Full Text

Introduction

The almost ubiquitous use of information technology, and modern society’s increasing dependence upon it, has ushered in new opportunities for criminal activity. Potential victims now have to protect themselves against perpetrators that they cannot see, and against a variety of crime types that can have a significant impact upon both the IT systems and those that use them. The resulting cyber crime has the potential to affect everyone, from large multinational organisations down to individuals. While this also applies to crime in general, a significant difference with cyber crime is that, with large-scale attacks like malware and phishing, the same incident can affect multiple parties at the same time. The internet has enabled global reach between attackers and victims, as well as the potential for the attacks themselves to have instantaneous effects, irrespective of distance.

The cyber crime problem is not a new one, and related incidents have been occurring in various forms for well over three decades. Cyber security industry reporting suggests that the problem has not been static – the scale and breadth of some particular forms of cyber attack reported by industry appears to have been increasing, as the use of technology has become more widespread and its criminal potential has become more widely recognised. In parallel, the recognition by governments, business and legal systems has also increased, as has public awareness of at least some of the issues. However, our ability to accurately measure scale and changes in trends for cyber crime (not just attacks), as well as to accurately assess the impacts and harms deriving from successful attacks, has generally been limited.

The aim of the paper is to present a picture of the cyber crime landscape, including the nature of the problem and its prominence within the broader context of reported crime as a whole. Consideration is also given to the tension that exists between usable and accurate classification of cyber crime incidents, recognising the importance of categorisation in terms of what is then measured, which, in turn, influences how fully we can understand the landscape in practice. In order to frame the discussion alongside clear data, the paper draws upon crime survey findings and reporting structures from relevant UK sources. While these will differ from approaches in...