“Crime in which ICT plays a role is known as cybercrime, we need to learn more about this phenomenon in order to be able to tackle this problem.”
“Crime in which ICT plays a role is known as cybercrime. We do not know the exact amount of cybercrime victims and national research on cybercrime and its victims has not been done in The Netherlands. In order to tackle this phenomenon we need to learn more about cybercrime. For this reason the police Haaglanden (The Hague area and surroundings) have decided to research the occurrence of cybercrime within the region on the basis of a survey.” René Hesseling, senior researcher at the police Haaglanden explains that this research is based on the research by E.R. Leukfeldt, M.M.L. Domenie en W.Ph Stol, ‘Verkenning Cybercrime in Nederland 2009’ (reconnaissance of cybercrime in the Netherlands in 2009). “According to these authors, the current image in the media and in policy documents relating to cybercrime is that of a high-tech cyber criminal operating from abroad in organized groups making large-scale casualties. Although this is part of the reality, research based on the analysis of 655 police dossiers, has shown that in The Netherlands cybercrimes are mainly characterised by ‘small’ crimes committed by everyday suspects acting as individuals .”
Question: Does cybercrime in The Netherlands differ from that in other European countries?
Answer René Hesseling: We do not know really, because as far as I know there is little or no international comparative research on the extent to which citizens become victims of cybercrime. I think that many manifestations of cybercrime, such as distribution of child pornography over the Internet, 419-fraud, or Internet scams are very similar. When the internet is used we are talking about a global virtual world with no geographical boundaries (like countries) except for the fact that the language used (e.g. French, English) could be different in each country.
Q: It has been found that cybercrime is not often reported to the police. Why do you think this is?
A: An examination of police Haaglanden shows that over 20 percent of the victims of fraud via internet and over 30 percent of skimming victims* have been reported to the police. It is also important to realise that many forms of cybercrime offences involve traditional crime, such as fraud or threats. Only now these are being performed with ICT mediums like the Internet. For reasons like these people are probably not reporting these crimes. They think, as with many other types of crime, that “it's not going to solve anything” or “it is not important enough”. In other cases people do report it but only because it is necessary for insurance purposes.
* Victims whom have had their credit or debit card details stolen and as a result have had money stolen from their account. The act of skimming involves collecting information in a cash withdrawal machine for example by criminals who install equipment which reads personal information.
Q: A difference is made between different types of cybercrime such as fraud, sedition, libel, slander, threats, blackmailing, extortion and child pornography. What is the most common type within The Netherlands?
A: Spam is the most common among all the types. It causes much nuisance. In some cases, there have been reports of serious offences such as e-mails containing child pornography or hate speech. It also appears that Internet users in The Hague area and surrounding more often deal with cybercrime that lies in the realm of property crime (such as forgery and fraud) than with violence (such as blackmail or threaten).
Q: It is said in your article: “Ultimately, we have no knowledge or prior experience with asking the ‘right’ questions.” Based on the research of cybercrime in The Netherlands for 2009 could you give an indication what the ‘right’ type of question could be? In what area can police and companies look in order to fight cybercrime?
A: We are gathering more and more knowledge about cybercrime. Therefore we will be better able to formulate the ‘right’ questions. In order to ask the right questions it is important that there should not be too many questions and these should be specific and simply stated. So the questions should not be: “have you ever had to deal with ‘phishing’* or ‘pharming’?**”, but rather “has money been stolen from your bank account via the Internet?”
* Phishing is the criminally fraudulent process of attempting
to acquire sensitive information such as usernames, passwords and
credit card details by masquerading as a trustworthy entity in an
electronic communication.
** Pharming is a hacker's attack aiming to redirect a
website's traffic to another, bogus website.
Q: How would you say the future of cybercrime, and specifically the way in which it is tackled, will look like?
A: The starting point should include prevention, detection where
necessary and cooperation. Mainly invest in prevention and
empowerment of citizens which will result in citizens being able to
defend themselves better against cybercrime. According to recent
research by the Central Bureau of Statistics in The Netherlands
almost all Internet users have installed software to protect their
systems against viruses or spam. But more than 4 out of 10 internet
users has (almost) never backed up their hard drive. So there is
still much to gain within the fight against cybercrime. Investment
should be made in building awareness and knowledge about the
phenomenon and the capacity to deal with very complex forms of
cybercrime by investigating authorities. Thus, everyone, including
the police, should have some basic knowledge about the phenomenon.
At this point it is good to see that banks warn their customers
using internet banking of cyber crime, but also about the
functioning of cyber criminals. The last example also stresses the
importance of good cooperation between citizens, businesses, police
and internet service providers.