The Art of Cybercriminal Profiling

Modified: 18th Oct 2021
Wordcount: 2979 words

Disclaimer: This is an example of a student written essay. Click here for sample essays written by our professional writers.
Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UKEssays.ae.

Cite This

Abstract

Cybercrime continues as one of the fastest-growing types of illegal activity. In the attempt to combat cybercrime, cybercriminal profiling methodologies have derived from their traditional criminal profiling counterparts with the objective in mind to aid investigations, in hopes to catch the anonymous perpetrators of cybercriminal activity. These methodologies continue to break through into the future with the hope of establishing a general framework for profiling cybercriminals and establishing more sound methods in the discovery and convictions of these criminals.

Keywords:  cybercrime, cybercriminal, criminal profiling, digital profiling, cybercriminal profiling, methodology, cybertrail

Working title: The Art of Cybercriminal Profiling 

As cybercrime has become one of the fastest-growing types of illegal activity, not only in the United States, but within global society. The United States Department of Justice declares cyber crime as one of the country’s greatest threats. The United Nations defines cybercrime as any illegal behavior committed by the means of, or in relation to, a computer system or network, including such crimes as illegal possession of and offering or distributing information by means of a computer system or network.[1] Due to obstacles such as anonymity, jurisdiction, and technological vulnerabilities in general the profiling of cybercriminals has been a daunting task over the years. Criminal profiling, led by the behavioral analysts from the FBI, developed a process of investigating and examining criminal behavior that helped identify the types of people responsible for crimes. Similar to its traditional crime counterpart, in the cyber world, investigators use digital profiling that uses information gathered about behaviors, personality traits, and interactions on the Internet to create a persona for criminals that are used in cybercrime investigations.[2] Profiling is an important analysis of personal characteristics and behavioral patterns that can help provide the factors of uniqueness that distinguish certain individuals from the general population ultimately guiding investigations towards the perpetrator. The further establishment and modification of behavioral analysis profiling into the cyber criminal domain is a necessity to bring cyber criminals to justice.

Get Help With Your Essay

If you need assistance with writing your essay, our professional essay writing service is here to help!

Essay Writing Service

Cybercrime and Profiling

Research has led to a stereotypical description of cybercriminals to develop in the form of a middle-aged disgruntled male, who has been overlooked in their place of work, with the added pressures of troubles at home to be the most likely source of cybercrime.[3] Now this is not a set-in stone profile by any means, especially since cybercriminals, like traditional criminals, are opportunists, seeking for the most vulnerable systems that create the highest self-benefitting opportunities to strike. Building a cybercriminal profile provides a much tougher battle than its traditional counterpart. On one side of the coin, profiles are much more difficult to stick in conjunction with two separate cybercrimes. This can be based on the tools used, motivation behind the attack, and the potential for a hacking ring rather than one individual to be the ultimate culprit. A major criticism on the development of cybercriminal profiling has been that cybercriminal behavior specifically has the potential to change at such a rapid rate over time that it is difficult to create a consistent profiling framework. It is also important to acknowledge that profiles can only be cemented as verifiable if the criminals are cooperative in revealing their own backgrounds, motives, and admission of guilt. (Natasha Garcia).[4]

Although, cybercrimes are not as easily examined, or observed, compared to their traditional counterparts it does not mean profiles and the methodology of developing them cannot be established. In fact, in order to create a cybercriminal profile, it calls on the profiler to have a sufficient and unique collection of knowledge in a variety of disciplines such as: information technology, digital forensics, cybersecurity, profiling, interviewing, and interrogation techniques (Yepes, PCM).[5] Even with this repertoire of knowledge guiding the profiler, many of the established profiling techniques used in law enforcement and serial cases cannot be directly applied to cybercrimes. However, the use of deductive and inductive reasoning, as with traditional criminal profiling, does have its uses in the development of a cybercriminal profile.

Proposed Methodologies and Strategies for Cybercriminal Profiling

In order to achieve the objective of profiling, which is to aid law enforcement in the identification of and to understand the criminal, profilers use both inductive and deductive profiling strategies (Natasha Garcia, 16).[6] Inductive and deductive profiling are the primary guiding strategies for the development of a methodology for the profiling of a cybercriminal. Deductive profiling creates a criminal profile based on theories developed at the crime scene solely based on the evidence at hand. A key advantage of using deductive reasoning is that the profiler will be able to consistently consider criminal behavior as the investigations evolves creating a more accurate profile based on the evidence discovered. The ultimate disadvantage when solely using this strategy is that the profile itself relies on the evidence it is based upon, and if the cybercriminal is advanced enough to leave no trace behind, then no profile can be developed.[7]

Although related, inductive profiling takes on a bit of a different twist in how it is implementing as a profile is established. Inductive profiling is developed using statistical or comparative analysis that leads to applicable traits/characteristics shared by criminals that commit the same type of crimes (Garcia, 17).[8] Due to the fact a set methodology has and may not be able to be established, multiple methodologies have manifested in the attempt to create cybercriminal profiles, all with their own merits, and while sharing some common components. The simplest methodological approach, implemented by investigator Ray Yepes and contributing author to PCM, in a major cyber-attack against a Fortune 100 oil company, can be summed up by WHW, representing “Why+How=Who”. Yepes believes that by answering the simple questions of why and how a crime took place, the details will greatly aid in the facilitation of discovering who committed the crimes.[9] This simplistic approach still carries with it its own intricacies that allow for the scope to narrow and create a specific profile in the search for the guilty party.

Shifting the conversation towards a more robust methodological approach, Leonard Kwan, Pradeep Ray, and Greg Stephens from the University of New South Wales developed their own suggested methodology for profiling cybercriminals. Their methodology is comprised of four core components in the creation of cybercriminal profiles: breadth, depth, vulnerabilities, and tools. Breadth covers the range of infiltration on both a single specific host and the network. Depth contains two subsections of measurements: host depth and service depth. As a whole, depth measures the extent of infiltration of the network’s intrusion. Host depth focuses on the level of infiltration that penetrates the host, and service depth focuses on measuring the degree of infiltration of a specific service that can lead to potential information about specific activities conducted by the attacker (4).[10] The vulnerability component consists of analyzing the weaknesses of the system that was attacked in order to identify the potential sophistication of the attacker. The final component for this specific methodology is tools, specifically the identification and analysis of software and hardware used which can provide an assessment of the attacker’s motivation and their level of sophistication that can lead to a more accurate profile (4-5).[11]

Perhaps the best potential methodology in the analysis and creation of a cybercriminal profile was developed by Arun Warikoo in the Information Security Journal. Warikoo developed a six-element methodology that consists of: Attack Signature, Attack Method, Motivation Level, Capability Factor, Attack Severity, and Demographics.[12] The Attack Signature and Attack Method investigate what tools were used for the attack, specifically is it available or customized software and scripts; along with the methods used by the attacker to commit the intrusion—social engineering, malware, DoS attacks, etc. The Motivation Level is a key in determining the complexity of the attack along with the Capability Factor which highlights the availability and use of specific hacking tools, techniques, and potential resources available to the attacker. The Attack Severity defines the impact the threat has had on the victim’s enterprise and one of the most critical metrics in the development of the profile is the identification of the geographical location brought about through the Demographic element of Warikoo’s methodological approach (174-175).[13]

These methodologies all have the same goal in mind although their approaches in identifying important significances vary. Each methodology seeks to find signature behaviors that leave a cybertrail that will lead investigators back to the attacker. Some of the methods in which a cybertrail can manifest is through log files, metadata, custom signatures left in customized code, and specific patterns of hacking.[14] It is these signature behaviors that influence the tools that are used, the hacking strategy developed and implemented, along with the motivation and complexity of attacks. Natasha Garcia points to the classifications of (Rogers) who has profiled cyber hackers into nine different categories. These categories include: novices, cyber-punks, internals, petty thieves, virus writers, old guard hackers, professional criminals, and information warriors (28).[15] In the following section there is one case study example that shows how a variety of the components that make up these different methodologies have been implemented in a real-world cybercrime investigation.

Case Study Example

As mentioned earlier, Ray Yepes implemented quite the systematic approach to establish a profile of the cybercriminal in the Fortune 100 oil company cyber-attack. His approach was based around finding specific sub-questions to the overarching Why and How questions in his methodology. The specific strategies that narrowed the scope of the investigation were topics such as the discovery of whether or not it was an inside or outside attack, knowledge of IT infrastructure of the building, dissecting the attack from a technological standpoint, identifying important viewpoints of the victim, motivational analysis, ultimately leading to the interviews and interrogation of the suspect list (Yepes, PCM). His expertise with information technology and background in law enforcement provided the breadth of knowledge that led to a written confession and an arrest of the employee responsible for the attack.[16]

Conclusion

Unfortunately, cybercrime is not something that is just going to go away overnight. According to global statistics, a business falls victim to ransomware every 14 seconds, with the predicted reach of $20 billion in global costs by the year 2021. [17]At this point in time, global society is left with the responsibility to begin to develop international coalitions with specified technology and strategies to target cybercriminals. The starting point of that goal needs to be the development of a systematic framework for cybercriminal profiling in order to narrow the scope of suspects as quickly as possible once a cyber attack has been implemented. Obviously, obstacles such as anonymity and jurisdiction will not simply vanish either, but with enough support and the proper methodology, better techniques should be able to be developed to combat this global epidemic that is cybercrime.

References

  • Garcia, N. (2018). The Use of Criminal Profiling in Cybercrime Investigations. ProQuest, Ann Arbor. 1-47.
  • Higgins, K. J. (2011, December 8). The Art Of Profiling Cybercriminals. Retrieved from https://www.darkreading.com/vulnerabilities---threats/the-art-of-profiling-cybercriminals/d/d-id/1136783
  • Kwan, L., Ray, P., & Stephens, G. (2008). Towards a Methodology for Profiling Cyber Criminals. Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008), 1–9. doi: 10.1109/hicss.2008.460
  • Warikoo, A. (2014). Proposed Methodology for Cyber Criminal Profiling. Information Security Journal: A Global Perspective, 23(4-6), 172–178. doi: 10.1080/19393555.2014.931491
  • Yepes, Ray. (Feb. 2016). The Art of Profiling in a Digital World. The Police Chief Magazine.  Retrieved from https://www.policechiefmagazine.org/the-art-of-profiling-in-a-digital-world/

Endnotes


[1] Yepes, Ray. (Feb. 2016). The Art of Profiling in a Digital World. The Police Chief Magazine.  Retrieved from https://www.policechiefmagazine.org/the-art-of-profiling-in-a-digital-world/

[2] Garcia, N. (2018). The Use of Criminal Profiling in Cybercrime Investigations. ProQuest, Ann Arbor. 1-47.

[3] Higgins, K. J. (2011, December 8). The Art Of Profiling Cybercriminals. Retrieved from https://www.darkreading.com/vulnerabilities---threats/the-art-of-profiling-cybercriminals/d/d-id/1136783

[4] Garcia, N. (2018). The Use of Criminal Profiling in Cybercrime Investigations. ProQuest, Ann Arbor. 1-47.

[5] Yepes, Ray. (Feb. 2016). The Art of Profiling in a Digital World. The Police Chief Magazine.  Retrieved from https://www.policechiefmagazine.org/the-art-of-profiling-in-a-digital-world/

[6] garcia

[7] Garcia, N. (2018). The Use of Criminal Profiling in Cybercrime Investigations. ProQuest, Ann Arbor. 1-47.;

Warikoo, A. (2014). Proposed Methodology for Cyber Criminal Profiling. Information Security Journal: A Global Perspective, 23(4-6), 172–178. doi: 10.1080/19393555.2014.931491

[8] Garcia, N. (2018). The Use of Criminal Profiling in Cybercrime Investigations. ProQuest, Ann Arbor. 1-47.

[9] Yepes, Ray. (Feb. 2016). The Art of Profiling in a Digital World. The Police Chief Magazine.  Retrieved from https://www.policechiefmagazine.org/the-art-of-profiling-in-a-digital-world/

[10] Kwan, L., Ray, P., & Stephens, G. (2008). Towards a Methodology for Profiling Cyber Criminals. Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008), 1–9. doi: 10.1109/hicss.2008.460

[11] Kwan, L., Ray, P., & Stephens, G. (2008). Towards a Methodology for Profiling Cyber Criminals. Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008), 1–9. doi: 10.1109/hicss.2008.460

[12] Warikoo, A. (2014). Proposed Methodology for Cyber Criminal Profiling. Information Security Journal: A Global Perspective, 23(4-6), 172–178. doi: 10.1080/19393555.2014.931491

[13] Warikoo, A. (2014). Proposed Methodology for Cyber Criminal Profiling. Information Security Journal: A Global Perspective, 23(4-6), 172–178. doi: 10.1080/19393555.2014.931491

[14] Garcia, N. (2018). The Use of Criminal Profiling in Cybercrime Investigations. ProQuest, Ann Arbor. 1-47.

[15] Garcia, N. (2018). The Use of Criminal Profiling in Cybercrime Investigations. ProQuest, Ann Arbor. 1-47.

[16] Yepes, Ray. (Feb. 2016). The Art of Profiling in a Digital World. The Police Chief Magazine.  Retrieved from https://www.policechiefmagazine.org/the-art-of-profiling-in-a-digital-world/

[17] https://cybriant.com/2019-cybercrime-statistics/

 

Cite This Work

To export a reference to this article please select a referencing style below:

Give Yourself The Academic Edge Today

  • On-time delivery or your money back
  • A fully qualified writer in your subject
  • In-depth proofreading by our Quality Control Team
  • 100% confidentiality, the work is never re-sold or published
  • Standard 7-day amendment period
  • A paper written to the standard ordered
  • A detailed plagiarism report
  • A comprehensive quality report
Discover more about our
Essay Writing Service

Essay Writing
Service

AED558.00

Approximate costs for Undergraduate 2:2

1000 words

7 day delivery

Order An Essay Today

Delivered on-time or your money back

Reviews.io logo

1856 reviews

Get Academic Help Today!

Encrypted with a 256-bit secure payment provider