Review of Fundamental to Know about the Future

What we consider fundamental elements can be easily overlooked or perceived as facts without the process of empirical testing. Especially in the field of cybercrime and cybersecurity, there are more speculations regarding the prevalence and the scope of harm carried out by wrongdoers than empirically tested studies. To fill the void, three articles included in the current issue addresses empirical findings of fundamental concerns and knowledge in the field of cybercrime and cybersecurity

Kerberoasting: Case Studies of an Attack on a Cryptographic Authentication Technology

Kerberoasting, an attack vector aimed at the Kerberos authentication protocol, can be used as part of an adversary’s attack arsenal. Kerberos is a type of network authentication protocol that allows a client and server to conduct a mutual verification before providing the requested resource to the client. A successful Kerberoasting attack allows an adversary to leverage the architectural limitations of Kerberos, providing access to user password hashes that can be subject to offline cracking. A cracked user password could give a bad actor the ability to maintain persistence, move laterally, or escalate privileges in a system. Persistence or movement within a system is indispensable to a bad actor. Adversaries may use Kerberoasting to achieve this persistence or movement as part of a more effective attack. These attacks can include ransomware, stealthy removal of data from a system, or building a back door for future access. It is, therefore, vital to understand how Kerberoasting works to detect attacks and mitigate future attempts. We examine cases in which Kerberoasting has played a role in an attack or was used as a tool in an adversary’s arsenal and review the outcomes. We then discuss known ways to detect and mitigate Kerberoasting attacks and analyze how this information can inform enterprise policy

Awareness and Perception of Cybercrimes and Cybercriminals

Awareness is a starting point to recognize, understand, or know a situation or fact, and the perception makes a difference in how to deal with it. Although the term cybercrime may not be new to the most public and the police, not all of them are well aware of the nature and extent of cybercrimes, cybercriminals, and cyber-victims, which in turn affects their perceptions of matters. The four papers in this issue of the International Journal of Cybersecurity Intelligence and Cybercrime empirically examine these important topics and discuss policy implications

Cyberbullying: Its Social and Psychological Harms Among Schoolers

Criminal justice around the world has prioritized the prevention and protection of bullying and its victims due to the rapid increases in peer violence. Nevertheless, relatively few studies have examined what treatments or assistance are effective for peer victims to reduce and recover from their social and psychological suffering, especially in cyberbullying cases. Using data derived from the National Crime Victimization Survey-School Crime Supplement data in 2011 and 2013 (N=823), the current study examined the impact of two emotional support groups (i.e., adult and peer groups) on cyberbullying victims\u27 social and psychological harm. The findings indicated that both adult and peer support reduced social and psychological harm inflicted by cyberbullying victimization. Based on these findings, the study recommends developing or modifying existing adult and peer support groups to minimize victims\u27 social and psychological distress