Digitalisation offers criminals new ways to commit crimes and commit old crimes in digital ways, also known as cybercrime. The percentage of cybercrime victims is increasing and is currently similar to the percentage of victims of traditional crimes. However, local authorities are not prioritising cybercrime in their policies, even though they have a role in tackling it. Their policies are mostly based on victimisation of traditional crimes. However, it is unclear whether the impact and needs are different for cybercrime victims compared to victims of traditional crime. Our results suggest that the impact after cybercrime victimisation does not seem to differ from the impact after traditional crime victimisation. This impact varies per crime. In addition, certain needs of cybercrime victims differ from the needs of victims of traditional crime. Therefore, local authorities could prioritise cybercrime in their policies and also base these policies on the impact and needs of cybercrime victims, as they differ from victims of traditional crime. These implications might help to improve local aftercare and prevention policies, and provide support for citizens after victimisation of both types of crimes. |
Tijdschrift voor Veiligheid
Over dit tijdschriftMeld u zich hier aan voor de attendering op dit tijdschrift zodat u direct een mail ontvangt als er een nieuw digitaal nummer is verschenen en u de artikelen online kunt lezen.
Redactioneel |
Wijk + web: de noodzaak van een lokale aanpak van cybercriminaliteit |
Trefwoorden | cybercriminaliteit, lokale aanpak, slachtofferschap, cyber-enabled crimes, cyber-dependent crime |
Auteurs | Remco Spithoven, Jurjen Jansen, Anthonie Drenth e.a. |
Auteursinformatie |
Artikel |
De slachtofferimpact van cybercrime versus traditionele criminaliteit: aanknopingspunten voor slachtofferzorg en preventieprioriteiten |
Trefwoorden | cybercrime, traditionele criminaliteit, slachtofferimpact, slachtofferbehoeften, slachtofferzorg |
Auteurs | Kimberly Bluhm, Jildau Borwell en Wouter Stol |
SamenvattingAuteursinformatie |
Artikel |
Hulpzoekintentie bij WhatsApp-fraude: een vignettenonderzoek naar de intentie om hulp te zoeken bij verschillende organisaties en personen |
Auteurs | Valérie Pijlman, Steve van de Weijer, Dian Boelsz e.a. |
SamenvattingAuteursinformatie |
In this study we have examined the intention to seek help after victimization of WhatsApp-fraud, as well as the incident and personal characteristics that potentially assert an influence on this. The intention to seek help at the police, the bank, Victim Support Netherlands and friends and family was studied through the use of a questionnaire with vignettes. The incident characteristics that were measured in the vignettes consisted of the incurred financial damage and the person whom the perpetrator pretended to be. The personal characteristics include the respondents’ age, gender, educational level, relationship status, employment status, and previous online fraud victimization. Logistic regression analyses were used to examine the associations of the different types of help-seeking intention with the incident and personal characteristics. The results show the intention to seek help from the police and the bank to be the highest amongst the respondents. The logistic regression analyses further showed that a higher amount of incurred financial damages leads to a higher intention to seek help after victimization of WhatsApp-fraud. The person whom the perpetrator pretended to be and the personal characteristics did not predict the respondents’ intention to seek help well. |
Artikel |
Weerbaar tegen phishing: een verkenning van de onderliggende factoren bij zelfbescherming tegen phishing onder jongeren, ouderen en mkb’ers |
Trefwoorden | phishing, slachtofferschap van cybercriminaliteit, cyberweerbaarheid, protection motivation theory, PMT |
Auteurs | Susanne van ’t Hoff-de Goede, Luuk Bekkers, Ellen Misana-ter Huurne e.a. |
SamenvattingAuteursinformatie |
A large group of Dutch people fall victim to phishing every year. However, citizens and companies take self-protective measures to a limited extent. This study maps out which factors contribute to the intention to take self-protective measures against phishing by three high-risk groups, namely young people, the elderly and SMEs (Small and Medium Enterprises). We apply the Protection Motivation Theory and justify an extension of this model with two factors: affective response and subjective norms. Data was collected through questionnaire research at a panel agency among young people (N=1179), the elderly (N=1191) and SME owners (N=1020). The strongest predictor for the intention to take self-protective measures against phishing appeared to be affective response (worrying about phishing), followed by a negative effect of self-efficacy and positive effects of perceived seriousness (young people and SMEs) and subjective norm (SMEs). Implications of the findings for policy makers and interventions are discussed. |
Artikel |
NAS-ransomware: hoe ransomware-aanvallen tegen NAS-apparaten verschillen van reguliere ransomware-aanvallen |
Trefwoorden | ransomware, Network Attached Storage, politie, empirisch onderzoek, cybercrime |
Auteurs | Tom Meurs, Marianne Junger, Erik Tews e.a. |
SamenvattingAuteursinformatie |
The present study examines the impact of ransomware against Network Attached Storage (NAS) devices. NAS devices are external hard drives which are usually easily accessible through the internet. Between 2019 and 2022, 434 ransomware attacks were reported to the Dutch Police, of which 78 (18%) were against NAS devices. These attacks targeted both companies as individuals. One limitation of this sample is possible low willingness to report to the Police. The aim of the present study is to compare NAS attacks with regular attacks. Our findings show that, compared to regular ransomware attacks, NAS ransomware typically targets individual citizens instead of organizations, requests relatively low amounts of ransom, and the attack is carried out in a more automatic fashion. Furthermore, attack campaigns seem to correlate with the publication of certain vulnerabilities of NAS devices. |
Artikel |
Leren van cyberincidenten: een meta-analyse van evaluatierapporten ten behoeve van organisatorisch leren |
Trefwoorden | cyberweerbaarheid, organisatorisch leren van cyberincidenten, meta-analyse, evaluatierapporten, kwalitatief onderzoek |
Auteurs | Bruno Verweijen |
SamenvattingAuteursinformatie |
Many organisations fall victim to cyberattacks, such as ransomware attacks. Nevertheless, organisations have opportunities to bolster their cyber resilience. One way to achieve this is by learning vicariously from the experience of victims. This allows organisations to learn meaningful lessons, while not being burdened by the impact of an incident. However, vicarious learning requires victims to share lessons learned resulting from the investigation into causes and consequences of a cyber incident. Fortunately, some organisations disseminate lessons learned and recommendations through the publication of a publicly available evaluation report. Despite the potential of such sources for meaningful learning, most studies on organisational learning from cyberincidents focus on how individual organisations learn from their own experiences. As a consequence, such studies fail to identify recurring patterns of lessons learned that may generalize to other organisations. This meta-analysis addresses this issue by comparing multiple evaluation reports. The research objective is twofold: 1) to identify recurring lessons learned about causes and consequences of cyberincidents, and 2) to study from which frames of reference incidents are evaluated to understand why certain lessons are learned and others are not. The research question is: which lessons are drawn in evaluation reports into the causes and consequences of cyberincidents at organisations, in order to prevent these from recurring in the future. Various recurring lessons are identified and classified using an analytical framework that incorporates different risk management phases and categories of lessons learned. It is recommended to improve sharing of lessons learned within a network of trusted partners to enable broad vicarious learning and collective cyber resilience. |
Uit de praktijk |
Lokale stappen in de aanpak van gedigitaliseerde criminaliteit |
Trefwoorden | cybercriminaliteit, basisteams, gebiedsgebonden politie, aanpak, politie |
Auteurs | Jelle Kort en Remco Spithoven |
SamenvattingAuteursinformatie |
This article is based on an exploratory study into endeavors at the local police level, with the aim of tackling cyber-enabled crime. We highlight what the IJsselland police district in the Netherlands encountered in some recent developments in their approach to this new challenge. In this article we will also address the more general question of how the Dutch police at the local level can be better equipped to tackle cybercrime effectively. |