Cambridge Cybercrime Centre: Inaugural Cybercrime Conference, 14 July 2016
The Cambridge Cybercrime Centre organised its inaugural one day conference on cybercrime on Thursday, 14th July 2016.
In future years we intend to focus on research that has been carried out using datasets provided by the Cybercrime Centre, but for this first year we had a stellar group of invited speakers who are at the forefront of their fields. They presented various aspects of cybercrime from the point of view of criminology, security economics, cybersecurity governance and policing.
The one day event, was held in the Faculty of Law, University of Cambridge and followed immediately after the "Ninth International Conference on Evidence Based Policing" organised by the Institute of Criminology which ran on the 12th and 13th July 2016.
09:30 Tackling cybercrime: Challenges and opportunities faced by the NCA and UK law enforcement today
Mike Hulett Head of Operations, National Cyber Crime Unit, National Crime Agency, UK
Abstract: Mike Hulett will speak about the cybercrime threat and, how working with industry and partner agencies is vital in tackling this crime.
The National Cyber Crime Unit (NCCU) is the UK lead for tackling the threat from cybercrime. For the first time, the UK has a single Unit with the responsibility and capability to lead the overall response, coordinate activity across a range of partners and provide specialist cyber support and expertise across law enforcement.
10:00 From behind the keyboard to behind bars: Cybercrime arrests and prosecutions in the UK
Alice Hutchings Post-doc Criminologist, Computer Laboratory, University of Cambridge, UK
Abstract: I will be talking about the Cambridge Computer Crime Database (CCCD), a database that I established with open source information about computer crime arrests and prosecutions in the United Kingdom. The database goes back to 1 January 2010, and includes cybercrime cases that fall under the Computer Misuse Act, as well as fraud, conspiracy, misconduct in public office, data protection, and money laundering offences where there is a direct link to cybercrime. I will provide an analysis of the cases, including offender characteristics, offence types, international aspects, and co-offending, and how these have changed over time.
10:30 Coffee break
11:00 The demands upon policing in a digital age
David S. Wall Professor of Criminology, University of Leeds, UK
Abstract: This talk will draw upon the findings of research into Policing Cybercrimes -- based upon National and Local Police operational data -- to explore the demands faced by policing agencies in the digital age. It will firstly identify some of the methodological issues arising from the data sources. It will then map out some of the different demands made of local and national police forces. Finally, it will contrast different sources of data (threat, harm, crime, prosecution) in order to understand why police agencies are being driven towards policing the reassurance gap between demands for security and what police and government can deliver, rather than apparently seeking justice for victims.
11:30 Policing economic cybercrimes
Michael Levi Professor of Criminology, Cardiff University, UK
Abstract: Cybercrimes in general, and frauds committed using digital media in particular, pose problems for traditional law enforcement Pursue models as well as for prevention outreach and advice. This presentation deconstructs what we know about the cyber components of financial crimes, outlines some of the problems that the police in the UK and elsewhere have experienced in responding, and suggests some possible mixed policing alternatives, including the problem of how to get users to protect themselves better.
12:00 Assessing police perceptions of cybercrime in England and Wales
Adam Bossler Associate Professor, Department of Criminal Justice and Criminology, Georgia Southern University, USA
Abstract: While research on cybercrime offending and victimization has grown exponentially in the last two decades, minimal empirical inquiry has been made into the law enforcement response to this phenomenon. In particular, there is a need for research addressing the perceptions of local constables as they serve as the first line of response at virtually all crime scenes, digital or otherwise. This study attempts to address this gap through one of the first surveys of constables across England and Wales regarding their views on cybercrime, including common offenders, targets, agency responses, and the frequency and severity of various offenses. The findings provide valuable insights into the perception of cybercrime among local first responders, and direction for policy makers and police management.
13:30 Beyond Silk Road: Developments in online anonymous marketplaces
Nicolas Christin Assistant Research Professor of Electrical and Computer Engineering, Carnegie Mellon University, USA
Abstract: Founded in 2011, Silk Road was the first online anonymous marketplace, in which buyers and sellers could transact with anonymity guarantees far superior to those available in online or offline alternatives. Business on Silk Road, primarily involving narcotics trafficking, was brisk and before long competitors appeared. After Silk Road was taken down by law enforcement, a dynamic ecosystem of online anonymous marketplaces emerged. I will describe insights regarding this ecosystem, highlighting the scientific and—to a lesser extent—ethical challenges in collecting such data at scale, and illustrating public policy implications of the results we gathered from our analysis.
14:00 The fraud telescope
Ross Anderson Professor of Security Engineering, Computer Laboratory, University of Cambridge, UK
Abstract: Fraud victims who have failed to get their money back from their bank and been turned down by the ombudsman sometimes find our group using search engines and write to us in desperation. This gives us a small but useful sample of the frauds that the system is currently failing to cope with. It also gives us an insight into secondary victimisation, and regulatory failures.
14:30 Coffee break
15:00 A scientific approach to fighting web-based cybercrime
Tyler Moore Tandy Assistant Professor of Cyber Security & Information Assurance, University of Tulsa, USA
Abstract: Threats to cybersecurity are growing in magnitude and frequency each day, yet the technologies developed to protect us appear overmatched. In this talk, I discuss how an economic approach has helped explain common security failures and identify better strategies for tackling the problems that plague cybersecurity. In particular, I show how an scientific approach can be used to combat web-based cybercrime. I first examine a long-running campaign to poison web search results by compromising highly-ranked websites to surreptitiously redirect traffic to unlicensed pharmacies. I describe how the attacks work, plus how we designed and deployed an infrastructure to track the attacks and countermeasures. By analyzing nearly four years' worth of data, I explain how the attack has evolved, evaluate the effectiveness of countermeasures that have been tried and weigh the prospects of some that haven't. Next, I outline an experiment designed to evaluate the effectiveness of abuse reports that notify operators whose websites have been hacked. I demonstrate that sending reports including details of the compromise improves cleanup by 38%. I then describe a case-control study to identify risk factors that are associated with higher rates of web server compromise. I present evidence that webservers running WordPress and Joomla are more likely to be hacked than those not running any CMS. Surprisingly, I also find that webservers running outdated software are less likely to be compromised than those running up-to date software.
15:30 Clean Netherlands: Tackling Internet pollution using science and law enforcement
Maciej Korczynski Post-Doctoral Researcher, Delft University of Technology, The Netherlands
Abstract: In this presentation, we describe a collaboration between Delft University of Technology, the Dutch National Police, the Authority for Consumers and Markets and the Public Prosecutor. This collaboration aims to enable law enforcement to engage with hosting providers and determine which factors influence Internet abuse in the Dutch hosting provider market, based on robust metrics. As such, this project intertwines large data sets on Internet abuse with robust metrics and the criminological concepts of problem-oriented policing and positive criminology. We present an approach to develop reputation metrics for the security of hosting providers. Next, we present how several law enforcement agencies use the proposed metrics to engage the hosting provider community.
16:00 Measuring and studying cybercrime
Richard Clayton Director, Cambridge Cybercrime Centre, University of Cambridge, UK
Abstract: Lord Kelvin famously suggested that if you were unable to measure something then your knowledge would be "meagre and unsatisfactory" and studying it would not be "science". That's where much cybercrime research is today. I'll explore what we currently know, the challenges in getting any plausible measurements, and how our new initiative at Cambridge will get more researchers into the field.