116 CyberCrime Topics & Essay Samples

If you are writing a cybercrime essay, our team prepared this article just for you. Here, you will find 115 unique topics for any type of paper.

140 Interesting Cybercrime Research Topics To Focus On

Table of Contents

Do you have to submit a cybercrime research paper? Are you looking for the best cybercrime research topics for your law assignments? Well, to help you out, here, we have compiled a list of interesting essays and research topic ideas on cybercrimes. Continue reading this blog post and gain unique ideas for writing a cybercrime research paper or an essay.

What is a Cybercrime?

Cybercrime is a criminal activity that is committed using a computer, a network, or a networked device. In recent times, the internet plays a vital role in the daily life of an individual. Particularly, a lot of financial transactions and data sharing are happening over the internet. So, considering that many cybercrimes are being carried out by cybercriminals for generating a profit. Basically, cybercrimes are of three categories.

  • Crimes in which the computer is used as a weapon. E.g., launching a denial-of-service (DoS) attack, or malware attack.
  • Crimes in which a computer or networked device is a target. E.g., gaining network access.
  • Crimes in which a computer is used as an accessory to a crime. E.g., data theft, cyberstalking.

Under the above-mentioned categories, different types of cybercrimes are being carried out by cybercriminals. Cybercrimes include both monetary and non-monetary offenses. Mostly, cybercrimes result in damage to an individual, a device, or a government.

List of Cybercrimes

In the entire world, plenty of cybercrimes are happening. The masterminds behind all those dangerous crimes are the hackers with strong hacking and technical knowledge. Mainly, cybercrimes are carried out at locations where there is digital data.

Cybercrime Research Topics

Here is a list of some widely carried out cybercrimes across the world.

  • Cyber Bullying
  • Cyber Grooming
  • Child Pornography
  • Cyber Stalking
  • Online Job Fraud
  • Online Sextortion
  • SIM Swap Scam
  • Credit Card/Debit Card Fraud
  • Impersonation/Identity Theft
  • Viruses, Trojans, and Worms
  • Online Drug Trafficking
  • Data Breach
  • Cryptojacking
  • Cyber-Squatting
  • Website Defacement

In order to prevent cybercrimes and reduce the risk of cyberattacks, cyber security is practiced. Also, to handle all the cybercrimes, each country has a separate cybercrime department and they follow strict cyber laws.

Cybercrime Research Topics and Ideas

Nowadays, a lot of questions are being raised about cybercrimes. To get answers for them all, conducting research is the only option. In case, you are asked to craft a cybercrime research paper on the topic of your preference, consider any topic related to common cybercrime cases such as personal data theft, financial theft, cyber-extortion, drug trafficking, and terrorism.

Cybercrime Research Topics

Are you a law student who has a keen interest to analyze and study cybercrimes? If yes, then the list of the best cybercrime research topics recommended below will be helpful to you. Without any hesitation, explore the full list and select any topic that is comfortable for you to analyze and write about.

Best Cybercrime Research Topics

  • What is the role of America in protecting corporations from cybercrime?
  • Have a close look at cybercrime, cyber forensics, and digital evidence.
  • Is cybercrime the top IT threat?
  • Write about the necessity of cyber security in preventing cybercrimes.
  • Discuss the international laws and regulations related to cybercrime.
  • Explain the effects of the UAE Cybercrime policy.
  • What are the toolkits used in cybercrimes?
  • Discuss the cybercrimes in Singapore.
  • Write about UAE cybercrime laws.
  • Explain the impact of cybercrime on the global criminal justice system.
  • Have a detailed look at international cyberwar.
  • Talk about Cybercrimes in the US.
  • Discuss identity theft and cybercrime in contemporary society.
  • Explain the significance of digital education and creating awareness of cybercrime.
  • What are the effects of cybercrime on the world’s major countries?
  • Explain UAE cybercrime laws.
  • What is the need for cyber security in preventing cybercrimes?
  • Discuss the role of America in protecting corporations from cybercrime.
  • Importance of raising cybercrime awareness and digital education
  • Analyze some recent cases of cybercrime in the banking industry and its consequences
  • Discuss the impact of IP (intellectual property) rights, cyber piracy, and cybercrime on domestic and international business with the latest examples
  • Critically analyze the degree and frequency of cybercrime in the United States
  • Analyse the Cybercrime Legislation Amendment Act 2012(Cth) (CLAA)
  • Compare and contrast the cybercrime prevention laws in India and the United Kingdom
  • Analyze the Cybersecurity Laws and Regulations Report 2023 USA
  • What are the key measures to undertake by a company to protect the cloud computing environment from cybersecurity issues?
  • Identify and analyze the components of broadband industry structure and cybercrime
  • Discuss the relationship between cybercrime, the economy, privacy, hacking, and terrorism

Cybercrime Research Topics

Good Cybercrime Essay Topics

  • What are all the effects of cybercrime on the world’s major countries?
  • Discuss the cybercrimes in the healthcare industry.
  • Explain the developments in hacking.
  • Discuss the trends of the future of good cybercrime.
  • Write about Cybercrimes in Australia.
  • What are the impacts of cybercrime on the banking industry?
  • Is identity theft a cybercrime?
  • Should capital punishment be given for cybercrime?
  • Discuss the solutions for cybercrimes in Information Technology.
  • Talk about cybercrime and social media.
  • Explain the cybercrime challenges in public universities.
  • Have a closer look at business fraud and cybercrime.
  • Write about cybercrimes in India.
  • Discuss terrorist cyberattacks with an example.
  • Explain the impact of cybercrime on a government.
  • Discuss the five biggest cyber security trends in 2022
  • Remote working risks of cybersecurity
  • Importance of Password-only Authentication in restricting cybercrime
  • The Rise of Ransomware: Discuss

Unique Cybercrime Research Topics

  • How to explain cybercrime using criminological theories ?
  • How does crypto jacking work?
  • Track the evolution of online scams.
  • Analyze the implications of the Cyberpunk 2077 leak.
  • How do cybercrimes afflict retail shops?
  • What are man-in-the-middle attacks?
  • What are the various phases of a DDoS attack?
  • How to mitigate a denial-of-service attack?
  • Analyze the success rate of email scams.
  • Describe the working of WannaCry malware.
  • Describe what happens during a Brute Force attack.
  • How does ransomware work?
  • How to protect children from cyberbullying?
  • Have a closer look at big data and increased cybercrimes.
  • Compare various types of fraud methods.
  • What are identity theft and cybercrime in contemporary society
  • Discuss the statistics on cybercrime as well as Fraud

Outstanding Cybercrime Essay Questions

  • How to fight cybercrimes?
  • Discuss the predictive models in cybercrime investigation.
  • What are the major reasons for cybercrimes?
  • What is hacking?
  • How to avoid hacking?
  • Whose responsibility is cybercrime?
  • Discuss the cost of cybercrime and digital spying.
  • How does cybercrime affect domestic and foreign business?
  • How to investigate cybercrime?
  • Discuss the link between fraud and invisible attackers.

Top-rated Cybercrime Research Topics

  • Explain the difference between pharming and phishing.
  • Explain the term “cyberwarfare.”
  • Can hacking be ethical?
  • How can online consumers protect themselves from fraud?
  • Is jailbreaking a crime?
  • How can parents monitor their children’s behavior on the web?
  • How to prevent cyberbullying in the online learning environment?
  • Would cyber communism decrease bullying?
  • Discuss the connection between political protests and hacking.
  • Talk about the mental health effects of internet bullying.
  • Who is responsible for online misbehavior?
  • Who are white hat and black hat hackers?
  • Explain the effects and solutions of catfishing.
  • Should schools teach online etiquette?
  • Does internet anonymity bring out the worst in people?
  • How to stay safe online?
  • How does a firewall help to protect the network?
  • Explain how cyberbullying differs from in-person harassment.
  • How to cope with online harassment?
  • Write about phishing and scam on the internet.

Also read: Best Cybersecurity Research Topics for Students to Consider

Excellent Research Topics on Cybercrime

  • Write about the importance of cybercrime management.
  • Explain the history of cybercrime.
  • Discuss the effects of cybercrime on the Internet economy.
  • Talk about the cyberattack on Sony Pictures in 2014.
  • Explain how technology has influenced the evolution of cybercrime.
  • Discuss the social effects of cyberbullying on children.
  • What are the signs of phishing attempts?
  • What emergency action should an individual take after being hacked?
  • Research and explain the significant cyber threats to US national security.
  • Different types of cybercriminals.
  • How do private sectors battle cybercrimes?
  • Discuss the impacts of mobile devices on cyber security.
  • Take a closer look at cyberfeminism and social media.
  • Compare the functions of various antivirus programs.
  • Discuss the pros and cons of various InfoSec certificates.

Amazing Cybercrime Research Paper Topics

  • Evaluate the issues related to botnets.
  • What are the phases of a Trojan horse attack?
  • Discuss the effective policy of cyberspace.
  • Talk about cyber terrorism in the aviation sector.
  • Explain the types of scams associated with cybercrime.
  • Discuss the potential effects the cyber currencies have on South African Businesses.
  • How the automotive software of smart cars can be protected from cyberattacks?
  • Discuss the effects of cyberbullying on teen suicides.
  • Have a closer look at the cyber policy and strategy of the United Kingdom.
  • What are the dangers of public Wi-Fi networks?

High-quality Cybercrime Research Ideas

  • Describe the technology of unlocking a phone through facial recognition and the fingerprint of the owner of the phone
  • Select a company from the United States and discuss their efforts and strategies to ensure cyber security
  • Discuss the reasons that make every individual aware when it comes to safeguarding and protecting personal data and information from hackers
  • Face recognition vs. a simple security code vs. fingerprint: Which is the safest locking option for smart devices and why?
  • The increasing use of the internet consecutively increases the likelihood of adolescents and young adults engaging in cybercrime-related activities (e.g., email and internet fraud, identify fraud)
  • Compare and contrast the effects of Phishing Emails, DoS (Denial of Service) Attacks, and Social Engineering
  • Describe the history of cybercrime and the way cybercriminals have introduced different strategies to commit such crimes over the past decades
  • Discuss the similarities and differences between distributed denial-of-service (DDoS) attacks and DoS (Denial of service) attacks
  • Examination of the consequences a community or society would have to bear in case a hacker targeted the entire state
  • Is purchasing from e-commerce sites such as eBay, Amazon, and Craigslist more ethical and safe compared to buying from other online marketplaces? Explain with reasons and the cyber security strategies of the aforementioned sites.

Impressive Cybercrime Research Topics

  • Explain the importance of parental control mechanisms on children’s computers.
  • What are effective strategies to cope with online harassment?
  • Establish a link between feminism and the fight against cyberstalking.
  • Analyze online gaming behavior from a psychological standpoint.
  • How did industrial espionage evolve into hacking?
  • Describe how an SQL injection attack unfolds.
  • What are the safest ways to ensure data integrity?
  • Discuss the pros and Cons of various cryptographic methods.
  • How can a person reach maximum technological security?
  • Explain the mechanics of password protection.

Final Words

From the list of ideas suggested above, choose any topic that matches your requirements and craft a detailed cybercrime research paper with proper citations and proofs to prove your thesis statement. In case, you need an expert to offer you help with cybercrime research paper topic selection and writing, get in touch with us immediately. We have numerous professional writers who are experts in the field of law and cybercrime to provide assignment help online according to your needs.

If you wish to make use of our cybercrime research paper writing service, just write your requirements in the order form and submit it. Based on the specifications you send us, our cybercrime research paper helpers will craft and dispatch a well-structured and plagiarism-free academic paper on time. Also, you can opt for endless paper revisions and round-the-clock customer support by availing of our assignment writing services.

cybercrime research paper topics

Related Post

Religious Research Paper Topics

220 Amazing Religious Research Paper Topics and Ideas

Research Proposal

Read and Understand How to Write a Research Proposal

Controversial Research Topics

100+ Controversial Research Topics and Ideas to Focus On

About author.

' src=

Jacob Smith

I am an Academic Writer and have affection to share my knowledge through posts’. I do not feel tiredness while research and analyzing the things. Sometime, I write down hundred of research topics as per the students requirements. I want to share solution oriented content to the students.

Comments are closed.

  • Featured Posts

140 Unique Geology Research Topics to Focus On

200+ outstanding world history topics and ideas 2023, 190 excellent ap research topics and ideas, 150+ trending group discussion topics and ideas, 170 funny speech topics to blow the minds of audience, who invented exams learn the history of examination, how to focus on reading 15 effective tips for better concentration, what is a rhetorical analysis essay and how to write it, primary school teacher in australia- eligibility, job role, career options, and salary, 4 steps to build a flawless business letter format, get help instantly.

Raise Your Grades with Assignment Help Pro

Thank you for visiting nature.com. You are using a browser version with limited support for CSS. To obtain the best experience, we recommend you use a more up to date browser (or turn off compatibility mode in Internet Explorer). In the meantime, to ensure continued support, we are displaying the site without styles and JavaScript.

  • View all journals
  • My Account Login
  • Explore content
  • About the journal
  • Publish with us
  • Sign up for alerts
  • Open access
  • Published: 23 February 2023

Exploring the global geography of cybercrime and its driving forces

  • Shuai Chen   ORCID: orcid.org/0000-0003-3623-1532 1 , 2 ,
  • Mengmeng Hao   ORCID: orcid.org/0000-0001-5086-6441 1 , 2 ,
  • Fangyu Ding   ORCID: orcid.org/0000-0003-1821-531X 1 , 2 ,
  • Dong Jiang 1 , 2 ,
  • Jiping Dong 1 , 2 ,
  • Shize Zhang 3 ,
  • Qiquan Guo 1 &
  • Chundong Gao 4  

Humanities and Social Sciences Communications volume  10 , Article number:  71 ( 2023 ) Cite this article

10k Accesses

10 Citations

1 Altmetric

Metrics details

  • Criminology
  • Science, technology and society

Cybercrime is wreaking havoc on the global economy, national security, social stability, and individual interests. The current efforts to mitigate cybercrime threats are primarily focused on technical measures. This study considers cybercrime as a social phenomenon and constructs a theoretical framework that integrates the social, economic, political, technological, and cybersecurity factors that influence cybercrime. The FireHOL IP blocklist, a novel cybersecurity data set, is used to map worldwide subnational cybercrimes. Generalised linear models (GLMs) are used to identify the primary factors influencing cybercrime, whereas structural equation modelling (SEM) is used to estimate the direct and indirect effects of various factors on cybercrime. The GLM results suggest that the inclusion of a broad set of socioeconomic factors can significantly improve the model’s explanatory power, and cybercrime is closely associated with socioeconomic development, while their effects on cybercrime differ by income level. Additionally, results from SEM further reveals the causal relationships between cybercrime and numerous contextual factors, demonstrating that technological factors serve as a mediator between socioeconomic conditions and cybercrime.

Similar content being viewed by others

cybercrime research paper topics

Rethinking the environmental Kuznets curve hypothesis across 214 countries: the impacts of 12 economic, institutional, technological, resource, and social factors

Qiang Wang, Yuanfan Li & Rongrong Li

cybercrime research paper topics

Exposure to untrustworthy websites in the 2020 US election

Ryan C. Moore, Ross Dahlke & Jeffrey T. Hancock

cybercrime research paper topics

A systematic review of worldwide causal and correlational evidence on digital media and democracy

Philipp Lorenz-Spreen, Lisa Oswald, … Ralph Hertwig


Cybercrime is a broad term used by government, businesses, and the general public to account for a variety of criminal activities and harmful behaviours involving the adoption of computers, the internet, or other forms of information communications technologies (ICTs) (Wall, 2007 ). As an emerging social phenomenon in the information age, cybercrime has aroused growing concern around the world due to its high destructiveness and widespread influence. In 2017, the WannaCry ransomware attack affected more than 230,000 computers across 150 countries, resulting in economic losses of more than 4 billion dollars and posing a serious danger to the global education, government, finance, and healthcare sectors (Ghafur et al., 2019 ; Castillo and Falzon, 2018 ; Mohurle and Patil, 2017 ). Although there is currently no precise and universally accepted definition of cybercrime (Phillips et al., 2022 ; Holt and Bossler, 2014 ), it is generally acknowledged that the term covers both traditional crimes that are facilitated or amplified by utilising ICTs as well as new types of crimes that emerged with the advent of ICTs (Ho and Luong, 2022 ). Based on the role of technology in the commission of the crime, the most widely utilised typology divides cybercrime into cyber-dependent crime (such as hacking, distributed denial of service, and malware) and cyber-enabled crime (online fraud, digital piracy, cyberbullying) (Brenner, 2013 ; Sarre et al., 2018 ; McGuire and Dowling, 2013 ). Along with the rapid development of ICTs and the increasing prevalence of the internet, these criminal activities are significantly disrupting the global economy, national security, social stability, and individual interests. Although it is difficult to estimate the precise financial cost of cybercrime (Anderson et al., 2013 ; Anderson et al., 2019 ), statistical evidence from governments and industries indicates that the economic losses caused by cybercrime are extremely enormous and are still rising rapidly (McAfee, 2021 ).

Cybercrime is complicated in nature and involves many disciplines, including criminology, computer science, psychology, sociology, economics, geography, political science, and law, among others (Holt, 2017 ; Dupont and Holt, 2022 ; Payne, 2020 ). Computer science and cybersecurity efforts are primarily focused on applying technical approaches such as Intrusion Detection Systems (IDSs), Intrusion Prevention Systems (IPSs), firewalls, and anti-virus software to mitigate cyberattack threats (Kumar and Carley, 2016 ; Walters, 2015 ). These methods may help to some extent lessen the adverse impacts of cybercrime on both organisations and individuals. However, these technical solutions are largely unaware of the human and contextual factors that contribute to the issues, providing only reactive solutions, and are unable to keep up with the rapidly evolving modus operandi and emerging technologies (Clough, 2015 ; Neal, 2014 ). It is suggested that cybercrime is a complex social phenomenon driven by the compound interactions of underlying socioeconomic factors. Human and social factors play a substantial role in the formation of cybercrime agglomerations (Waldrop, 2016 ; Watters et al., 2012 ; Leukfeldt and Holt, 2019 ). They are also important aspects of cybercrime prevention and control (Dupont and Holt, 2022 ). The human factors influencing cybercrime have been the subject of an expanding body of sociological and psychological study in recent years. These studies, which covered cyberbullying, online harassment, identity theft, online fraud, malware infection, phishing, and other types of cybercrime, generally applied traditional criminological and psychological theories, such as routine activities theory, lifestyle-routine activities theory, self-control theory, and general strain theory, to explain the victimisation and offending of various cybercrimes (Bergmann et al., 2018 ; Mikkola et al., 2020 ; Ngo and Paternoster, 2011 ; Pratt et al., 2010 ; Williams, 2016 ). Results from these studies suggested that by altering criminal motivations and opportunity structures, individual factors (i.e., age, gender, ethnicity, education, socioeconomic status, and self-control) and situational factors (online activities, time spent online, risk exposure, deviant behaviours) may have an impact on cybercrime offence and victimisation. These findings advanced our knowledge in understanding the impact of technology on criminal behaviours, factors affecting the risk of cyber victimisation, and the applicability of traditional criminological theories to cybercrime (Holt and Bossler, 2014 ).

Cybercrime is a highly geographical phenomenon on a macro-level scale, with some countries accounting for a disproportionate amount of cybercrimes (Kigerl, 2012 ; Kigerl, 2016 ). This spatial heterogeneity is closely related to specific socioeconomic contexts (Kshetri, 2010 ). Academic efforts have been made to identify the clusters of high cybercrime countries and to explain the potential socioeconomic factors that led to the formation of these clusters. For example, Mezzour, Carley, and Carley ( 2014 ) found that Eastern European countries hosted a greater number of attacking computers due to their superior computing infrastructure and high levels of corruption. Similarly, Kumar and Carley ( 2016 ) found that higher levels of corruption and large internet bandwidth would favour attack origination. They also noted that countries with the greater gross domestic product (GDP) per capita and better ICT infrastructure were targeted more frequently. Meanwhile, Srivastava et al. ( 2020 ) pointed out that countries with better technology and economic capital were more likely to become the origins of cybercrime, but countries with better cybersecurity preparedness may reduce the frequency of the cybercrime originating within them. Moreover, Holt, Burruss, and Bossler ( 2018 ) suggested that nations with better technological infrastructure, greater political freedom, and fewer organised crime were more likely to report malware infections, while Overvest and Straathof ( 2015 ) suggested that the number of internet users, bandwidth, and economic ties were significantly related to cyberattack origin. Kigerl ( 2012 ) found that a higher unemployment rate and more internet users were linked to an increase in spam activities. However, these studies have tended to utilise a restricted range of predictor variables and only included certain aspects of cybercrime. Besides, most of the studies have been conducted at the national level, which could potentially hide many disparities within countries.

In this work, we construct a conceptual model to better represent the context from which cybercrime emerges, which is applied as a framework to analyse the underlying socioeconomic driving forces. A novel cybersecurity data set, the FireHOL IP blocklist, is adopted as a proxy to reflect the levels of cybercriminal activities within different areas. A set of social, economic, political, technological, and cybersecurity indicators is used as explanatory variables. Generalised linear models (GLMs) are used to quantify the effect of each factor on cybercrime, while structural equation modelling (SEM) is used to estimate the complex interactions among various factors and their direct and indirect effects on cybercrime.

Conceptual framework

We propose a conceptual framework for examining the driving forces of cybercrime by reviewing existing empirical literature and integrating different criminological theories. The conceptual framework includes five interrelated components: the social, economic, political, technological, and cybersecurity factors. The potential pathways by which each component may directly or indirectly influence cybercrime are illustrated in Fig. 1 .

figure 1

The solid line indicates a direct effect, and a dashed line indicates indirect effect. H1–H5 refer to the five hypotheses, “+” indicates a positive effect, and “−” indicates a negative effect.

The social and economic factors depict the level of regional development, serving as the fundamental context in which cybercrime emerges. Given the intrinsic technological nature of cybercrime, global urbanisation, and the information technology revolution have promoted global connectivity and created unprecedented conditions and opportunities for cybercrime (UNODC, 2013 ). From the perspective of general strain theory, poverty, unemployment, income inequality, and other social disorders that are accompanied by social transformations could lead to cultures of materialism and stimulate motivations of cybercrime for illegal gains (Meke, 2012 ; Onuora et al., 2017 ). On the other hand, economically developed regions generally have superior ICT infrastructure, which can provide convenient and low-cost conditions for cybercriminals to commit crimes. High educational attainment is also likely to be associated with cybercrime, given that cybercrime usually requires some level of computer skills and IT knowledge (Holt and Schell, 2011 ; Asal et al., 2016 ). In general, better socioeconomic conditions are associated with more cybercriminal activities, which leads us to develop the first two hypotheses:

H1: Social factor is positively associated with cybercrime .
H2: Economic factor is positively associated with cybercrime .

The influence of political factors on cybercrime is mainly reflected in the regulation and intervention measures of governments in preventing and controlling cybercrime, such as legal system construction, government efficiency, control of corruption, and political stability. The offender’s decision to engage in illegal activity is a function of the expected probability of being arrested and convicted and the expected penalty if convicted (Ehrlich, 1996 ). As with traditional crimes, the lack of efficient social control and punishment mechanism will breed criminal behaviours. The deterrent effect of the legislation makes cybercriminals have to consider the consequences they need to bear. While the virtual and transnational nature of cyberspace makes it easier for perpetrators to avoid punishment, cybercrime can be deterred to some extent by increasing the severity of punishment and international law enforcement cooperation (Hall et al., 2020 ). On the other side, cybercriminals could seek protection through corrupt connections with the local institutional environment, which would weaken law enforcement operations and encourage cybercriminal activities (Hall et al., 2020 ; Lusthaus and Varese, 2021 ; Sutanrikulu et al., 2020 ). For instance, corruption in law enforcement authorities makes it hard for cybercriminals to be punished, while corruption in network operators or internet service providers (ISPs) makes it easier for cybercriminals to apply for malicious domain names or register fake websites. Some studies have shown that areas with high levels of corruption usually have more cybercriminal activities (Mezzour et al., 2014 ; Watters et al., 2012 ). Cybercrimes are typically attributed to political corruption, ineffective governance, institutional weakness, and weak rule of law across West Africa and East Europe (Asal et al., 2016 ). Therefore, we propose that:

H3: Political factor is negatively associated with cybercrime .

The technological environment, which is composed of communication conditions and underlying physical ICT infrastructure, serves as an essential medium through which cybercrime is committed. According to the rational choice theory, crime is the result of an individual’s rational consideration of the expected costs and benefits attached to their criminal activity (Mandelcorn et al., 2013 ; Brewer et al., 2019 ). Better internet infrastructure, greater internet penetration, and faster connection could facilitate cybercrimes by reducing crime costs, expanding opportunities, and increasing potential benefits. For example, in a majority of spam and DDoS attacks, cybercriminals often carry out large-scale coordinated attacks by sending remote commands to a set of compromised computers (also known as botnets). High-performance computers and high-bandwidth connectivity such as university, corporate, and government servers allow for more efficient attacks and could expand the scope of cybercrime, making them preferred by cybercriminals (Hoque et al., 2015 ; Van Eeten et al., 2010 ; Eslahi et al., 2012 ). We thus hypothesise that:

H4: Technological factor is positively related to cybercrime .

Cybersecurity preparedness reflects the capabilities and commitment of a country to prevent and combat cybercrime. According to the International Telecommunication Union (ITU), cybersecurity preparedness involves the legal, technical, organisation, capacity, and cooperation aspects (Bruggemann et al., 2022 ). Legal measures such as laws and regulations define what constitutes cybercrime and specify necessary procedures in the investigation, prosecution, and sanction of cybercrime, providing a basis for other measures. Technical measures refer to the technical capabilities to cope with cybersecurity risks and build cybersecurity resilience through national institutions and frameworks such as the Computer Incident Response Teams (CIRTs) or Computer Emergency Response Teams (CERTs). Organisation measures refer to the comprehensive strategies, policies, organisations, and coordination mechanisms for cybersecurity development. Capacity development reflects the research and development, awareness campaigns, training and education, and certified professionals and public agencies for cybersecurity capacity building. Cooperation measures refer to the collaboration and information sharing at the national, regional, and international levels, which is essential in addressing cybersecurity issues given the transnational nature of cybercrime. According to the general deterrence theory and routine activity theory of criminology (Leukfeldt and Holt, 2019 ; Hutchings and Hayes, 2009 ; Lianos and McGrath, 2018 ), cybersecurity preparedness serves as a deterrent or a guardianship of cybercrime. It is crucial in defending a country from external cybercrime as well as reducing cybercrime originating from within. Therefore, we hypothesise that:

H5: Cybersecurity preparedness is negatively associated with cybercrime .

The five hypotheses proposed in the conceptual model (Fig. 1 ) outline the direct effects of various contextual drivers on cybercrime. The social, economic, political, technological, and cybersecurity factors may interact in other ways, which could also have an indirect impact on cybercrime. Then, using a combination of two statistical methods and a set of explanatory covariates, we test the hypothesised pathways.

Cybercrime data

It is commonly acknowledged among cybercrime scholars that the lack of standardised legal definitions of cybercrime and valid, reliable official statistics makes it difficult to estimate the prevalence or incidence of cybercrime around the world (Holt and Bossler, 2015 ). Although in some countries, law enforcement agencies do collect data on cybercrime (e.g., police data and court judgement), there are inevitable under-reporting and under-recording issues with these official data (Holt and Bossler, 2015 ; Howell and Burruss, 2020 ). This has prompted some researchers to use alternative data sources to measure cybercrime, including social media, online forums, emails, and cybersecurity companies (Holt and Bossler, 2015 ). Among these data sources, technical data such as spam emails, honeypots, IDS/IPS or firewall logs, malicious domains/URLs, and IP addresses are often used as proxies for different aspects of cybercrime (Amin et al., 2021 ; Garg et al., 2013 ; Kigerl, 2012 ; Kigerl, 2016 ; Kigerl, 2021 ; Mezzour et al., 2014 ; Srivastava et al., 2020 ; Kshetri, 2010 ), accounting for a large proportion in the literature of macro-level cybercrime research. However, due to the anonymity and virtuality of cyberspace, cybercriminals are not restrained by national boundaries and could utilise compromised computers distributed around the world as a platform to commit cybercrime. Meanwhile, IP addresses can be faked or spoofed by using technologies such as proxy servers, anonymity networks, and virtual private networks (VPNs) to hide the true identity and location of cybercriminals (Holt and Bossler, 2015 ; Leukfeldt and Holt, 2019 ). As a result, the attribution of cybercriminal becomes extremely challenging and requires a high level of expertise and coordination from law enforcement agencies and cybersecurity teams (Lusthaus et al., 2020 ). Therefore, instead of capturing where cybercriminals reside in physical space, most studies using these technical data are measuring the possible locations where the cyberattacks or cybercrimes originate, even if part of them could be locations where cybercriminals choose to host their botnets or spam servers. Though there is partial support that certain types of cyberattacks originate from physically proximate IP addresses (Maimon et al., 2015 ), more elaborate and comprehensive research is lacking.

In this study, we used a novel cybersecurity data set, the IP addresses from FireHOL blocklist (FireHOL, 2021 ), as a proxy to measure cybercrime. The FireHOL IP blocklist is a composition of multiple sources of illegitimate or malicious IP addresses, which can be used on computer systems (i.e., servers, routers, and firewalls) to block access from and to these IPs. These IPs are related to certain types of cybercrime activities, including abuse, attacks, botnets, malware, command and control, and spam. We adopt FireHOL level 1 blocklist, which consists of ~2900 subnets and over 600 million unique IPs, with a minimum of false positives. The anonymous IPs, which are used by other parties to hide their true identities, such as open proxies, VPN providers, etc., were excluded from the analysis. Next, we applied an open-source IP geolocation database, IP2Location™ Lite, to map these unique IP addresses in specific geographic locations in the form of country/region/city and longitude/altitude pair. The location accuracy of the IP geolocation is high at the national and regional levels, with ~98% accuracy at the country level and 60% at the city level. In order to reduce uncertainty, we focused on the analysis at the state/region level. At last, we calculated the counts of unique IPs located within each subnational area to measure the global distribution of cybercrimes.

Although FireHOL IP blocklist has the same restrictions as other technical data, it was used in this study for several reasons. The basic function of IP addresses in the modern internet makes it an indispensable element in different phases of cybercrime, it is also the key ingredient of cybercrime attribution and digital evidence collection. As a result, an IP-based firewall is one of the most effective and commonly used preventive measures for cybersecurity defence. FireHOL IP blocklist has the advantage of global coverage and includes different cybercrime types. It dynamically collects cybercrime IPs from multiple sources around the world. Although it is difficult to determine whether the IPs in the blocklist are the real sources of cybercrime or come from infected machines, it does reflect the geographical distribution of the malicious IPs that are related to certain cybercrime activities. Besides, it provides a more fine-grained estimate of the subnational cybercrime geography than country-level statistics.

Explanatory variables

We adopted a broad set of explanatory variables to characterise the social, economic, political, technological, and cybersecurity conditions based on the conceptual model presented above (Fig. 1 ). The social environment is represented by population, the population aged 15–64, education index, nighttime light index, and human development index (HDI); The economic condition is measured by income index, GDP growth, Gini index, unemployment (% of the total labour force) and poverty rate; The political environment is measure by 5 dimensions of the World Governance Indicators (WGI), including control of corruption, government effectiveness, rule of law, political stability and absence of violence/terrorism, voice and accountability. The technological environment is reflected by the internet infrastructure (the number of internet data centres and internet exchange centres), internet users (% of the population), international bandwidth (per internet user), secure internet server (per 1 million people), and fixed broadband subscriptions (per 100 people). Moreover, we applied the five dimensions of the Global Cybersecurity Index (GCI) to assess the level of commitment among various nations to cybersecurity, including legal measures, technical measures, organisational measures, capacity development measures, cooperation measures, and one overall cybersecurity index (the sum of the 5 measures above). Population, income index, education index, HDI, nighttime light, and infrastructure data are collected at the subnational administrative level, while other variables are derived at the country level. Log transformations (base 10) were used to improve normality for variables with skewed distributions, including population, nighttime light, infrastructure, fixed broadband, secure internet server, and bandwidth. All variables were normalised for further analysis.

Generalised linear models (GLMs)

In this study, GLMs were used to assess the potential influence of various explanatory variables on cybercrime and to identify the most important factors. A GLM is an extension of a regular regression model that includes nonnormal response distributions and modelling functions (Faraway, 2016 ). GLM analyses were conducted at two scales: the global scale and the income group scale. All GLMs were built in R version 4.1.2 using the “glm” function of the “stats” package (R, Core Team, 2013 ), and a gaussian distribution is used as the link function. The Akaike information criterion (AIC), the determination coefficient ( R 2 ), and the significance level of the predictors ( p -value) are used to evaluate GLMs. The model with the lowest AIC and highest R 2 value is chosen as the optimal model. Variance inflation factors (VIFs) were calculated using the “car” package (Fox et al., 2012 ) to test for collinearity between quantitative explanatory variables prior to the GLM analysis. Variables with a VIF value greater than 10 (VIF > 10) were regarded as collinearity generators and were therefore excluded from further analysis. The relative contribution and coefficients of each GLM were plotted using the “GGally” package.

Structural equation modelling (SEM)

SEM was used to examine the causal relationships within the networks of interacting factors, thereby distinguishing the direct from indirect drivers of cybercrime. SEM is a powerful, multivariate technique found increasingly in scientific investigations to test and evaluate multivariate causal relationships (Fan et al., 2016 ). SEM differs from other modelling approaches in that it tests both the direct and indirect effects on pre-assumed causal relationships. The following fit indices were considered to evaluate model adequacy: (a) root mean square error of approximation (RMSEA), which is a “badness of fit” index in which 0 indicates a perfect fit while higher values indicate a lack of fit; (b) standardised root mean square residual (SRMR), which is similar to RMSEA and should be less than 0.09 for good model fit; (c) comparative fit index (CFI), which represents the amount of variance that has been accounted for in a covariance matrix ranging from 0.0 to 1.0, with a higher CFI value indicating better model fit; (d) Tucker–Lewis index (TLI), which is a non-normed fit index (NNFI) that proposes a fit index independent of sample size. In this study, SEM analysis was conducted using AMOS (Arbuckle, 2011 ).

Spatial distribution of cybercrime IPs

We mapped the subnational distribution of cybercrime IPs globally, which reveals significant spatial variability (see Fig. 2 ). On a global scale, most cybercrime IPs were located in North America, Central and Eastern Europe, East Asia, India, and eastern Australia. Meanwhile, areas with low numbers of cybercrime IPs were primarily found in large parts of Africa except for South Africa, western and northern parts of South America, Central America, some regions of the Middle East, southern parts of Central Asia, and some regions of Southeast Asia. On a continental scale, we found that the number of cybercrime IPs increased gradually from Africa to Europe. The two continents with the most cybercrime IPs were North America and Europe, with North America showing more variations. This trend seems to be closely associated with the regional socioeconomic development level. To further investigate this relationship, we grouped the subnational regions by income level according to the World Bank classification rules. We found a more evident pattern, with high-income regions hosting the majority of cybercrime IPs and lower-middle-income regions hosting the least.

figure 2

a Number of cybercrime IPs at the subnational level. b Log-transformed cybercrime IP count by continent: Africa (AF), Asia/Oceania (AS/OC), South America (SA), North America (NA) and Europe (EU). c Log-transformed cybercrime IP count by income group: low-income (LI), lower-middle-income (LMI), upper-middle-income (UMI) and high-income (HI) groups. The centre line, boxes, and whiskers show the means, 1 standard error (SE), and 95% confidence interval (CI), respectively.

Major factors influencing cybercrime

GLMs were built based on the 5 categories of 26 representative influential variables identified in the conceptual framework. After excluding 8 collinear variables (i.e., government effectiveness, rule of law, HDI, and 5 cybersecurity measures) and 7 nonsignificant variables (GDP growth, unemployment, poverty, political stability, voice and accountability, bandwidth, and internet users), the global scale GLM model includes 11 variables with an R 2 value of 0.82. Figure 3 shows the relative contribution of each predictor variable to the model. Globally, the social and technological factors contribute most to the model, with relative contribution rates of 53.4% and 30.1%, respectively. Infrastructure alone explains up to 18.1% of the model variance in cybercrimes ( R 2 to 0.504). However, the inclusion of the population and education index improves the explanation of model variance by 18.3% and 28.5%, respectively ( R 2 to 0.596 and 0.766). This is also the case with GLMs of different income groups, indicating that despite the main effects of technological factors, the inclusion of a broad set of socioeconomic factors significantly improves the accuracy of models that attempt to quantify the driving forces of cybercrime.

figure 3

Relative contribution of predictor variables to cybercrime.

When assessed by income group, we noted that although the social and technological factors were the most important factors in explaining cybercrime, the contribution of each variable varies by income group. For example, the contribution of the income index decreases gradually from low-income regions to wealthier regions, while the Gini index is more significant in upper-middle regions and high-income regions than in low-income regions and lower-middle-income regions. Fixed broadband subscriptions contributed the most in low-income regions and the least in high-income regions. Additionally, cybersecurity preparedness has a greater influence on low-income and lower-middle-income regions.

Estimated effect of factors on cybercrime

The coefficient values in Fig. 4 represent effect sizes from the GLMs for the relationship between cybercrime and the five categories of contextual factors. At the global scale, cybercrime is positively correlated with social, economic, and technological factors, suggesting that most cybercrimes are launched in regions with a higher population, higher urbanisation, better educational and economic conditions, and, most importantly, improved internet infrastructure and communication conditions. By contrast, cybercrime is negatively related to political and cybersecurity factors, indicating that the control of corruption and the commitment to cybersecurity show certain inhibitory effects on cybercrime.

figure 4

The coefficient values are represented as dots, significant variables are represented as filled dots, nonsignificant variables are represented as hollow dots, and bars represent 95% CIs.

From the perspective of income groups, the ways contextual factors affect cybercrime remain basically consistent with the global results, but subtle differences are observed. In low-income countries, the influence of the income index on cybercrime is the strongest, and cybercrime is significantly associated with a higher income index, higher education index, better infrastructure, and higher fixed broadband subscriptions. This pattern may indicate that in low-income countries, wealthier areas tend to have more cybercrimes due to the existence of better communication conditions in these areas. However, in high-income countries, where the internet is universally available, the roles of income index and fixed broadband subscriptions gradually weaken. In contrast, the effects of the Gini index and education are stronger in wealthier countries, indicating that economic inequality and education in these countries can be important drivers of cybercrime. Moreover, the control of corruption is negatively related to cybercrime in lower-middle, upper-middle, and high-income regions.

Pathways of factors for cybercrime

To understand the intricate interactions among different predictors, we perform SEM based on the conceptual model. The SEM model is composed of five latent variables, representing the social, economic, political, technological, and cybersecurity context, and each latent variable has five components reflected by the explanatory variables. Overall SEM fit is assessed, showing a good fit (CFI = 0.917, TLI = 0.899, SRMR = 0.058). SEM confirms many of the hypotheses in the conceptual model, and all relationships are statistically significant. Fig. 5 shows the results of SEM.

figure 5

Black arrows indicate a positive effect, red arrows indicate a negative effect, and values on the straight arrows between variables represent the standardised path coefficients.

According to the SEM, all the hypotheses are tested and supported. Specifically, social, economic, and technological factors have direct positive effects on cybercrime (standardised path coefficients of direct effect are 0.03, 0.10, and 0.61, respectively), indicating that when social, economic, and technological factors go up by 1 standard deviation, cybercrime goes up by 0.03, 0.10, and 0.61 standard deviations, respectively. By contrast, the political and cybersecurity factors have direct negative effects on cybercrime (standardised path coefficients of direct effect are −0.22 and −0.07, respectively), indicating that 1 standard deviation rise in political and cybersecurity factors are associated with 0.22 and 0.07 standard deviations decrease of cybercrime, respectively. It is worth noting that although the direct effects of social and economic factors on cybercrimes are relatively small, their indirect effects on cybercrime through the mediation of technological and political factors are non-negligible.

In sum, SEM quantifies the direct and indirect effects of social, economic, political, technological, and cybersecurity factors on cybercrime, consistent with the hypotheses outlined in the conceptual model. More importantly, the results suggest that even though cybercrimes are primarily determined by technological factors, the direct and indirect effects of underlying social, economic, political, and cybersecurity also play significant roles. This suggests that the technological factor is a necessary but not sufficient condition for the occurrence of cybercrime.

In the current study, we mapped the global subnational distribution of cybercrimes based on a novel cybersecurity data set, the FireHOL IP blocklist. Given the widespread difficulty in obtaining cybercrime data, the data sources used in this study could provide an alternative measure of the subnational cybercrime level on a global scale. Compared to country-level studies (Amin et al., 2021 ; Garg et al., 2013 ; Goel and Nelson, 2009 ; Solano and Peinado, 2017 ; Sutanrikulu et al., 2020 ), the results present a more fine-grained view of the spatial distribution of cybercrime. The map reveals high spatial variability of cybercrime between and within countries, which appears to be closely related to local socioeconomic development status.

To recognise the driving forces behind cybercrime, we proposed a theoretical framework that encompasses the social, economic, political, technological, and cybersecurity factors influencing cybercrime, drawing on existing theoretical and empirical research. On this basis, we used GLMs to identify the major factors and their contributions to cybercrime and SEM to quantify the direct and indirect effects of these driving forces. The GLM results show that using technological factors alone as explanatory variables is insufficient to account for cybercrime, and the inclusion of a broad suite of social, economic, political, technological, and cybersecurity factors can remarkably improve model performance. Global scale modelling indicates that cybercrime is closely associated with socioeconomic and internet development, as developed regions have more available computers and better communication conditions that facilitate the implementation of cybercrime. Some studies have argued that wealthier areas might have fewer incentives for cybercrime, while poorer areas could benefit more from cybercrime activities (Ki et al., 2006 ; Kigerl, 2012 ; Kshetri, 2010 ). However, our study shows that the technological factors constituted by the internet infrastructure and communication conditions are necessary for the production of cybercrime, rendering wealthier areas more convenient for committing cybercrime.

Meanwhile, the GLMs of the 4 income groups demonstrate important differential impacts of the explanatory variables on cybercrime. For example, in low-income countries, where the overall internet penetration rate is low, cybercrime originates mainly in more developed areas with better internet infrastructure, higher internet penetration, and higher education levels. A typical example is the “Yahoo Boys” in Nigeria, referring to young Nigerians engaged in cyber fraud through Yahoo mail, mostly well-educated undergraduates with digital skills (Lazarus and Okolorie, 2019 ). A range of factors, such as a high rate of unemployment, a lack of legitimate economic opportunities, a prevalence of cybercrime subculture, a lack of strong cybercrime laws, and a high level of corruption, have motivated them to obtain illegal wealth through cybercrime. In contrast, cybercrime in high-income regions originates in areas with a high Gini index and a high education level. One possible explanation for this finding may be that well-educated individuals who live in countries with a high Gini index are paid less for their skills than their counterparts, which motivates them to engage in cybercrimes to improve their lives.

Encouragingly, both the GLM and SEM results suggest that political factors and cybersecurity preparedness can mitigate the incidence of cybercrime to some extent, in agreement with the hypotheses. Though previous country-level studies suggest that countries facing more cybersecurity threats tend to have a high level of cybersecurity preparedness (Makridis and Smeets, 2019 ; Calderaro and Craig, 2020 ), our results indicate that cybersecurity preparedness could in turn reduce cybercrimes that originate from a country. This emphasises the importance of government intervention and cybersecurity capacity building. The necessary intervening measures may include the enactment and enforcement of laws, regulation of telecommunication operators and internet service providers (ISPs), strengthening of strike force by security and judicial departments, and improvement of cybersecurity capacity. Given the interconnectedness of cyberspace and the borderless nature of cybercrime, it must be recognised that cybersecurity is not a problem that can be solved by any single country. Thus, enhancing international cooperation in legal, technical, organisational, and capacity aspects of cybersecurity becomes an essential way to tackle cybersecurity challenges.

As presented through SEM, technological factors are closely associated with the development of socioeconomic development and serve as a mediator between socio-economic conditions and cybercrime. In the past decades, ICTs have developed unevenly across different parts of the world due to a range of geographic, socioeconomic, and demographic factors, which has led to the global digital divide (Pick and Azari, 2008 ). The disparities in internet access in different regions have largely determined the spatial patterns of cybercrime. Currently, developing countries (especially those within Asia, Africa, and Latin America) are the fastest-growing regions in terms of ICT infrastructure and internet penetration (Pandita, 2017 ). However, even in developed countries, the progress of technological innovation has outpaced the establishment of legal regulations, national institutions and frameworks, policies and strategies, and other mechanisms that could help manage the new challenges (Bastion and Mukku, 2020 ). Many developing countries are facing difficulties in combating cybercrime due to a lack of adequate financial and human resources, legal and regulatory frameworks, and technical and institutional capacities, providing a fertile ground for cybercrime activities. In this vein, it is extremely urgent and necessary to enhance the cybersecurity capacities of developing countries and engage them in the international cooperation of cybersecurity, ensuring that they can maximize the socio-economic benefits of technological development instead of being harmed by it.

Cybercrime is a sophisticated social phenomenon rooted in deep and comprehensive geographical and socioeconomic causes. This study offers an alternative perspective in solving cybersecurity problems instead of pure technical measures. We believe that improvements in cybersecurity require not only technological, legal, regulatory, and policing measures but also broader approaches that address the underlying social, economic, and political issues that influence cybercrime. While the results presented in this study are preliminary, we hope that this work will provide an extensible framework that can be expanded for future studies to investigate the driving forces of cybercrime.

However, our study has several limitations due to the disadvantages of data. First and foremost, the geo-localisation of cybercrimes or cybercriminals remains a major challenge for cybercrime research. Although the FireHOL IP blocklist has the potential to measure global cybercrime at a high spatial resolution, IP-based measures may not accurately capture the true locations of cybercriminals, as they may simply exploit places with better ICT infrastructure. Therefore, caution should be exercised in interpreting the associations between cybercrime and socioeconomic factors. Future studies combining survey data, police and court judgement data, and cybercrime attribution techniques are needed to further validate the accuracy and validity of IP-based technical data in measuring the geography of cybercrime and gain a deeper understanding of the driving forces of cybercrime. Besides, COVID-19 has greatly changed the way we live and work, and many studies have suggested that the pandemic has increased the frequency of cybercrimes within the context of economic recession, high unemployment, accelerated digital transformation, and unprecedented uncertainty (Lallie et al., 2021 ; Eian et al., 2020 ; Pranggono and Arabo, 2021 ). Unfortunately, the blocklist data cannot well capture this dynamic due to a lack of temporal attributes. Furthermore, different types of cybercrime can be influenced by different mechanisms. We use the total amount of all types of cybercrime IPs instead of looking into a specific type of cybercrime, given that such segmentation may result in data sparsity for some groups. Future studies are needed to determine how different categories of cybercrimes are affected by socioeconomic factors. At last, micro-level individual and behaviour characteristics and more fine-grained explanatory variables should be included to better understand cybercrime.

Data availability

The FireHOL IP lists data are publicly available at the FireHOL website ( https://iplists.firehol.org/ and https://github.com/firehol/blocklist-ipsets ); population, education index, income index, HDI, and subnational regions data are available from Global Data Lab ( https://globaldatalab.org ); nighttime light data are available from the Earth Observation Group ( https://eogdata.mines.edu/download_dnb_composites.html ); Population aged 15–64, Gini index, GDP growth, unemployment, poverty rate, control of corruption, government effectiveness, rule of law, political stability and absence of violence/terrorism, and voice and accountability, are obtained from World Bank ( https://databank.worldbank.org/home.aspx ), the internet users, international bandwidth, secure internet server, and fixed broadband subscriptions are available from International Telecommunication Union (ITU) ( https://www.itu.int/itu-d/sites/statistics ); the internet infrastructure are collected from TeleGeography ( https://www.internetexchangemap.com ) and the World Data Centers Database ( https://datacente.rs ); the legal measures, technical measures, organisational measures, capacity development, cooperation measures and overall cybersecurity index were obtained from the Global Cybersecurity Index (GCI) of the ITU ( https://www.itu.int/en/ITU-D/Cybersecurity/Pages/global-cybersecurity-index.aspx ).

Amin RW, Sevil HE, Kocak S, Francia G, Hoover P (2021) The spatial analysis of the malicious uniform resource locators (URLs): 2016 dataset case study. Information 12(1):2

Article   Google Scholar  

Anderson R, Barton C, Böhme R, Clayton R, Van Eeten MJ, Levi M, Moore T, Savage S (2013) Measuring the cost of cybercrime. In: The economics of information security and privacy. Springer, pp. 265–300

Anderson R, Barton C, Bölme R, Clayton R, Ganán C, Grasso T, Levi M, Moore T, Vasek M (2019) Measuring the changing cost of cybercrime. The 18th Annual Workshop on the Economics of Information Security. https://doi.org/10.17863/CAM.41598

Arbuckle JL (2011) IBM SPSS Amos 20 user’s guide. Amos Development Corporation, SPSS Inc. pp. 226–229

Asal V, Mauslein J, Murdie A, Young J, Cousins K, Bronk C (2016) Repression, education, and politically motivated cyberattacks. J Glob Secur Stud 1(3):235–247

Bastion G, Mukku S (2020) Data and the global south: key issues for inclusive digital development. https://doi.org/10.13140/RG.2.2.35091.50724

Bergmann MC, Dreißigacker A, von Skarczinski B, Wollinger GR (2018) Cyber-dependent crime victimization: the same risk for everyone? Cyberpsychol Behav Soc Network 21(2):84–90

Brenner SW (2013) Cybercrime: re-thinking crime control strategies. Crime online: Willan. pp. 12–28

Brewer R, de Vel-Palumbo M, Hutchings A, Holt T, Goldsmith A, Maimon D (2019) Cybercrime prevention: theory and applications. Springer

Bruggemann R, Koppatz P, Scholl M, Schuktomow R (2022) Global cybersecurity index (GCI) and the role of its 5 pillars. Soc Indic Res 159(1):125–143

Calderaro A, Craig AJ (2020) Transnational governance of cybersecurity: policy challenges and global inequalities in cyber capacity building. Third World Q 41(6):917–938

Castillo D, Falzon J (2018) An analysis of the impact of Wannacry cyberattack on cybersecurity stock returns. Rev Econ Financ 13:93–100

Google Scholar  

Clough J (2015) Principles of cybercrime. Cambridge University Press

Dupont B, Holt T (2022) The human factor of cybercrime. Soc Sci Comput Rev 40(4):860–864

Ehrlich I (1996) Crime, punishment, and the market for offenses. J Econ Perspect 10(1):43–67

Eian IC, Yong LK, Li MYX, Qi YH, Fatima Z (2020) Cyber attacks in the era of covid-19 and possible solution domains. Preprints 2020, 2020090630

Eslahi M, Salleh R, Anuar NB (2012) ‘Bots and botnets: an overview of characteristics, detection and challenges’. 2012 IEEE International Conference on Control System, Computing and Engineering. IEEE, pp. 349–354

Fan Y, Chen J, Shirkey G, John R, Wu SR, Park H, Shao C (2016) Applications of structural equation modeling (SEM) in ecological studies: an updated review. Ecol Process 5(1):1–12

Faraway JJ (2016) Extending the linear model with R: generalized linear, mixed effects and nonparametric regression models. Chapman and Hall/CRC

FireHOL (2021) FireHOL. FireHOL IP lists. https://iplists.firehol.org [Accessed on Aug 21, 2021]

Fox J, Weisberg S, Adler D, Bates D, Baud-Bovy G, Ellison S, Firth D, Friendly M, Gorjanc G, Graves,S (2012) Package ‘car’, Vienna: R Foundation for Statistical Computing, 16

Garg V, Koster T, Camp LJ (2013) Cross-country analysis of spambots. EURASIP J Inform Secur 2013(1):1–13

Ghafur S, Kristensen S, Honeyford K, Martin G, Darzi A, Aylin P (2019) A retrospective impact analysis of the WannaCry cyberattack on the NHS. NPJ Digit Med 2(1):1–7

Goel RK, Nelson MA (2009) Determinants of software piracy: economics, institutions, and technology. J Technol Transfer 34(6):637–658

Hall T, Sanders B, Bah M, King O, Wigley E (2020) Economic geographies of the illegal: the multiscalar production of cybercrime. Trend OrganCrime 24:282–307

Ho HTN, Luong HT (2022) Research trends in cybercrime victimization during 2010–2020: a bibliometric analysis. SN Soc Sci 2(1):1–32

Holt T, Bossler A (2015) Cybercrime in progress: Theory and prevention of technology-enabled offenses. Routledge

Holt TJ (2017) Cybercrime through an interdisciplinary lens. Routledge

Holt TJ, Bossler AM (2014) An assessment of the current state of cybercrime scholarship. Deviant Behav 35(1):20–40

Holt TJ, Burruss GW, Bossler AM (2018) Assessing the macro-level correlates of malware infections using a routine activities framework. Int J Offender Ther Comp Criminol 62(6):1720–1741

Article   PubMed   Google Scholar  

Holt TJ, Schell BH (2011) Corporate hacking and technology-driven crime. Igi Global

Hoque N, Bhattacharyya DK, Kalita JK (2015) Botnet in DDoS attacks: trends and challenges. IEEE Commun Surv Tutor 17(4):2242–2270

Howell CJ, Burruss GW (2020) Datasets for analysis of cybercrime. In: The Palgrave handbook of international cybercrime and cyberdeviance. Palgrave Macmillan. pp. 207–219

Hutchings A, Hayes H (2009) Routine activity theory and phishing victimisation: who gets caught in the ‘net’? Curr Issues Crim Justice 20(3):433–452

Ki E-J, Chang B-H, Khang H (2006) Exploring influential factors on music piracy across countries. J Commun 56(2):406–426

Kigerl A (2012) Routine activity theory and the determinants of high cybercrime countries. Soc Sci Comput Rev 30(4):470–486

Kigerl A (2016) Cyber crime nation typologies: K-means clustering of countries based on cyber crime rates. Int J Cyber Criminol10(2): 147–169

Kigerl A (2021) Routine activity theory and malware, fraud, and spam at the national level, Crime Law Soc Chang 76:109–130

Kshetri N (2010) Diffusion and effects of cyber-crime in developing economies. Third World Q 31(7):1057–1079

Kumar S, Carley KM (2016) ‘Approaches to understanding the motivations behind cyber attacks’. 2016 IEEE Conference on Intelligence and Security Informatics (ISI). IEEE, pp. 307–309

Lallie HS, Shepherd LA, Nurse JR, Erola A, Epiphaniou G, Maple C, Bellekens X (2021) Cyber security in the age of covid-19: a timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Comput Secur 105:102248

Article   PubMed   PubMed Central   Google Scholar  

Lazarus S, Okolorie GU (2019) The bifurcation of the Nigerian cybercriminals: Narratives of the Economic and Financial Crimes Commission (EFCC) agents. Telemat Informat 40:14–26

Leukfeldt R, Holt TJ (2019) The human factor of cybercrime. Routledge

Lianos H, McGrath A (2018) Can the general theory of crime and general strain theory explain cyberbullying perpetration? Crime Delinq 64(5):674–700

Lusthaus J, Bruce M, Phair N (2020) ‘Mapping the geography of cybercrime: a review of indices of digital offending by country’. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW): IEEE, pp. 448–453

Lusthaus J, Varese F (2021) Offline and local: the hidden face of cybercrime. Policing J Policy Pract 15(1):4–14

Maimon D, Wilson T, Ren W, Berenblum T (2015) On the relevance of spatial and temporal dimensions in assessing computer susceptibility to system trespassing incidents. Br J Criminol 55(3):615–634

Makridis CA, Smeets M (2019) Determinants of cyber readiness. J Cyber Policy 4(1):72–89

Mandelcorn S, Modarres M, Mosleh A (2013) An explanatory model of cyberattacks drawn from rational choice theory. Trans Am Nuclear Soc 109(1):1869–1871

McAfee (2021) McAfee and the Center for Strategic and International Studies (CSIS). The Hidden Costs of Cybercrime. https://www.csis.org/analysis/hidden-costs-cybercrime [Accessed on Aug 21, 2021]

McGuire M, Dowling S (2013) Cyber-crime: a review of the evidence summary of key findings and implications Home Office Research Report 75, Home Office, United Kingdom, Oct. 30p

Meke E (2012) Urbanization and cyber Crime in Nigeria: causes and consequences. Eur J Comput Sci Inform Technol 3(9):1–11

Mezzour G, Carley L, Carley KM (2014) Global mapping of cyber attacks. Available at SSRN 2729302

Mikkola M, Oksanen A, Kaakinen M, Miller BL, Savolainen I, Sirola A, Zych I, Paek H-J (2020) Situational and individual risk factors for cybercrime victimization in a cross-national context. Int J Offender Ther Comparat Criminol https://doi.org/10.1177/0306624X20981041

Mohurle S, Patil M (2017) A brief study of wannacry threat: ransomware attack 2017. Int J Adv Res Comput Sci 8(5):1938–1940

Neal S (2014) Cybercrime, transgression and virtual environments. Crime: Willan, pp. 71–104

Ngo FT, Paternoster R (2011) Cybercrime victimization: an examination of individual and situational level factors. Int J Cyber Criminol 5(1):773

Onuora A, Uche D, Ogbunude F, Uwazuruike F (2017) The challenges of cybercrime in Nigeria: an overview. AIPFU J School Sci 1(2):6–11

Overvest B, Straathof B (2015) What drives cybercrime? Empirical evidence from DDoS attacks. CPB Netherlands Bureau for Economic Policy Analysis

Pandita R (2017) Internet: a change agent an overview of internet penetration & growth across the world. Int J Inform Dissemination Technol 7(2):83

Payne BK (2020) Defining cybercrime. The Palgrave handbook of international cybercrime and cyberdeviance. Palgrave Macmillan. pp. 3–25

Phillips K, Davidson JC, Farr RR, Burkhardt C, Caneppele S, Aiken MP (2022) Conceptualizing cybercrime: definitions, typologies and taxonomies. Forensic Sci 2(2):379–398

Pick JB, Azari R (2008) Global digital divide: Influence of socioeconomic, governmental, and accessibility factors on information technology. Inform Technol Dev 14(2):91–115

Pranggono B, Arabo A (2021) COVID‐19 pandemic cybersecurity issues. Internet Technol Lett 4(2):e247

Pratt TC, Holtfreter K, Reisig MD (2010) Routine online activity and internet fraud targeting: extending the generality of routine activity theory. J Res Crime Delinquency 47(3):267–296

R (Core Team, 2013) R: A language and environment for statistical computing. R Core Team

Sarre R, Lau LY-C, Chang LY (2018) Responding to cybercrime: current trends. Taylor & Francis

Solano PC, Peinado AJR (2017) ‘Socio-economic factors in cybercrime: Statistical study of the relation between socio-economic factors and cybercrime’. 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA): IEEE, pp. 1–4

Srivastava SK, Das S, Udo GJ, Bagchi K (2020) Determinants of cybercrime originating within a nation: a cross-country study. J Glob Inf Technol Manag 23(2):112–137

Sutanrikulu A, Czajkowska S, Grossklags J (2020) ‘Analysis of darknet market activity as a country-specific, socio-economic and technological phenomenon’. 2020 APWG Symposium on Electronic Crime Research (eCrime): IEEE, pp. 1–10

UNODC (2013) Comprehensive study on cybercrime. United Nations, New York

Van Eeten M, Bauer JM, Asghari H, Tabatabaie S (2010) The role of internet service providers in botnet mitigation an empirical analysis based on spam data. TPRC

Waldrop MM (2016) How to hack the hackers: The human side of cybercrime. Nature 533: 164–167

Wall D (2007) Cybercrime: the transformation of crime in the information age. Polity

Walters GD (2015) Proactive criminal thinking and the transmission of differential association: a cross-lagged multi-wave path analysis. Crim Just Behav 42(11):1128–1144

Watters, PA, McCombie, S, Layton, R and Pieprzyk, J (2012) Characterising and predicting cyber attacks using the Cyber Attacker Model Profile (CAMP). J Money Laund Control . ISSN: 1368-5201

Williams ML (2016) Guardians upon high: an application of routine activities theory to online identity theft in Europe at the country and individual level. Br J Criminol 56(1):21–48

Download references


This research was funded by the National Key Research and Development Project of China, grant number 2020YFB1806500 and the Key Research Program of the Chinese Academy of Sciences, grant number ZDRW-XH-2021-3. We thank Yushu Qian, Ying Liu, Qinghua Tan for providing valuable suggestions.

Author information

Authors and affiliations.

Institute of Geographic Sciences and Nature Resources Research, Chinese Academy of Sciences, Beijing, China

Shuai Chen, Mengmeng Hao, Fangyu Ding, Dong Jiang, Jiping Dong & Qiquan Guo

College of Resources and Environment, University of Chinese Academy of Sciences, Beijing, China

Shuai Chen, Mengmeng Hao, Fangyu Ding, Dong Jiang & Jiping Dong

Big Data Center of State Grid Corporation of China, Beijing, China

Shize Zhang

The Administrative Bureau of Chinese Academy of Sciences, Beijing, China

Chundong Gao

You can also search for this author in PubMed   Google Scholar


DJ, QQG and CDG designed the research; SC, FYD, DJ, SZZ and MMH performed the research; SC, FYD and JPD analysed the data; SC, FYD, DJ and MMH wrote the first draft of the paper; JPD, SZZ, QQG, CDG and DJ gave useful edits, comments and suggestions to this work.

Corresponding author

Correspondence to Dong Jiang .

Ethics declarations

Competing interests.

The authors declare no competing interests.

Ethical approval

This article does not contain any studies with human participants performed by any of the authors.

Informed consent

Additional information.

Publisher’s note Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/ .

Reprints and permissions

About this article

Cite this article.

Chen, S., Hao, M., Ding, F. et al. Exploring the global geography of cybercrime and its driving forces. Humanit Soc Sci Commun 10 , 71 (2023). https://doi.org/10.1057/s41599-023-01560-x

Download citation

Received : 19 May 2022

Accepted : 14 February 2023

Published : 23 February 2023

DOI : https://doi.org/10.1057/s41599-023-01560-x

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Quick links

  • Explore articles by subject
  • Guide to authors
  • Editorial policies

cybercrime research paper topics

Click through the PLOS taxonomy to find articles in your field.

For more information about PLOS Subject Areas, click here .

Loading metrics

Open Access


Research Article

Mapping the global geography of cybercrime with the World Cybercrime Index

Roles Data curation, Formal analysis, Investigation, Methodology, Visualization, Writing – original draft

* E-mail: [email protected]

Affiliations Department of Sociology, University of Oxford, Oxford, United Kingdom, Canberra School of Professional Studies, University of New South Wales, Canberra, Australia

ORCID logo

Roles Conceptualization, Investigation, Methodology, Writing – original draft

Affiliations Department of Sociology, University of Oxford, Oxford, United Kingdom, Oxford School of Global and Area Studies, University of Oxford, Oxford, United Kingdom

Roles Formal analysis, Methodology, Writing – review & editing

Affiliations Department of Sociology, University of Oxford, Oxford, United Kingdom, Leverhulme Centre for Demographic Science, University of Oxford, Oxford, United Kingdom

Roles Funding acquisition, Methodology, Writing – review & editing

Affiliation Department of Software Systems and Cybersecurity, Faculty of IT, Monash University, Victoria, Australia

Roles Conceptualization, Funding acquisition, Methodology, Writing – review & editing

Affiliation Centre d’études européennes et de politique comparée, Sciences Po, Paris, France

  • Miranda Bruce, 
  • Jonathan Lusthaus, 
  • Ridhi Kashyap, 
  • Nigel Phair, 
  • Federico Varese


  • Published: April 10, 2024
  • https://doi.org/10.1371/journal.pone.0297312
  • Peer Review
  • Reader Comments

Table 1

Cybercrime is a major challenge facing the world, with estimated costs ranging from the hundreds of millions to the trillions. Despite the threat it poses, cybercrime is somewhat an invisible phenomenon. In carrying out their virtual attacks, offenders often mask their physical locations by hiding behind online nicknames and technical protections. This means technical data are not well suited to establishing the true location of offenders and scholarly knowledge of cybercrime geography is limited. This paper proposes a solution: an expert survey. From March to October 2021 we invited leading experts in cybercrime intelligence/investigations from across the world to participate in an anonymized online survey on the geographical location of cybercrime offenders. The survey asked participants to consider five major categories of cybercrime, nominate the countries that they consider to be the most significant sources of each of these types of cybercrimes, and then rank each nominated country according to the impact, professionalism, and technical skill of its offenders. The outcome of the survey is the World Cybercrime Index, a global metric of cybercriminality organised around five types of cybercrime. The results indicate that a relatively small number of countries house the greatest cybercriminal threats. These findings partially remove the veil of anonymity around cybercriminal offenders, may aid law enforcement and policymakers in fighting this threat, and contribute to the study of cybercrime as a local phenomenon.

Citation: Bruce M, Lusthaus J, Kashyap R, Phair N, Varese F (2024) Mapping the global geography of cybercrime with the World Cybercrime Index. PLoS ONE 19(4): e0297312. https://doi.org/10.1371/journal.pone.0297312

Editor: Naeem Jan, Korea National University of Transportation, REPUBLIC OF KOREA

Received: October 11, 2023; Accepted: January 3, 2024; Published: April 10, 2024

Copyright: © 2024 Bruce et al. This is an open access article distributed under the terms of the Creative Commons Attribution License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.

Data Availability: The dataset and relevant documents have been uploaded to the Open Science Framework. Data can be accessed via the following URL: https://osf.io/5s72x/?view_only=ea7ee238f3084054a6433fbab43dc9fb .

Funding: This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation program (Grant agreement No. 101020598 – CRIMGOV, Federico Varese PI). FV received the award and is the Primary Investigator. The ERC did not play any role in the study design, data collection and analysis, decision to publish, or preparation of the manuscript. Funder website: https://erc.europa.eu/faq-programme/h2020 .

Competing interests: The authors have declared that no competing interests exist.


Although the geography of cybercrime attacks has been documented, the geography of cybercrime offenders–and the corresponding level of “cybercriminality” present within each country–is largely unknown. A number of scholars have noted that valid and reliable data on offender geography are sparse [ 1 – 4 ], and there are several significant obstacles to establishing a robust metric of cybercriminality by country. First, there are the general challenges associated with the study of any hidden population, for whom no sampling frame exists [ 5 , 6 ]. If cybercriminals themselves cannot be easily accessed or reliably surveyed, then cybercriminality must be measured through a proxy. This is the second major obstacle: deciding what kind of proxy data would produce the most valid measure of cybercriminality. While there is much technical data on cybercrime attacks, this data captures artefacts of the digital infrastructure or proxy (obfuscation) services used by cybercriminals, rather than their true physical location. Non-technical data, such as legal cases, can provide geographical attribution for a small number of cases, but the data are not representative of global cybercrime. In short, the question of how best to measure the geography of cybercriminal offenders is complex and unresolved.

There is tremendous value in developing a metric for cybercrime. Cybercrime is a major challenge facing the world, with the most sober cost estimates in the hundreds of millions [ 7 , 8 ], but with high-end estimates in the trillions [ 9 ]. By accurately identifying which countries are cybercrime hotspots, the public and private sectors could concentrate their resources on these hotspots and spend less time and funds on cybercrime countermeasures in countries where the problem is limited. Whichever strategies are deployed in the fight against cybercrime (see for example [ 10 – 12 ]), they should be targeted at countries that produce the largest cybercriminal threat [ 3 ]. A measure of cybercriminality would also enable other lines of scholarly inquiry. For instance, an index of cybercriminality by country would allow for a genuine dependent variable to be deployed in studies attempting to assess which national characteristics–such as educational attainment, Internet penetration, or GDP–are associated with cybercrime [ 4 , 13 ]. These associations could also be used to identify future cybercrime hubs so that early interventions could be made in at-risk countries before a serious cybercrime problem develops. Finally, this metric would speak directly to theoretical debates on the locality of cybercrime, and organized crime more generally [ 11 – 14 ]. The challenge we have accepted is to develop a metric that is both global and robust. The following sections respectively outline the background elements of this study, the methods, the results, and then discussion and limitations.

Profit-driven cybercrime, which is the focus of this paper/research, has been studied by both social scientists and computer scientists. It has been characterised by empirical contributions that have sought to illuminate the nature and organisation of cybercrime both online and offline [ 15 – 20 ]. But, as noted above, the geography of cybercrime has only been addressed by a handful of scholars, and they have identified a number of challenges connected to existing data. In a review of existing work in this area, Lusthaus et al. [ 2 ] identify two flaws in existing cybercrime metrics: 1) their ability to correctly attribute the location of cybercrime offenders; 2) beyond a handful of examples, their ability to compare the severity and scale of cybercrime between countries.

Building attribution into a cybercrime index is challenging. Often using technical data, cybersecurity firms, law enforcement agencies and international organisations regularly publish reports that identify the major sources of cyber attacks (see for example [ 21 – 24 ]). Some of these sources have been aggregated by scholars (see [ 20 , 25 – 29 ]). But the kind of technical data contained in these reports cannot accurately measure offender location. Kigerl [ 1 ] provides some illustrative remarks:

Where the cybercriminals live is not necessarily where the cyberattacks are coming from. An offender from Romania can control zombies in a botnet, mostly located in the United States, from which to send spam to countries all over the world, with links contained in them to phishing sites located in China. The cybercriminal’s reach is not limited by national borders (p. 473).

As cybercriminals often employ proxy services to hide their IP addresses, carry out attacks across national boundaries, collaborate with partners around the world, and can draw on infrastructure based in different countries, superficial measures do not capture the true geographical distribution of these offenders. Lusthaus et al. [ 2 ] conclude that attempts to produce an index of cybercrime by country using technical data suffer from a problem of validity. “If they are a measure of anything”, they argue, “they are a measure of cyber-attack geography”, not of the geography of offenders themselves (p. 452).

Non-technical data are far better suited to incorporating attribution. Court records, indictments and other investigatory materials speak more directly to the identification of offenders and provide more granular detail on their location. But while this type of data is well matched to micro-level analysis and case studies, there are fundamental questions about the representativeness of these small samples, even if collated. First, any sample would capture cases only where cybercriminals had been prosecuted, and would not include offenders that remain at large. Second, if the aim was to count the number of cybercrime prosecutions by country, this may reflect the seriousness with which various countries take cybercrime law enforcement or the resources they have to pursue it, rather than the actual level of cybercrime within each country (for a discussion see [ 30 , 31 ]). Given such concerns, legal data is also not an appropriate approach for such a research program.

Furthermore, to carry out serious study on this topic, a cybercrime metric should aim to include as many countries as possible, and the sample must allow for variation so that high and low cybercrime countries can be compared. If only a handful of widely known cybercrime hubs are studied, this will result in selection on the dependent variable. The obvious challenge in providing such a comparative scale is the lack of good quality data to devise it. As an illustration, in their literature review Hall et al. [ 10 ] identify the “dearth of robust data” on the geographical location of cybercriminals, which means they are only able to include six countries in their final analysis (p. 285. See also [ 4 , 32 , 33 ]).

Considering the weaknesses within both existing technical and legal data discussed above, Lusthaus et al. [ 2 ] argue for the use of an expert survey to establish a global metric of cybercriminality. Expert survey data “can be extrapolated and operationalised”, and “attribution can remain a key part of the survey, as long as the participants in the sample have an extensive knowledge of cybercriminals and their operations” (p. 453). Up to this point, no such study has been produced. Such a survey would need to be very carefully designed for the resulting data to be both reliable and valid. One criticism of past cybercrime research is that surveys were used whenever other data was not immediately available, and that they were not always designed with care (for a discussion see [ 34 ]).

In response to the preceding considerations, we designed an expert survey in 2020, refined it through focus groups, and deployed it throughout 2021. The survey asked participants to consider five major types of cybercrime– Technical products/services ; Attacks and extortion ; Data/identity theft ; Scams ; and Cashing out/money laundering –and nominate the countries that they consider to be the most significant sources of each of these cybercrime types. Participants then rated each nominated country according to the impact of the offenses produced there, and the professionalism and technical skill of the offenders based there. Using the expert responses, we generated scores for each type of cybercrime, which we then combined into an overall metric of cybercriminality by country: the World Cybercrime Index (WCI). The WCI achieves our initial goal to devise a valid measure of cybercrime hub location and significance, and is the first step in our broader aim to understand the local dimensions of cybercrime production across the world.


Identifying and recruiting cybercrime experts is challenging. Much like the hidden population of cybercriminals we were trying to study, cybercrime experts themselves are also something of a hidden population. Due to the nature of their work, professionals working in the field of cybercrime tend to be particularly wary of unsolicited communication. There is also the problem of determining who is a true cybercrime expert, and who is simply presenting themselves as one. We designed a multi-layered sampling method to address such challenges.

The heart of our strategy involved purposive sampling. For an index based entirely on expert opinion, ensuring the quality of these experts (and thereby the quality of our survey results) was of the utmost importance. We defined “expertise” as adult professionals who have been engaged in cybercrime intelligence, investigation, and/or attribution for a minimum of five years and had a reputation for excellence amongst their peers. Only currently- or recently-practicing intelligence officers and investigators were included in the participant pool. While participants could be from either the public or private sectors, we explicitly excluded professionals working in the field of cybercrime research who are not actively involved in tracking offenders, which includes writers and academics. In short, only experts with first-hand knowledge of cybercriminals are included in our sample. To ensure we had the leading experts from a wide range of backgrounds and geographical areas, we adopted two approaches for recruitment. We searched extensively through a range of online sources including social media (e.g. LinkedIn), corporate sites, news articles and cybercrime conference programs to identify individuals who met our inclusion criteria. We then faced a second challenge of having to find or discern contact information for these individuals.

Complementing this strategy, the authors also used their existing relationships with recognised cybercrime experts to recruit participants using the “snowball” method [ 35 ]. This both enhanced access and provided a mechanism for those we knew were bona fide experts to recommend other bona fide experts. The majority of our participants were recruited in this manner, either directly through our initial contacts or through a series of referrals that followed. But it is important to note that this snowball sampling fell under our broader purposive sampling strategy. That is, all the original “seeds” had to meet our inclusion criteria of being a top expert in the first instance. Any connections we were offered also had to meet our criteria or we would not invite them to participate. Another important aspect of this sampling strategy is that we did not rely on only one gatekeeper, but numerous, often unrelated, individuals who helped us with introductions. This approach reduced bias in the sample. It was particularly important to deploy a number of different “snowballs” to ensure that we included experts from each region of the world (Africa, Asia Pacific, Europe, North America and South America) and from a range of relevant professional backgrounds. We limited our sampling strategy to English speakers. The survey itself was likewise written in English. The use of English was partly driven by the resources available for this study, but the population of cybercrime experts is itself very global, with many attending international conferences and cooperating with colleagues from across the world. English is widely spoken within this community. While we expect the gains to be limited, future surveys will be translated into some additional languages (e.g. Spanish and Chinese) to accommodate any non-English speaking experts that we may not otherwise be able to reach.

Our survey design, detailed below, received ethics approval from the Human Research Advisory Panel (HREAP A) at the University of New South Wales in Australia, approval number HC200488, and the Research Ethics Committee of the Department of Sociology (DREC) at the University of Oxford in the United Kingdom, approval number SOC_R2_001_C1A_20_23. Participants were recruited in waves between 1 August 2020 and 30 September 2021. All participants provided consent to participate in the focus groups, pilot survey, and final survey.

Survey design

The survey comprised three stages. First, we conducted three focus groups with seven experts in cybercrime intelligence/investigations to evaluate our initial assumptions, concepts, and framework. These experts were recruited because they had reputations as some of the very top experts in the field; they represented a range of backgrounds in terms of their own geographical locations and expertise across different types of cybercrime; and they spanned both the public and private sectors. In short, they offered a cross-section of the survey sample we aimed to recruit. These focus groups informed several refinements to the survey design and specific terms to make them better comprehensible to participants. Some of the key terms, such as “professionalism” and “impact”, were a direct result of this process. Second, some participants from the focus groups then completed a pilot version of the survey, alongside others who had not taken part in these focus groups, who could offer a fresh perspective. This allowed us to test technical components, survey questions, and user experience. The pilot participants provided useful feedback and prompted a further refinement of our approach. The final survey was released online in March 2021 and closed in October 2021. We implemented several elements to ensure data quality, including a series of preceding statements about time expectations, attention checks, and visual cues throughout the survey. These elements significantly increased the likelihood that our participants were both suitable and would provide full and thoughtful responses.

The introduction to the survey outlined the survey’s two main purposes: to identify which countries are the most significant sources of profit-driven cybercrime, and to determine how impactful the cybercrime is in these locations. Participants were reminded that state-based actors and offenders driven primarily by personal interests (for instance, cyberbullying or harassment) should be excluded from their consideration. We defined the “source” of cybercrime as the country where offenders are primarily based, rather than their nationality. To maintain a level of consistency, we made the decision to only include countries formally recognised by the United Nations. We initially developed seven categories of cybercrime to be included in the survey, based on existing research. But during the focus groups and pilot survey, our experts converged on five categories as the most significant cybercrime threats on a global scale:

  • Technical products/services (e.g. malware coding, botnet access, access to compromised systems, tool production).
  • Attacks and extortion (e.g. DDoS attacks, ransomware).
  • Data/identity theft (e.g. hacking, phishing, account compromises, credit card comprises).
  • Scams (e.g. advance fee fraud, business email compromise, online auction fraud).
  • Cashing out/money laundering (e.g. credit card fraud, money mules, illicit virtual currency platforms).

After being prompted with these descriptions and a series of images of world maps to ensure participants considered a wide range of regions/countries, participants were asked to nominate up to five countries that they believed were the most significant sources of each of these types of cybercrime. Countries could be listed in any order; participants were not instructed to rank them. Nominating countries was optional and participants were free to skip entire categories if they wished. Participants were then asked to rate each of the countries they nominated against three measures: how impactful the cybercrime is, how professional the cybercrime offenders are, and how technically skilled the cybercrime offenders are. Across each of these three measures, participants were asked to assign scores on a Likert-type scale between 1 (e.g. least professional) to 10 (e.g. most professional). Nominating and then rating countries was repeated for all five cybercrime categories.

This process, of nominating and then rating countries across each category, introduces a potential limitation in the survey design: the possibility of survey response fatigue. If a participant nominated the maximum number of countries across each cybercrime category– 25 countries–by the end of the survey they would have completed 75 Likert-type scales. The repetition of this task, paired with the consideration that it requires, has the potential to introduce respondent fatigue as the survey progresses, in the form of response attrition, an increase in careless responses, and/or increased likelihood of significantly higher/lower scores given. This is a common phenomenon in long-form surveys [ 36 ], and especially online surveys [ 37 , 38 ]. Jeong et al [ 39 ], for instance, found that questions asked near the end of a 2.5 hour survey were 10–64% more likely to be skipped than those at the beginning. We designed the survey carefully, refined with the aid of focus groups and a pilot, to ensure that only the most essential questions were asked. As such, the survey was not overly long (estimated to take 30 minutes). To accommodate any cognitive load, participants were allowed to complete the survey anytime within a two-week window. Their progress was saved after each session, which enabled participants to take breaks between completing each section (a suggestion made by Jeong et al [ 39 ]). Crucially, throughout survey recruitment, participants were informed that the survey is time-intensive and required significant attention. At the beginning of the survey, participants were instructed not to undertake the survey unless they could allocate 30 minutes to it. This approach pre-empted survey fatigue by discouraging those likely to lose interest from participating. This compounds the fact that only experts with a specific/strong interest in the subject matter of the survey were invited to participate. Survey fatigue is addressed further in the Discussion section, where we provide an analysis suggesting little evidence of participant fatigue.

In sum, we designed the survey to protect against various sources of bias and error, and there are encouraging signs that the effects of these issues in the data are limited (see Discussion ). Yet expert surveys are inherently prone to some types of bias and response issues; in the WCI, the issue of selection and self-selection within our pool of experts, as well as geo-political biases that may lead to systematic over- or under-scoring of certain countries, is something we considered closely. We discuss these issues in detail in the subsection on Limitations below.

cybercrime research paper topics

This “type” score is then multiplied by the proportion of experts who nominated that country. Within each cybercrime type, a country could be nominated a possible total of 92 times–once per participant. We then multiply this weighted score by ten to produce a continuous scale out of 100 (see Eq (2) ). This process prevents countries that received high scores, but a low number of nominations, from receiving artificially high rankings.

cybercrime research paper topics

The analyses for this paper were performed in R. All data and code have been made publicly available so that our analysis can be reproduced and extended.

We contacted 245 individuals to participate in the survey, of which 147 agreed and were sent invitation links to participate. Out of these 147, a total of 92 people completed the survey, giving us an overall response rate of 37.5%. Given the expert nature of the sample, this is a high response rate (for a detailed discussion see [ 40 ]), and one just below what Wu, Zhao, and Fils-Aime estimate of response rates for general online surveys in social science: 44% [ 41 ]. The survey collected information on the participants’ primary nationality and their current country of residence. Four participants chose not to identify their nationality. Overall, participants represented all five major geopolitical regions (Africa, the Asia-Pacific, Europe, North America and South America), both in nationality and residence, though the distribution was uneven and concentrated in particular regions/countries. There were 8 participants from Africa, 11 participants from the Asia Pacific, 27 from North America, and 39 from Europe. South America was the least represented region with only 3 participants. A full breakdown of participants’ nationality, residence, and areas of expertise is included in the Supporting Information document (see S1 Appendix ).

Table 1 shows the scores for the top fifteen countries of the WCI overall index. Each entry shows the country, along with the mean score (out of 10) averaged across the participants who nominated this country, for three categories: impact, professionalism, and technical skill. This is followed by each country’s WCI overall and WCI type scores. Countries are ordered by their WCI overall score. Each country’s highest WCI type scores are highlighted. Full indices that include all 197 UN-recognised countries can be found in S1 Indices .


  • PPT PowerPoint slide
  • PNG larger image
  • TIFF original image


Some initial patterns can be observed from this table, as well as the full indices in the supplementary document (see S1 Indices ). First, a small number of countries hold consistently high ranks for cybercrime. Six countries–China, Russia, Ukraine, the US, Romania, and Nigeria–appear in the top 10 of every WCI type index, including the WCI overall index. Aside from Romania, all appear in the top three at least once. While appearing in a different order, the first ten countries in the Technical products/services and Attacks and extortion indices are the same. Second, despite this small list of countries regularly appearing as cybercrime hubs, the survey results capture a broad geographical diversity. All five geopolitical regions are represented across each type. Overall, 97 distinct countries were nominated by at least one expert. This can be broken down into the cybercrime categories. Technical products/services includes 41 different countries; Attacks and extortion 43; Data/identity theft 51; Scams 49; and Cashing out/money laundering 63.

Some key findings emerge from these results, which are further illustrated by the following Figs 1 and 2 . First, cybercrime is not universally distributed. Certain countries are cybercrime hubs, while many others are not associated with cybercriminality in a serious way. Second, countries that are cybercrime hubs specialise in particular types of cybercrime. That is, despite a small number of countries being leading producers of cybercrime, there is meaningful variation between them both across categories, and in relation to scores for impact, professionalism and technical skill. Third, the results show a longer list of cybercrime-producing countries than are usually included in publications on the geography of cybercrime. As the survey captures leading producers of cybercrime, rather than just any country where cybercrime is present, this suggests that, even if a small number of countries are of serious concern, and close to 100 are of little concern at all, the remaining half are of at least moderate concern.


Base map and data from OpenStreetMap and OpenStreetMap Foundation.




To examine further the second finding concerning hub specialisation, we calculated an overall “Technicality score”–or “T-score”–for the top 15 countries of the WCI overall index. We assigned a value from 2 to -2 to each type of cybercrime to designate the level of technical complexity involved. Technical products/services is the most technically complex type (2), followed by Attacks and extortion (1), Data/identity theft (0), Scams (-1), and finally Cashing out and money laundering (-2), which has very low technical complexity. We then multiplied each country’s WCI score for each cybercrime type by its assigned value–for instance, a Scams WCI score of 5 would be multiplied by -1, with a final modified score of -5. As a final step, for each country, we added all of their modified WCI scores across all five categories together to generate the T-score. Fig 3 plots the top 15 WCI overall countries’ T-scores, ordering them by score. Countries with negative T-scores are highlighted in red, and countries with positive scores are in black.


Negative values correspond to lower technicality, positive values to higher technicality.


The T-score is best suited to characterising a given hub’s specialisation. For instance, as the line graph makes clear, Russia and Ukraine are highly technical cybercrime hubs, whereas Nigerian cybercriminals are engaged in less technical forms of cybercrime. But for countries that lie close to the centre (0), the story is more complex. Some may specialise in cybercrime types with middling technical complexity (e.g. Data/identity theft ). Others may specialise in both high- and low-tech crimes. In this sample of countries, India (-6.02) somewhat specialises in Scams but is otherwise a balanced hub, whereas Romania (10.41) and the USA (-2.62) specialise in both technical and non-technical crimes, balancing their scores towards zero. In short, each country has a distinct profile, indicating a unique local dimension.

This paper introduces a global and robust metric of cybercriminality–the World Cybercrime Index. The WCI moves past previous technical measures of cyber attack geography to establish a more focused measure of the geography of cybercrime offenders. Elicited through an expert survey, the WCI shows that cybercrime is not universally distributed. The key theoretical contribution of this index is to illustrate that cybercrime, often seen as a fluid and global type of organized crime, actually has a strong local dimension (in keeping with broader arguments by some scholars, such as [ 14 , 42 ]).

While we took a number of steps to ensure our sample of experts was geographically representative, the sample is skewed towards some regions (such as Europe) and some countries (such as the US). This may simply reflect the high concentration of leading cybercrime experts in these locations. But it is also possible this distribution reflects other factors, including the authors’ own social networks; the concentration of cybercrime taskforces and organisations in particular countries; the visibility of different nations on networking platforms like LinkedIn; and also perhaps norms of enthusiasm or suspicion towards foreign research projects, both inside particular organisations and between nations.

To better understand what biases might have influenced the survey data, we analysed participant rating behaviours with a series of linear regressions. Numerical ratings were the response and different participant characteristics–country of nationality; country of residence; crime type expertise; and regional expertise–were the predictors. Our analysis found evidence (p < 0.05) that participants assigned higher ratings to the countr(ies) they either reside in or are citizens of, though this was not a strong or consistent result. For instance, regional experts did not consistently rate their region of expertise more highly than other regions. European and North American experts, for example, rated countries from these regions lower than countries from other regions. Our analysis of cybercrime type expertise showed even less systematic rating behaviour, with no regression yielding a statistically significant (p < 0.05) result. Small sample sizes across other known participant characteristics meant that further analyses of rating behaviour could not be performed. This applied to, for instance, whether residents and citizens of the top ten countries in the WCI nominated their own countries more or less often than other experts. On this point: 46% of participants nominated their own country at some point in the survey, but the majority (83%) of nominations were for a country different to the participant’s own country of residence or nationality. This suggested limited bias towards nominating one’s own country. Overall, these analyses point to an encouraging observation: while there is a slight home-country bias, this does not systematically result in higher rating behaviour. Longitudinal data from future surveys, as well as a larger participant pool, will better clarify what other biases may affect rating behaviour.

There is little evidence to suggest that survey fatigue affected our data. As the survey progressed, the heterogeneity of nominated countries across all experts increased, from 41 different countries nominated in the first category to 63 different countries nominated in the final category. If fatigue played a significant role in the results then we would expect this number to decrease, as participants were not required to nominate countries within a category and would have been motivated to nominate fewer countries to avoid extending their survey time. We further investigated the data for evidence of survey fatigue in two additional ways: by performing a Mann-Kendall/Sen’s slope trend test (MK/S) to determine whether scores skewed significantly upwards or downwards towards the end of the survey; and by compiling an intra-individual response variability (IRV) index to search for long strings of repeated scores at the end of the survey [ 43 ]. The MK/S test was marginally statistically significant (p<0.048), but the results indicated that scores trended downwards only minimally (-0.002 slope coefficient). Likewise, while the IRV index uncovered a small group of participants (n = 5) who repeatedly inserted the same score, this behaviour was not more likely to happen at the end of the survey (see S7 and S8 Tables in S1 Appendix ).

It is encouraging that there is at least some external validation for the WCI’s highest ranked countries. Steenbergen and Marks [ 44 ] recommend that data produced from expert judgements should “demonstrate convergent validity with other measures of [the topic]–that is, the experts should provide evaluations of the same […] phenomenon that other measurement instruments pick up.” (p. 359) Most studies of the global cybercrime geography are, as noted in the introduction, based on technical measures that cannot accurately establish the true physical location of offenders (for example [ 1 , 4 , 28 , 33 , 45 ]). Comparing our results to these studies would therefore be of little value, as the phenomena being measured differs: they are measuring attack infrastructure, whereas the WCI measures offender location. Instead, looking at in-depth qualitative cybercrime case studies would provide a better comparison, at least for the small number of higher ranked countries. Though few such studies into profit-driven cybercrime exist, and the number of countries included are limited, we can see that the top ranked countries in the WCI match the key cybercrime producing countries discussed in the qualitative literature (see for example [ 3 , 10 , 32 , 46 – 50 ]). Beyond this qualitative support, our sampling strategy–discussed in the Methods section above–is our most robust control for ensuring the validity of our data.

Along with contributing to theoretical debates on the (local) nature of organized crime [ 1 , 14 ], this index can also contribute to policy discussions. For instance, there is an ongoing debate as to the best approaches to take in cybercrime reduction, whether this involves improving cyber-law enforcement capacity [ 3 , 51 ], increasing legitimate job opportunities and access to youth programs for potential offenders [ 52 , 53 ], strengthening international agreements and law harmonization [ 54 – 56 ], developing more sophisticated and culturally-specific social engineering countermeasures [ 57 ], or reducing corruption [ 3 , 58 ]. As demonstrated by the geographical, economic, and political diversity of the top 15 countries (see Table 1 ), the likelihood that a single strategy will work in all cases is low. If cybercrime is driven by local factors, then mitigating it may require a localised approach that considers the different features of cybercrime in these contexts. But no matter what strategies are applied in the fight against cybercrime, they should be targeted at the countries that produce the most cybercrime, or at least produce the most impactful forms of it [ 3 ]. An index is a valuable resource for determining these countries and directing resources appropriately. Future research that explains what is driving cybercrime in these locations might also suggest more appropriate means for tackling the problem. Such an analysis could examine relevant correlates, such as corruption, law enforcement capacity, internet penetration, education levels and so on to inform/test a theoretically-driven model of what drives cybercrime production in some locations, but not others. It also might be possible to make a kind of prediction: to identify those nations that have not yet emerged as cybercrime hubs but may in the future. This would allow an early warning system of sorts for policymakers seeking to prevent cybercrime around the world.


In addition to the points discussed above, the findings of the WCI should be considered in light of some remaining limitations. Firstly, as noted in the methods, our pool of experts was not as large or as globally representative as we had hoped. Achieving a significant response rate is a common issue across all surveys, and is especially difficult in those that employ the snowball technique [ 59 ] and also attempt to recruit experts [ 60 ]. However, ensuring that our survey data captures the most accurate picture of cybercrime activity is an essential aspect of the project, and the under-representation of experts from Africa and South America is noteworthy. More generally, our sample size (n = 92) is relatively small. Future iterations of the WCI survey should focus on recruiting a larger pool of experts, especially those from under-represented regions. However, this is a small and hard-to-reach population, which likely means the sample size will not grow significantly. While this limits statistical power, it is also a strength of the survey: by ensuring that we only recruit the top cybercrime experts in the world, the weight and validity of our data increases.

Secondly, though we developed our cybercrime types and measures with expert focus groups, the definitions used in the WCI will always be contestable. For instance, a small number of comments left at the end of the survey indicated that the Cashing out/money laundering category was unclear to some participants, who were unsure whether they should nominate the country in which these schemes are organised or the countries in which the actual cash out occurs. A small number of participants also commented that they were not sure whether the ‘impact’ of a country’s cybercrime output should be measured in terms of cost, social change, or some other metric. We limited any such uncertainties by running a series of focus groups to check that our categories were accurate to the cybercrime reality and comprehensible to practitioners in this area. We also ran a pilot version of the survey. The beginning of the survey described the WCI’s purpose and terms of reference, and participants were able to download a document that described the project’s methodology in further detail. Each time a participant was prompted to nominate countries as a significant source of a type of cybercrime, the type was re-defined and examples of offences under that type were provided. However, the examples were not exhaustive and the definitions were brief. This was done partly to avoid significantly lengthening the survey with detailed definitions and clarifications. We also wanted to avoid over-defining the cybercrime types so that any new techniques or attack types that emerged while the survey ran would be included in the data. Nonetheless, there will always remain some elasticity around participant interpretations of the survey.

Finally, although we restricted the WCI to profit-driven activity, the distinction between cybercrime that is financially-motivated, and cybercrime that is motivated by other interests, is sometimes blurred. Offenders who typically commit profit-driven offences may also engage in state-sponsored activities. Some of the countries with high rankings within the WCI may shelter profit-driven cybercriminals who are protected by corrupt state actors of various kinds, or who have other kinds of relationships with the state. Actors in these countries may operate under the (implicit or explicit) sanctioning of local police or government officials to engage in cybercrime. Thus while the WCI excludes state-based attacks, it may include profit-driven cybercriminals who are protected by states. Investigating the intersection between profit-driven cybercrime and the state is a strong focus in our ongoing and future research. If we continue to see evidence that these activities can overlap (see for example [ 32 , 61 – 63 ]), then any models explaining the drivers of cybercrime will need to address this increasingly important aspect of local cybercrime hubs.

This study makes use of an expert survey to better measure the geography of profit-driven cybercrime and presents the output of this effort: the World Cybercrime Index. This index, organised around five major categories of cybercrime, sheds light on the geographical concentrations of financially-motivated cybercrime offenders. The findings reveal that a select few countries pose the most significant cybercriminal threat. By illustrating that hubs often specialise in particular forms of cybercrime, the WCI also offers valuable insights into the local dimension of cybercrime. This study provides a foundation for devising a theoretically-driven model to explain why some countries produce more cybercrime than others. By contributing to a deeper understanding of cybercrime as a localised phenomenon, the WCI may help lift the veil of anonymity that protects cybercriminals and thereby enhance global efforts to combat this evolving threat.

Supporting information

S1 indices. wci indices..

Full indices for the WCI Overall and each WCI Type.


S1 Appendix. Supporting information.

Details of respondent characteristics and analysis of rating behaviour.



The data collection for this project was carried out as part of a partnership between the Department of Sociology, University of Oxford and UNSW Canberra Cyber. The analysis and writing phases received support from CRIMGOV. Fig 1 was generated using information from OpenStreetMap and OpenStreetMap Foundation, which is made available under the Open Database License.

  • View Article
  • Google Scholar
  • 2. Lusthaus J, Bruce M, Phair N. Mapping the geography of cybercrime: A review of indices of digital offending by country. 2020.
  • 4. McCombie S, Pieprzyk J, Watters P. Cybercrime Attribution: An Eastern European Case Study. Proceedings of the 7th Australian Digital Forensics Conference. Perth, Australia: secAU—Security Research Centre, Edith Cowan University; 2009. pp. 41–51. https://researchers.mq.edu.au/en/publications/cybercrime-attribution-an-eastern-european-case-study
  • 7. Anderson R, Barton C, Bohme R, Clayton R, van Eeten M, Levi M, et al. Measuring the cost of cybercrime. The Economics of Information Security and Privacy. Springer; 2013. pp. 265–300. https://link.springer.com/chapter/10.1007/978-3-642-39498-0_12
  • 8. Anderson R, Barton C, Bohme R, Clayton R, Ganan C, Grasso T, et al. Measuring the Changing Cost of Cybercrime. California, USA; 2017.
  • 9. Morgan S. 2022 Official Cybercrime Report. Cybersecurity Ventures; 2022. https://s3.ca-central-1.amazonaws.com/esentire-dot-com-assets/assets/resourcefiles/2022-Official-Cybercrime-Report.pdf
  • 12. Wall D. Cybercrime: The Transformation of Crime in the Information Age. Polity Press; 2007.
  • 14. Varese F. Mafias on the move: how organized crime conquers new territories. Princeton University Press; 2011.
  • 15. Dupont B. Skills and Trust: A Tour Inside the Hard Drives of Computer Hackers. Crime and networks. Routledge; 2013.
  • 16. Franklin J, Paxson V, Savage S. An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants. Proceedings of the 2007 ACM Conference on Computer and Communications Security. Alexandria, Virginia, USA; 2007.
  • 17. Hutchings A, Clayton R. Configuring Zeus: A case study of online crime target selection and knowledge transmission. Scottsdale, AZ, USA: IEEE; 2017.
  • 20. Levesque F, Fernandez J, Somayaji A, Batchelder. National-level risk assessment: A multi-country study of malware infections. 2016. https://homeostasis.scs.carleton.ca/~soma/pubs/levesque-weis2016.pdf
  • 21. Crowdstrike. 2022 Global Threat Report. Crowdstrike; 2022. https://go.crowdstrike.com/crowdstrike/gtr
  • 22. EC3. Internet Organised Crime Threat Assessment (IOCTA) 2021. EC3; 2021. https://www.europol.europa.eu/publications-events/main-reports/internet-organised-crime-threat-assessment-iocta-2021
  • 23. ENISA. ENISA threat Landscape 2021. ENISA; 2021. https://www.enisa.europa.eu/publications/enisa-threat-landscape-2021
  • 24. Sophos. Sophos 2022 Threat Report. Sophos; 2022. https://www.sophos.com/ en-us/labs/security-threat-report
  • 25. van Eeten M, Bauer J, Asghari H, Tabatabaie S, Rand D. The Role of Internet Service Providers in Botnet Mitigation. An Empirical Analysis Based on Spam Data WEIS. 2010. van Eeten, Michel and Bauer, Johannes M. and Asghari, Hadi and Tabatabaie, Shirin and Rand, David, The Role of Internet Service Providers in Botnet Mitigation an Empirical Analysis Based on Spam Data (August 15, 2010). TPRC 2010, SSRN: https://ssrn.com/abstract=1989198
  • 26. He S, Lee GM, Quarterman JS, Whinston A. Cybersecurity Policies Design and Evaluation: Evidence from a Large-Scale Randomized Field Experiment. 2015. https://econinfosec.org/archive/weis2015/papers/WEIS_2015_he.pdf
  • 27. Snyder P, Kanich C. No Please, After You: Detecting Fraud in Affiliate Marketing Networks. 2015. https://econinfosec.org/archive/weis2015/papers/WEIS_2015_snyder.pdf
  • 29. Wang Q-H, Kim S-H. Cyber Attacks: Cross-Country Interdependence and Enforcement. 2009. http://weis09.infosecon.net/files/153/paper153.pdf
  • 32. Lusthaus J. Industry of Anonymity: Inside the Business of Cybercrime. Harvard University Press; 2018.
  • 33. Kshetri N. The Global Cybercrime Industry: Economic, Institutional and Strategic Perspectives. Berlin: Springer; 2010.
  • 36. Backor K, Golde S, Nie N. Estimating Survey Fatigue in Time Use Study. Washington, DC.; 2007. https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=401f97f2d7c684b295486636d8a84c627eb33446
  • 42. Reuter P. Disorganized Crime: Illegal Markets and the Mafia. MIT Press; 1985.
  • PubMed/NCBI
  • 47. Sotande E. Transnational Organised Crime and Illicit Financial Flows: Nigeria, West Africa and the Global North. University of Leeds, School of Law. 2016. https://etheses.whiterose.ac.uk/15473/1/Emmanuel%20Sotande%20Thessis%20at%20the%20University%20of%20Leeds.%20viva%20corrected%20version%20%281%29.pdf
  • 48. Lusthaus J. Modelling cybercrime development: the case of Vietnam. The Human Factor of Cybercrime. Routledge; 2020. pp. 240–257.
  • 51. Lusthaus J. Electronic Ghosts. In: Democracy: A Journal of Ideas [Internet]. 2014. https://democracyjournal.org/author/jlusthaus/
  • 52. Brewer R, de Vel-Palumbo M, Hutchings A, Maimon D. Positive Diversions. Cybercrime Prevention. 2019. https://www.researchgate.net/publication/337297392_Positive_Diversions
  • 53. National Cyber Crime Unit / Prevent Team. Pathways Into Cyber Crime. National Crime Agency; 2017. https://www.nationalcrimeagency.gov.uk/who-we-are/publications/6-pathways-into-cyber-crime-1/file
  • 60. Christopoulos D. Peer Esteem Snowballing: A methodology for expert surveys. 2009. https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=63ac9f6db0a2fa2e0ca08cd28961385f98ec21ec


Top 111+ Stunning Cybersecurity Research Topics For 2023


Are you confused about cybersecurity and its research topics? So here, in this blog, we will discuss cybersecurity research topics. This article is important If you are studying computer science or a cybersecurity course.

If you want good grades in cybersecurity research topics, you should pick the latest cybersecurity research topics for your academic exam or test. Here, you can choose the good and latest cybersecurity research topics.

You know that cybercrime is increasing day by day because millions of people use the internet. Several applications deal with the internet, and people normally use the internet for bank transactions, food delivery, online shopping, social media, gaming, etc. Attackers can steal your information, data, and money with the help of malicious software, So we need cybersecurity services.

What is Cybersecurity?

Table of Contents

Cybersecurity is a process of preventing unauthorized access or protecting networks, devices, and data from digital attacks. Cybersecurity is also known as IT(Information Technology)Security which is designed to prevent threats against network systems, applications, and other platforms. In simple words, It prevents or protects any information, data, and others.

Here Are Some of the Best Writing Tips From Statanalytica’s Expert

As you might already know that a well-planned action and a set of useful tools will also help you write a high-quality research paper. On the other hand, remaining motivated throughout the process.

  • By choosing an interesting topic for your research paper.
  • Conduct some research to find reputable sources.
  • Clearly state your cybersecurity thesis.
  • A rough plan should be created.
  • Finish your paper by drafting it.
  • Make sure your content is properly formatted.
  • Make sure you understand the assignment before you begin writing your research paper.

Let’s Discuss the 111+ Stunning Cybersecurity Research Topics

Below we listed 111+ cybersecurity research topics that can be used in 2023:

Top 10 Cyber Security Topics of 2023

Here are the top 10 cyber security topics of 2023:

  • Can strong passwords protect information?
  • Is security in critical infrastructure important?
  • The importance of end-user education
  • Cloud security posture management
  • How does malware work?
  • The principle of zero trust access
  • 3 phases of application security
  • Should removable media be encrypted?
  • The importance of network security
  • Do biometrics ensure the security of iPhones?

Latest Cybersecurity Research Topics of 2023

  • Is removable media a threat?
  • Cybersecurity standards for automotive
  • How to prevent social engineering attacks
  • Security breaches of remote working
  • How to prevent phishing attacks
  • Physical security measures in banks
  • Privacy settings of social media accounts
  • Blockchain security vulnerabilities
  • Why should you avoid public Wi-Fi?
  • How does two-factor authentication work?
  • Cryptography
  • Discuss the importance of intranet security
  • Rise of Automotive Hacking
  • What is ethical hacking? 
  • The evolution of phishing and how it is becoming more sophisticated
  • Which antivirus software is the best in the world?
  • The most up-to-date and trending cybersecurity technology
  • How can organizations prevent network attacks?
  • What is Digital Piracy?
  •  Application of biometrics in cyber security?
  • Identity theft on the Internet
  • Risk management in computing
  •  Rise of computer forensics
  • Threats are analyzed using digital forensic techniques
  • What is a Remote Access VPN?
  •  Digital security and Social Networks
  • The risks of using public Wi-Fi networks
  • Popular online scams in 2022
  • Artificial intelligence security systems

Network Security Research Topics 

  • Data storage centralization
  • Identify Malicious activity on a computer system.
  • Importance of keeping updated Software 
  • wireless sensor network
  • What are the effects of ad-hoc networks 
  • How can a company network be safe?
  • What are Network segmentation and its applications?
  • Discuss Data Loss Prevention systems 
  • Discuss various methods for establishing secure algorithms in a network.
  • Talk about two-factor authentication

Topics for Application Security Research

  • Discuss SQL injection attacks.
  • Inadequately configured security protocols.
  • Talk about data leaks in mobile apps.
  • Backend access control is critical.
  • Logging has many advantages for applications.
  • Malicious apps are available on Google Play.
  • AI applications: ethical constraints and opportunities.
  • What is the effect of insecure deserialization?
  • The most effective application security testing practices.
  • Apps are vulnerable to XSS attacks.

 Information Technology Security Research Topics

  • Why should people avoid sharing their details on Facebook?
  • What is the importance of unified user profiles?
  •  Discuss Cookies and Privacy 
  • White hat and black hat hackers
  • What are the most secure methods for ensuring data integrity?
  • Talk about the implications of Wi-Fi hacking apps on mobile phones
  • Analyze the data breaches in 2022
  • Discuss digital piracy in 2022
  • critical cyber-attack concepts
  • Social engineering and its importance

Operational Security Research Topics In 2023

  • Securing containerized applications in cloud environments.
  • Implementing secure remote access policies for remote workers.
  • Evaluating the effectiveness of endpoint protection solutions.
  • Protecting against DNS tunneling attacks.
  • Securing cloud-based storage solutions.
  • Developing secure mobile device management policies.
  • Analyzing the effectiveness of honeypots in detecting attacks.
  • Securing software supply chains against attacks.
  • Investigating the effectiveness of deception technologies in cybersecurity.
  • Developing secure network segmentation strategies.
  • Evaluating the effectiveness of network traffic analysis solutions.
  • Analyzing the effectiveness of two-factor authentication in securing systems.
  • Securing critical infrastructure against cyber threats.
  • Developing secure email policies to prevent phishing attacks.
  • Investigating the use of artificial intelligence in cybersecurity.
  • Developing secure DevOps practices.
  • Analyzing the effectiveness of security information and event management (SIEM) solutions.
  • Securing the Internet of Things (IoT) devices.
  • Evaluating the effectiveness of password management solutions.
  • Developing secure incident response strategies.

Topics for a Research Paper on CyberCrime Prevention

  • Criminal Specialization. 
  • Drug Courts. 
  • Capital Punishment. 
  • Criminal Courts. 
  • Crime Prevention. 
  • Community Corrections. 
  • Criminal Law. 
  • Criminal Justice Ethics. 

Computer and Software Security Research Topics

  • Learn algorithms for data encryption.
  • Concept of risk management security.
  • How to develop the best internet security software.
  •  What are Encrypting viruses- How does it work?
  • How does a Ransomware attack work?
  • Scanning of malware on your PC.
  • Infiltrating a Mac OS X operating system.
  • What are the effects of RSA on network security?
  • How do encrypting viruses work?
  • DDoS attacks on IoT devices.

Computer and Software Cyber Security Topics

  • The importance of updating computer software.
  • How to safeguard your computer against malware and other threats.
  • The best security practices for your computer and software.
  • The various types of cyber security threats and how to avoid them.
  • The significance of cyber security education and awareness.
  • The importance of cyber security in protecting critical infrastructure.

Data Security Research Topics

  • Importance of backup and recovery.
  • Benefits of logging for applications.
  • Understand physical data security.
  • Importance of Cloud Security.
  • In computing, the relationship between privacy and data security.
  • Discuss the effects of a black hole on a network system.

Application Security Topics

  • Detect Malicious Activity on Google Play Apps.
  • Dangers of XSS attacks on apps.
  • Insecure Deserialization Effect.
  • Check Security protocols.

CyberSecurity Law Research Paper Topics

  • Strict cybersecurity laws in China.
  • Importance of the Cybersecurity Information Sharing Act.
  • USA, UK, and other countries cybersecurity laws.
  • Discuss The Pipeline Security Act in the United States.

If you are interested in criminal research topics, then here are the best criminal justice research topics for you.

How to Choose The Best Cybersecurity Research Topics in 2023

There are a few factors to consider when selecting cybersecurity research topics. The first and main thing to consider is to ensure that the topic is current and relevant. Because cyber security is a changing field. As a result, it is very crucial to select a topic that will be relevant for a few months.

On the other hand, the second thing to consider is to select an interesting and engaging topic. Because cyber security can be a dry subject, it is critical to select a topic that will keep readers interested.

Finally, it is very important to select a researchable topic. There are several cybersecurity topics available, but not all of them are simple to research. Choose a topic about which there is a lot of information.

  • Determine your target audience
  • Define your research objectives
  • Choose a topic that your audience will find both interesting and relevant
  • Conduct preliminary research to ensure that there is sufficient information available on your chosen topic
  • Make sure your topic is focused enough to fit into a single research paper

Research Area in Cyber Security

Cybersecurity is extensive, and constantly evolving field. On the other hand, its research takes place in many areas:

cybercrime research paper topics

  • Quantum & Space 
  • Data Privacy 
  • Criminology & Law
  • AI & IoT Security

Get More Cybersecurity Research Topics

In this blog, we have covered the 111+ best cybersecurity research topics. These cybersecurity topics help in your exam or test. If you have any difficulty with cybersecurity research topics, you can take cybersecurity research paper help or research paper assignment help at a very affordable price.

Here are some of the benefits of taking cybersecurity research topics help from us.

  • 24 Hours Availability
  • On-time Delivery
  • Free Corrections
  • Money-Back Guarantee
  • Affordable Deals
  • Professional Experts

You can contact us any time and impress your teacher by choosing a good cybersecurity research topic.

This is the end of the post, which is about cybersecurity research topics. On the other hand, we mentioned 111+ stunning cybersecurity research topics for 2023 offer an excellent opportunity for researchers to explore and address critical cybersecurity challenges. However, the ever-evolving technological landscape presents new security challenges every day, and it is essential to keep up with the latest trends to stay ahead of cyber threats. 

On the other hand, these research topics provide many areas to explore, from network security, the internet of things, and software security to network security, cryptography, and data security. I hope you like this post.

Q1. What are the types of cyber security threats?

There are several different types of cyber security threats. More popular are Trojan horses, worms, ransomware, and phishing scams. These types of threats can be very dangerous for the cyber system.

Q2. What are the most controversial topics in criminal justice?

1. Prisoners being granted the right to work 2. Carrying a concealed weapon 3. Prison rape and violence 4. Plea agreement/bargain 5. Rehab vs. reform. 6. Is an eyewitness testimony effective? 7. Enforcement and effectiveness of stalking laws. 8. Rape culture and the victim’s rights

Q3. What are the main cyber threats of 2023?

There are multiple cyber security threats, but the main social threats of 2023 are email impersonation and phishing.  On the other hand, email impersonation is a phishing technique in which a fake email address that appears to be legitimate is used. 

Related Posts

best way to finance car

Step by Step Guide on The Best Way to Finance Car

how to get fund for business

The Best Way on How to Get Fund For Business to Grow it Efficiently

105 Cybercrime Essay Topics

🏆 best essay topics on cybercrime, ✍️ cybercrime essay topics for college, 🎓 most interesting cybercrime research titles, 💡 simple cybercrime essay ideas, ❓ cybercrime research questions.

  • The Hacking of Yahoo in 2013 and 2014
  • Significance of Computer Forensics to Law Enforcement
  • Cyber Security: The Nature and Scope of Cybercrime
  • Cybercrime and Its Impact on Society
  • Ethics of Hacking and Cracking
  • Digital Forensic Examination of Counterfeit Documents
  • Sexting and Related Cybercrime Legislation
  • Computer Forensics Laboratory’ Legal Requirements Computer forensics scientists assess digital media to identify, preserve, recover, analyze, and present facts about the information under investigation.
  • Cyber Crime : Issues and Threats Cyber crime involves the stealing or manipulation of information effectively distorting its values across global networks.
  • Cybercrime From the Religious Viewpoint The paper focuses on identifying the points at which the religious worldview would be the most fitting for the cybercrime problem examination.
  • Computer Forensics and Investigations A computer forensics examiner may be called to provide evidence and advice in a court of law. Before logs disappear, digital forensics investigators are required to capture them.
  • Trends in Cybercrime and Society The internet has played a pivotal role in boosting science, business, and education. Nevertheless, the internet is an additional tool for committing many crimes.
  • The Cybercrime Effect on Public Administration Cybercrime incidents occur in almost all government and public sectors and in the daily lives of individuals; such moments violate stability and the usual way of life.
  • The Phone Hacking Scandal Among the major news event in the recent few days was the phone hacking scandal that was linked to the News of the World; a tabloid newspaper in the United Kingdom (UK).
  • St. Louis County’s Cybercrime Task Force Plan The current paper presents a plan for the development of a cybercrime task force for St. Louis County to assign priorities for the task force.
  • Digital Forensics in Law Enforcement The paper shows that digital forensics in law enforcement is useful in collecting extra proof after an occurrence to support charges against a suspect.
  • Cybercrime and the Culture of Fear Sexual exploitation and other offenses against children remain tragic—in spite of their frequency—and those numbers have been diminishing since the advent of the internet.
  • Computer Forensics Investigation Plan The US Constitution prohibits employers from conducting searches on employees. However, the protection does not apply to private organizations.
  • The Justifiability of Hacking and the Government’s Role This paper discusses privacy in the age of technologies, government hacking, the human right to privacy, and the need for government surveillance.
  • Network Security and Cyber Crime, Super-Highway Metaphor Some of the major practices that can be done in ensuring maximum data security and integrity is through making all the servers only accessible by the administrators of networks.
  • IT Security: Hacking and Its Components The aim of this paper is to analyze hacking and its components, such as ethical hacking, and to manage cyber security, on the example of the University’s data break-in.
  • Social Issues Surrounding Cybercrime Among many social problems that have already been discussed, the issue of rising cybercrime has been on my mind the most.
  • Cybercrime and Ransomware: Literature Analysis Criminal justice and the processes that it involves is one of the most multi-layered, controversial, and ever topical areas of legal procedures in general.
  • Researching of Cybersecurity and Cybercrime The paper will discuss the technology transfer processes followed by the funding sources for technologies in the cybersecurity field
  • Cyber Law and Digital Forensic Science The advantage and disadvantage of external media at the same time is that information is easy to hide, steal, or destroy since it is located on a small object.
  • Digital Forensics and Deoxyribonucleic Acid The practice of digital forensics involves analysis of data collected computing devices from a particular crime scene.
  • Computer Forensics for Solving Cyber Crimes This paper presents research about the deployment of computer forensics in solving cybercrime. The paper brings out a number of cases concerning crimes in the cyberspace.
  • Computer Forensics and Investigations: Basic Procedures In this paper, the author is going to show the basic procedures that ought to be undertaken while performing a digital forensic examination.
  • Computer Forensics in the FCC vs. Jack Brown Case In the case of the FCC vs. Jack Brown, this will involve accessing the information that has been stored in different file formats.
  • The Council of Europe Convention on Cybercrime of 2001 The Council of Europe Convention on Cybercrime was created to deal with what is well-thought-out to be a unique attribute of cybercrime.
  • Cybercrime Legislation in the UAE, the US and the EU Cyber and computer crime definitions were developed after the enhancement of technology, and they improved after years of making proposals.
  • Cybercrime Legislation in the UAE, US and India The paper will narrow down to present similarities and differences between the cybercrime laws in UAE and the United States, and between the cybercrime laws in the UAE and India.
  • The Development of New Technologies: Wireless Hacking Techniques With the rapid development of new technologies, the safety of personal data is expected to increase. The purpose of this paper is to discuss some wireless hacking techniques.
  • Cybercrime: Categories and Challenges This essay introduces the concept of cybercrime, informs the reader of its categories, and mentions several challenges that cybercrime presents.
  • Gathering, Analyzing, and Presenting Digital Evidence: Computer Forensic Investigators This paper aims at accomplishing four tasks, which are to providing HCC Partners in Life with computer forensic services that would support a case in a court of law.
  • Black Hat vs White Hat Hacking This paper explores hacking from the perspective of ethics. In this paper, white hat and black hat hackers are the ethical players and their actions will be tested for ethicality.
  • The Greater Threat of Cybercrime Versus Cyberattack
  • Cyber Bullying: Old Problem in New-Age Packaging – Cybercrime
  • Capital Punishment for Cybercrime: The Case in Nigeria
  • Bargaining Interpersonal Organization Accounts as a Form of Cybercrime
  • Canada and China: Cybercrime and Cryptocurrency
  • Corruption, Fraud, and Cybercrime as Dehumanizing Phenomena
  • Cybercrime and Its Impact on International Business
  • Explaining Cybercrime Using Criminological Theories
  • Cybercrime: Fraud and Powerful Invisible Attacker
  • Growth, Development, and Policing of Cybercrime in the 21st Century
  • Cybercrime Has Become One of the Most Threatening Issues
  • How Social Media Has Contributed to the Spread of Cybercrime
  • Cybercrime: Identity Theft and New Criminal Opportunities
  • The Crime Scene Characteristics for Cybercrime and the Process of Investigating It
  • Cybercrime: Preventing the Horrific Crimes on the Internet
  • The Protection From Cyberattacks and Cybercrime in Bangladesh
  • Does the Pandemic Explain Recent Spikes in Cyber Crime?
  • Cybercrime Prevention Measures: How to Avoid Hacking
  • The Role of Digital Forensics in Solving Cybercrimes
  • Cybercrime: The Latest Ways of Stealing Identity and Money
  • Potential Impact of Cyber Crime on the Economy
  • Cybercrime and Cyberpiracy Impact on Domestic and Foreign Business
  • Cybercrime in the Banking Sector and Its Impact on the Banking Industry
  • Development of the Prevention of Cyber Crime in Malaysia
  • Good Cybercrime: Trends and Future
  • The Solutions for Cybercrimes in Information Technology
  • Cybercrimes, Their Types, and Measures That We Take to Keep Us Safe From the Happenings
  • Peculiarities of Cybercrime and Security
  • How Technology Has Influenced the Evolution of Cybercrime
  • The Impact of Cybercrime on the Global Criminal Justice System
  • Cybercrime and Society: Identity Theft
  • Closing the Space Between Cybercrime and Cybersecurity
  • A Fast-Growing Area of Cybercrime
  • Cybercrimes: An Unprecedented Threat to Society
  • Key Steps to Managing a Cybercrime Scene
  • Rights to Anonymity in Cybercrime
  • What Is the Role of America in Protecting Corporations From Cybercrime?
  • Cybercrime and Its Effects on the World’s Major Countries
  • Exploring Cybercrime: Realities and Challenges
  • Cybercrime Trends: How to Protect Your Business
  • The Rise of Cybercrime in the United States
  • How the Russia-Ukraine Conflict Is Impacting Cybercrime
  • Cybercrime: A Complete Guide to All Things Criminal on the Web
  • Top 5 Cybercrimes and Prevention Tips
  • How Does Cybercrime Impact Small Businesses?
  • What Are the Different Types of Cybercrimes and Cybercriminals?
  • Can We Tackle the Ever-Evolving Threat of Cybercrime?
  • What Is the Difference Between Crime and Cybercrime?
  • Is Cybercrime Civil or Criminal?
  • Why Is Cybercrime Considered a Crime?
  • When Did Cybercrime Become a Crime?
  • How Can Cybercrimes Be Prevented?
  • What Was the First Cybercrime?
  • How Does Cybercrime Affect Human Rights?
  • Who Is Responsible for Cybercrime?
  • What Was the Biggest Cybercrime Ever?
  • How Does Cybercrime Affect the Victim?
  • What Are the Effects of Cybercrime on Society?
  • Which Country Is Top in Cybercrime?
  • Does Cybercrime Affect Social Media?
  • Where Was the First Cybercrime?
  • What Are the Major Categories of Cybercrimes?
  • How Does Cybercrime Impact the Economy?
  • Which City Is Famous for Cybercrime?
  • Who Are the Victims of Cybercrime and Why?
  • Are There Defining Characteristics of a Cybercrime?
  • What Theory Best Explains Cybercrime?
  • Is There a Difference Between Computer Crimes and Cybercrimes?
  • What Is the Overlap Between Criminal Justice and Cybercrime?

Cite this post

  • Chicago (N-B)
  • Chicago (A-D)

StudyCorgi. (2022, June 5). 105 Cybercrime Essay Topics. https://studycorgi.com/ideas/cybercrime-essay-topics/

"105 Cybercrime Essay Topics." StudyCorgi , 5 June 2022, studycorgi.com/ideas/cybercrime-essay-topics/.

StudyCorgi . (2022) '105 Cybercrime Essay Topics'. 5 June.

1. StudyCorgi . "105 Cybercrime Essay Topics." June 5, 2022. https://studycorgi.com/ideas/cybercrime-essay-topics/.


StudyCorgi . "105 Cybercrime Essay Topics." June 5, 2022. https://studycorgi.com/ideas/cybercrime-essay-topics/.

StudyCorgi . 2022. "105 Cybercrime Essay Topics." June 5, 2022. https://studycorgi.com/ideas/cybercrime-essay-topics/.

These essay examples and topics on Cybercrime were carefully selected by the StudyCorgi editorial team. They meet our highest standards in terms of grammar, punctuation, style, and fact accuracy. Please ensure you properly reference the materials if you’re using them to write your assignment.

This essay topic collection was updated on December 27, 2023 .

U.S. flag

An official website of the United States government

The .gov means it’s official. Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure. The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

  • Publications
  • Account settings

Preview improvements coming to the PMC website in October 2024. Learn More or Try it out now .

  • Advanced Search
  • Journal List
  • Springer Nature - PMC COVID-19 Collection

Logo of phenaturepg

Cybercrime Victimization and Problematic Social Media Use: Findings from a Nationally Representative Panel Study

Eetu marttila.

Economic Sociology, Department of Social Research, University of Turku, Assistentinkatu 7, 20014 Turku, Finland

Aki Koivula

Pekka räsänen, associated data.

The survey data used in this study will be made available through via Finnish Social Science Data Archive (FSD, http://www.fsd.uta.fi/en/ ) after the manuscript acceptance. The data are also available from the authors on scholarly request.

Analyses were run with Stata 16.1. The code is also available from the authors on request for replication purposes.

According to criminological research, online environments create new possibilities for criminal activity and deviant behavior. Problematic social media use (PSMU) is a habitual pattern of excessive use of social media platforms. Past research has suggested that PSMU predicts risky online behavior and negative life outcomes, but the relationship between PSMU and cybercrime victimization is not properly understood. In this study, we use the framework of routine activity theory (RAT) and lifestyle-exposure theory (LET) to examine the relationship between PSMU and cybercrime victimization. We analyze how PSMU is linked to cybercrime victimization experiences. We explore how PSMU predicts cybercrime victimization, especially under those risky circumstances that generally increase the probability of victimization. Our data come from nationally representative surveys, collected in Finland in 2017 and 2019. The results of the between-subjects tests show that problematic PSMU correlates relatively strongly with cybercrime victimization. Within-subjects analysis shows that increased PSMU increases the risk of victimization. Overall, the findings indicate that, along with various confounding factors, PSMU has a notable cumulative effect on victimization. The article concludes with a short summary and discussion of the possible avenues for future research on PSMU and cybercrime victimization.


In criminology, digital environments are generally understood as social spaces which open new possibilities for criminal activity and crime victimization (Yar, 2005 ). Over the past decade, social media platforms have established themselves as the basic digital infrastructure that governs daily interactions. The rapid and vast adaptation of social media technologies has produced concern about the possible negative effects, but the association between social media use and decreased wellbeing measures appears to be rather weak (Appel et al., 2020 ; Kross et al., 2020 ). Accordingly, researchers have proposed that the outcomes of social media use depend on the way platforms are used, and that the negative outcomes are concentrated among those who experience excessive social media use (Kross et al., 2020 ; Wheatley & Buglass, 2019 ). Whereas an extensive body of research has focused either on cybercrime victimization or on problematic social media use, few studies have focused explicitly on the link between problematic use and victimization experiences (e.g., Craig et al., 2020 ; Longobardi et al., 2020 ).

As per earlier research, the notion of problematic use is linked to excessive and uncontrollable social media usage, which is characterized by compulsive and routinized thoughts and behavior (e.g., Kuss & Griffiths, 2017 ). The most frequently used social scientific and criminological accounts of risk factors of victimization are based on routine activity theory (RAT) (Cohen & Felson, 1979 ) and lifestyle-exposure theory (LET) (Hindelang et al., 1978 ). Although RAT and LET were originally developed to understand how routines and lifestyle patterns may lead to victimization in physical spaces, they have been applied in online environments (e.g., Milani et al., 2020 ; Räsänen et al., 2016 ).

As theoretical frameworks, RAT and LET presume that lifestyles and routine activities are embedded in social contexts, which makes it possible to understand behaviors and processes that lead to victimization. The excessive use of social media platforms increases the time spent in digital environments, which, according to lifestyle and routine activities theories, tends to increase the likelihood of ending up in dangerous situations. Therefore, we presume that problematic use is a particularly dangerous pattern of use, which may increase the risk of cybercrime victimization.

In this study, we employ the key elements of RAT and LET to focus on the relationship between problematic social media use and cybercrime victimization. Our data come from high quality, two-wave longitudinal population surveys, which were collected in Finland in 2017 and 2019. First, we examine the cross-sectional relationship between problematic use and victimization experiences at Wave 1, considering the indirect effect of confounding factors. Second, we test for longitudinal effects by investigating whether increased problematic use predicts an increase in victimization experiences at Wave 2.

Literature Review

Problematic social media use.

Over the last few years, the literature on the psychological, cultural, and social effects of social media has proliferated. Prior research on the topic presents a nuanced view of social media and its consequences (Kross et al., 2020 ). For instance, several studies have demonstrated that social media use may produce positive outcomes, such as increased life satisfaction, social trust, and political participation (Kim & Kim, 2017 ; Valenzuela et al., 2009 ). The positive effects are typically explained to follow from use that satisfy individuals’ socioemotional needs, such as sharing emotions and receiving social support on social media platforms (Pang, 2018 ; Verduyn et al., 2017 ).

However, another line of research associates social media use with several negative effects, including higher stress levels, increased anxiety and lower self-esteem (Kross et al., 2020 ). Negative outcomes, such as depression (Shensa et al., 2017 ), decreased subjective well-being (Wheatley & Buglass, 2019 ) and increased loneliness (Meshi et al., 2020 ), are also commonly described in the research literature. The most common mechanisms that are used to explain negative outcomes of social media use are social comparison and fear of missing out (Kross et al., 2020 ). In general, it appears that the type of use that does not facilitate interpersonal connection is more detrimental to users’ health and well-being (Clark et al., 2018 ).

Even though the earlier research on the subject has produced somewhat contradictory results, the researchers generally agree that certain groups of users are at more risk of experiencing negative outcomes of social media use. More specifically, the researchers have pointed out that there is a group of individuals who have difficulty controlling the quantity and intensity of their use of social media platforms (Kuss & Griffiths, 2017 ). Consequently, new concepts, such as problematic social media use (Bányai et al., 2017 ) and social networking addiction (Griffiths et al., 2014 ) have been developed to assess excessive use. In this research, we utilize the concept of problematic social media use (PSMU), which is applied broadly in the literature. In contrast to evidence of social media use in general, PSMU consistently predicts negative outcomes in several domains of life, including decreased subjective well-being (Kross et al., 2013 ; Wheatley & Buglass, 2019 ), depression (Hussain & Griffiths, 2018 ), and loneliness (Marttila et al., 2021 ).

To our knowledge, few studies have focused explicitly on the relationship between PSMU and cybercrime victimization. One cross-national study of young people found that PSMU is consistently and strongly associated with cyberbullying victimization across countries (Craig et al., 2020 ) and another one of Spanish adolescents returned similar results (Martínez-Ferrer et al., 2018 ). Another study of Italian adolescents found that an individual’s number of followers on Instagram was positively associated with experiences of cybervictimization (Longobardi et al., 2020 ). A clear limitation of the earlier studies is that they focused on adolescents and often dealt with cyberbullying or harassment. Therefore, the results are not straightforwardly generalizable to adult populations or to other forms of cybercrime victimization. Despite this, there are certain basic assumptions about cybercrime victimization that must be considered.

Cybercrime Victimization, Routine Activity, and Lifestyle-Exposure Theories

In criminology, the notion of cybercrime is used to refer to a variety of illegal activities that are performed in online networks and platforms through computers and other devices (Yar & Steinmetz, 2019 ). As a concept, cybercrime is employed in different levels of analysis and used to describe a plethora of criminal phenomena, ranging from individual-level victimization to large-scale, society-wide operations (Donalds & Osei-Bryson, 2019 ). In this study, we define cybercrime as illegal activity and harm to others conducted online, and we focus on self-reported experiences of cybercrime victimization. Therefore, we do not address whether respondents reported an actual crime victimization to the authorities.

In Finland and other European countries, the most common types of cybercrime include slander, hacking, malware, online fraud, and cyberbullying (see Europol, 2019 ; Meško, 2018 ). Providing exact estimates of cybercrime victims has been a challenge for previous criminological research, but 1 to 15 percent of the European population is estimated to have experienced some sort of cybercrime victimization (Reep-van den Bergh & Junger, 2018 ). Similarly, it is difficult to give a precise estimate of the prevalence of social media-related criminal activity. However, as a growing proportion of digital interactions are mediated by social media platforms, we can expect that cybercrime victimization on social media is also increasing. According to previous research, identity theft (Reyns et al., 2011 ), cyberbullying (Lowry et al., 2016 ), hate speech (Räsänen et al., 2016 ), and stalking (Marcum et al., 2017 ) are all regularly implemented on social media. Most of the preceding studies have focused on cybervictimization of teenagers and young adults, which are considered the most vulnerable population segments (e.g., Hawdon et al., 2017 ; Keipi et al.,  2016 ).

One of the most frequently used conceptual frameworks to explain victimization is routine activity theory (RAT) (Cohen & Felson, 1979 ). RAT claims that the everyday routines of social actors place individuals at risk for victimization by exposing them to dangerous people, places, and situations. The theory posits that a crime is more likely to occur when a motivated offender, a suitable target, and a lack of capable guardians converge in space and time (Cohen & Felson, 1979 ). RAT is similar to lifestyle-exposure theory (LET), which aims to understand the ways in which lifestyle patterns in the social context allow different forms of victimization (Hindelang et al., 1978 ).

In this study, we build our approach on combining RAT and LET in order to examine risk-enhancing behaviors and characteristics fostered by online environment. Together, these theories take the existence of motivated offenders for granted and therefore do not attempt to explain their involvement in crime. Instead, we concentrate on how routine activities and lifestyle patterns, together with the absence of a capable guardian, affect the probability of victimization.

Numerous studies have investigated the applicability of LET and RAT for cybercrime victimization (e.g., Holt & Bosser, 2008 , 2014 ; Leukfeldt & Yar, 2016 ; Näsi et al., 2017 ; Vakhitova et al., 2016 , 2019 ; Yar, 2005 ). The results indicate that different theoretical concepts are operationalizable to online environments to varying degrees, and that some operationalizations are more helpful than others (Näsi et al., 2017 ). For example, the concept of risk exposure is considered to be compatible with online victimization, even though earlier studies have shown a high level of variation in how the risk exposure is measured (Vakhitova et al., 2016 ). By contrast, target attractiveness and lack of guardianship are generally considered to be more difficult to operationalize in the context of technology-mediated victimization (Leukfeldt & Yar, 2016 ).

In the next section, we will take a closer look at how the key theoretical concepts LET and RAT have been operationalized in earlier studies on cybervictimization. Here, we focus solely on factors that we can address empirically with our data. Each of these have successfully been applied to online environments in prior studies (e.g., Hawdon et al., 2017 ; Keipi et al., 2016 ).

Confounding Elements of Lifestyle and Routine Activities Theories and Cybercrime Victimization

Exposure to risk.

The first contextual component of RAT/LET addresses the general likelihood of experiencing risk situations. Risk exposure has typically been measured by the amount of time spent online or the quantity of different online activities – the hours spent online, the number of online accounts, the use of social media services (Hawdon et al., 2017 ; Vakhitova et al., 2019 ). The studies that have tested the association have returned mixed results, and it seems that simply the time spent online does not predict increased victimization (e.g., Ngo & Paternoster, 2011 ; Reyns et al., 2011 ). On the other hand, the use of social media platforms (Bossler et al., 2012 ; Räsänen et al., 2016 ) and the number of accounts in social networks are associated with increased victimization (Reyns et al., 2011 ).

Regarding the association between the risk of exposure and victimization experiences, previous research has suggested that specific online activities may increase the likelihood of cybervictimization. For example, interaction with other users is associated with increased victimization experiences, whereas passive use may protect from cybervictimization (Holt & Bossler, 2008 ; Ngo & Paternoster, 2011 ; Vakhitova et al., 2019 ). In addition, we assume that especially active social media use, such as connecting with new people, is a risk factor and should be taken into account by measuring the proximity to offenders in social media.

Proximity to Offenders

The second contextual component of RAT/LET is closeness to the possible perpetrators. Previously, proximity to offenders was typically measured by the amount of self-disclosure in online environments, such as the number of followers on social media platforms (Vakhitova et al., 2019 ). Again, earlier studies have returned inconsistent results, and the proximity to offenders has mixed effects on the risk victimization. For example, the number of online friends does not predict increased risk of cybercrime victimization (Näsi et al., 2017 ; Räsänen et al., 2016 ; Reyns et al., 2011 ). By contrast, a high number of social media followers (Longobardi et al., 2020 ) and online self-disclosures are associated with higher risk of victimization (Vakhitova et al., 2019 ).

As in the case of risk exposure, different operationalizations of proximity to offenders may predict victimization more strongly than others. For instance, compared to interacting with friends and family, contacting strangers online may be much riskier (Vakhitova et al., 2016 ). Earlier studies support this notion, and allowing strangers to acquire sensitive information about oneself, as well as frequent contact with strangers on social media, predict increased risk for cybervictimization (Craig et al., 2020 ; Reyns et al., 2011 ). Also, compulsive online behavior is associated with a higher probability of meeting strangers online (Gámez-Guadix et al., 2016 ), and we assume that PSMU use may be associated with victimization indirectly through contacting strangers.

Target Attractiveness

The third contextual element of RAT/LET considers the fact that victimization is more likely among those who share certain individual and behavioral traits. Such traits can be seen to increase attractiveness to offenders and thereby increase the likelihood of experiencing risk situations. Earlier studies on cybercrime victimization have utilized a wide selection of measures to operationalize target attractiveness, including gender and ethnic background (Näsi et al., 2017 ), browsing risky content (Räsänen et al., 2016 ), financial status (Leukfeldt & Yar, 2016 ) or relationship status, and sexual orientation (Reyns et al., 2011 ).

In general, these operationalizations do not seem to predict victimization reliably or effectively. Despite this, we suggest that certain operationalizations of target attractiveness may be valuable. Past research on the different uses of social media has suggested that provocative language or expressions of ideological points of view can increase victimization. More specifically, political activity is a typical behavioral trait that tends to provoke reactions in online discussions (e.g. , Lutz & Hoffmann, 2017 ). In studies of cybervictimization, online political activity is associated with increased victimization (Vakhitova et al., 2019 ). Recent studies have also emphasized how social media have brought up and even increased political polarization (van Dijk & Hacker, 2018 ).

In Finland, the main division has been drawn between the supporters of the populist right-wing party, the Finns, and the supporters of the Green League and the Left Alliance (Koiranen et al., 2020 ). However, it is noteworthy that Finland has a multi-party system based on socioeconomic cleavages represented by traditional parties, such as the Social Democratic Party of Finland, the National Coalition Party, and the Center Party (Koivula et al., 2020 ). Indeed, previous research has shown that there is relatively little affective polarization in Finland (Wagner, 2021 ). Therefore, in the Finnish context it is unlikely that individuals would experience large-scale victimization based on their party preference.

Lack of Guardianship

The fourth element of RAT/LET assesses the role of social and physical guardianship against harmful activity. The lack of guardianship is assumed to increase victimization, and conversely, the presence of capable guardianship to decrease the likelihood victimization (Yar, 2005 ). In studies of online activities and routines, different measures of guardianship have rarely acted as predictors of victimization experiences (Leukfeldt & Yar, 2016 ; Vakhitova et al., 2016 ).

Regarding social guardianship, measures such as respondents’ digital skills and online risk awareness have been used, but with non-significant results (Leukfeldt & Yar, 2016 ). On the other hand, past research has indicated that victims of cyber abuse in general are less social than non-victims, which indicates that social networks may protect users from abuse online (Vakhitova et al., 2019 ). Also, younger users, females, and users with low educational qualifications are assumed to have weaker social guardianship against victimization and therefore are in more vulnerable positions (e.g., Keipi et al., 2016 ; Pratt & Turanovic, 2016 ).

In terms of physical guardianship, several technical measures, such as the use of firewalls and virus scanners, have been utilized in past research (Leukfeldt & Yar, 2016 ). In a general sense, technical security tools function as external settings in online interactions, similar to light, which may increase the identifiability of the aggressor in darkness. Preceding studies, however, have found no significant connection between technical guardianship and victimization (Vakhitova et al., 2016 ). Consequently, we decided not to address technical guardianship in this study.

Based on the preceding research findings discussed above, we stated the following two hypotheses:

  • H1: Increased PSMU associates with increased cybercrime victimization.
  • H2: The association between PSMU and cybercrime victimization is confounded by factors assessing exposure to risk, proximity to offenders, target attractiveness, and lack of guardianship.

Research Design

Our aim was to analyze how problematic use of social media is linked to cybercrime victimization experiences. According to RAT and LET, cybercrime victimization relates to how individuals’ lifestyles expose them to circumstances that increase the probability of victimization (Hindelang et al., 1978 ) and how individuals behave in different risky environments (Engström, 2020 ). Our main premise is that PSMU exposes users more frequently to environments that increase the likelihood of victimization experiences.

We constructed our research in two separate stages on the basis of the two-wave panel setting. In the first stage, we approached the relationship between PSMU and cybercrime victimization cross-sectionally by using a large and representative sample of the Finnish population aged 18–74. We also analyzed the extent to which the relationship between PSMU and cybercrime victimization was related to the confounders. In the second stage of analysis, we paid more attention to longitudinal effects and tested for the panel effects, examining changes in cybercrime victimization in relation to changes in PSMU.


We utilized two-wave panel data that were derived from the first and second rounds of the Digital Age in Finland survey. The cross-sectional study was based on the first round of the survey, organized in December 2017, for a total of 3,724 Finns. In this sample, two-thirds of the respondents were randomly sampled from the Finnish population register, and one-third were supplemented from a demographically balanced online respondent pool organized by Taloustutkimus Inc. We analyzed social media users ( N  = 2,991), who accounted for 77% of the original data. The data over-represented older citizens, which is why post-stratifying weights were applied to correspond with the official population distribution of Finns aged 18–74 (Sivonen et al., 2019 ).

To form a longitudinal setting, respondents were asked whether they were willing to participate in the survey a second time about a year after the first data collection. A total of 1,708 participants expressed willingness to participate in the follow-up survey that was conducted 15 months after the first round, in March 2019. A total of 1,134 people participated in the follow-up survey, comprising a response rate of 67% in the second round.

The question form was essentially the same for both rounds of data collection.

The final two-wave data used in the second-stage of analysis mirrored on population characteristics in terms of gender (males 50.8%) and age (M = 49.9, SD  = 16.2) structures. However, data were unrepresentative in terms of education and employment status when compared to the Finnish population: tertiary level education was achieved by 44.5% of participants and only 50.5% of respondents were employed. The data report published online shows a more detailed description of the data collection and its representativeness (Sivonen et al., 2019 ).

Our dependent variable measured whether the participants had been a target of cybercrime. Cybercrime was measured with five dichotomous questions inquiring whether the respondent had personally: 1) been targeted by threat or attack on social media, 2) been falsely accused online, 3) been targeted with hateful or degrading material on the Internet, 4) experienced sexual harassment on social media, and 5) been subjected to account stealing. 1 In the first round, 159 respondents (14.0%) responded that they had been the victim of cybercrime. In the second round, the number of victimization experiences increased by about 6 percentage points, as 71 respondents had experienced victimization during the observation period.

Our main independent variable was problematic social media use (PSMU). Initially, participants’ problematic and excessive social media usage was measured through an adaptation of the Compulsive Internet Use Scale (CIUS) , which consists of 14 items ratable on a 5-point Likert scale (Meerkerk et al., 2009 ). Our measure included five items on a 4-point scale scored from 1 (never) to 4 (daily) based on how often respondents: 1) “Have difficulties with stopping social media use,” 2)”'Have been told by others you should use social media less,” 3) “Have left important work, school or family related things undone due to social media use,” 4) “Use social media to alleviate feeling bad or stress,” and 5) “Plan social media use beforehand.”

For our analysis, all five items were used to create a new three-level variable to assess respondents’ PSMU at different intensity levels. If the respondent was experiencing daily or weekly at least one of the signs of problematic use daily, PSMU was coded as at least weekly . Second, if the respondent was experiencing less than weekly at least one of the signs of problematic use, PSMU was coded as occasionally. Finally, if the respondent was not experiencing any signs of problematic use, PSMU was coded to none.

To find reliable estimates for the effects of PSMU, we controlled for general social media use , including respondents’ activity on social networking sites and instant messenger applications. We combined two items to create a new four-level variable to measure respondents’ social media use (SMU). If a respondent reported using either social media platforms (e.g., Facebook, Twitter), instant messengers (e.g., WhatsApp, Facebook Messenger) or both many hours per day, we coded their activity as high . We coded activity as medium , if respondents reported using social media daily . Third, we coded activity as low for those respondents who reported using social media only on a weekly basis. Finally, we considered activity as very low if respondents reported using platforms or instant messengers less than weekly.

Confounding variables were related to participants’ target attractiveness, proximity to offenders, and potential guardianship factors.

Target attractiveness was measured by online political activity . Following previous studies (Koiranen et al., 2020 ; Koivula et al., 2019 ), we formed the variable based on four single items: following political discussions, participating in political discussions, sharing political content, and creating political content. Participants’ activity was initially determined by means of a 5-point scale (1 = Never, 2 = Sometimes, 3 = Weekly, 4 = Daily, and 5 = Many times per day). For analysis purposes, we first separated “politically inactive” users, who reported never using social media for political activities. Second, we coded as “followers” participants who only followed but never participated in the political discussions in social media. Third, we classified as “occasional participants” those who at least sometimes participated in political activities on social media. Finally, those participants who at least weekly used social media to participate in political activities were classified as “active participants.”

Proximity to offenders was considered by analyzing contacting strangers on social media . Initially, the question asked the extent to which respondents were in contact with strangers on social media, evaluated with a 5-point interval scale, from 1 ( Not at all ) to 5 ( Very much ). For the analysis, we merged response options 1 and 2 to form value 1, and 4 and 5 to form 3. Consequently, we used a three-level variable to measure respondents’ tendency to contact strangers on social media, in which 1 = Low, 2 = Medium, and 3 = High intensity.

Lack of guardianship was measured by gender, age, education, and main activity. Respondent’s gender (1 =  Male , 2 =  Female ), age (in years), level of education, and main activity were measured. While these variables could also be placed under target attractiveness, we placed them here. This is because background characteristics the variables measure are often invisible in online environments and exist only in terms of expressed behavior (e.g., Keipi et al., 2016 ). For statistical analysis, we classified education and main activity into binary variables. Education was measured with a binary variable that implied whether the respondent had achieved at least tertiary level education or not. The dichotomization can be justified by relatively high educational levels in Finland, where tertiary education is often considered as cut-off point between educated and non-educated citizens (Leinsalu et al., 2020 ). Main activity was measured with a binary variable that differentiated unemployed respondents from others (working, retirees, and full-time students). Regarding the lack of guardianship, unemployed people are less likely to relate to informal peer-networks occurring at workplaces or educational establishments, a phenomenon that also takes place in many senior citizens’ activities. Descriptive statistics for all measurements are provided in (Table ​ (Table1 1 ).

Descriptive statistics for the applied variables

Analytic techniques

The analyses were performed in two different stages with STATA 16. In the cross-sectional approach we analyzed the direct and indirect associations between PSMU and cybercrime victimization. We reported average marginal effects and their standard errors with statistical significances (Table ​ (Table2.). 2 .). The main effect of PSMU was illustrated in Fig.  1 by utilizing a user-written coefplot package (Jann, 2014 ).

The likelihood of cybercrime victimization according to confounding and control variables. Average marginal effects (AME) with standard errors estimated from the logit models

Standard errors in parentheses

*** p  < 0.001, ** p  < 0.01, * p  < 0.05

An external file that holds a picture, illustration, etc.
Object name is 12103_2021_9665_Fig1_HTML.jpg

Likelihood of cybercrime victimization according to the level of problematic social media use. Predicted probabilities with 95% confidence intervals

When establishing the indirect effects, we used the KHB-method developed by Karlson et al. ( 2012 ) and employed the khb command in Stata (Kohler et al., 2011 ). The KHB method decomposes the total effect of an independent variable into direct and indirect via a confounding / mediating variable (Karlson et al., 2012 ). Based on decomposition analysis, we reported logit coefficients for the total effect, direct effects, and indirect effects with statistical significances and confounding percentages (Table ​ (Table3 3 .).

The decomposition of effect of PSMU on online victimization with respect to confounding factors. The logit coefficients estimated using the KHB method

In the second stage, we analyzed the panel effects. We used hybrid mixed models to distinguish two time-varying factors: between-person effects and within-person effects, and predicted changes in cybercrime victimization with respect to changes in problematic social media use. We also tested how the relationship between cybercrime victimization and other time-varying variables changed over the observation period. The hybrid models were performed by using the xthybrid command (Schunck & Perales, 2017 ).

The results for our first hypothesis are presented in Fig.  1 . The likelihood of becoming a victim of cybercrime increased significantly as PSMU increased. Respondents who reported problematic use on a daily basis experienced cybercrime with a probability of more than 40%. The probability of becoming a victim was also high, 30%, if problematic use occurred weekly.

The models predicting cybercrime victimization are shown in Table ​ Table2. 2 . In the first model (M1), PSMU significantly predicted the risk of victimization if a participant reported even occasional problematic use (AME 0.06; p  < 0.001). If the respondent reported problematic use weekly (AME 0.17; p  < 0.001) or daily (AME 0.33; p  < 0.001), his or her probability of becoming a victim was significantly higher.

The next three models (M2-M4) were constructed on the basis of variables measuring risk exposure, proximity to offenders, and target attractiveness. The second model (M2) indicates that highly intensive social media use (AME 0.19, p  < 0.001) was related to cybercrime victimization. The third (M3) model presents that those who reported low intensity of meeting strangers online had lower probability of being victims (AME -0.11, p  < 0.001) and those who reported high intensity had higher probability (AME 0.12, p  < 0.05). Finally, the fourth (M4) model suggests that political activity was related to victimization: those who reported participating occasionally (AME 0.07, p  < 0.01) and actively (AME 0.14, p  < 0.001) had higher probability of being a victim.

Next, we evaluated how different guardianship factors were related to victimization. The fifth model (M5) indicates that age, gender, and economic activity were identified as significant protective factors. According to the results, older (AME -0.01, p  < 0.001) and male (AME -0.04, p  < 0.001) participants were less likely to be targets of cybercrime. Interestingly, higher education or unemployment was not related to victimization. Finally, the fifth model also suggests that the effect of PSMU remained significant even after controlling for confounding and control variables.

We decomposed the fifth model to determine how different confounding and control variables affected the relationship between PSMU and victimization. The results of the decomposition analysis are shown in Table ​ Table3. First, 3 . First, the factors significantly influenced the association between PSMU and victimization ( B  = 0.38, p  < 0.001), which means that the confounding percentage of background factors was 58.7%. However, the total effect of PSMU remained significant ( B  = 0.27, p  < 0.001). Age was the most significant factor in the association between PSMU and victimization ( B  = 0.14; p  < 0.001), explaining 36% of the total confounding percentage. Political activity was also a major contributing factor ( B  = 0.12, p  < 0.001) that explained 31.2% of the total confounding percentage. The analysis also revealed that meeting strangers online significantly confounded the relationship between PSMU and victimization ( B  = 0.7, p  < 0.001).

In the second stage, we examined the longitudinal effects of PSMU on cybercrime victimization using panel data from Finnish social media users. We focused on the factors varying in short term, that is why we also analyzed the temporal effects of SMU, contacting strangers online, and online political activity on victimization. The demographic factors that did not change over time or for which temporal variability did not vary across clusters (such as age) were not considered in the second stage.

Table ​ Table4 4 shows the hybrid models predicting each variable separately. The within-effects revealed that increased PSMU increased individuals’ probability of being victimized during the observation period ( B  = 0.77, p  = 0.02). Moreover, the between-effects of PSMU was significant ( B  = 2.00, p  < 0.001), indicating that increased PSMU was related to individuals’ higher propensity to be victimized over the observation period.

Unadjusted logit coefficients of cybercrime victimization according to PSMU and confounding variables from hybrid generalized mixed models

Each variable modelled separately

We could not find significant within-subject effects in terms of other factors. However, the between-effects indicated that SMU ( B  = 2.00, p  < 0.001), low intensity of meeting strangers online ( B  = -3.27, p  < 0.001), and online political participation ( B  = 2.08, p  < 0.001) distinguished the likelihood of individuals being victimized.

Over the last decade, social media has revolutionized the way people communicate and share information. As the everyday lives of individuals are increasingly mediated by social media technologies, some users may experience problems with excessive use. In prior studies, problematic use has been associated with many negative life outcomes, ranging from psychological disorders to economic consequences.

The main objective of this study was to determine whether PSMU is also linked to increased cybercrime victimization. First, we examined how PSMU associates with cybercrime victimization and hypothesized that increased PSMU associates with increased cybercrime victimization (H1). Our findings from the cross-sectional study indicated that PSMU is a notable predictor of victimization. In fact, daily reported problematic use increased the likelihood of cybercrime victimization by more than 30 percentage points. More specifically, the analysis showed that more than 40% of users who reported experiencing problematic use daily reported being victims of cybercrime, while those who never experienced problematic use had a probability of victimization of slightly over 10%.

We also examined how PSMU captures other risk factors contributing to cybercrime victimization. Here, we hypothesized that the association between PSMU and cybercrime victimization is mediated by exposure to risk, proximity to offenders, target attractiveness, and lack of guardianship (H2). The decomposition analysis indicated that confounding factors explained over 50 percent of the total effect of PSMU. A more detailed analysis showed that the association between PSMU and cybercrime victimization was related to respondents’ young age, online political activity, activity to meet strangers online, and intensity of general social media use. This means that PSMU and victimization are linked to similar factors related to routine activities and lifestyle that increase the target's attractiveness, proximity to offenders and lack of guardianship. Notably, the effect of PSMU remained significant even after controlling for the confounding factors.

In the longitudinal analysis, we confirmed the first hypothesis and found that increased PSMU was associated with increased cybercrime victimization in both within- and between-subject analyses. The result indicated a clear link between problematic use and cybercrime experiences during the observation period: as problematic use increases, so does the individual’s likelihood of becoming a victim of cybercrime. At the same time, according to the between-subject analysis, it also appears that cybercrime experiences are generally more likely to increase for those who experience more problematic use. Interestingly, we could not find within-subject effects in terms of other factors. This means, for example, that individuals' increased encounters with strangers or increased online political activity were not directly reflected in the likelihood of becoming a victim during the observation period. The between-subject analyses, however, indicated that an individual’s increased propensity to be victimized is related to higher level of social media activity, intensity of meeting strangers online, and online political activity over time.

Our findings are consistent with those of preceding research pointing to the fact that cybervictimization is indeed a notable threat, especially to those already in vulnerable circumstances (Keipi et al., 2016 ). The probabilities of cybercrime risk vary in online interactional spaces, depending on the absence and presence of certain key components suggested in our theoretical framework. Despite the seriousness of our findings, recent statistics indicate that cybercrime victimization is still relatively rare in Finland. In 2020, seven percent of Finnish Internet users had experienced online harassment, and 13 percent reported experiencing unwelcome advances during the previous three months (OSF, 2020 ). However, both forms of cybercrime victimization are clearly more prevalent among younger people and those who use social media frequently.

Cybercrime is becoming an increasingly critical threat as social media use continues to spread throughout segments of the population. Certain online activities and routinized behaviors can be considered to be particularly risky and to increase the probability of cybercrime victimization. In our study, we have identified problematic social media use as a specific behavioral pattern or lifestyle that predicts increased risk of becoming a victim of cybercrime.

Although the overall approach of our study was straightforward, the original theoretical concepts are ambiguously defined and alternative meanings have been given to them. It follows that the empirical operationalization of the concepts was not in line with some studies looking at the premises of RAT and LET framework. Indeed, different empirical measures have been employed to address the basic elements associating with risks of victimization (e.g., Hawdon et al., 2017 ; Pratt & Turanovic, 2016 ). In our investigation, we focused on selected online activities and key socio-demographic background factors.

Similarly, we need to be cautious when discussing the implications of our findings. First, our study deals with one country alone, which means that the findings cannot be generalized beyond Finland or beyond the timeline 2017 to 2019. This means that our findings may not be applicable to the highly specific time of the COVID-19 pandemic when online activities have become more versatile than ever before. In addition, although our sample was originally drawn from the national census database, some response bias probably exists in the final samples. Future research should use longitudinal data that better represent, for example, different socio-economic groups. We also acknowledge that we did not control for the effect of offline social relations on the probability of cybercrime risk. Despite these limitations, we believe our study has significance for contemporary cybercrime research.

Our study shows that PSMU heightens the risk of cybercrime victimization. Needless to say, future research should continue to identify specific activities that comprise “dangerous” lifestyles online, which may vary from one population group to another. In online settings, there are a variety of situations and circumstances that are applicable to different forms of cybercrime. For instance, lack of basic online skills regarding cybersecurity can work like PSMU.

In general, our findings contribute to the assumption that online and offline victimization should not necessarily be considered distinct phenomena. Therefore, our theoretical framework, based on RAT and LET, seems highly justified. Our observations contribute to an increasing body of research that demonstrates how routine activities and lifestyle patterns of individuals can be applied to crimes committed in the physical world, as well as to crimes occurring in cyberspace.


is a PhD student at the Unit of Economic Sociology, University of Turku, Finland. Marttila is interested in the use of digital technologies, risks, and well-being.

is a University Lecturer at the Unit of Economic Sociology, University of Turku, Finland. Koivula’s research deals with political preferences, consumer behavior and use of online platforms.

is Professor of Economic Sociology at University of Turku, Finland. His current research interests are in digital inequalities and online hate speech in platform economy.

Open Access funding provided by University of Turku (UTU) including Turku University Central Hospital. This study was funded by the Strategic Research Council of the Academy of Finland (decision number 314171).

Data Availability

Code availability, declarations.

The authors declare no conflicts of interest.

All procedures performed in studies involving human participants were in accordance with the ethical standards of the institutional and/or national research committee and with the 1964 Helsinki declaration and its later amendments or comparable ethical standards.

2) Have you been falsely accused online?

3) Have you been targeted with hateful or degrading material on the Internet?

4) Have you experienced sexual harassment social media?

5) Has your online account been stolen or a new account made with your name without your permission?

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

  • Appel M, Marker C, Gnambs T. Are social media ruining our lives? A review of meta-analytic evidence. Review of General Psychology. 2020; 24 (1):60–74. doi: 10.1177/1089268019880891. [ CrossRef ] [ Google Scholar ]
  • Bányai, F., Zsila, Á., Király, O., Maraz, A., Elekes, Z., Griffiths, M. D., et al. (2017). Problematic social media use: Results from a large-scale nationally representative adolescent sample. PLoS ONE , 12 (1). 10.1371/journal.pone.0169839 [ PMC free article ] [ PubMed ]
  • Bossler AM, Holt TJ, May DC. Predicting online harassment victimization among a juvenile population. Youth & Society. 2012; 44 (4):500–523. doi: 10.1177/0044118X11407525. [ CrossRef ] [ Google Scholar ]
  • Clark JL, Algoe SB, Green MC. Social network sites and well-being: The role of social connection. Current Directions in Psychological Science. 2018; 9 :44–49. doi: 10.1016/j.copsyc.2015.10.006. [ CrossRef ] [ Google Scholar ]
  • Cohen LE, Felson M. Social change and crime rate trends: A routine activity approach. American Sociological Review. 1979; 44 (4):588–608. doi: 10.2307/2094589. [ CrossRef ] [ Google Scholar ]
  • Craig W, Boniel-Nissim M, King N, Walsh SD, Boer M, Donnelly PD, et al. Social media use and cyber-bullying: A cross-national analysis of young people in 42 countries. Journal of Adolescent Health. 2020; 66 (6):S100–S108. doi: 10.1016/j.jadohealth.2020.03.006. [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Donalds C, Osei-Bryson KM. Toward a cybercrime classification ontology: A knowledge-based approach. Computers in Human Behavior. 2019; 92 :403–418. doi: 10.1016/j.chb.2018.11.039. [ CrossRef ] [ Google Scholar ]
  • Engström A. Conceptualizing lifestyle and routine activities in the early 21st century: A systematic review of self-report measures in studies on direct-contact offenses in young populations. Crime & Delinquency. 2020; 67 (5):737–782. doi: 10.1177/0011128720937640. [ CrossRef ] [ Google Scholar ]
  • Europol (2019). European Union serious and organised crime threat assessment. Online document, available at: https://ec.europa.eu/home-affairs/what-we-do/policies/cybercrime_en
  • Gámez-Guadix M, Borrajo E, Almendros C. Risky online behaviors among adolescents: Longitudinal relations among problematic Internet use, cyberbullying perpetration, and meeting strangers online. Journal of Behavioral Addictions. 2016; 5 (1):100–107. doi: 10.1556/2006.5.2016.013. [ PMC free article ] [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Griffiths, M. D., Kuss, D. J., & Demetrovics, Z. (2014). Social networking addiction: An overview of preliminary findings. In K. P. Rosenberg & L. C. B. T.-B. A. Feder (Eds.), Behavioral addictions: Criteria, evidence, and treatment (pp. 119–141). San Diego: Academic Press. 10.1016/B978-0-12-407724-9.00006-9
  • Hawdon J, Oksanen A, Räsänen P. Exposure to online hate in four nations: A cross-national consideration. Deviant Behavior. 2017; 38 (3):254–266. doi: 10.1080/01639625.2016.1196985. [ CrossRef ] [ Google Scholar ]
  • Hindelang MJ, Gottfredson MR, Garofalo J. Victims of personal crime: An empirical foundation for a theory of personal victimization. Ballinger Publishing Co; 1978. [ Google Scholar ]
  • Holt TJ, Bossler AM. Examining the applicability of lifestyle-routine activities theory for cybercrime victimization. Deviant Behavior. 2008; 30 (1):1–25. doi: 10.1080/01639620701876577. [ CrossRef ] [ Google Scholar ]
  • Holt TJ, Bossler AM. An assessment of the current state of cybercrime scholarship. Deviant Behavior. 2014; 35 (1):20–40. doi: 10.1080/01639625.2013.822209. [ CrossRef ] [ Google Scholar ]
  • Hussain, Z., & Griffiths, M. D. (2018). Problematic social networking site use and comorbid psychiatric disorders: A systematic review of recent large-scale studies. Frontiers in Psychiatry , 9 (686). 10.3389/fpsyt.2018.00686 [ PMC free article ] [ PubMed ]
  • Jann, B. (2014). Plotting regression coefficients and other estimates . The Stata Journal , 14 (4), 708–737. 10.1177%2F1536867X1401400402
  • Karlson, K. B., Holm, A., & Breen, R. (2012). Comparing regression coefficients between same-sample nested models using logit and probit: A new method. Sociological methodology, 42 (1), 286–313. 10.1177%2F0081175012444861
  • Keipi, T., Näsi, M., Oksanen, A., & Räsänen, P. (2016). Online hate and harmful content: Cross-national perspectives. Taylor & Francis. http://library.oapen.org/handle/20.500.12657/22350
  • Kim B, Kim Y. College students’ social media use and communication network heterogeneity: Implications for social capital and subjective well-being. Computers in Human Behavior. 2017; 73 :620–628. doi: 10.1016/j.chb.2017.03.033. [ CrossRef ] [ Google Scholar ]
  • Kohler, U., Karlson, K. B., & Holm, A. (2011). Comparing coefficients of nested nonlinear probability models. The Stata Journal, 11 (3), 420–438. 10.1177/1536867X1101100306
  • Koivula A, Kaakinen M, Oksanen A, Räsänen P. The role of political activity in the formation of online identity bubbles. Policy & Internet. 2019; 11 (4):396–417. doi: 10.1002/poi3.211. [ CrossRef ] [ Google Scholar ]
  • Koivula A, Koiranen I, Saarinen A, Keipi T. Social and ideological representativeness: A comparison of political party members and supporters in Finland after the realignment of major parties. Party Politics. 2020; 26 (6):807–821. doi: 10.1177/1354068818819243. [ CrossRef ] [ Google Scholar ]
  • Koiranen I, Koivula A, Saarinen A, Keipi T. Ideological motives, digital divides, and political polarization: How do political party preference and values correspond with the political use of social media? Telematics and Informatics. 2020; 46 :101322. doi: 10.1016/j.tele.2019.101322. [ CrossRef ] [ Google Scholar ]
  • Kross E, Verduyn P, Demiralp E, Park J, Lee DS, Lin N, et al. Facebook use predicts declines in subjective well-being in young adults. PLoS ONE. 2013; 8 (8):e69841. doi: 10.1371/journal.pone.0069841. [ PMC free article ] [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Kross E, Verduyn P, Sheppes G, Costello CK, Jonides J, Ybarra O. Social media and well-being: Pitfalls, progress, and next steps. Trends in Cognitive Sciences. 2020; 25 (1):55–66. doi: 10.1016/j.tics.2020.10.005. [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Kuss D, Griffiths M. Social networking sites and addiction: Ten lessons learned. International Journal of Environmental Research and Public Health. 2017; 14 (3):311. doi: 10.3390/ijerph14030311. [ PMC free article ] [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Leinsalu M, Baburin A, Jasilionis D, Krumins J, Martikainen P, Stickley A. Economic fluctuations and urban-rural differences in educational inequalities in mortality in the Baltic countries and Finland in 2000–2015: A register-based study. International Journal for Equity in Health. 2020; 19 (1):1–6. doi: 10.1186/s12939-020-01347-5. [ PMC free article ] [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Leukfeldt ER, Yar M. Applying routine activity theory to cybercrime: A theoretical and empirical analysis. Deviant Behavior. 2016; 37 (3):263–280. doi: 10.1080/01639625.2015.1012409. [ CrossRef ] [ Google Scholar ]
  • Longobardi C, Settanni M, Fabris MA, Marengo D. Follow or be followed: Exploring the links between Instagram popularity, social media addiction, cyber victimization, and subjective happiness in Italian adolescents. Children and Youth Services Review. 2020; 113 :104955. doi: 10.1016/j.childyouth.2020.104955. [ CrossRef ] [ Google Scholar ]
  • Lowry PB, Zhang J, Wang C, Siponen M. Why do adults engage in cyberbullying on social media? An integration of online disinhibition and deindividuation effects with the social structure and social learning model. Information Systems Research. 2016; 27 (4):962–986. doi: 10.1287/isre.2016.0671. [ CrossRef ] [ Google Scholar ]
  • Lutz C, Hoffmann CP. The dark side of online participation: Exploring non-, passive and negative participation. Information, Communication & Society. 2017; 20 (6):876–897. doi: 10.1080/1369118X.2017.1293129. [ CrossRef ] [ Google Scholar ]
  • Marcum CD, Higgins GE, Nicholson J. I’m watching you: Cyberstalking behaviors of university students in romantic relationships. American Journal of Criminal Justice. 2017; 42 (2):373–388. doi: 10.1007/s12103-016-9358-2. [ CrossRef ] [ Google Scholar ]
  • Martínez-Ferrer B, Moreno D, Musitu G. Are adolescents engaged in the problematic use of social networking sites more involved in peer aggression and victimization? Frontiers in Psychology. 2018; 9 :801. doi: 10.3389/fpsyg.2018.00801. [ PMC free article ] [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Marttila E, Koivula A, Räsänen P. Does excessive social media use decrease subjective well-being? A longitudinal analysis of the relationship between problematic use, loneliness and life satisfaction. Telematics and Informatics. 2021; 59 :101556. doi: 10.1016/j.tele.2020.101556. [ CrossRef ] [ Google Scholar ]
  • Meerkerk GJ, Van Den Eijnden RJJM, Vermulst AA, Garretsen HFL. The Compulsive Internet Use Scale (CIUS): Some psychometric properties. Cyberpsychology and Behavior. 2009; 12 (1):1–6. doi: 10.1089/cpb.2008.0181. [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Meshi D, Cotten SR, Bender AR. Problematic social media use and perceived social isolation in older adults: A cross-sectional study. Gerontology. 2020; 66 (2):160–168. doi: 10.1159/000502577. [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Meško G. On some aspects of cybercrime and cybervictimization. European Journal of Crime, Criminal Law and Criminal Justice. 2018; 26 (3):189–199. doi: 10.1163/15718174-02603006. [ CrossRef ] [ Google Scholar ]
  • Milani R, Caneppele S, Burkhardt C. Exposure to cyber victimization: Results from a Swiss survey. Deviant Behavior. 2020 doi: 10.1080/01639625.2020.1806453. [ CrossRef ] [ Google Scholar ]
  • Näsi M, Räsänen P, Kaakinen M, Keipi T, Oksanen A. Do routine activities help predict young adults’ online harassment: A multi-nation study. Criminology and Criminal Justice. 2017; 17 (4):418–432. doi: 10.1177/1748895816679866. [ CrossRef ] [ Google Scholar ]
  • Ngo FT, Paternoster R. Cybercrime victimization: An examination of individual and situational level factors. International Journal of Cyber Criminology. 2011; 5 (1):773–793. [ Google Scholar ]
  • Official Statistics of Finland (OSF) (2020). Väestön tieto- ja viestintätekniikan käyttö [online document]. ISSN=2341–8699. 2020, Liitetaulukko 29. Vihamielisten viestien näkeminen, häirinnän kokeminen ja epäasiallisen lähestymisen kohteeksi joutuminen sosiaalisessa mediassa 2020, %-osuus väestöstä. Helsinki: Tilastokeskus. Available at: http://www.stat.fi/til/sutivi/2020/sutivi_2020_2020-11-10_tau_029_fi.html
  • Pang H. How does time spent on WeChat bolster subjective well-being through social integration and social capital? Telematics and Informatics. 2018; 35 (8):2147–2156. doi: 10.1016/j.tele.2018.07.015. [ CrossRef ] [ Google Scholar ]
  • Pratt TC, Turanovic JJ. Lifestyle and routine activity theories revisited: The importance of “risk” to the study of victimization. Victims & Offenders. 2016; 11 (3):335–354. doi: 10.1080/15564886.2015.1057351. [ CrossRef ] [ Google Scholar ]
  • Reep-van den Bergh CMM, Junger M. Victims of cybercrime in Europe: A review of victim surveys. Crime Science. 2018; 7 (1):1–15. doi: 10.1186/s40163-018-0079-3. [ CrossRef ] [ Google Scholar ]
  • Reyns BW, Henson B, Fisher BS. Being pursued online. Criminal Justice and Behavior. 2011; 38 (11):1149–1169. doi: 10.1177/0093854811421448. [ CrossRef ] [ Google Scholar ]
  • Räsänen P, Hawdon J, Holkeri E, Keipi T, Näsi M, Oksanen A. Targets of online hate: Examining determinants of victimization among young Finnish Facebook users. Violence and Victims. 2016; 31 (4):708–725. doi: 10.1891/0886-6708.vv-d-14-00079. [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Schunck, R., & Perales, F. (2017). Within- and between-cluster effects in generalized linear mixed models: A discussion of approaches and the xthybrid command. The Stata Journal , 17(1), 89–115. 10.1177%2F1536867X1701700106
  • Shensa A, Escobar-Viera CG, Sidani JE, Bowman ND, Marshal MP, Primack BA. Problematic social media use and depressive symptoms among U.S. young adults: A nationally-representative study. Social Science and Medicine. 2017; 182 :150–157. doi: 10.1016/j.socscimed.2017.03.061. [ PMC free article ] [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Sivonen, J., Kuusela, A., Koivula, A., Saarinen, A., & Keipi, T. (2019). Working papers in economic sociology: Research Report on Finland in the Digital Age Round 2 Panel-survey . Turku.
  • Wagner M. Affective polarization in multiparty systems. Electoral Studies. 2021; 69 :102199. doi: 10.1016/j.electstud.2020.102199. [ CrossRef ] [ Google Scholar ]
  • Vakhitova ZI, Alston-Knox CL, Reynald DM, Townsley MK, Webster JL. Lifestyles and routine activities: Do they enable different types of cyber abuse? Computers in Human Behavior. 2019; 101 :225–237. doi: 10.1016/j.chb.2019.07.012. [ CrossRef ] [ Google Scholar ]
  • Vakhitova ZI, Reynald DM, Townsley M. Toward the adaptation of routine activity and lifestyle exposure theories to account for cyber abuse victimization. Journal of Contemporary Criminal Justice. 2016; 32 (2):169–188. doi: 10.1177/1043986215621379. [ CrossRef ] [ Google Scholar ]
  • Valenzuela S, Park N, Kee KF. Is there social capital in a social network site?: Facebook use and college student’s life satisfaction, trust, and participation. Journal of Computer-Mediated Communication. 2009; 14 (4):875–901. doi: 10.1111/j.1083-6101.2009.01474.x. [ CrossRef ] [ Google Scholar ]
  • Van Dijk JA, Hacker KL. Internet and democracy in the network society. Routledge. 2018 doi: 10.4324/9781351110716. [ CrossRef ] [ Google Scholar ]
  • Verduyn P, Ybarra O, Résibois M, Jonides J, Kross E. Do social network sites enhance or undermine subjective well-being? A critical review. Social Issues and Policy Review. 2017; 11 (1):274–302. doi: 10.1111/sipr.12033. [ CrossRef ] [ Google Scholar ]
  • Wheatley D, Buglass SL. Social network engagement and subjective well-being: A life-course perspective. The British Journal of Sociology. 2019; 70 (5):1971–1995. doi: 10.1111/1468-4446.12644. [ PubMed ] [ CrossRef ] [ Google Scholar ]
  • Yar M. The novelty of ‘Cybercrime’ European Journal of Criminology. 2005; 2 (4):407–427. doi: 10.1177/147737080556056. [ CrossRef ] [ Google Scholar ]
  • Yar, M., & Steinmetz, K. F. (2019). Cybercrime and society . SAGE Publications Limited.
  • How it works

Useful Links

How much will your dissertation cost?

Have an expert academic write your dissertation paper!

Dissertation Services

Dissertation Services

Get unlimited topic ideas and a dissertation plan for just £45.00

Order topics and plan

Order topics and plan

Get 1 free topic in your area of study with aim and justification

Yes I want the free topic

Yes I want the free topic

5 Dissertation Topics on Cyber Crime

Published by Owen Ingram at January 9th, 2023 , Revised On August 15, 2023


Any crime that is conducted using a computer and a network is known as cybercrime. Cybercrimes can target individuals in their personal capacity by targeting their property, the person himself, harming their mental health, and can even cause damage to governments.

Everyone using a computer and the internet can fall victim to cybercrime; however, understanding these crimes’ nature and how these are conducted can help people keep themselves safe and avoid falling victim.

Networks have weak spots, thus identifying those that can help you in determining possible attack points. This will eventually enable you to keep yourself safe from cybercrimes. Keeping your personal information safe at all times is critically important.

Never give out your passwords or any other personal information openly on any forum. This is one of the most effective ways of avoiding falling victim to cybercrime.

Being a pressing issue, cybercrime is continuously explored as to how it is conducted, what its types are, how it can be detected, how people can stay safe, etc. Here are five dissertation topics on cybercrime that will help gain an in-depth understanding of the issue.

These topics have been developed by PhD-qualified writers of our team , so you can trust to use these topics for drafting your dissertation.

You may also want to start your dissertation by requesting  a brief research proposal  from our writers on any of these topics, which includes an  introduction  to the topic,  research question , aim and objectives ,  literature review  along with the proposed  methodology  of research to be conducted.  Let us know  if you need any help in getting started.

Check our  dissertation examples to get an idea of  how to structure your dissertation .

Review the full list of dissertation topics for 2022 here.

5 Dissertation Topics on Cyber Crime 2022

Topic 1: is cybercrime a threat to banking sector in developing countries a case study of banking sector in pakistan.

Research Aim: This study aims to analyze the impact of cybercrime on the banking sector in developing countries. It will identify the possible threats faced by the banking sector due to increasing cybercrimes. These threats are related to the information security of the banks in developing countries. This research will be using Pakistan as a case study to find the threats posed by cybercrime to fragile banking. And after identifying the threats, the study will try to recommend possible solutions to ensure information security.

Topic 2: Impact of Cybercrime on E-Governance. Is cybercrime affecting the Confidentiality of Government Data?

Research Aim:  This research aims to find the impact of cybercrime on modern-day governance systems or e-governance. It will identify the possible hindrances caused by cybercrime in implementing effective e-governance. This research will also investigate the impact of cybercrime on the confidentiality of government data. And after investigating the impact of cybercrime on the confidentiality of government data, this research will recommend the modern-day practices used to maintain the security of the information.

Topic 3: Is Information Safe Today? A survey to find the impact of cybercrime on the information security of the businesses

Research Aim: This study aims to find the impact of cybercrime on the information security of modern-day businesses. It will be a survey-based study to find out the problems faced by modern-day businesses due to cybercrime. These problems include confidential information leakage, which can benefit the competitors in the market. And another major problem is data stealing. This study will identify all these problems. And it will also recommend modern-day solutions to increase the security of the information.

Topic 4: A Socio-Technological Examination of Cybercrime and Information Security in Nigeria

Research Aim: This current research intends to determine Nigerian society’s vulnerabilities to cybercrime and exploitation and the global information infrastructure in general. It also aims to determine the informal, social, and technical drivers of Nigerian cybercrime and cybersecurity. To examine Nigerian law enforcement agencies and cybersecurity stakeholders’ efforts to combat cybercrime and guarantee cybersecurity. This analysis provides an opportunity for legislators, policymakers, and law enforcement agencies can utilize the law to establish legally valid definitions of cybercrime and information security from sociological and technological points of view

Topic 5: Impact of Cyber laws on Information Security. A Cross-Country Analysis

Research Aim: This study aims to analyse the impact of cyber laws on information security. This study is a cross-country analysis that will find the effectiveness of cyber laws across countries. It will see how over time, the introduction of cyber laws has affected information security after the find out the relationship between cyber laws and information security. This research will identify the most effective cyber laws in the countries under study. And after identifying the best laws among the countries under study. This study will recommend the best laws from individual countries or a set of laws from different countries.

Covid-19 Cyber Crime Research Topics

Topic 1: cybercrimes and coronavirus pandemic.

Research Aim: This study will focus on the increased cybercrimes during the coronavirus pandemic and the effective ways to overcome them.

Topic 2: Cybersecurity and COVID-19

Research Aim: This study will focus on the role of cybersecurity in minimizing cybercrimes during the crisis of the pandemic.

Topic 3: Cyber threats can harm industries

Research Aim: This study will address the growing cyber threats during COVID-19, where remote work has been adopted to combat the pandemic. It’ll highlight the threats, their harmful effect, and their solution.

Cyber Crime Research Topics 2021

Topic 1: importance of password security.

Research Aim: This research aims to identify the importance of Password security in safe computing.

Topic 2: Phishing scams

Research Aim: This research aims to highlight phishing scams issues and suggest various tips to avoid such scams.

Topic 3: Mobile protection

Research Aim: This research aims to highlight mobile security threats and suggest possible ways to protect mobile phones from hackers.

Topic 4: How to ensure safe computing?

Research Aim: This research will focus on types of hackings, scams and suggests possible ways to ensure safe computing

Topic 5: Cybercrime Dissertation Topics – The Evolution of Cyber Crime and the Attacks that Led to the Formation of Cyber Crime Policies

Research Aim: This dissertation will focus on the history of how this crime came into existence. The thesis’s main focus will be on understanding cybercrime, how it is being conducted worldwide, and what has led to an increase in these types of attacks.

The thesis will also discuss the initial attacks due to which cybercrime policies came into place. All policies will be discussed as to how they help curb cybercrimes and the extent to which they have been successful in reducing them.

Finally, the thesis will suggest if any new policies must be developed. What aspects need to be focused on, are there any new areas that need attention, or do the existing policies need to be revised?

Topic 6: Cybercrime Dissertation Topics – Cyber Crime: How it Impacts Young Adults

Research Aim: Cybercrime can have a great impact on the younger generation. Young adults use the internet more than any other age group, which is why they are the first victims of cybercrime. This dissertation will explore how cybercrime affects the younger generation and how it causes problems for them.

Issues such as health, specifically mental health, will be discussed to understand the many problems caused by cybercrime. Many individuals from the younger generation have attempted suicide after falling victim to cybercrime.

This research study will discuss all such effects of cybercrime, including cyberbullying (a form of cybercrime). The study will also present ways as to how they can avoid falling victim to cybercrime.

How Can ResearchProspect Help?

ResearchProspect writers can send several custom topic ideas to your email address. Once you have chosen a topic that suits your needs and interests, you can order for our dissertation outline service which will include a brief introduction to the topic, research questions , literature review , methodology , expected results , and conclusion . The dissertation outline will enable you to review the quality of our work before placing the order for our full dissertation writing service !

Topic 7: Cybercrime Dissertation Topics – Investigating Various Approaches and Ways to Detect Cyber Crime

Research Aim: Cybercrime, one of the most secret crimes, is spread all over the world. The number of cybercrimes worldwide is on the rise. Thus, every individual using a computer and connected to a network must be aware of the different types of cybercrimes.

Before discussing the different ways to detect cybercrime, this dissertation study will briefly discuss the many cybercrime types. Essentially, the research will focus on various ways through which each form of cybercrime can be detected.

Different forms of cybercrimes can be detected differently. For instance, data theft can be determined by asking for a password or other sensitive information through a call or an email. The research will then conclude how people can identify different forms of cybercrime and not fall victim to any of them.

Topic 8: Cybercrime Dissertation Topics – Evaluating Existing Cyber Crime Policies: Do They Suffice in Today’s World?

Research Aim: Cybercrime, being a major cause of concern throughout the world, is controlled and curbed by different policies in place. These policies are designed to make sure that cybercrime is reduced and gradually eliminated from society. However, with the increased numbers, the need for a policy change or amendment seems inevitable.

This means that the existing policies need to be reworked or revised, or abandoned completely, and new policies should be formed. This dissertation will investigate both these options and emphasize whether policies should be revised or new policies should be formed.

If new policies should be formed, the research will explain how these should be shaped, and if they need to be revised, then which aspects need to be considered for amendments will be the main focus of the dissertation. A detailed analysis will be presented to make an informed decision.

Topic 9: Cybercrime Dissertation Topics – Understanding the Different Types of Cyber Crime

Research Aim: Cybercrime, undoubtedly, is one of the most deadly forms of crime. Without causing physical harm, the crime causes the victim to attempt suicide or suffer from mental diseases such as anxiety, depression, etc.

This research will focus on the different types of cybercrimes that impact people in today’s world. This research will highlight almost all cybercrime forms while emphasising the most common forms such as cyberbullying, hacking, data theft, child pornography, etc.

In-depth research will be conducted through surveys and by using numbers and percentages of cybercrime from credible resources such as government websites, etc.

This will help understand the various forms of cybercrime, how widespread the crime is, and how many people are impacted by cybercrime throughout the world.

Important Notes:

As a cybercrime student looking to get good grades, it is essential to develop new ideas and experiment with existing cybercrime theories – i.e., to add value and interest to your research topic.

The field of cybercrime is vast and interrelated to so many other academic disciplines like Facebook , Instagram , Cryptocurrency , Twitter , civil engineering , facial recognition , construction ,  project management , engineering management , healthcare , finance and accounting , artificial intelligence , tourism , physiotherapy , sociology , management , and project management , graphic design , and nursing . That is why it is imperative to create a project management dissertation topic that is articular, sound, and actually solves a practical problem that may be rampant in the field.

We can’t stress how important it is to develop a logical research topic based on your entire research. There are several significant downfalls to getting your topic wrong; your supervisor may not be interested in working on it, the topic has no academic creditability, the research may not make logical sense, and there is a possibility that the study is not viable.

This impacts your time and efforts in writing your dissertation as you may end up in the cycle of rejection at the initial stage of the dissertation. That is why we recommend reviewing existing research to develop a topic, taking advice from your supervisor, and even asking for help in this particular stage of your dissertation.

Keeping our advice in mind while developing a research topic will allow you to pick one of the best cyber crime dissertation topics that fulfil your requirement of writing a research paper and add to the body of knowledge.

Therefore, it is recommended that when finalizing your dissertation topic, you read recently published literature to identify gaps in the research that you may help fill.

Remember- dissertation topics need to be unique, solve an identified problem, be logical, and be practically implemented. Please look at some of our sample cybercrime dissertation topics to get an idea for your own dissertation.

How to Structure your Cyber Crime Dissertation

A well-structured dissertation can help students to achieve a high overall academic grade.

  • A Title Page
  • Acknowledgements
  • Declaration
  • Abstract: A summary of the research completed
  • Table of Contents
  • Introduction : This chapter includes the project rationale, research background, key research aims and objectives, and the research problems. An outline of the structure of a dissertation can also be added to this chapter.
  • Literature Review : This chapter presents relevant theories and frameworks by analysing published and unpublished literature available on the chosen research topic to address research questions . The purpose is to highlight and discuss the selected research area’s relative weaknesses and strengths whilst identifying any research gaps. Break down the topic, and key terms that can positively impact your dissertation and your tutor.
  • Methodology : The data collection and analysis methods and techniques employed by the researcher are presented in the Methodology chapter which usually includes research design , research philosophy, research limitations, code of conduct, ethical consideration, data collection methods, and data analysis strategy .
  • Findings and Analysis : Findings of the research are analysed in detail under the Findings and Analysis chapter. All key findings/results are outlined in this chapter without interpreting the data or drawing any conclusions. It can be useful to include graphs, charts, and tables in this chapter to identify meaningful trends and relationships.
  • Discussion and Conclusion : The researcher presents his interpretation of the results in this chapter, and states whether the research hypothesis has been verified or not. An essential aspect of this section of the paper is to draw a linkage between the results and evidence from the literature. Recommendations with regards to implications of the findings and directions for the future may also be provided. Finally, a summary of the overall research, along with final judgments, opinions, and comments, must be included in the form of suggestions for improvement.
  • References : This should be completed following your University’s requirements
  • Bibliography
  • Appendices : Any additional information, diagrams, and graphs used to complete the dissertation but not part of the dissertation should be included in the Appendices chapter. Essentially, the purpose is to expand the information/data.

About ResearchProspect Ltd

ResearchProspect is the world’s best academic writing service that provides help with Dissertation Proposal Writing , PhD Proposal Writing , Dissertation Writing , Dissertation Editing, and Improvement .

Our team of writers is highly qualified. They are experts in their respective fields. They have been working in the industry for a long, thus are aware of the issues and the trends of the industry they are working in.

Free Dissertation Topic

Phone Number

Academic Level Select Academic Level Undergraduate Graduate PHD

Academic Subject

Area of Research

Frequently Asked Questions

How to find dissertation topics on cyber crime.

To find dissertation topics on cybercrime:

  • Study recent cyber threats and attacks.
  • Analyze legal and ethical aspects.
  • Explore technological advancements.
  • Investigate prevention measures.
  • Consider international perspectives.
  • Select a focused area of interest for in-depth research.

You May Also Like

Need interesting and manageable sociology dissertation topics? Here are the trending sociology dissertation titles so you can choose the most suitable one.

Medical law becomes increasingly important as healthcare dominates as a social issue. Graduate students must select a thesis subject as part of their programs. The subject you choose must have sufficient data to support your thesis.

Need interesting and manageable science dissertation topics or thesis? Here are the trending science dissertation titles so you can choose the most suitable one.



secure connection



  • How It Works

cybercrime research paper topics

Special Features

Vendor voice.

cybercrime research paper topics

Head of Israeli cyber spy unit exposed ... by his own privacy mistake

Plus: another local government hobbled by ransomware; huge rise in infostealing malware; and critical vulns.

Infosec in brief Protecting your privacy online is hard. So hard, in fact, that even a top Israeli spy who managed to stay incognito for 20 years has found himself exposed after one basic error.

The spy is named Yossi Sariel allegedly heads Israel's Unit 8200 – a team of crack infosec experts comparable to the USA’s National Security Agency or the UK’s Government Communications Headquarters. Now he's been confirmed as the author of a 2021 book titled "The Human Machine Team" about the intelligence benefits of pairing human agents with advanced AI.

Sariel – who wrote the book under the oh-so-anonymous pen name “Brigadier General YS” – made a crucial mistake after an investigation by The Guardian which found an electronic copy of Sariel's book available on Amazon "included an anonymous email that can easily be traced to Sariel's name and Google account.”

The paper has since confirmed with Israeli Defense Force sources that the account was tied to Sariel, and noted multiple sources have confirmed him as the author.

cybercrime research paper topics

Being outed after more than 20 years of anonymity isn't optimal for someone who's supposed to be a top spy, and the timing for Sariel couldn't be much worse. Criticism of the elite Unit 8200 has grown since Hamas attacked Israel last October, which has been considered an intelligence failure on the part of Sariel's unit.

Whether his public exposure will result in a reassignment for Sariel is unknown, but it does make one thing clear: If a spy who heads an elite unit can make a simple mistake that compromises his identity, what hope do the rest of us have?

Critical vulnerabilities of the week

Plenty of security issues were reported last week but thankfully few were rated Critical.

Most notable is a pair of vulnerabilities in Android Pixel devices (CVE-2024-29745 and CVE-2024-29748) that, respectively, allow an attacker to disclose information and escalate privileges. The pair haven't been given a score yet, but they're being abused, so best install the latest security updates , Pixel users.

  • CVSS 9.4 – Multiple CVEs : IOSix's IO-1020 micro-electronic logging devices are using default passwords for authentication and Wi-Fi, allowing an attacker to connect and potentially take over connected vehicle systems.
  • CVSS 8.2 – CVE-2024-21894 : The IPSec component of Ivanti Secure Connect v9.x and 22.x contains a heap overflow vulnerability allowing an attacker to crash systems and execute arbitrary code.
  • CVSS 8.2 – CVE-2024-22053 : A similar IPSec heap overflow vulnerability in Ivanti Secure Connect (same versions) can also allow an attacker to read contents from memory.
  • CVSS7.4-4.8 – CVE-2024-22246, CVE-2024-22247, CVE-2024-22248 : The first of this trio of flaws in VMware SD-WAN products is the worst: 7.4-rated CVE-2024-22246 is an unauthenticated command injection vulnerability that can lead to remote code execution.

Another local US government falls prey to ransomware

Jackson County, Missouri revealed last week that it had fallen prey to a ransomware attack that has hobbled operations and left government offices closed as teams try to restore operations.

The county announced it was dealing with "operational inconsistencies across its digital infrastructure," and noted that "certain systems have been rendered inoperative," but said it had no indication that any data had been compromised. Impacted systems include tax payment and online property, marriage license and inmate search software.

According to local news the situation has led to problems as varied as disabled computer systems and inoperable phone lines to broken elevators at the county detention center.

And how did it all start? Surprise, surprise: Someone clicked on a phishing link.

"This is not how a government should be run – specifically a county situation," Jackson County legislator Manny Abarca told Fox 4 Kansas City. "So this is a true failure of leadership here."

The takeaway here is obvious: Keep training people not to click those phishing links!

Data stealing malware infections rose how much?

No, it's not an April Fool's joke: Kaspersky revealed last week that there were around ten million personal and corporate devices infected with data-stealing malware in 2023 – marking an increase of 643 percent over the past three years.

We've warned of the often overlooked risk of data-stealing malware before, but it obviously bears repeating – especially since "ransomware" attacks nowadays often don't involve encryption efforts, but just simple data exfiltration and digicash demands to stop publication.

Kaspersky reported that those data-stealer infections are reaping serious rewards for cyber criminals going after credentials, with an average of 50.9 login/password combos pilfered per infected device.

"Leaked credentials carry a major threat, enabling cyber criminals to execute various attacks such as unauthorized access for theft, social engineering, or impersonation," explained Kaspersky's Sergey Shcherbel. "This highlights how crucial it is both for individuals and companies … to stay alert."

To make matters worse, Kaspersky's data points to a serious issue: Employees who get infected don't appear to be learning from their mistakes. Around 21 percent of infection victims end up installing more malware, and nearly nine percent of them do so within three days.

Time to do more cyber security awareness training. ®

  • Cybersecurity

Narrower topics

  • Advanced persistent threat
  • Privacy Sandbox
  • Remote Access Trojan
  • RSA Conference

Broader topics

Send us news

Other stories you might like

Us legislators propose american privacy rights act - and it looks quite good, academics probe apple's privacy settings and get lost and confused, change healthcare faces second ransomware dilemma weeks after alphv attack, reducing the cloud security overhead.

cybercrime research paper topics

Ransomware gang did steal residents' confidential data, UK city council admits

Nearly 3m people hit in harvard pilgrim healthcare data theft, inc ransom claims to be behind 'cyber incident' at uk city council, 96% of us hospital websites share visitor info with meta, google, data brokers, inc ransom claims responsibility for attack on nhs scotland, at&t admits massive 70m+ mid-march customer data dump is real though old, street newspaper appears to have big issue with qilin ransomware gang, uk businesses shockingly unaware of how to handle security threats.


  • Advertise with us

Our Websites

  • The Next Platform
  • Blocks and Files

Your Privacy

  • Cookies Policy
  • Privacy Policy
  • Ts & Cs

Situation Publishing

Copyright. All rights reserved © 1998–2024




Cybercrime and Artificial Intelligence. An overview of the work of international organizations on criminal justice and the international applicable instruments

  • Open access
  • Published: 22 February 2022
  • Volume 23 , pages 109–126, ( 2022 )

Cite this article

You have full access to this open access article

  • Cristos Velasco 1 , 2 , 3  

14k Accesses

8 Citations

5 Altmetric

Explore all metrics

The purpose of this paper is to assess whether current international instruments to counter cybercrime may apply in the context of Artificial Intelligence (AI) technologies and to provide a short analysis of the ongoing policy initiatives of international organizations that would have a relevant impact in the law-making process in the field of cybercrime in the near future. This paper discusses the implications that AI policy making would bring to the administration of the criminal justice system to specifically counter cybercrimes. Current trends and uses of AI systems and applications to commit harmful and illegal conduct are analysed including deep fakes. The paper finalizes with a conclusion that offers an alternative to create effective policy responses to counter cybercrime committed through AI systems.

Similar content being viewed by others

cybercrime research paper topics

Artificial Intelligence Crime: An Interdisciplinary Analysis of Foreseeable Threats and Solutions

cybercrime research paper topics

Cyber Threats and National Security: The Use and Abuse of Artificial Intelligence

cybercrime research paper topics

Avoid common mistakes on your manuscript.

1 Introduction

Undoubtedly, AI has brought enormous benefits and advantages to humanity in the last decade and this trend will likely continue in coming years since AI is gradually becoming part of the digital services that we use in our daily lives. Many governments around the world are considering the deployment of AI systems and applications to help them achieve their activities and more concretely to facilitate the identification and prediction of crime. Footnote 1 Further, national security and intelligence agencies have also realized the potential of AI technologies to support and achieve national and public security objectives.

There are significant developments of AI technologies like the use of facial recognition in the criminal justice realm, the use of drones, lethal autonomous weapons and self-driving vehicles that when not properly configured or managed without proper oversight mechanisms in place have the potential to be used for disruptive purposes and harm individual’s rights and freedoms.

Currently, there is an ongoing discussion in international policy and legislative circles on the revision and improvement of the liability framework and threshold concerning AI systems and technologies, Footnote 2 although due to the complexity of the topic and the different legal approaches around the world concerning civil liability, there will probably not be a consensus on a harmonized and uniformed response, at least not in the near future.

Further, AI and machine learning have the potential and offer the possibility to detect and respond to cyberattacks targeted to critical infrastructure sectors including water, energy and electricity supplies, as well as the correct management of cybersecurity solutions to help reduce and mitigate security risks. Footnote 3 However, many complex challenges remain particularly for small and medium enterprises which continue to rely on limited budgets to improve their cybersecurity capabilities.

Due to the COVID-19 pandemic, a large part of the world’s connected population was confined. This situation made companies and individuals more dependent on the use of systems, technologies and applications based on AI to conduct their activities, including remote work, distance learning, online payments or simply having access to more entertainment options like streaming and video on demand services. Unfortunately, this situation also led organized criminal groups to reconsider and re-organized their criminal activities in order to specifically target a number of stakeholders, including international organizations, Footnote 4 research and health sector entities, Footnote 5 supply chain companies Footnote 6 and individuals. We have witnessed that organized criminal groups have largely improve their CasS (crime as a service) capabilities and turn their activities into higher financial profits with very small possibilities of being traced by law enforcement and brought to justice.

Through the use of AI technologies, cybercriminals have not only found a novel vehicle to leverage their unlawful activities, but particularly new opportunities to design and conduct attacks against governments, enterprises and individuals. Although, there is no sufficient evidence that criminal groups have a strong technical expertise in the management and manipulation of AI and machine learning systems for criminal purposes, it is true that said groups have realized its enormous potential for criminal and disruptive purposes. Footnote 7 Further, organized criminal groups currently recruit and bring technical skilled hackers into their files to manipulate, exploit and abuse computer systems and to perpetrate attacks and conduct criminal activities 24/7 from practically anywhere in the world. Footnote 8

2 Current cybercrime trends

Current trends and statistics show that cybercriminals are relying more on the use of IoT to write and distribute malware and target ransomware attacks which are largely enhanced through AI technologies. Footnote 9 This trend will likely continue as it is expected that more than 2.5 million devices will be fully connected online in the next 5 years including industrial devices and critical infrastructure operators which will make companies and consumers more vulnerable to cyberattacks. Footnote 10

Furthermore, the discussion on bias and discrimination Footnote 11 are also relevant debated aspects on AI policy in many international and policy making circles. Footnote 12 The widespread use of technologies based on facial recognition systems, Footnote 13 deserves further attention in the international policy arena because even when facial recognition may be very appealing for some governments to enhance aspects of public security and safety to prioritize national security activities, including terrorist activities, this technology may as well raises relevant and polemic issues concerning the protection of fundamental rights, including privacy and data protection under existing international treaties and conventions, topics that are currently being discussed in relevant international fora including the Council of Europe, the European Commission, the European Parliament Footnote 14 and the OECD.

There is an ongoing global trend to promote misinformation with the support of AI technologies known as ‘bots’. Footnote 15 Bots are mainly used to spread fake news and content throughout the internet and social networks and have the chilling effect of disinforming and misleading the population, particularly younger generations who cannot easily differentiate between legitimate sources of information and fake news. Further, the use of ‘bots’ have the potential to erode trust and question the credibility of the media and destabilize democratic and government institutions.

Although AI holds the prospect to enhance the analysis of big amounts of data to avoid the spread of misinformation in social networks, Footnote 16 humans still face the challenge to check and verify the credibility of the sources, an activity which is usually conducted by content moderators of technology companies and media outlets without specific links to government spheres, a situation that has led relevant policy making institutions like the European Commission to implement comprehensive and broad sets of action to tackle the spread and impact of online misinformation. Footnote 17

Another trend and technology widely used across many industries are deep fakes. Footnote 18

The abuse and misuse of deepfakes has become a major concern in national politics Footnote 19 and among law enforcement circles. Footnote 20 Deepfakes have been used to impersonate politicians, Footnote 21 celebrities and CEO’s of companies which may be used in combination with social engineering techniques and system automatization to perpetrate fraudulent criminal activities and cyberattacks. The use of deep fake technologies for malicious purposes is expanding rapidly and is currently being exploited by cybercriminals on a global scale. For example, in 2019, cybercriminals used AI voice generating software to impersonate the voice of a Chief Executive of an energy company based in the United Kingdom and were able to obtain $243,000 and distribute the transfers of the funds to bank accounts located in Mexico and other countries. Footnote 22

Another relevant case occurred in January 2020 where criminals used deep voice technology to simulate the voice of the director of a transnational company. Through various calls with the branch manager of a bank based in the United Arab Emirates, criminals were able to steal $35 million that were deposited into several bank accounts, making the branch manager of the bank believe that the funds will be used for the acquisition of another company. Footnote 23

The spoofing of voices and videos through deep fakes raise relevant and complex legal challenges for the investigation and prosecution of these crimes. First and foremost, many law enforcement authorities around the world do not yet have full capabilities and trained experts to secure evidence across borders, and often times the lack of legal frameworks particularly procedural measures in criminal law to order the preservation of digital evidence and investigate cybercrime represents another major obstacle. Second, since most of these attacks are usually orchestrated by well organized criminal groups located in different jurisdictions, there is the clear need for international cooperation, and in particular a close collaboration with global services providers to secure subscriber and traffic data, as well as to conduct more expedited investigations and law enforcement actions with other countries through the deployment of joint investigation teams in order to be able to trace and locate the suspects and follow the final destination of illicit funds. Footnote 24 Cross-border cybercrime investigations are complex, lengthy, and do not always necessarily result in convictions of the perpetrators.

Further, cyberattacks based on AI systems is a growing trend identified by the European Cybercrime Centre (EC3) of EUROPOL in its Internet Crime Threat Assessment Report 2020 . According to the EC3, the risks concerning the use of AI for criminal purposes need to be well understood in order to protect society against malicious actors. According to the EC3, “through AI, criminals may facilitate and improve their attacks by maximizing their opportunities for profit in a shorter period of time and create more innovative criminal business models, while reducing the possibility of being traced and identified by criminal justice authorities”. Footnote 25

Further, the EC3 of EUROPOL recommends the development of further knowledge regarding the potential use of AI by criminals with a view to better anticipating possible malicious and criminal activities facilitated by AI, as well as to prevent, respond to, or mitigate the effects of such attacks in a more proactive manner and in close cooperation with industry and academia. Footnote 26

3 Strategic partnerships

Due to the complexities that the misuse and abuse of AI systems for criminal purposes entail for law enforcement agencies, key stakeholders are trying to promote the development of strategic partnerships between law enforcement, international organizations and the private sector to counter more effectively against the misuse and abuse of AI technologies for criminal purposes. For example, in November 2020, Trend Micro Research, the EC3 of EUROPOL and the Centre for Artificial Intelligence and Robotics of the UN Interregional Crime and Justice Research Institute (UNICRI) published the report: Malicious Uses and Abuses of Artificial Intelligence . Footnote 27 This report contains an in-depth technical analysis of present and future malicious uses and abuses of AI and related technologies that drew from the outcomes of a workshop organized by EUROPOL, Trend Micro and UNICRI in March 2020. The report highlights relevant technical findings and contains examples of AI capabilities divided into “malicious AI uses” and “malicious AI abuses”. The report also sets forth future scenarios in areas like AI supported ransomware, AI detection systems, and developed a case study on deepfakes highlighting the development of major policies to counter it, as well as recommendations and considerations for further and future research. Footnote 28

Strategic initiatives and more partnerships like the one mentioned above are further needed in the field of AI and cybercrime to ensure that relevant stakeholders particularly law enforcement authorities and the judiciary understand the complexities and dimensions of AI systems and start developing cooperation partnerships that may help to identify and locate perpetrators that misuse and abuse AI systems with the support of the private sector. The task is complex and needs to be achieved with the support of the technical and business community, otherwise isolated investigative and law enforcement efforts against criminals making use of AI systems will not likely succeed.

AI policy has been at the core of the discussions only in recent years. At the regional level, the European Commission has recently published a regulation proposal known as the Digital Services Act Footnote 29 though this proposal has just recently been opened for consultation and it will take a few years until it is finally approved.

On April 21, 20021, the European Commission published its awaited Regulation proposal for Artificial Intelligence Systems . Footnote 30 The proposal contains broad and strict rules and obligations before AI services can be put into the European market based on the assessment of different levels of risks. The regulation proposal of the European Commission also contains express prohibitions of AI practices that may contravene EU values and violate fundamental rights of citizens, and it establishes the European Artificial Intelligence Board (EIAB) as the official body that will supervise the application and enforcement of the regulation across the EU. Footnote 31

The prospect of developing a new international convention that will regulate relevant aspects concerning the impact and development of AI systems and the intersection with the protection of fundamental rights has been proposed by the Ad-Hoc Committee on Artificial Intelligence of the Council of Europe, better known as ‘CAHAI’. The work of CAHAI will be analysed in section 5.1 of this paper.

4 International instruments to counter cybercrime

At the international level, there are a number of international and regional instruments that are used to investigate “cyber dependent crime”, “cyber enabled crime” and “computer supported crime”. Footnote 32 This paper will only focus on the analysis of three major instruments of the Council of Europe which are applicable to criminal conduct and activities concerning the use of computer and information systems, the exploitation and abuse of children and violence against women committed through information and computer systems:

The Convention on Cybercrime better known as the ‘the Budapest Convention’ ;

The Convention on Protection of Children against Sexual Exploitation and Sexual Abuse, better known as ‘the Lanzarote Convention’ ; and

The Convention on preventing and combating violence against women and domestic violence better known as the ‘the Istanbul Convention’ .

4.1 The Budapest Convention

The Council of Europe’s Budapest Convention on Cybercrime is the only international treaty that criminalizes conducts and typologies committed through computer and information systems. This instrument contains substantive and procedural provisions for the investigation, execution and adjudication of crimes committed through computer systems and information technologies. Footnote 33 The Budapest Convention is mainly used as a vehicle for international cooperation to investigate and prosecute cybercrime among the now 66 State Parties, which includes many countries outside Europe. Footnote 34

The Cybercrime Convention Committee (T-CY) which is formed by State Parties, country observers invited to accede to the Budapest Convention and ad-hoc participants is the entity responsible inter alia for conducting assessments of the implementation of the provisions of the Budapest Convention, as well as the adoption of opinions and recommendations regarding the interpretation and implementation of its main provisions. Footnote 35

During the 2021 Octopus Conference on Cooperation against Cybercrime in November 2021 that marked the 20th anniversary of the Budapest Convention, the organizers announced that the Committee of Ministers of the Council of Europe approved the adoption of the Second Additional Protocol to the Budapest Convention on enhanced cooperation and the disclosure of electronic evidence as originally adopted by 24 the Plenary Session of the T-CY Committee in May 2021. The text of the Second Additional Protocol will be officially opened for signature among State parties to the Budapest Convention in the summer of 2022. Footnote 36

The Second Additional Protocol to the Budapest Convention on enhanced cooperation and the disclosure of electronic evidence regulates inter alia how the information and electronic evidence - including subscriber information, traffic data and content data - may be ordered and preserved in criminal investigations among State Parties to the Budapest Convention. It provides a legal basis for disclosure of information concerning the registration of domain names from domain name registries and registrars and other key aspects concerning cross-border investigations including mutual legal assistance procedures, direct cooperation with service providers, disclosure of data in emergency situations, protection of safeguards for transborder access to data and joint investigation teams. Footnote 37

Although, the T-CY Committee has not yet fully explored how the Budapest Convention and its first additional protocol on xenophobia and racism may be applicable in the context of technologies and systems based on AI, it is worth mentioning that the Budapest Convention was drafted with broad consideration of the principle of technological neutrality precisely because the original drafters of this instrument anticipated how the threat landscape for cybercrime would likely evolve and change in the future. Footnote 38

The Budapest Convention contains only a minimum of definitions; however, this instrument criminalizes a number of conducts and typifies many offenses concerning computer and content related crimes that may as well be applicable to crimes committed through the use of AI systems.

During the 2018 Octopus Conference on Cooperation against Cybercrime, the Directorate General of Human Rights and Rule of Law of the Council of Europe convened a panel on AI and Cybercrime Footnote 39 where representatives of the CoE presented its early activities and findings on AI policy. Footnote 40 Although the panel presentations were more descriptive concerning the technical terminology used in the field AI at that time, some speakers highlighted and discussed some of the challenges that AI poses to law enforcement authorities like for instance the criminalization of video and document forgery and how authorities could advance the challenge to obtain and preserve electronic evidence in court. Footnote 41

The 2021 Octopus Conference on Cooperation against Cybercrime held fully online from 16-18 November 2021 due to the COVID-19 situation, held a panel on “Artificial Intelligence, cybercrime and electronic evidence”. Footnote 42 This panel discussed complex questions concerning criminal liability and trustworthiness of evidence of AI systems in auditing and driving automation and assistance; and other relevant aspects concerning harms and threats of misinformation and disinformation developed by AI systems and effective responses, countermeasures and technical solutions from the private sector.

AI and cybercrime are relevant aspects that need further analysis and detailed discussions among the TC-Y and State Parties to the Budapest Convention, particularly since there has been an increase of cases concerning the misuse of AI technologies by cybercriminals and as vehicles to launch cyberattacks and commit criminal offenses against individuals in the cyberspace. Questions such as who will bear the responsibility for a conduct committed through the use of algorithms and machine learning and the liability threshold among State Parties need further discussion and clarification since the regulation of criminal liability differs significantly among the legal systems of many countries, as well as to explore the development of strategic partnerships in other regions of the world to counter attacks based on AI systems.

4.2 The Lanzarote Convention

The Council of Europe Lanzarote Convention is an international treaty that contains substantive legal measures for the protection of children from sexual violence including sexual exploitation and abuse of children online. Footnote 43 This convention harmonizes minimum legal conducts at the domestic level to combat crimes against children and provide measures for international cooperation to counter the sexual exploitation of children. The Lanzarote Convention requires the current 48 State Parties to offer a holistic response to sexual violence against children through the “4Ps approach”: Prevention, Protection, Prosecution and Promotion of national and international cooperation. Footnote 44 The monitoring and implementation body of the Lanzarote Convention is conducted by the Committee of the Parties, also known as the ‘Lanzarote Committee’ . This committee is formed by State Parties and it is primarily responsible for monitoring how State Parties put legislation, policies and countermeasures into practice, including organizing capacity building activities to exchange information and best practices concerning the implementation of the Lanzarote Convention across State Parties. Footnote 45

Like, the TC-Y, the ‘Lanzarote Committee’ has not yet fully explored how the substantive and procedural criminal law provisions of the Lanzarote Convention may apply in the context of the use of AI systems for criminal related purposes, a situation that needs to be further discussed among State Parties in order to not only share and diffuse knowledge on current trends among State Parties of that treaty, but to also help identify illicit conducts and abuse and exploitation of children through AI systems, as well as an analysis of positive uses of AI technologies for the prevention of crimes concerning the protection of children online.

4.3 The Istanbul Convention

The Istanbul Convention is another treaty of the Council of Europe the main purpose of which is to protect women against all forms of violence and to counter and eliminate all forms of violence against women including aspects of domestic violence. Footnote 46 The Istanbul Convention consists of four main pillars: (i) prevention, (ii) protection of victims, (iii) prosecution of offenders, and (iv) implementation of comprehensive and coordinated policies to combat violence against women at all levels of government. The Istanbul Convention establishes an independent group of experts known as the GREVIO (Group of Experts on Action against Violence against Women and Domestic Violence). The GREVIO is responsible for monitoring the effective implementation of the provisions of the Istanbul Convention by the now 34 States Parties. Footnote 47

The Istanbul Convention does not specifically contain specific provisions in the context of violence committed through the use of information technologies, however the GREVIO is currently analysing approaches to extend the application of the commission of illegal conducts through the use of computer and information systems within the national legal framework of State Parties. Footnote 48 The GREVIO adopted during its twenty-fifth meeting on 20 October 2021, a General Recommendation on the Digital Dimension of Violence against Women . Footnote 49 The Recommendation addresses inter alia the application of the general provisions of the Istanbul Convention in relation to conducts and crime typologies committed against women in cyberspace and proposes specific actions to take, based on the four pillars of the Istanbul Convention: prevention, protection, prosecution and coordinated policies.

As part of promoting the scope of the adopted General Recommendation, the GREVIO held a conference in Strasbourg in November 24, 2021 that featured a keynote address of the Commissioner of Human Rights of the Council of Europe and presentations of the President of the GREVIO and the Chair of the Committee of the Parties to the Istanbul Convention followed by a panel discussion with representatives of EU member states, internet industry and civil society. Footnote 50 Among the relevant points made during the panel discussions were how the recommendation may help to advance legal and policy developments, attention of victims of current forms of cyberviolence, further international cooperation and to contribute to the general understanding of the scope of the provisions of the Istanbul Convention and other key instruments of the Council of Europe including the Budapest Convention and the Lanzarote Convention in relation to digital violence against women. Footnote 51

The Cybercrime Convention Committee (T-CY) issued a comprehensive report titled Mapping Study on Cyberviolence with recommendations adopted by the TC-Y on 9 July, 2018. Footnote 52

The mapping study developed a working definition on “cyberviolence” Footnote 53 and described how the different forms of cyberviolence may be classified and criminalized under the Budapest-, Lanzarote- and Istanbul Conventions. According to the mapping study “not all forms of violence are equally severe and not all of them necessarily require a criminal law solution but could be addressed with a combination of preventive, educational, protective and other measures” . The main conclusions of the Cybercrime Convention Committee (T-CY) in the Mapping Study on Cyberviolence were:

the Budapest Convention and its additional Protocol on Racism and Xenophobia covers and address some types of cyberviolence;

the procedural powers and the provisions on international cooperation of the Budapest Convention will help to support the investigation of cyberviolence and the secure and preservation of digital evidence; and

the Budapest, the Istanbul and Lanzarote conventions complement each other and should promote synergies. These synergies may include raising further awareness and capacity building activities among Parties to said treaties; encourage parties to the Lanzarote and Istanbul Conventions to introduce the procedural powers contained in the Budapest Convention ( Arts. 16-21 ) into domestic law and consider becoming parties to the Budapest Convention to facilitate international cooperation on electronic evidence in relation to crimes related to cyberviolence; encourage parties to the Budapest Convention to implement the provisions on psychological violence, stalking and sexual harassment of the Istanbul Convention, as well as the provisions on sexual exploitation and abuse of children online of the Lanzarote Convention, among others . Footnote 54

Cyberviolence and crimes concerning the abuse and exploitation of children online require strategic cooperation of different stakeholders. Other key institutions at the regional level like the European Commission have also explored paths on how AI systems may help to identify, categorise and remove child sexual abuse images and to minimise the exposure of human investigators to distressing images and the importance of the role of internet hotlines in facilitation the reporting process. Footnote 55

5 Ongoing work of international organizations

5.1 council of europe cahai.

The Ad-Hoc Committee on Artificial Intelligence of the Council of Europe (CAHAI) Footnote 56 was established by the Committee of Ministers during its 1353rd meeting on 11 September 2019. Footnote 57 The specific task of CAHAI is “to complete the feasibility study and produce the potential elements on the basis of broad multi-stakeholder consultations, of a legal framework for the development, design and application of artificial intelligence, based on the Council of Europe’s standards on human rights, democracy and the rule of law.”

The work of CAHAI is relevant because it sets forth a multi-stakeholder group where global experts may provide their views on the development of policies on AI, to forward meaningful proposals to ensure the application of international treaties and technical standards on AI and submit proposals for the creation of a future legal instrument that will regulate AI while ensuring the protection of fundamental rights, rule of law and democracy principles contained in relevant instruments of the Council of Europe, like Convention 108+, the Budapest, Lanzarote and Istanbul Conventions, among others. Footnote 58

The work of CAHAI will impact the 47 members states and country observers of the Council of Europe, particularly state institutions including national parliamentarians and policy makers who are responsible for the implementation of international treaties into their national legal frameworks. Therefore, the inclusion and participation of relevant stakeholders from different nations will play a decisive role in the future implementation of a global treaty on AI in the coming years.

5.2 European Parliament

The European Parliament (EP) is perhaps the most proactive legislative and policy making institution worldwide. The European Parliament has a Centre for Artificial Intelligence known as (C4AI) that was established in December 2019. Footnote 59 The EP has Committees that analyse the impact of policy related aspects of AI in many different areas including cybersecurity, defence, predictive policing and criminal justice. The most active committee is the Special Committee on Artificial Intelligence in a Digital Age (AIDA Committee) Footnote 60 that has organized many hearings and workshops with different experts and stakeholders on AI from different regions of the world to hear views and opinions on the Regulation proposal for Artificial Intelligence Systems . Footnote 61

According to the President of the AIDA Committee, “the use of AI in law enforcement is a political decision and not a technical one, our duty is to apply the political worldview to determine what are the allowed uses of AI and under which conditions” . Footnote 62

As a result of the existing dangers and risks posed by the use of AI systems across Europe, the European Parliament adopted a resolution on 6 October 2021 that calls for a permanent ban on AI systems which allow for the use of automated recognition of individuals by law enforcement in public spaces. Further, the resolution calls for a moratorium on the deployment of facial recognition systems for law enforcement purposes and a ban on predictive policing based on behavioural data and social scoring in order to ensure the protection of fundamental rights of European citizens. Footnote 63

The Committee on Civil Liberties, Justice and Home Affairs of the European Parliament has also conducted relevant work on AI and criminal justice. On February 20, 2020, said committee conducted a public hearing on “Artificial Intelligence in Criminal Law and its use by the Police and Judicial Authorities” where relevant opinions and recommendations of experts and international organizations were discussed and presented. Footnote 64

Further, the AIDA Committee of the European Parliament held a two-day public hearing with the AFET Committee on March 1 st and 4 th 2021. The first hearing was on “AI Diplomacy and Governance in a Global Setting: Toward Regulatory Convergence”, and the second hearing on “AI, Cybersecurity and Defence”. Footnote 65 Many relevant aspects of AI policy were mentioned during the hearings, including the support of a transatlantic dialogue and cooperation on AI, the development of ethical frameworks and standards, the development of a shared system of norms, respect of fundamental rights, diplomacy and capacity building among others. Although, there was mention on the importance of AI for cybersecurity in the defence realm and how AI might be helpful to mitigate cyberattacks and protect critical infrastructure, there was no specific mention on how the current international treaties on cybercrime and national legal frameworks may coexist with a future treaty on AI to counter cybercrime more effectively.

The dialogue and engagement of the different committees of the European Parliament on AI policy is key for the future implementation of policies in the criminal justice area concerning the use and deployment of AI systems and applications. The European Parliament should continue to promote further dialogues and activities with other international organizations like the Council of Europe and the OECD, as well as with national parliamentarians around the world to help them understand the dimensions and implications of creating regulations and policies on AI to specifically counter cybercrime.

5.3 The UN Interregional Crime and Justice Research Institute (UNICRI) Centre for Artificial Intelligence and Robotics

The Centre for Artificial Intelligence and Robotics of the United Nations Interregional Crime and Justice Research Institute (UNICRI), a research arm of the United Nations is very active in the organization of workshops and information and reports to demystify the world of robotics and AI and to facilitate an in-depth understanding of the crimes and threats conducted through AI systems among law enforcement officers, policy makers, practitioners, academia and civil society. UNICRI and INTERPOL drafted the report “ Artificial Intelligence and Robotics for Law Enforcement” Footnote 66 in 2019 that draws upon the discussions of a workshop held in Singapore in July 2018. Among the main findings of UNICRI and INTERPOL’s report are:

“AI and Robotics are new concepts for law enforcement and there are expertise gaps that should be filled to avoid law enforcement falling behind.” “Some countries have explored further than others and a variety of AI techniques are materializing according to different law enforcement authorities. There is, however, a need for greater international coordination on this issue.”

The mandate of the Centre for Artificial Intelligence and Robotics of UNICRI is quite broad. It covers policy related aspects of AI in the field of criminal justice including areas such as cybersecurity, autonomous weapons, self-driving vehicles and autonomous patrol systems. UNCRI organizes every year the Global Meeting on Artificial Intelligence for Law Enforcement , an event that discusses relevant developments on AI with experts and stakeholders from different sectors and countries to enhance and improve the capabilities for law enforcement authorities and the criminal justice system in the use and deployment of AI technologies. Footnote 67

The Centre for Artificial Intelligence and Robotics of UNICRI is currently working with a group of experts from INTERPOL, the European Commission and other relevant institutions and stakeholders in the development of a Toolkit for Responsible AI Innovation in Law Enforcement . The toolkit will provide and facilitate practical guidance for law enforcement agencies around the world on the use of AI in a trustworthy, lawful and responsible manner. The toolkit addresses practical insights, use cases, principles, recommendations, best practices and resources which will help to support law enforcement agencies around the world to use AI technologies and applications. Footnote 68

6 Conclusion

The use of AI systems across different sectors is an ongoing trend, and this includes authorities of the criminal justice system which have realized the benefits and advantages of using this technology. National law enforcement authorities involved in the investigation of cybercrime are not yet fully prepared to deal with the technical and legal dimensions of AI when used for disruptive or malicious purposes. Further, there is no yet sufficient evidence to justify whether law enforcement authorities around the world are well equipped and trained to gather cross-border evidence to conduct national investigations where an AI system was involved in the commission or perpetration of an illicit conduct.

Second, the coordination and cooperation with service providers and companies that manage and operate AI systems and services is crucial to help determine its abuse and misuse by perpetrators. However, these tasks bring a number of technical and legal challenges, since most AI systems rely on an internet connection to function where oftentimes subscriber and traffic data is needed to conduct an investigation. Therefore, global service providers will also have an important role to play in the possible identification and location of cybercriminals, a situation that needs well-coordinated efforts, measures and responses based on international treaties and national laws between law enforcement authorities and private sector entities. The need for further strategic partnerships to counter cybercrime is more important than ever.

The future work of international organizations like UNICRI, the Council of Europe through CAHAI and the T-CY Committee of the Budapest Convention will be very relevant for policy makers and law enforcement authorities for the correct guidance in the implementation of future national policies on AI. The CAHAI may fill up the missing discussions in international fora concerning AI to specifically counter cybercrime based on the current standards of the Council of Europe like the Budapest Convention, the Lanzarote Convention and the Istanbul Convention, as well as the emerging practices of members states to specifically counter cyber enable crimes.

The creation of national taskforces on cybercrime (composed of law enforcement authorities, representatives of the judiciary, AI technology developers and global service providers) may serve as a relevant vehicle to coordinate and tackle illicit conducts concerning the misuse and abuse of AI technologies. These taskforces may be articulated in the context of the national strategies on AI and should be linked to the tasks of the criminal justice authorities to specifically counter cybercrime.

Burgess, Matt, “Police built an AI to predict violent crime. It was seriously flawed”, WIRED, August 6, 2020, available at: https://www.wired.co.uk/article/police-violence-prediction-ndas .

European Commission, “Liability for Artificial Intelligence and other emerging digital technologies”, Report from the Experts Group on Liability and New Technologies-New Technologies Formation, European Union 2019, available at: https://digital-strategy.ec.europa.eu/en/policies/european-approach-artificial-intelligence . See also: European Parliament Research Service (EPRS), “The European added value of a common EU approach to liability rules and insurance for connected and autonomous vehicles” Study published by the European Added Value Unit, February 2018, available at: https://www.europarl.europa.eu/RegData/etudes/STUD/2018/615635/EPRS_STU(2018)615635_EN.pdf .

MIT Technology Review, “Transforming the Energy Industry with AI”, January 21, 2021, available at: https://www.technologyreview.com/2021/01/21/1016460/transforming-the-energy-industry-with-ai/ .

World Health Organization (WHO), “WHO reports fivefold increase in cyberattacks, urges vigilance”, April 23, 2020, available at: https://www.who.int/news/item/23-04-2020-who-reports-fivefold-increase-in-cyber-attacks-urges-vigilance .

The New York Times, “Cyber Attack Suspected in German Woman’s Death”, September 18, 2020, available at: https://www.nytimes.com/2020/09/18/world/europe/cyber-attack-germany-ransomeware-death.html .

Supply Chain, “Lessons Learned from the Vaccine Supply Chain Attack”, January 16, 2021, available at: https://www.supplychaindigital.com/supply-chain-risk-management/lessons-learned-vaccine-supply-chain-attack .

Prakarsh and Riya Khanna, “Artificial Intelligence and Cybercrime- A curate’s Egg”, Medium, June 14, 2020, available at: https://medium.com/the-%C3%B3pinion/artificial-intelligence-and-cybercrime-a-curates-egg-2dbaee833be1 .

INTSIGHTS, “The Dark Side of Latin America: Cryptocurrency, Cartels, Carding and the Rise of Cybercrime”, p.6, available at: https://wow.intsights.com/rs/071-ZWD-900/images/Dark%20Side%20of%20Latin%20America.pdf . See also, “The Next, El Chapo is Coming for your Smartphone”, June 26, 2020, available at: https://www.ozy.com/the-new-and-the-next/the-next-el-chapo-might-strike-your-smartphone-and-bank/273903/ .

Malwarebytes Lab, “When Artificial Intelligence goes awry: separating science fiction from fact”, without publication date, available at: https://resources.malwarebytes.com/files/2019/06/Labs-Report-AI-gone-awry.pdf .

SIEMENS Energy, “Managed Detection and Response Service”, 2020, available at: https://assets.siemens-energy.com/siemens/assets/api/uuid:a95b9cd3-9f4d-4a54-8c43-77fbdb6f418f/mdr-white-paper-double-sided-200930.pdf .

POLITICO, “Automated racism: How tech can entrench bias”, March 2, 2021, available at: https://www.politico.eu/article/automated-racism-how-tech-can-entrench-bias/ .

For a discussion on discrimination caused by algorithmic decision making on AI, see ZUIDERVEEN BORGESIUS, Frederik, “Discrimination, Artificial Intelligence and Algorithmic decision making”. Paper published by the Directorate General of Democracy of the Council of Europe, 2018, available at: https://rm.coe.int/discrimination-artificial-intelligence-and-algorithmic-decision-making/1680925d73 .

See the Special Report on Facial Recognition of the Center for AI and Digital Policy (CAIDP) that contains a summary of key references on this topic contained in the 2020 Report on Artificial Intelligence and Democratic Values / The AI Social Contract Index 2020 prepared by CAIDP, December 2020, available at: https://caidp.dukakis.org/aisci-2020/ .

In October 2021, the European Parliament adopted a resolution to ban the use facial recognition technologies in public spaces by law enforcement authorities to ensure the protection of fundamental rights. See European Parliament, “Use of Artificial Intelligence by the police: MEPs oppose mass surveillance”. LIBE Plenary Session press release, October 6, 2021, available at: https://www.europarl.europa.eu/news/en/press-room/20210930IPR13925/use-of-artificial-intelligence-by-the-police-meps-oppose-mass-surveillance .

BBC, “What are ‘bots’ and how can they spread fake news, available at: https://www.bbc.co.uk/bitesize/articles/zjhg47h .

FORBES, “Fake News is Rampant, Here is How Artificial Intelligence Can Help” , January 21, 2021, available at: https://www.forbes.com/sites/bernardmarr/2021/01/25/fake-news-is-rampant-here-is-how-artificial-intelligence-can-help/?sh=17a6616e48e4 .

European Commission, “Tackling online disinformation”, 18 January 2021, available at: https://ec.europa.eu/digital-single-market/en/tackling-online-disinformation . For a general review of policy implications in the UK concerning the use of AI and content moderation, see Cambridge Consultants, “Use of AI in Online Content Moderation” . 2019 Report produced on behalf of OFCOM, available at: https://www.ofcom.org.uk/__data/assets/pdf_file/0028/157249/cambridge-consultants-ai-content-moderation.pdf .

Deepfakes are based on AI deep learning algorithms, an area of machine learning that applies neural net simulation to massive data sets to create fakes videos of real people. Deepfakes are trained algorithms that allows the recognition of data patterns, as well as human facial movement and expressions and can match voices that can imitate the real voice and gestures of an individual. See: European Parliamentary Research Service, “What if deepfakes made us doubt everything we see and hear (Science and Technology podcast], available at: https://epthinktank.eu/2021/09/08/what-if-deepfakes-made-us-doubt-everything-we-see-and-hear/ . Like, many technologies, deepfakes can be used as a tool for criminal related purposes such as fraud, extortion, psychological violence and discrimination against women and minors, see: MIT Technology Review, “A deepfake bot is being used to “undress” underage girls”, October 20, 2020, available at: https://bit.ly/3qj1qWx .

For specific information regarding the work of the US government to counter the use of deepfakes, see CNN, “ Inside the Pentagon’s race against deepfake videos” , available at: https://bit.ly/38aEqCS https://edition.cnn.com/interactive/2019/01/business/pentagons-race-against-deepfakes/ .

EURACTIV, “EU police recommend new online ‘screening tech’ to catch deepfakes”, November 20, 2020, available at: https://www.euractiv.com/section/digital/news/eu-police-recommend-new-online-screening-tech-to-catch-deepfakes/ .

The Verge, “Watch Jordan Peele use AI to make Barack Obama deliver a PSA about fake news”, April 17, 2018, available at: https://www.theverge.com/tldr/2018/4/17/17247334/ai-fake-news-video-barack-obama-jordan-peele-buzzfeed .

Wall Street Journal, “Fraudsters Use AI to Mimic CEO’s Voice in Unusual Cybercrime Case”, August 30, 2019, available at: https://www.wsj.com/articles/fraudsters-use-ai-to-mimic-ceos-voice-in-unusual-cybercrime-case-11567157402 .

GIZMODO, “Bank Robbers in the Middle East Reportedly ‘Cloned’ Someone’s Voice to Assist with $35 Million Heist”, October 14, 2021, available at: https://gizmodo.com/bank-robbers-in-the-middle-east-reportedly-cloned-someo-1847863805 .

The EC3 of Europol has developed good capacities and practice with other countries in the deployment of joint investigation teams to counter organized crime, including cybercrime. See the section on Join Investigation Team of Europol at: https://www.europol.europa.eu/activities-services/joint-investigation-teams .

INTERPOL (EC3), “Internet Crime Assessment Report 2020” (IOCTA 2020 Report), p. 18, available at: https://www.europol.europa.eu/activities-services/main-reports/internet-organised-crime-threat-assessment-iocta-2020 . The Internet Crime Assessment Report 2021 (IOCTA 2021 Report) was published on 11 November 2021. The report of this year does not actually make any novel references to misuse and abuse of AI systems for criminal purposes, available at: https://www.europol.europa.eu/activities-services/main-reports/internet-organised-crime-threat-assessment-iocta-2021 .

IOCTA 2020 Report, Op. cit . note 25, p. 18.

Trend Micro Research, EUROPOL EC3 and UN Interregional Crime and Justice Research Institute (UNICRI), Malicious Uses and Abuses of Artificial Intelligence , 19 November 2020, available at: https://www.europol.europa.eu/publications-documents/malicious-uses-and-abuses-of-artificial-intelligence .

This report was also presented in a workshop on cybercrime, e-evidence and artificial intelligence during the 2021 Octopus Conference on Cooperation against Cybercrime organized by the Council of Europe on November 17, 2021 where the representatives of each organization highlighted the main aspects and features of the report, including current trends and concrete examples of misuse of AI technologies. The presentation is available at: https://rm.coe.int/edoc-1193149-v1-coe-ai-ppt/1680a4892f . The Digital Services Act establishes new rules and requirements for intermediary service providers which includes hosting providers and online platforms. This regulation covers inter alia rules on liability for online intermediary service platforms, establishes internal complaint handling systems and implement measures against online legal content. The Digital Services Act is currently a draft proposal under discussion between the European Parliament and the Council of the EU and it may take some years until it is finally approved, available at: https://digital-strategy.ec.europa.eu/en/policies/digital-services-act-package .

See Proposal for a Regulation of the European Parliament and the Council laying down harmonized rules on Artificial Intelligence (Artificial Intelligence Act) and Amending Certain Union Legislative Acts, Brussels 21.4.2021, available at: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52021PC0206&from=EN .

See: European Commission, “Europe fit for the Digital Age: Commission proposes new rules and actions for excellence and trust in Artificial Intelligence”, Brussels, April 21, 2021, available at: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_1682 . See also the website of the European Commission that explains the approach of the EC on AI and the relevant milestones in this area, available at: https://digital-strategy.ec.europa.eu/en/policies/european-approach-artificial-intelligence .

Among those instruments are: (i) The United Convention against Organized Crime and its Protocols ( Palermo Convention ); (ii) The Council of Europe Convention on Cybercrime ( Budapest Convention ) and its Additional Protocol concerning the criminalisation of acts of a racist and xenophobic nature committed through computer systems; (iii) The Council of Europe Convention on Protection of Children against Sexual Exploitation and Sexual Abuse ( Lanzarote Convention ); (iv) The African Union Convention on Cyber Security and Personal Data Protection ( Malabo Convention ); (v) Directive 2013/40/UE on attacks against information systems; (vi) Directive 2011/92/UE on combating the sexual abuse and exploitation of children and child pornography, among others.

The Budapest Convention requires that Party States amend their substantive and procedural criminal legislation to make it consistent with the substantive and procedural criminal law provisions of that treaty. Considering that cybercrime has a transnational dimension, the Budapest Convention also requires that countries implement international cooperation measures either to supplement or complement the existing ones, particularly when a country does not have mutual assistance and cooperation treaties in criminal matters in place, as well as to equip investigative and law enforcement authorities with the necessary tools and procedural mechanisms to conduct cybercrime investigations including measures concerning: (i) expedited preservation of stored computer data, (ii) disclosure of preserved traffic data, (iii) mutual assistance measures regarding access to stored computer data, (iv) trans-border access to stored computer data, (v) mutual assistance regarding real-time collection of traffic data, (vi) mutual assistance regarding the interception of content data, and the (vii) creation of a network or point of contact 24/7 to centralize investigations and procedures related to requests for data and mutual assistance concerning cybercrime investigations with other 27/7 points of contact.

See the Budapest Convention Chart of Signatures and Ratifications at: https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185/signatures?p_auth=yUQgCmNc .

Cybercrime Convention Committee, “T-CY Rules of Procedure. As revised by T-CY on 16 October 2020”, Strasbourg, 16 October 2020, available at: https://rm.coe.int/t-cy-rules-of-procedure/1680a00f34 .

Council of Europe, “Second Additional Protocol to the Budapest Convention adopted by the Committee of Ministers of the Council of Europe”, Strasbourg, 17 November 2021, available at: https://www.coe.int/en/web/cybercrime/-/second-additional-protocol-to-the-cybercrime-convention-adopted-by-the-committee-of-ministers-of-the-council-of-europe .

See the text of the Explanatory Report of the Second Additional Protocol to the Budapest Convention drafted by Cybercrime Convention Committee (T-CY) at: https://search.coe.int/cm/pages/result_details.aspx?objectid=0900001680a48e4b .

See the Explanatory Report to the Convention on Cybercrime at: https://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=09000016800cce5b .

The Conference program of the 2018 Octopus conference on cooperation against cybercrime is available at: https://rm.coe.int/3021-90-octo18-prog/16808c2b04 .

See: Activities of the Council of Europe on Artificial Intelligence (AI), 9 May, 2018, available at: https://rm.coe.int/cdmsi-2018-misc8-list-ai-projects-9may2018/16808b4eac .

See the presentations of this panel at the Plenary Closing session of the 2018 Octopus Conference, available at: https://www.coe.int/en/web/cybercrime/resources-octopus-2018 .

The presentation and materials of this panel are available at: https://www.coe.int/en/web/cybercrime/workshop-cybercrime-e-evidence-and-artificial-intelligence .

The Lanzarote Convention entered in force on 1 July 2010, available at: https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/201/signatures . Among the conducts that the Lanzarote Convention requires Sates parties to criminalize are: (i) Child sexual abuse; (ii) sexual exploitation through prostitution; (iii) child sexual abuse material; (iv) exploitation of a child in sexual performances; (v) corruption of children, and (vi) solicitation of children for sexual purposes.

See the Booklet of the Lanzarote Convention, available at: https://rm.coe.int/lanzarote-convention-a-global-tool-to-protect-children-from-sexual-vio/16809fed1d .

The Rules of procedure, adopted documents, activity reports and the Meetings of the ‘Lanzarote Committee’ are available at: https://www.coe.int/en/web/children/lanzarote-committee#{%2212441908%22:[] .

The Istanbul Convention entered into force on 1 August 2014 and it has been ratified by 34 countries. See the chart of signatures and ratifications at: https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/210/signatures?p_auth=OwhAGtPd .

The Rules of procedure and adopted documents of the GREVIO are available at: https://www.coe.int/en/web/istanbul-convention/grevio .

See the presentations of the webinar, “Cyberviolence against Women” organized by the CyberEast Project of the Council of Europe, 12 November, 2020, available at: https://www.coe.int/en/web/cybercrime/cyberviolence-against-women .

The Text of the GREVIO General Recommendation No. 1 on the digital dimension of violence against women adopted on 20 October 2021 is available at: https://rm.coe.int/grevio-rec-no-on-digital-violence-against-women/1680a49147 .

Council of Europe, “Launch Event: Combating violence against women in a digital age-utilizing the Istanbul Convention”, 24 November 2021, available at: https://www.coe.int/en/web/istanbul-convention/launching-event-of-grevio-s-first-general-recommendation-on-the-digital-dimension-of-violence-against-women .

Council of Europe Media Release, “New Council of Europe Recommendation tackles the ‘digital dimension” of violence against women and girls”, Strasbourg, 24 November, 2021, available at: https://search.coe.int/directorate_of_communications/Pages/result_details.aspx?ObjectId=0900001680a4a67b .

Council of Europe Cybercrime Convention Committee (TC-Y), “Mapping Study on Cybercrime” with recommendations adopted by the TC-Y on 9 July 2018, available at: https://rm.coe.int/t-cy-2017-10-cbg-study-provisional/16808c4914 .

The definition is an adaptation of the definition of violence against women contained in Art. 3 of the Istanbul Convention to the cyber context as follows: “ Cyberviolence is the use of computer systems to cause, facilitate, or threaten violence against individuals that results in, or is likely to result in, physical, sexual, psychological or economic harm or suffering and may include the exploitation of the individual’s circumstances, characteristics or vulnerabilities” .

“Mapping Study on Cybercrime”, Op. cit . note 52, pp. 42-43.

European Commission, “Exploring potential of AI in fight against child online abuse”, Event report 11 June 2020, available at: https://ec.europa.eu/digital-single-market/en/news/exploring-potential-ai-fight-against-child-online-abuse .

CAHAI’s composition consist of three main groups composed of up to 20 experts appointed by Members States, as well as observers and participants. The mandate of the Policy Development Group (CAHAI-PDG) is the development of the feasibility study of a legal framework on artificial intelligence applications, building upon the mapping work already undertaken by the CAHAI and to prepare key findings and proposals on policy and other measures, to ensure that international standards and international legal instruments in this area are up-to-date and effective and prepare proposals for a specific legal instrument regulating artificial intelligence. The Consultation and Outreach Group (CAHAI-COG) is responsible for taking stock of the analysis undertaken by the Secretariat of responses to online consultations and analysis of ongoing developments and reports which are directly relevant for CAHAI’s working groups’ tasks. The Legal Frameworks Group (CAHAI-LFG) is responsible for the preparation of key findings and proposals on possible elements and provisions of a legal framework with a view to draft legal instruments, for consideration and approval by the CAHAI, taking into account the scope of existing legal instruments applicable to artificial intelligence and policy options set out in the feasibility study approved by the CAHAI. Further info on the composition of CAHAI working groups, the plenary meetings and the documents issued by the three working groups is available at: https://www.coe.int/en/web/artificial-intelligence/cahai .

The terms of reference of CAHAI are available at: https://search.coe.int/cm/Pages/result_details.aspx?ObjectId=09000016809737a1 .

The Final Virtual Plenary Meeting of CAHAI from 30.11.2021 to 02.12.2021 will facilitate meaningful discussions towards the adoption of a document outlining the possible elements of a legal framework on AI, which may include binding and non-binding standards based on the Council of Europe’s standards on human rights, democracy and rule of law. See Council of Europe, “The CAHAI to hold its final meeting”, Strasbourg, 24 November 2021, available at: https://www.coe.int/en/web/artificial-intelligence/-/cahai-to-hold-its-final-meeting .

European Parliament, “STOA Centre for Artificial Intelligence (C4AI)”. The C4AI produces studies, organises public events and acts as a platform for dialogue and information exchange and coordinate its efforts and influence global AI standard-setting, available at: https://www.europarl.europa.eu/stoa/en/centre-for-AI .

The AIDA Committee website is available at: https://www.europarl.europa.eu/committees/en/aida/home/highlights .

See supra note 30.

See Dragos Tudorache Plenary Speech on Artificial Intelligence of 4 October 2021, available at: https://www.youtube.com/watch?v=V9y5gt39AD0 .

European Parliament News, “Use of artificial intelligence by the police: MEPs oppose mass surveillance”. Press release of the Plenary Session, October 6, 2021, available at: https://www.europarl.europa.eu/news/en/press-room/20210930IPR13925/use-of-artificial-intelligence-by-the-police-meps-oppose-mass-surveillance and Eurocadres, “European Parliament adopts resolution on the use of AI in law enforcement”, October 6, 2021, available at: https://www.eurocadres.eu/news/european-parliament-adopts-resolution-on-the-use-of-ai-in-law-enforcement/ .

European Parliament. “MEPs to look into Artificial Intelligence in criminal law on Thursday”, February 18, 2020, available at: https://www.europarl.europa.eu/news/en/press-room/20200217IPR72718/meps-to-look-into-artificial-intelligence-in-criminal-law-on-thursday .

European Parliament, Special Committee on Artificial Intelligence in a Digital Age (AIDA), “Joint hearing on the external policy dimension of AI”, March 1 st and 4 th 2021, available at: https://www.europarl.europa.eu/meetdocs/2014_2019/plmrep/COMMITTEES/AIDA/DV/2021/03-01/Final_Programme_externalpolicydimensionofAI_V26FEB_EN.pdf .

UNICRI and INTERPOL, “ Artificial Intelligence and Robotics for Law Enforcement” , 2019, available at: https://issuu.com/unicri/docs/artificial_intelligence_robotics_la/4?ff .

UNCRI, “2 nd INTERPOL, UNICRI Global Meeting on Artificial Intelligence for Law Enforcement”, Singapore, July 3, 2019, available at: http://www.unicri.it/news/article/ai_unicri_interpol_law_enforcement .

UNICRI, “The European Commission provides support to UNICRI for the Development of the Toolkit for Responsible AI Innovation in Law Enforcement”, The Hague, Monday November 1, 2021, available at: http://www.unicri.it/index.php/News/EC-UNICRI-agreement-toolkit-responsible-AI .

Open Access funding enabled and organized by Projekt DEAL.

Author information

Authors and affiliations.

Center for AI and Digital Policy (CAIDP), Washington (DC), USA

Cristos Velasco

DHBW Cooperative State University in Mannheim and Stuttgart, Stuttgart, Germany

Mexico City, Mexico

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Cristos Velasco .

Additional information

Publisher’s note.

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

C. Velasco is Research Fellow and Outreach Committee Board Member of the Center for AI and Digital Policy (CAIDP), also Law Lecturer on “Information Technology Law” and “International Business Law & International Organizations” at the DHBW Cooperative State University in Mannheim and Stuttgart.

Rights and permissions

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ .

Reprints and permissions

About this article

Velasco, C. Cybercrime and Artificial Intelligence. An overview of the work of international organizations on criminal justice and the international applicable instruments. ERA Forum 23 , 109–126 (2022). https://doi.org/10.1007/s12027-022-00702-z

Download citation

Accepted : 24 January 2022

Published : 22 February 2022

Issue Date : May 2022

DOI : https://doi.org/10.1007/s12027-022-00702-z

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

  • Budapest Convention
  • Criminal justice
  • Istanbul Convention
  • Law enforcement
  • Lanzarote Convention
  • Find a journal
  • Publish with us
  • Track your research


  1. 140 Interesting Cybercrime Research Topics To Focus On

    cybercrime research paper topics

  2. Research paper on cyber security.

    cybercrime research paper topics

  3. (PDF) Existing Cyber Laws and Their Role in Legal Aspects of Cybercrime

    cybercrime research paper topics

  4. (PDF) World of Cyber Security and Cybercrime

    cybercrime research paper topics

  5. a case study on cyber crime

    cybercrime research paper topics

  6. (PDF) An Extended Model of Cybercrime Investigations

    cybercrime research paper topics


  1. Weeks 9-10

  2. FIve interesting research paper topics in 2024

  3. Online Workshop on Research Paper Writing & Publishing Day 1

  4. Online Workshop on Research Paper Writing & Publishing Day 2

  5. Writing a Synthesis Essay Exam or Term Paper (CC)

  6. How I wrote my FIRST Research Paper!!!


  1. 116 Cybercrime Essay Topics & Examples

    116 CyberCrime Topics & Essay Samples. Updated: Mar 2nd, 2024. 9 min. If you are writing a cybercrime essay, our team prepared this article just for you. Here, you will find 115 unique topics for any type of paper. We will write. a custom essay specifically for you by our professional experts. 809 writers online.

  2. 140 Interesting Cybercrime Research Topics To Focus On

    To get answers for them all, conducting research is the only option. In case, you are asked to craft a cybercrime research paper on the topic of your preference, consider any topic related to common cybercrime cases such as personal data theft, financial theft, cyber-extortion, drug trafficking, and terrorism.

  3. Introduction: new directions in cybercrime research

    Dr. Tamar Berenblum is the research director of the The Federmann Cyber Security Center - Cyber Law Program, Faculty of Law, the Hebrew University of Jerusalem, Israel, and the co-chair of the European Society of Criminology (ESC) Working Group on Cybercrime. Tamar is also a Post-Doc Research Fellow at the Netherlands Institute for the Study of Crime and Law Enforcement (NSCR), Netherlands ...

  4. Cyber risk and cybersecurity: a systematic review of data ...

    Cybercrime is estimated to have cost the global economy just under USD 1 trillion in 2020, indicating an increase of more than 50% since 2018. With the average cyber insurance claim rising from USD 145,000 in 2019 to USD 359,000 in 2020, there is a growing necessity for better cyber information sources, standardised databases, mandatory reporting and public awareness. This research analyses ...

  5. Research Trends in Cybercrime and Cybersecurity: A Review Based on Web

    tists - explore myriad topics in cybercrime and cybersecurity research, but they have traditionally focused on technical aspects of these areas (Brands & Van Doorn, 2022). For both novice and established researchers in the fields, a holistic understanding of the scientific land-scape is needed to chart future research.

  6. Cybercrime: Victimization, Perpetration, and Techniques

    The third paper bridges research on cybercrime victimization and cybercrime perpetration and provides a glimpse at the state of knowledge about a specific form of cyberviolence. ... I selected these scholars because I knew of their work and was confident they would submit quality papers that covered a wide range of topics in the area of ...

  7. Research trends in cybercrime victimization during 2010-2020: a

    The current bibliometric study assessed the scholarly status on cybercrime victimization during 2010-2020 by retrieving SSCI articles from WoS database. There is no study that applied bibliometric method to research on the examined subject. Hence, this paper firstly contributed statistical evidence and visualized findings to literature of ...

  8. An Exploration of the Psychological Impact of Hacking Victimization

    In 2018, 978 million people globally fell victim to online crime, or cybercrime (Symantec Corporation, 2019).Cybercrime refers to a broad range of criminal activity committed using computers or the internet and encompasses a wide range of offenses such as cyber-stalking, harassment, online fraud, phishing and hacking (Morgan et al., 2016).With the rapid digitization of society, trends indicate ...

  9. Researching Cybercrimes: Methodologies, Ethics, and Critical ...

    Reviews. "In Researching Cybercrimes: Methodologies, Ethics, and Critical Approaches Lavorgna and Holt bring together a wealth of expertise addressing the challenges and opportunities for conducting criminological research in a digital society. This collection is an invaluable resource for both early and established scholars of cybercrime, or ...

  10. Exploring the global geography of cybercrime and its driving forces

    Cybercrime is a broad term used by government, businesses, and the general public to account for a variety of criminal activities and harmful behaviours involving the adoption of computers, the ...

  11. Full article: Responding to cybercrime: current trends

    The world has well and truly entered the digital age where technology is ever-present and all pervasive. The development of technological innovations facilitate our everyday lives. But they also make significant contributions to criminality. Cybercrime has become a serious problem globally. The research needed to match the reality is struggling ...

  12. Mapping the global geography of cybercrime with the World Cybercrime

    Profit-driven cybercrime, which is the focus of this paper/research, has been studied by both social scientists and computer scientists. It has been characterised by empirical contributions that have sought to illuminate the nature and organisation of cybercrime both online and offline [15-20]. But, as noted above, the geography of cybercrime ...

  13. Broadening our understanding of cybercrime and its evolution

    Recent empirical studies suggest that the experience of cybercrime victims is more aligned with the negative impacts felt by victims of conventional crimes and include psychological, emotional, physical and financial consequences that undermine their long-term well-being (Button et al. 2021; Cross and Lee 2022; Notté, Leukfeldt, and Malsch 2021 ).

  14. Understanding cybercrime from a criminal's perspective: Why and how

    1. Introduction. The development of information and communication technology (ICT) makes modern life more convenient [1, 2].However, increases in cybercrimes exploiting such technology have emerged as a severe social issue [1, 3].Since the onset of the COVID-19 pandemic, more internet users worldwide have become dependent on the internet in all areas, including education, financial ...

  15. Top 111+ Stunning Cybersecurity Research Topics For 2023

    Operational Security Research Topics In 2023. Securing containerized applications in cloud environments. Implementing secure remote access policies for remote workers. Evaluating the effectiveness of endpoint protection solutions. Protecting against DNS tunneling attacks. Securing cloud-based storage solutions.

  16. Understanding cybercrime in 'real world' policing and law enforcement

    This paper reviews current research, providing a comprehensive account of cybercrime and addressing issues in policing such offences. We achieve this by describing the technological, individual, social and situational landscapes conducive to cybercrime, and how this knowledge may inform strategies to overcome current issues in investigations ...

  17. The Future of Cybercrime: AI and Emerging Technologies Are ...

    This paper reviews the impact of AI and emerging technologies on the future of cybercrime and the necessary strategies to combat it effectively. Society faces a pressing challenge as cybercrime proliferates through AI and emerging technologies. At the same time, law enforcement and regulators struggle to keep it up.

  18. 413 PDFs

    Explore the latest full-text research PDFs, articles, conference papers, preprints and more on CYBERCRIME INVESTIGATION. Find methods information, sources, references or conduct a literature ...

  19. Research trends in cybercrime victimization during 2010-2020: a

    Research on cybercrime victimization is relatively diversified; however, no bibliometric study has been found to introduce the panorama of this subject. The current study aims to address this research gap by performing a bibliometric analysis of 387 Social Science Citation Index articles relevant to cybercrime victimization from Web of Science database during the period of 2010-2020. The ...

  20. (PDF) On Cyber Crimes and Cyber Security

    P.O. Box 5969, Safat 13060, Kuwait University, Kuwait. Abstract. The world has become more advanced in communication, espec ially after the invention of. the Internet. A key issue facing today's ...

  21. 105 Cybercrime Essay Topics & Research Titles at StudyCorgi

    These essay examples and topics on Cybercrime were carefully selected by the StudyCorgi editorial team. They meet our highest standards in terms of grammar, punctuation, style, and fact accuracy. Please ensure you properly reference the materials if you're using them to write your assignment. This essay topic collection was updated on ...

  22. Cybercrime Victimization and Problematic Social Media Use: Findings

    Prior research on the topic presents a nuanced view of social media and its consequences (Kross et al., 2020). For instance, several studies have demonstrated that social media use may produce positive outcomes, such as increased life satisfaction, social trust, and political participation (Kim & Kim, 2017 ; Valenzuela et al., 2009 ).

  23. 5 Dissertation Topics on Cyber Crime

    Topic 9: Cybercrime Dissertation Topics - Understanding the Different Types of Cyber Crime. Research Aim: Cybercrime, undoubtedly, is one of the most deadly forms of crime. Without causing physical harm, the crime causes the victim to attempt suicide or suffer from mental diseases such as anxiety, depression, etc.

  24. Security pioneer Ross Anderson dies at 67 • The Register

    A pioneer in peer-to-peer systems and hardware tamper-resistance, he spent years working, and ultimately had a significant influence, on the secure design of widely used real-world technologies, including chip and PIN bank cards.Anderson's efforts to publicize security flaws in ATMs led to changes made to their design across the world.. The publication for which he will most likely be ...

  25. Top Israeli spy exposes own identity in ebook email mistake

    All Security Cyber-crime Patches Research CSO. Off-Prem Off-Prem. All Off-Prem Edge + IoT Channel PaaS + IaaS SaaS. On-Prem ... The paper has since confirmed with Israeli Defense Force sources that the account was tied to Sariel, and noted multiple sources have confirmed him as the author. ... Cyber-crime 28 Mar 2024 | 14. 96% of US hospital ...

  26. Cybercrime and Artificial Intelligence. An overview of the work of

    The purpose of this paper is to assess whether current international instruments to counter cybercrime may apply in the context of Artificial Intelligence (AI) technologies and to provide a short analysis of the ongoing policy initiatives of international organizations that would have a relevant impact in the law-making process in the field of cybercrime in the near future. This paper ...