Measuring eWhoring

eWhoring is the term used by offenders to refer to a type of online fraud in which cybersexual encounters are simulated for financial gain. Perpetrators use social engineering techniques to impersonate young women in online communities, e.g., chat or social networking sites. They engage potential customers in conversation with the aim of selling misleading sexual material – mostly photographs and interactive video shows – illicitly compiled from third-party sites. eWhoring is a popular topic in underground communities, with forums acting as a gateway into offending. Users not only share knowledge and tutorials, but also trade in goods and services, such as packs of images and videos. In this paper, we present a processing pipeline to quantitatively analyse various aspects of eWhoring. Our pipeline integrates multiple tools to crawl, annotate, and classify material in a semi-automatic way. It builds in precautions to safeguard against significant ethical issues, such as avoiding the researchers’ exposure to pornographic material, and legal concerns, which were justified as some of the images were classified as child exploitation material. We use it to perform a longitudinal measurement of eWhoring activities in 10 specialised underground forums from 2008 to 2019. Our study focuses on three of the main eWhoring components: (i) the acquisition and provenance of images; (ii) the financial profits and monetisation techniques; and (iii) a social network analysis of the offenders, including their relationships, interests, and pathways before and after engaging in this fraudulent activity. We provide recommendations, including potential intervention approaches.This work was supported by the Engineering and Physical Sciences Research Council (EPSRC) [grant number EP/M020320/1], by MINECO (grant TIN2016-79095-C2-2-R), and by the Comunidad de Madrid (P2018/TCS-4566, co-financed by European Structural Funds ESF and FEDER)

Comparative Analysis of Illicit Supply Network Structure and Operations: Cocaine, Wildlife, and Sand

Illicit supply networks (ISNs) are composed of coordinated human actors that source, transit, and distribute illicitly traded goods to consumers, while also creating widespread social and environmental harms. Despite growing documentation of ISNs and their impacts, efforts to understand and disrupt ISNs remain insufficient due to the persistent lack of knowledge con-necting a given ISN’s modus operandi and its patterns of activity in space and time. The core challenge is that the data and knowledge needed to integrate it remain fragmented and/or compartmentalized across disciplines, research groups, and agencies tasked with understanding or monitoring one or a few specific ISNs. One path forward is to conduct comparative analyses of multiple diverse ISNs. We present and apply a conceptual framework for linking ISN modus operandi to spatial-temporal dynamics and patterns of activity. We demonstrate this through a comparative analysis of three ISNs – cocaine, illegally traded wildlife, and illegally mined sand – which range from well-established to emergent, global to domestic in geographic scope, and fully illicit to de facto legal. The proposed framework revealed consistent traits related to geographic price structure, value capture at different supply chain stages, and key differ-ences among ISN structure and operation related to commodity characteristics and their relative illicitness. Despite the diversity of commodities and ISN attributes compared, social and environmental harms inflicted by the illicit activity consistently become more widespread with increasing law enforcement disruption. Drawing on these lessons from diverse ISNs, which varied in their histories and current sophistication, possible changes in the structure and function of nascent and/or low salience ISNs may be anticipated if future conditions or law enforcement pressure change

Cybercrimes at gambling sites dot com

vi, 191 leaves : ill. ; 29 cm.Includes abstract.Includes bibliographical references (leaves 172-191).Online gambling sites have proliferated exponentially since the mid-1990s generating billions of dollars in revenue annually. However, this successful global industry is frequently the target or the perpetrator of cybercrime, which pose serious problems for gambling operations and players worldwide. This thesis explores cybercrimes at gambling websites, focusing on the organizational dynamics of crime, criminality, and criminal communication. I draw on theories of criminal organization and cyberspace to develop an integrated theory that accounts for how criminals organize, operate, and network in digital environments around the six dimensions of space, time, movement, scope, structure, and preservation. I employ a document analysis methodology for this thesis, by examining gambling commission reports, journal articles, newspaper and magazine articles, security archives, technical white papers, and "how-to-do-it" hacker manuals. Documents published between 1996 and 2008 are collected from the internet, university libraries, and journal databases, and this data is coded around seven intersecting areas: internet gambling and cybercrime; organized crime, cyberextortion, and money laundering; hacking and cracking; cheating and collusion; fraud, non-payment of winnings, and software tampering; underage gambling; social control measures against cybercrime. I find that cybercrimes occurring at gambling sites involve a variety of criminals and an assortment of digitized techniques, both of which range in their organizational sophistication. I argue that while my integrated theoretical framework adequately captures crimes and criminality occurring exclusively in cyberspace, it requires modification along the concepts of space, time, and structure to address the organizational traits of crimes and criminals in 'hybrid' space. I then evaluate my revised integrated theory along the criteria of scope, coherence, causality, and predictive power to demonstrate theoretical growth. Finally, I offer a theoretical proposition that can be used as a point of departure for future cybercrime studies in the criminological discipline

Trusted CI Webinar: CARE: Cybersecurity in Application, Research and Education

In an era where big data, machine learning algorithms, and simulations are used to understand cyberattacks and cybersecurity, is there room for qualitative or 'thick' data? This talk shares a social scientist’s perspective on the relevance of thick data in understanding the ‘how’ and ‘why’ of adversarial behavior, movement, decision-making, adaptation to disruptions, and group dynamics. More specifically, it highlights potential for symbiotic relationships between social science methodologies, such as observations and focus groups, and technical methodologies, such as time series analysis, social network analysis, and machine learning and prediction. The talk will then share how social science students must be trained via discipline-specific education to effectively engage in the cybersecurity discourse. It details specific educational efforts via social engineering course projects and capture-the-flag competitions that not only cater to social science students, but also technical students, and how these efforts help break silos to foster multidisciplinary dialog. Speaker Bio: Dr. Aunshul Rege is an Associate Professor with the Department of Criminal Justice. She is the Director of the CARE (Cybersecurity in Application, Research, and Education) Lab, which focuses on the human and social aspects of cyberattacks and cybersecurity. Dr. Rege is the recipient of numerous National Science Foundation grants, including the prestigious NSF CAREER award. Her research examines adversarial decision-making, adaptation and movement, and she has worked with Computer Scientists and Engineers in academia, industry and government. Dr. Rege and her team at the CARE Lab have generated a critical infrastructure ransomware incident dataset, which maps to the MITRE ATT&CK framework and is highly requested by organizations, governments, academics, and students from all over the world. Dr. Rege is also passionate about cybersecurity education and has designed several experiential social engineering learning projects, which have been mapped to the NICE cybersecurity workforce framework and downloaded worldwide by educators and businesses. A month ago, she hosted a purely social engineering capture the flag competition at Temple University, which featured professional social engineers as judges and six undergraduate student teams. This competition is the first cybersecurity capture-the-flag competition to emphasize the human factor that is grounded in the social sciences. Dr. Rege has received a new NSF education grant, which will allow her to pursue this endeavor starting 2021. Not only has Dr. Rege's work been published in well-regarded journals and peer-reviewed conference proceedings, but her efforts have also been recognized in highly regarded cybersecurity outlets like Security Week, Bleeping Computer, and Dark Reading. She hopes to continue to make the social sciences more mainstream and embedded in the cybersecurity discourse.NSF Grant # 1920430NSF Grant # 2032292NSF Grant # 1742747NSF Grant # 1453040Ope

Cybercrimes against the electricity infrastructure: exploring hacker and industry perceptions

The US electricity infrastructure uses Industrial Control Systems (ICS) to oversee its operations. These systems are connected online for better efficiency, making them susceptible to cyberattacks. Current research has extensively addressed ICS vulnerabilities that can be exploited by cybercriminals. Vulnerabilities, however, are only one of the many factors influencing offender decision-making in cyberattacks. Furthermore, numerous conceptions of threats, vulnerabilities, and consequences exist, which further complicate ICS security assessments. This exploratory study therefore has two main goals. First, it seeks to compare industry and hacker perceptions on electricity ICS threats, vulnerabilities, and consequences. Second, it seeks to identify a broader set of factors that influence offender decision-making in ICS cyberattacks. Routine activity and rational choice theories guided this study. Nine preliminary offender decision-making factors were organized to create the PARE RISKS framework: Prevention Measures; Attacks and Alliances; Result; Ease of Access; Response and Recovery; Interconnectedness and Interdependencies; Security Testing, Assessments, and Audits; Knowledge, Skills, Research and Development; and System Weaknesses. A total of 323 participants from both industry and (ethical) hacking communities completed PARE RISKS surveys, which were analyzed using non-parametric statistical tests and exploratory factor analysis. Seven interviews were conducted and subjected to a thematic analysis to supplement survey findings. The hypotheses that guided this research were all confirmed. It was found that hackers and industry experts differed in their perceptions of threats, consequences, system vulnerabilities and prevention measures. Hackers were more likely than industry respondents to believe that cybercriminals accessed hacking forums, exploited internet and email access, and exploited poor password practices. Industry respondents were more likely than hackers to believe that the desired outcomes of cyberattacks included information corruption, inaccurate information processing, and denial/disruption of service. The PARE RISKS framework was also found to be useful in identifying factors in the pre-attack and attack-in-progress environments that influenced offender decision-making. Hackers and industry respondents believed that cybercriminals engaged in extensive research to select targets; used an assortment of techniques; operated in anonymous, compartmentalized groups; required adequate skills, money, and time; and employed cost-benefit analysis and strategic attack plans both before and during attacks.Ph. D.Includes bibliographical referencesIncludes vitaby Aunshul Reg

Organization, operations, and success of environmental organized crime in Italy and India: a comparative analysis

Despite the devastating short- and long-term consequences of resource-related environmental crimes, rampant illegal soil and sand mining continues worldwide. In countries such as India and Italy, organized crime groups have emerged as prominent illegal suppliers of soil and sand. The proposed study focuses on an understudied research area at the intersection between organized crime and environmental crimes, and offers a trans-comparative study of illegal soil and sand mining conducted by Indian and Italian organized crime groups with two main objectives. First, a comparative analysis of the organizational mechanisms, operational practices, threat management, and supporting cultural, regulatory, and policing factors is conducted. Second, a discussion of how these groups reflect mainstream models and theories of organized crime is offered

2019 Cybersecurity Research Transition to Practice Workshop Slides

The Cybersecurity Research Transition to Practice Workshop, held on June 19th, 2019 at the Aon Center, Chicago, IllinoisNSF #1547272Ope

2019 Cybersecurity Research Transition to Practice Workshop Slides

The Cybersecurity Research Transition to Practice Workshop, held on June 19th, 2019 at the Aon Center, Chicago, IllinoisNSF #1547272Ope