Full Text

Introduction

Activity conducted through the internet and other networked digital systems represents an increasingly important front for national and international security and crime-fighting. One of the most problematic issues in cyber security is the lack of cooperation and coordination amongst organisations to monitor, detect and react to attacks. Although various software tools (anti-virus, malware and intrusion detection systems) and standards (e.g. ISO 27000 series on security risk assessment) exist, the most recent information security breaches survey ([30] PwC, 2013) identified that 93 percent of large business and 87 percent of SME respondents had a security incident in the last year, with the average cost of the worst incident ranging from £450k to £850k for large businesses and £35k-£65k for SMEs. Vendor statistics show an increase on 2011 in new unique malicious web domains, targeted attacks, mobile vulnerabilities, Bot zombies, and virus and phishing attempts (via email) ([34] Symantec, 2013). Academic research shows high public concern about identity theft and public-facing consumer cybercrime in a variety of countries, most notably the UK ([26] Levi and Williams, 2012; [40] Williams and Levi, 2012). Given time lags in crime reporting and cross-border victim-offender distanciation, full enforcement of crimes reactively reported is impossible, even if it were desirable to spend taxpayer resources in that way. The likely impacts of intelligence led policing strategies depend on the organisation of criminal markets and on their susceptibility to different interventions: but unless the markets are highly concentrated and accessible to police with a competence and motivation to act against them, then such criminal justice approaches will also have limited effects. In common with many areas of financial sector policing, data about cybercrimes sometimes comes from the public, but the majority of the data is held in private commercial hands, and often, it is the private sector that has a primary role and interest in defending their businesses from cyber-assisted crimes. More recently cooperation has arisen as the preferred form of defence, facilitating the sharing of cybercrime information between private and criminal justice actors ([3] Cabinet Office, 2011). However, there currently exists little evidence on the organisation of these various actors in the "cybercrime reduction network space". On the basis of a study carried out in 2011 and 2012, this paper primarily reports...