Edward Snowden’s testimony about the PRISM program has clarified the intense and widespread practice of surveillance on the Internet and social media by governments. The leaked documents provided by Snowden indicated how the PRISM program had access to users’ data from various ICT companies, such as Facebook, Google, Microsoft, and Apple. According to the whistleblower, the NSA further “impersonated Facebook in an attempt to trick users into downloading malicious code in its attempt to install malware on millions of computers which gives NSA control over users’ computers” (“NSA posed as Facebook,” 2014). The recent attack of the ransomware dubbed Wanna cry had victimisation rates of more than 200.000 computers in more than 150 computers and 10.000 organizations, it affected several hospitals, governmental agencies and private companies (Liptak, 2017). It took Equifax five months to report a hack into their servers that compromised 143.000.000 social security numbers that allowed hackers to pretend to be any of the victims in any given circumstance, such as the request of a new visa card (Lynley, 2017).
These are just some examples to show that citizens, businesses and governments are often targeted and impacted by what has been labelled as cybercrime. The booming of Internet technology (IT) creates many opportunities and permeates almost all aspects of our daily life (World Economic Forum, 2015). Today we live in a networked society with cloud computing, online transactions and other new interactions made possible by internet technology (Bendovschi, 2015). Unfortunately, IT also facilitates existing and new threats such as cybercrime (Tsakalidis & Vergidis, 2017). Cybercrime is an umbrella term for different online threats such as malware, scams, hacking and surveillance It can come as no surprise that cybercrime is growing globally (Interpol, 2017) given that estimated internet penetration of 2016 is up to more than 40% globally, for Belgium that is 88,5% (Internet live stats, 2017). This internet-penetration implies that more and more people are exposed to all the risks and threats that are inherent to the online world, cybercrime is one of them (Verdegem, Teerlinck & Vermote, 2015).
This study is part of a systematical investigation in Belgium about the costs and impact of cybercrime. The overall goal of this project is to assess the harms and costs of cybercrime on the government, industry and citizens. The latter insights substantiate and guarantee an evidence-based and effective cybersecurity policy, which, in turn, helps to defend all the involved parties.
Different research departments from the KU Leuven and the Ugent are involved in this project: the KU Leuven Centre for IT and IP Law (CiTiP) and the KU Leuven Institute of Criminology (LINC) as coordinator of the project, the KU Leuven imec-Distrinet Research Group, the KU Leuven imec-COSIC Research Group and the UGent imec-MICT.
The current study focusses on Belgian citizens and their online practices in order to describe the cost and impact of cybercrime. Specifically, we aim to demystify the process to protection and identify core target groups for risk communication by means of quantitative research. Our research consists of two separate but consecutive survey waves (as described in Work Package 3). The first wave of WP3 has been undertaken by imec-MICT as is the second and last wave. The first wave consisted of a large-scale quantitative survey (n=1033) which was conducted in the first quarter of 2015. The current wave consists of a follow-up survey in the last quarter of 2017 (n=1258). These two waves give us the possibility to compare results of the 2015 survey with the 2017 survey and thus compare the online practices of the average Belgian citizen over time.
The research leading to these results has received funding from the BRAIN-be research program of the Belgian Science Policy Office (BELSPO) under grant agreement number BR/132/A4/BCC. In addition, we would like to thank the different partners in the BCC-project for their input and support. Lastly, we want to thank the respondents who filled in our surveys
