The Extent of Involvement in Cybercrime activities among Studentsa in Tertiary Institutions in Enugu State of Nigeria

The researcher investigated the extent of involvement in Cybercrime activities among students2019; in tertiary institutions in Enugu state of Nigeria using cross sectional survey design. Questionnaires were used for data collection. A sample of 175 students was drawn from a population of 18,340 final year students in higher institutions in Enugu State using cluster sampling procedure. The instrument contains 12 items with 4 point scale of Most-times, Sometimes, Seldom and Never. The findings showed that students of higher institutions in Enugu state are involved in cybercrime. It also showed that students2019; involvement in cybercrime is dependent on gender and Institution type. The implication of the finding for knowledge and development is that the present level of students2019; involvement in cybercrime has a negative effect on the value of education and by extension, has lead to the setback in economic development of the State. It was recommended that government should empower the law enforcement agencies to checkmate and deal with perpetrators of cybercrime

Evaluation of Efficiency of Cybersecurity

Uurimistöö eesmärgiks on uurida, kuidas tõhus küberjulgeolek on olnud edukas. Uurimistöö kasutab parima võimaliku tulemuse saamiseks mitmesuguseid uurimismeetodeid ja kirjanduse ülevaade on süstemaatiline. Kuid uurimistöö järeldus on see, et uuring ei suuda kinnitada või tagasi lükata peamist töö hüpoteesi. Uuring ei õnnestunud, sest puuduvad korralikud teooriad, mis näitavad ohutuse ja küberjulgeoleku nähtusi ning puuduvad head näitajad, mis annaksid küberohutuse tõhususe kohta kehtivaid ja ratsionaalseid tulemusi, kui hästi on küberkuritegevuse abil õnnestunud küberkuritegevuse tõhusaks võitmiseks ja küberkuritegude tõhusaks vähendamiseks. Seepärast on küberjulgeoleku teadusteooria ja julgeoleku teadusteooria vähearenenud 2018. aastal. Uuringud on teinud küberjulgeoleku ja turvalisuse arendamise põhilisi avastusi. Edasiste põhiuuringute suund on luua üldine turbeteooria, mis kirjeldab ohtlike muutujate ohtlike muutujate kavatsust, ressursse, pädevust ja edusamme ohtlike muutujate ja aksioomide puhul, kus ohtlike muutujate mõõtmisel saab teha selle sisse loodetavas ja teooria kirjeldab, millised on tõhusad meetmed, et vältida ja leevendada ning millised ei ole ja lõpuks kehtestada nõuetekohased mõõdikud, et mõõta turvalisuse ja küberjulgeoleku tõhusust loodetavus ja kehtivusega.The purpose of the thesis is to research how effectively cybersecurity has succeeded on its mission. The thesis used multiple research methods to get best possible answer and the literature review has been systematic. However, the conclusion of the research was that the study is unable to either confirm or reject the main working hypothesis. The study is unable to do it because of the lack of proper theories to describe what are the phenomena in secu-rity and cybersecurity and the lack of proper metrics to give valid and sound conclusion about the effective of cybersecurity and how well have cybersecurity succeed on its mis-sion to effectively prevent and mitigate cybercrime. Therefore, the science of security and science of cybersecurity are underdeveloped in 2018. The research has made basic discov-eries of development of cybersecurity and security. A direction of further basic research is to establish a general theory of security which describes threat variables, threat variables intention, resources, competence and progress of the threat variables and axioms where measurement of threat variables can be made with reliability and the theory would describe which are effective measures to prevent and mitigate and which are not and finally, estab-lish proper metrics to measure efficiency of security and cybersecurity with reliability and validity

A Survey of Serious Games for Cybersecurity Education and Training

Serious games can challenge users in competitive and entertaining ways. Educators have used serious games to increase student engagement in cybersecurity education. Serious games have been developed to teach students various cybersecurity topics such as safe online behavior, threats and attacks, malware, and more. They have been used in cybersecurity training and education at different levels. Serious games have targeted different audiences such as K-12 students, undergraduate and graduate students in academic institutions, and professionals in the cybersecurity workforce. In this paper, we provide a survey of serious games used in cybersecurity education and training. We categorize these games into four types based on the topics they cover and the purposes of the games: security awareness, network and web security, cryptography, and secure software development. We provide a catalog of games available online. This survey informs educators of available resources for cybersecurity education and training using interactive games. Keywords: Serious games; Game-based Learning; Cybersecurity

UK cybercrime, victims and reporting : a systematic review

Individuals and organisations based in the United Kingdom often fall foul of cyber criminals. Unfortunately, these kinds of crimes are under-reported [66][115][123]. This under-reporting hampers the ability of crime fighting units to gauge the full extent of the problem, as well as their ability to pursue and apprehend cyber criminals [13][77]. To comprehend cybercrime under-reporting, we need to explore the nature of United Kingdom’s (henceforth: UK) cybercrime and its impact on UK-based victims. We investigated the entire landscape by carrying out a systematic literature review, covering both academic and grey literature. In our review, we sought to answer three research questions: (1) What characterises cybercrime in the UK? (2) What is known about UK cybercrime victims? and (3) What influences and deters cybercrime reporting in the UK? Our investigation revealed three types of reportable cybercrime, depending on the targets: (a) individuals, (b) private organisations, and (c) public organisations. Victimhood varies with various identified dimensions, such as: vulnerability aspects, psychological perspectives, age-related differences, and researcher attempts to model the victims of cybercrime. We also explored UK victims’ reported experiences in dealing with the consequences of falling victim to a cybercrime. In terms of cybercrime reporting, we identify three kinds of reporting: (a) Human-To-Human, (b) Human-To-Machine, and (c) Machine-To-Machine. In examining factors deterring reporting, we incorporate discussions of policing, and the challenges UK police forces face in coping with this relatively novel crime. Unlike traditional crimes, perpetrators possess sophisticated technological skills and reside outside of UK’s police jurisdiction. We discovered a strong social dimension to reporting incidence with the UK government‘s cyber responsibilization agenda likely playing a major role in deterring reporting. This strategy involves governments providing a great deal of advice and then expecting citizens to take care of their own cybersecurity. If they do not act on the advice, they should know that they will have to accept the consequences. Improvements in cybercrime reporting, to date, have been technologically focused. This neglects the social dimensions of cybercrime victimhood and does not acknowledge the reporting-deterring side effects of the UK's cyber responsibilization agenda. We conclude with suggestions for improving cybercrime reporting in the UK

A criminological investigation into the lived experiences of cybercrime perpetrators in southwest Nigeria.

Doctoral Degree. University of KwaZulu-Natal, Durban.Internet fraud, also known as ‘yahoo-yahoo’, has become very popular in Nigeria, especially among the youth. Adopting a qualitative research design through a phenomenological lens, this study investigates the experiences of cybercrime perpetrators, otherwise known as ‘yahoo-boys’, in Nigeria. It seeks to understand the factors influencing and sustaining youth involvement in cyber criminality in Nigeria. Painstaking in-depth interviews were conducted with 29 yahoo-boys across three cities in Nigeria namely, Lagos, Ibadan and Ado-Ekiti. The study adopts the arguments of Robert Merton’s Strain Theory and Rational Choice Theory as a theoretical framework. Findings suggest that poverty, unemployment, corrupt political leadership and law enforcement, failure of vital social institutions to meet the needs of most of the population, as well as the proliferation of internet service providers have all merged to create a booming business of cybercrime in Nigeria. Narratives of yahoo-yahoo among the yahoo-boys vary from some admitting that it is a criminal act to others seeing it as an opportunity to escape the harsh socio-economic realities of Nigeria. Some also see it as an avenue for retribution and the redistribution of wealth. Some of these yahoo-boys believe that because most of their victims are based in rich western countries, they are taking revenge for the years of exploitation and oppression Africa has suffered through slavery and colonialism. Yahoo-yahoo is maintained and sustained through a highly sophisticated network of inter-continental groups of individuals and interests pooling resources together and sharing information and skills with the intent to defraud harmless individuals, business organisations and government parastatals across the globe. They pass on their skills and knowledge to recruits who, most times, consider themselves lucky to be joining the bandwagon through a structured system of apprenticeship and mentorship. The entire network of yahoo-yahoo is built on reliance and collaboration, and more recently has begun exploring elements of the supernatural- spiritualism, to boost the trade. It was brought to the fore that the efforts of the government to curb this illicit trade have been marred by corruption. Therefore, the study concludes that yahoo-yahoo is an endemic problem in Nigeria that requires a broad, systemic, and multi-level intervention. The proliferation of yahoo-yahoo in the country does not just bring to the fore the consequences of the harsh socio-economic reality Nigerians endure, but its normalisation as an inescapable reality for some young people among various groups of people show the decadence that has pervades in the country’s moral norms and ethical codes. To address the problem there is the need for an attitudinal change. Yahoo-yahoo must be labelled as a crime and not an avenue to escape poverty or get retribution. The government must address unemployment, invest in poverty reduction initiatives, and provide better remuneration across the board. There will be a further need to purge the Nigerian law enforcement agencies of corruption and constantly (re)train its officers on how to handle cybercrime. If initiatives such as sport development programmes and skills acquisition programmes are part of the education curriculum, young people will have the opportunity to develop capacity in other conforming areas of life that could yield a better remuneration in their adult life

Flipping 419 Cybercrime Scams: Targeting the Weak and the Vulnerable

Most of cyberscam-related studies focus on threats perpetrated against the Western society, with a particular attention to the USA and Europe. Regrettably, no research has been done on scams targeting African countries, especially Nigeria, where the notorious and (in)famous 419 advanced-fee scam, targeted towards other countries, originated. How- ever, as we know, cybercrime is a global problem affecting all parties. In this study, we investigate a form of advance fee fraud scam unique to Nigeria and targeted at Nigerians, but unknown to the Western world. For the study, we rely substantially on almost two years worth of data harvested from an on-line discussion forum used by criminals. We complement this dataset with recent data from three other active forums to consolidate and generalize the research. We apply machine learning to the data to understand the criminals' modus operandi. We show that the criminals exploit the socio-political and economic problems prevalent in the country to craft various fraud schemes to defraud vulnerable groups such as secondary school students and unemployed graduates. The result of our research can help potential victims and policy makers to develop measures to counter the activities of these criminal groups

Avaliação do conhecimento e perceção sobre cibercrime por jovens estudantes universitários

Projeto de Graduação apresentado à Universidade Fernando Pessoa como parte dos requisitos para obtenção do grau de Licenciado em CriminologiaO cibercrime é um problema cada vez mais enraizado na sociedade e em constante desenvolvimento. A galopante evolução tecnológica a partir do final do século XX fez florescer um novo leque de crimes informáticos que apresentam como alvo o estado, a população e especialmente o grupo que melhor acompanha o desenvolvimento das novas tecnologias de informação e comunicação, os jovens. Desta forma, o principal objetivo deste estudo consiste na avaliação do conhecimento e perceção sobre o cibercrime, pelos jovens estudantes universitários. Para tal, recorreu-se a uma revisão sistemática da literatura existente sobre o conhecimento, as perceções e os comportamentos levados a cabo pelos estudantes relativamente a crimes informáticos que permitiu a elaboração de uma proposta de inquérito por questionário a ser aplicado neste contexto, a sua posterior discussão e a exposição dos resultados esperados.Cybercrime is a problem that is increasingly rooted in society and is constantly developing. The galloping technological evolution from the end of the 20th century has given rise to a new range of computer crimes that targets the state, a population and especially the group that best accompanies the development of new information and communication technologies, young people. Thus, the main objective of this study is to assess the knowledge and perception of cybercrime by university students. To this end, use a systematic review of context knowledge, such as existing perceptions of context knowledge and behaviors carried out by students who consult an interpretation of a proposed inquiry through a survey to be applied to these crimes, their consultation to an interpretation of a proposed inquiry further discussion and presentation of the expected results.N/

Fear of missing out predicts employee information security awareness above personality traits, age, and gender

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The role of human factors in employee information security awareness (ISA) has garnered increased attention, with many researchers highlighting a potential link between problematic technology use and poorer online safety and security. This study aimed to present additional evidence for this by exploring the relationship between of Fear of Missing Out (FoMO) and ISA in employees. A total of 718 participants completed an online questionnaire that included a measure of FoMO, ISA, as well as the Big Five personality inventory. Participants who reported higher levels of FoMO had lower overall ISA, as well as having poorer knowledge, a more negative attitude, and engaged in riskier behaviors in relation to ISA. FoMO was also demonstrated to be the largest single negative predictor for ISA, above that of age, gender, and the key personality traits tested. The potential reasons for the influence of FoMO over ISA are discussed, as well as the implications for organizational information security

Critical Perspectives on Cybersecurity: A Case Study of Legal and Regulatory Responses to Identity-related Cybercrimes in Electronic Payment Systems in Nigeria

The thesis critically examines the challenges of implementing cybersecurity in Nigeria. It focuses in particular on identity-related cybercrimes in e-payment systems. The thesis follows two broad lines of investigation. First, it examines how the convergence of telecommunications and banking services create a multi-stakeholders’ e-payment service provider system and the implications of this convergence for security and regulation of e-payment systems. Second, the thesis examines the societal, institutional and political considerations that affect the legal and regulatory responses to identity-related cybercrimes or that explain the lack of such responses. The research reveals that social perceptions of cybercrimes and political interference in law making process, as well as lack of proper identity management systems are crucial factors which affect the development and effectiveness of cybersecurity laws in Nigeria. The research also reveals that policy proposals for cybersecurity have focused extensively on criminal legislation and that this approach has marginalised the roles of data protection and identity management laws in preventing identity-related cybercrimes. The thesis argues that current self-regulatory initiatives in the Nigerian e-payment industry are inadequate due to the multi-stakeholders’ nature of electronic transactions. Using Lessig’s theory of modalities of regulation as a theoretical framework, the thesis highlights the primacy of laws in defining privacy and security standards as well as technical standards for the protection of users of e-payment services. The thesis however concludes that although laws are crucial, and cybercrimes are global, the development of cybersecurity laws must be moderated by an understanding of the legal and regulatory challenges as well as the socio-cultural and political factors in Nigeria. The thesis makes specific recommendations for developing laws and policies on cybersecurity in Nigeria