اکوسیستم جرایم اینترنتی : نوآوری آنلاین در سایه؟

With the growing sophistication and use of information technology, the past decade has witnessed a major growth in financial cybercrime. This paper focuses specifically on credit card fraud and identity theft, examining the globalisation of these activities within a ‘digital ecosystem’ conceptual framework. The relevance of concepts and analytical tools typically used to study legitimate businesses, such as value chains, dynamic capabilities and business models, is explored and tested for their relevance in understanding the scale and nature of illegal activities which are dependant upon innovation and the collective activities of global participants. It is argued that developing a better understanding of how such illegal activities are organised and operate will assist policy makers, law enforcement agencies and security firms to identify trends and concentrate limited resources in a most effective manner.

Innovation is at the heart of the growth of illegal Internet-based activities commonly known as cybercrime [40], [50] and [60]. Criminal organisations are not only incorporating emerging technologies in their activities, but are increasingly pioneering and seizing opportunities for new illegal enterprises made possible by the Internet and the continuing growth of electronic commerce. Arguably, many of these innovations represent the cutting edge of global criminal activity. They provide higher prospects for illicit profits at seemingly lower degrees of risk. Security analysts can have difficulty in identifying the locations from where the cybercriminals may be operating (see Table 1 below) and find it difficult to identify the perpetrators. Cybercrime thus represents the growing sophistication of existing criminal behaviour and the emergence of novel illegal cyber activities. It presents unique and difficult challenges for law enforcement officers charged with countering such activities.Despite being an innovation-driven phenomenon, most analysis of cybercrime has been undertaken from the perspectives of criminology, information and communications technology (ICT) security firms and journalists, rather than innovation scholars. The aim of this paper is to examine the evolution of cybercrime through the lens of innovation studies in order to develop a framework which aims to contribute to a new perspective on how cybercriminals innovate, organise and operate, and how law enforcement agencies must change to combat this growing trend. The lack of systematic innovation-based analysis of cybercrime has left gaps in the understanding of how cybercrime has evolved into a large global ‘business’ within and connected to the Internet. To contribute to filling these gaps, this paper analyses the evolution of cybercrime through the borrowed concept of a “digital business ecosystem” [16, p. 3].1 We suggest that by deepening our understanding of the cybercrime ecosystem it may be possible for the relevant authorities to more rapidly identify trends and forecast new developments. In so doing they should be able to more effectively concentrate their limited resources in dealing with cybercrime. James Moore [39], in his McKinsey award-winning article, introduced this concept which has become widely used by social scientists and students of business and organisational management and design. Moore defined a business ecosystem as: “a loose network of suppliers, distributors and outsourced firms that work cooperatively and competitively to support new products, satisfy consumer needs and incorporate innovation”.2 According to his view, firms do not belong to a single industry, but their activities cut across multiple industries. Refining his concept further [40: 26], he added that an ecosystem is: “an economic community supported by a foundation of interacting organisations and individuals—the organisms of the business world. The economic community produces goods and services of value to customers, who are themselves members of the ecosystem. The member organisms also include suppliers, lead producers, competitors, and other stakeholders”. Other scholars have further elaborated on this concept by emphasising that entities of a business ecosystem have different interests but are interconnected through cooperation and competition, for their mutual survival and effectiveness [62]. Analogous to natural ecosystems, business ecosystems are characterised by “interconnectedness” and “shared fate” among diverse organisations, “that contributes to their collective productivity and robustness” [45: 104].3 Drawing on this concept, we argue that there is merit to analysing the cybercrime network in terms of a digital business ecosystem, which depends on information and communication technologies, responds to its environment, is interdependent on various entities and continually innovates in order to be effective and survive. We label this ecosystem as the “cybercrime ecosystem”. Furthermore, the business ecosystem provides a perspective that can be used to analyse interconnected businesses, that is “by looking at the relationships or interactions among the members and their environment and at the roles and interests of the members of the system” [8], [11] and [18].4 As will be discussed, financial cybercrime is an “interconnected” business, with different roles and interests of the constituents of this network. In addition to a variety of criminal participants, the cybercrime ecosystem includes legitimate businesses, such as IT security firms, banking and financial services. For instance, IT security firms interact with organisations in the financial services when they have to develop new measures to identify new attacks and to deal with the vulnerabilities found in network infrastructures. Cybercriminals, in turn, have to further hone their skills and develop ever more sophisticated malicious tools to infect the digital networks and to circumvent security measures. In a sense, these two communities, perversely, have a shared fate, as if participating in a game of innovation leapfrogging as one set of actors in the ecosystem attempts to counter the advances and responses of another set of actors. Drawing from existing literature and the results from an exploratory study involving academics, IT security firms, law enforcement officers, financial institutions and policymakers [46], this paper first defines the types of cybercrime before examining the conceptual foundations of the cybercrime ecosystem and its three core elements. They are (1) the international value chains (networks) which link activities and actors; (2) the changing capabilities that underlie the ecosystem; and (3) the business models that arise from the changing capabilities and concomitant innovations and strategies.

The organisational and technological capabilities of cybercriminals will likely advance and grow in the foreseeable future. As the use of cyberspace develops further, new opportunities will open up, for instance in the observed rapid growth in mobile web usage and social media. It remains to be seen how the current global financial crisis will affect this situation. We have already seen how powerful emerging economies (the so-called BRICs, for example) are already playing significant roles within the cybercrime ecosystem. If the crisis deepens and persists, this may encourage a new generation of under- or unemployed youth with IT skills to seek entry into the profitable and comparatively low risk world of cybercrime. We have also discussed the range of countries that have become “IT-savvy,” from where many cybercriminals are conducting their illicit activities. It is arguable that as IT capabilities are further developed in countries such as Africa, other parts of Europe, South-East Asia and Latin America, and exacerbated by a prolonged financial exigency, the growth prospects of this criminal activity are likely to increase. Against this global spread of cybercrime, we have aimed to show why the concept of business ecosystems provides a useful approach to exploring the complex global environment in which cybercriminals operate. In the absence of coordinated global governance and leadership, criminal networks are likely to proliferate or consolidate in order to pursue convergent goals and interests. From an analytical viewpoint, digital business ecosystems provide a holistic framework to analyse the cybercrime ‘industry’ from a variety of angles, including its horizontal connections to other legitimate sectors (e.g. software production, Internet services providers, etc.). By adopting the ecosystem analogy, we have shown that the cybercrime ecosystem is continually evolving as it develops new criminal techniques, as well as responds to the external environment in which online activity and transactions continue unabated. The recent hacking of the Sony Playstation website in which millions of personal data were stolen is a distressing reminder that cybercriminals (and hackers with ‘political’ agendas) are unrelenting in their activities [11]. We believe that the ecosystem perspective, once fully populated with reliable data, will permit a clearer view of the multiple actors within the cybercrime universe. This paper has also attempted to examine cybercrime through an innovation lens, by examining how cybercriminals innovate, what the sources of innovation are and from where they emanate. We argue that by doing so, we have also contributed to the broad literature on cybercriminal activity, which is mainly populated by scholars in the fields of criminology, psychology, sociology, law and information technology. Important and necessary as these fields are for understanding the roots of cybercrime, the law for tackling it and the security measures that may be deployed to combat this felonious activity, an innovation perspective for studying this activity provides an added dimension to its activities, operation and organisation, which taken together, expands the understanding of this activity. Furthermore, the greater the awareness of the new ways that cybercriminals use to compile, package, distribute and market their products and services, the greater the success of dealing with counter measures against cybercrime. As concerns regarding the systematic collection of cybercriminal activities continue to worry national enforcement authorities, we believe that the framework presented in this paper could further help to identify the kinds of data required for capturing the actors and activities of cybercrime. In the UK for instance, the UK National Fraud Authority (NFA) set up the National Fraud Reporting Centre in 2011 (Action Fraud)53 to improve the low reporting activity of fraud victims, as well financial and cyber-enabled fraud. An enhanced understanding of cybercriminal activities could have a number of policy and practical implications for the communities charged with tackling cybercrime. Knowledge of how cybercriminals innovate, operate and organise their activities could plausibly aid law enforcement officers and policymakers to devise more effective strategies to deal with them. For instance, Kaplinsky [33, p 126] argues that an advantage of value chain analysis shifts “the focus from ‘point’ to ‘systemic’ efficiency,” which could imply that it would be more efficient for policymakers and the law enforcement community to understand the cybercriminal value chain than to deal with each kind of cybercrime discretely. Similarly, a deepened understanding of the dynamic capabilities required and the development of new business models within the cybercrime ecosystem, could help in the identification of significant trends (often mimicking legitimate sectors of the economy). Such insights and knowledge about the activities of networks could help criminal enforcement authorities and policy makers to concentrate what are often limited resources in order to increase the effectiveness of their response. Developing proactive measures to address complex, uncertain and globally interconnected issues, calls for the use of tools and approaches to analyse trends and directions of change, but importantly with a long-term perspective. Scenario planning and foresight are growing areas of interest that support strategic thinking by developing a range of possible ways in which the future could unfold, anticipating trends and identifying optimal policy responses to address each possible scenario. Foresight analysis has been deployed in cybercrime studies — a notable example is the “Foresight's Cyber Trust and Crime Prevention Project” sponsored by the UK Home Office in 2004.54 These exercises provide valuable insights on the perceptions of risks of cybercrime. The integration of an ecosystem perspective to foresight exercises could add value to future analyses. Addressing cybercrime is becoming a worldwide priority — in 2011 the UK government allocated £30 m over a period of four years to develop an e-Crime Unit exclusively dedicated to tackle computer intrusion, denial of service attacks and Internet fraud. Since its establishment there have been notable successes in terms of prosecutions and arrests.55 Yet these measures remain predominantly reactive, that is, taking action after the perpetration of the crime, although the UK Foresight project (see above) signals recognition that anticipation of the (new) types of cybercrime is a requirement for effective measures.56 In the U.S. attempts are being made to be more proactive in their strategies against cybercrime. For instance, the Federal Bureau of Investigation led the formation of a National Cyber Investigative Joint Task Force (NCIJTF) and in 2008 was mandated to be responsible for the coordination, integration and the sharing of information related to all domestic cyber threat investigations.57 The methodology proposed in this paper can help identify where in the value chain those successes have taken place. Moreover, we argue that the application of an ecosystems framework may help to better understand not only the business models and interactions between criminals, but also the “mirror” approach of techniques and models that have been used by law enforcement agencies in their prosecution activities, in such a way that good practices can be replicated and scarce resources more efficiently allocated. It becomes apparent that to deal with cybercrime effectively, concerted action by national and international law enforcement, separately and together, and stringent corporate information security measures are indispensable, given the global nature of cybercrime. Thus far, our research has concentrated on devising a conceptual framework, which would aid decision-makers working in law-enforcement and IT security. Of course, an integral part of the ecosystem s also to be found at the level of the organisation/company level and the individual. These far, the conceptual model only covers the criminal aspects of the ecosystem and a next step will be to extend it to encompass their victim's. It has been suggested that much of cybercrime is aided and abetted via insider knowledge or simply lax security. Too many companies think that they are either two small to be a target, that they have taken adequate protection but rarely update their defences, or are simply unaware of the dangers faced. Former Navy Admiral and National Security Agency director Mike McConnell once told a forum on cyber security that “good cyber hygiene” is imperative for eliminating security risks that companies face.58 It is also, of course, the responsibility of individuals to protect the confidentiality of their personal data and to exercise care in giving them out. Developing an awareness of individual information security, however, assumes that cybercrime affects the social behaviour of the individual by making him or her, among other things, more careful about data security. The so-called ‘social-engineering’ skills and techniques used to part an individual from their data and money are just as dynamic as the technical development of new and evermore powerful malware. Furthering our understanding of the changing nature of such techniques, capabilities and the new business models to which they are attached would be useful for those organisations (governmental and non-governmental), which are attempting to educate the public about cybersecurity.