risky than crimes not mediated by the Internet. The increase in cybercriminal activities, coupled with ineff ective legislation and ineffective law enforcement pose critical challenges for maintaining the trust and security of our computer infrastructures. Modern computer attacks encompass a broad spectrum of economic activity, where various malfeasants specialize in developing speci c goods (exploits, botnets, mailers) and services (distributing malware, monetizing stolen credentials, providing web hosting, etc.). A typical Internet fraud involves the actions of many of these individuals, such as malware writers, botnet herders, spammers, data brokers, and money launderers. Assessing the relationships among various malfeasants is an essential piece of information for discussing economic, technical, and legal proposals to address cybercrime. This paper presents a framework for understanding the interactions between these individuals and how they operate. We follow three steps. First, we present the general architecture of common computer attacks, and discuss the flow of goods and services that supports the underground economy. We discuss the general flow of resources between criminal groups and victims, and the interactions between diff erent specialized cybercriminals. Second, we describe the need to estimate the social costs of cybercrime and the profi ts of cybercriminals in order to identify optimal levels of protection. One of the main problems in quantifying the precise impact of cybercrime is that computer attacks are not always detected, or reported. Therefore we propose the need to develop a more systematic and transparent way of reporting computer breaches and their eff ects. Finally, we propose some possible countermeasures against criminal activities. In particular, we analyze the role private and public protection, and the incentives of multiple stake holders
Year of publication: |
2014
|
---|---|
Authors: | Cárdenas, Alvaro ; Radosavac, Svetlana ; Grossklags, Jens ; Chuang, John ; Hoofnagle, Chris Jay |
Publisher: |
[S.l.] : SSRN |
Saved in:
freely available
Extent: | 1 Online-Ressource (21 p) |
---|---|
Type of publication: | Book / Working Paper |
Language: | English |
Notes: | In: TPRC 2009 Nach Informationen von SSRN wurde die ursprüngliche Fassung des Dokuments August 15, 2009 erstellt |
Source: | ECONIS - Online Catalogue of the ZBW |
Persistent link: https://www.econbiz.de/10014173477
Saved in favorites
Similar items by person
-
The FTC and Consumer Privacy in the Coming Decade
Turow, Joseph, (2006)
-
Americans, Marketers, and the Internet : 1999-2012
Turow, Joseph, (2016)
-
Identifying municipal risk factors for leftist guerrilla Violence in Colombia
Holmes, Jennifer S., (2018)
- More ...