DOCSLIB.ORG

Internet Social Networking Risks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

U.S. Department of Justice Preventive Measures at Work: • Disable Global Positioning System (GPS) encoding. Federal Bureau of Investigation Many digital cameras encode the GPS location of a • “Defense in Depth” – use multiple layers of security photo when it is taken. If that photo is uploaded to a throughout the computer network. site, so are the GPS coordinates, which will let people • Identify ways you have lost data in the past and know that exact location. mitigate those threats. Educate employees about • Whenever possible, encrypt communications with those threats and how to change their behavior, if websites. It may be a feature social network sites necessary, to prevent future loss. allow you to enable. INTERNET SOCIAL • Constantly monitor data movement on your network. • Avoid accessing your personal accounts from public • Establish policies and procedures for intrusion computers or through public WiFi spots. detection systems on company networks. • Beware of unsolicited contacts from individuals in NETWORKING RISKS • Establish policies about what company information person, on the telephone, or on the Internet who are can be shared on blogs or personal social web pages. seeking corporate or personal data. INTERNET-BASED SOCIAL NETWORKING Enforce the policy. • Monitor your bank statements, balances, and credit • Educate employees about how their own online reports. SITES HAVE CREATED A REVOLUTION behavior could impact the company. • Do not share usernames, passwords, social security IN SOCIAL CONNECTIVITY. HOWEVER, • Provide yearly security training. numbers, credit cards, bank information, salaries, computer network details, security clearances, home CON ARTISTS, CRIMINALS, AND • Ask employees to report suspicious incidents as soon and office physical security and logistics, capabilities OTHER DISHONEST ACTORS ARE as possible. and limitations of work systems, or schedules and travel itineraries. EXPLOITING THIS CAPABILITY FOR Additional Preventive Measures: NEFARIOUS PURPOSES. • Do not store any information you want to protect on any ! device that connects to the Internet. No legitimate service or network administrator will ask There are primarily Two TacTics used • Always use high security settings on social networking you for your password. sites, and be very limited in the personal information To exploiT online social neTworks. you share. Monitor what others are posting about you • Do not provide information about yourself that will allow in pracTice, They are ofTen combined. on their online discussions. others to answer your security questions—such as 1. compuTer savvy hackers who • Use anti-virus and firewall software. Keep them, your when using “I forgot my password” feature. browser, and operating systems patched and updated. specialize in wriTing and manipulaTing • Be thoughtful and limit personal information you share • Change your passwords periodically, and do not reuse such as job titles, locations, hobbies, likes and dislikes, compuTer code To gain access or old passwords. Do not use the same password for or names and details of family members, friends, and insTall unwanTed sofTware on your more than one system or service. For example, if co-workers. someone obtains the password for your email, can they compuTer or phone. 2. social or access your online banking information with the same Educational Resources: human hackers who specialize in password? A number of organizations and websites provide additional exploiTing personal connecTions • Do not post anything that might embarrass you later or details on how to protect you and your workplace from that you don’t want strangers to know. Internet social networking threats. Through social neTworks. social • Verify those you correspond with. It is easy for people www.LooksTooGoodToBeTrue.com hackers, someTimes referred To as to fake identities over the Internet. www.OnGuardOnline.gov social engineers manipulaTe people • Do not automatically download, or respond to content “ ,” on a website or in an email. Do not click on links in www.us-cert.gov Through social inTeracTions (in person, email messages claiming to be from a social www.ic3.gov over The phone or in wriTing networking site. Instead go to the site directly to , ). www.dhs.gov retrieve messages. www.ftc.gov • Only install applications or software that come from humans are a weak link in cyber trusted, well-known sites. “Free” software may come www.fbi.gov securiTy and hackers and social with malware. Verify what information applications will , be able to access prior to enabling them. Once manipulaTors know This. They Try To installed, keep it updated. If you no longer use it, Trick people inTo geTTing pasT securiTy delete it. walls. They design Their acTions To appear harmless and legiTimaTe. Click-jacking - Concealing hyperlinks beneath Phishing - Usually an email that looks like it is from legitimate clickable content which, when clicked, a legitimate organization or person, but is not and You receive a message from a friend on your social causes a user to unknowingly perform actions, such contains a link or file with malware. Phishing attacks networking site. The message directs you to view a video on another site. When you go to that site, a as downloading malware, or sending your ID to a site. typically try to snag any random victim. Spear phishing message pops up and says you need to download a Numerous click-jacking scams have employed “Like” attacks target a specific person or organization as their newer version of software. However, the software update and “Share” buttons on social networking sites. intended victim. is really malware that, when downloaded, gives control of your computer to the creators of the malware. (In some Disable scripting and iframes in whatever Internet browser Do not open email or email attachments or click on links sent cases, simply visiting the site will download the malware.) you use. Research other ways to set your browser options to from people you do not know. If you receive a suspicious The malware then sends a message to all your “friends” maximize security. email from someone you know, ask them about it before on your social networking site directing them to the same opening it. site with the malware. The malware creators soon have Cross-Site Scripting (XSS) - Malicious code is injected multiple computers under their control (a “botnet”). into a benign or trusted website. A Stored XSS Attack is when malicious code is permanently stored on a In March 2011, hackers sent two spear phishing emails to a server; a computer is compromised when requesting the small group of employees at security firm, RSA. They only Vulnerability of Social stored data. A Reflected XSS Attack is when a person is needed one employee to open an infected file and launch Networking Sites tricked into clicking on a malicious link; the injected code the malware. The malware downloaded information from Falling for an online scam or computer hack travels to the server then reflects the attack back to the RSA that then helped the hackers learn how to defeat RSA’s Social networking sites are Internet-based services that victim’s browser. The computer deems the code is from security token. In May and June 2011, a number of defense could be damaging for an individual victim as contractors’ networks were breached via the compromised well as the organization the victim works for. allow people to communicate and share information with a “trusted” source. RSA token. a group. Turn off “HTTP TRACE” support on all webservers. Research Such risks include: additional ways to prevent becoming a victim of XSS. Phreaking - Gaining unauthorized access to Risks: • Identity theft / Impersonation telecommunication systems. Doxing - Publicly releasing a person’s identifying • Harassment Once information is posted to a social networking site, it information including full name, date of birth, address, Do not provide secure phone numbers that provide direct is no longer private. The more information you post, the and pictures typically retrieved from social networking access to a Private Branch Exchange or through the Public • Peer pressure Branch Exchange to the public phone network. more vulnerable you may become. Even when using high site profiles. • Loss of employment security settings, friends or websites may inadvertently Be careful what information you share about yourself, family, Scams- Fake deals that trick people into providing leak your information. • Damaged business reputation and friends (online, in print, and in person). money, information, or service in exchange for the deal. Personal information you share could be used to If it sounds too good to be true, it is most likely a scam. • Damaged career or personal reputation Elicitation - The strategic use of conversation to extract conduct attacks against you or your associates. The Cybercriminals use popular events and news stories as bait • Damaged data or networks more information shared, the more likely someone could information from people without giving them the feeling for people to open infected email, visit infected websites, or impersonate you and trick one of your friends into sharing they are being interrogated. donate money to bogus charities. • Intellectual property theft / Data theft personal information, downloading malware, or providing Be aware of elicitation tactics and the way social engineers try • Brand hijacking access to restricted sites. to obtain personal information. • Delays or interruption in production Predators,
Recommended publications
  • Cyber Crime and Cyber Terrorism Investigator's Handbook

    Cyber Crime and Cyber Terrorism Investigator's Handbook

    CHAPTER Cybercrime classification and characteristics 12 Hamid Jahankhani, Ameer Al-Nemrat, Amin Hosseinian-Far INTRODUCTION The new features of crime brought about as a result of cyberspace have become known as cybercrime. Cybercrime is growing and current technical models to tackle cybercrime are in- efficient in stemming the increase in cybercrime. This serves to indicate that further preventive strategies are required in order to reduce cybercrime. Just as it is important to understand the characteristics of the criminals in order to understand the motiva- tions behind the crime and subsequently develop and deploy crime prevention strate- gies, it is also important to understand victims, i.e., the characteristics of the users of computer systems in order to understand the way these users fall victim to cybercrime. The term “cybercrime” has been used to describe a number of different concepts of varying levels of specificity. Occasionally, and at its absolute broadest, the term has been used to refer to any type of illegal activities which results in a pecuniary loss. This includes violent crimes against a person or their property such as armed robbery, vandalism, or blackmail. At its next broadest, the term has been used to refer only to nonviolent crimes that result in a pecuniary loss. This would include crimes where a financial loss was an unintended consequence of the perpetrator’s actions, or where there was no intent by the perpetrator to realize a financial gain for himself or a related party. For example, when a perpetrator hacks into a bank’s computer and either accidentally or intentionally deletes an unrelated depositor’s account records.
  • Opportunities and Challenges for Standardization in Mobile Social Networks

    Opportunities and Challenges for Standardization in Mobile Social Networks

    Opportunities and Challenges for Standardization in Mobile Social Networks Laurent-Walter Goix, Telecom Italia [email protected] Bryan Sullivan, AT&T [email protected] Abstract This paper describes the opportunities and challenges related to the standardization of interoperable “Mobile Social Networks”. Challenges addressed include the effect of social networks on resource usage, the need for social network federation, and the needs for a standards context. The concept of Mobile Federated Social Networks as defined in the OMA SNEW specification is introduced as an approach to some of these challenges. Further specific needs and opportunities in standards and developer support for mobile social apps are described, including potentially further work in support of regulatory requirements. Finally, we conclude that a common standard is needed for making mobile social networks interoperable, while addressing privacy concerns from users & institutions as well as the differentiations of service providers. 1 INTRODUCTION Online Social Networks (OSN) are dominated by Walled Gardens that have attracted users by offering new paradigms of communication / content exchange that better fit their modern lifestyle. Issues are emerging related to data ownership, privacy and identity management and some institutions such as the European Commission have started to provide measures for controlling this. The impressive access to OSN from ever smarter mobile devices, as well as the growth of mobile- specific SN services (e.g. WhatsApp) have further stimulated the mobile industry that is already starving for new attractive services (RCS 1). In this context OMA 2 as mobile industry forum has recently promoted the SNEW specifications that can leverage network services such as user identity and native interoperability of mobile networks (the approach promoted by “federated social networks”).
  • Address Munging: the Practice of Disguising, Or Munging, an E-Mail Address to Prevent It Being Automatically Collected and Used

    Address Munging: the Practice of Disguising, Or Munging, an E-Mail Address to Prevent It Being Automatically Collected and Used

    Address Munging: the practice of disguising, or munging, an e-mail address to prevent it being automatically collected and used as a target for people and organizations that send unsolicited bulk e-mail address. Adware: or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive software. Adware is software designed to force pre-chosen ads to display on your system. Some adware is designed to be malicious and will pop up ads with such speed and frequency that they seem to be taking over everything, slowing down your system and tying up all of your system resources. When adware is coupled with spyware, it can be a frustrating ride, to say the least. Backdoor: in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device. A back door is a point of entry that circumvents normal security and can be used by a cracker to access a network or computer system. Usually back doors are created by system developers as shortcuts to speed access through security during the development stage and then are overlooked and never properly removed during final implementation.
  • Welcome to the Jungle:1 the State Privacy Implications of Spam, Phishing and Spyware

    Welcome to the Jungle:1 the State Privacy Implications of Spam, Phishing and Spyware

    February 2005 Welcome to the Jungle:1 The State Privacy Implications of Spam, Phishing and Spyware Section I: An Overview It’s a Jungle Out There: In an environment in which 53% of all reported fraud complaints to the Federal Trade Commission (FTC) in 2004 were Internet-related, the Internet and email threats of spam, phishing and spyware all are real threats with real consequences.2 They are increasingly used by criminals, instead of just novice teenage hackers3 and can be lucrative alone or in furthering a larger criminal enterprise. Armed with these incentives, spammers, phishers and spyware purveyors are motivated and possess the expertise to avoid the attempts of law enforcement, industry and others to bring these threats in hand. Moreover, while banks, financial institutions, ISPs (Internet Service Providers) and even online auction site users have borne the initial brunt of threats like phishing, other sectors are becoming targets as the first wave of targeted sectors puts in place more effective security measures. This could place government and citizen information at risk of unauthorized disclosure and could lead to serious consequences, such as the release of sensitive homeland security and critical infrastructure information or personal information that could result in identity theft. In addition, spam, phishing and spyware infringe upon citizens’ perceived “right to be left alone” while surfing the Internet and using email. The fact that so many individuals’ privacy has been impacted to varying extents by these threats has compounded their significance. For example, a 2004 phishing attack spoofed4 an email from the FDIC (Federal Deposit Insurance Corporation).
  • Building on Young People's Experiences of Economic Adversity

    Building on Young People's Experiences of Economic Adversity

    Making a Difference: Building on Young People’s Experiences of Economic Adversity FINAL REPORT Jennifer Skattebol, Peter Saunders, Gerry Redmond, Megan Bedford and Bettina Cass Social Policy Research Centre University of New South Wales August 2012 For a full list of SPRC Publications visit: www.sprc.unsw.edu.au or contact: Publications, SPRC, Level 2, John Goodsell Building University of New South Wales, Sydney, NSW, 2052, Australia. Telephone: +61 (2) 9385 7800 Fax: +61 (2) 9385 7838 Email: [email protected] ISSN: 1446-4179 ISBN: 978-0-7334-3172-2 Published: August 2012 The views expressed in this publication do not represent any official position on the part of the Social Policy Research Centre, but the views of the individual authors. MAKING A DIFFERENCE: FINAL REPORT Research Team: Social Policy Research Centre, University of New South Wales Professor Peter Saunders, Professor Bettina Cass, Dr Gerry Redmond* (Chief Investigators), Dr Jen Skattebol, Megan Bedford (nee Griffiths). Partner Investigators: The Brotherhood of St Laurence: Janet Taylor The Smith Family (formerly at Mission Australia): Anne Hampshire The University of Bath: Dr Tess Ridge * Gerry Redmond is now at the School of Social and Policy Studies, Flinders University of South Australia Contact for follow up: Jen Skattebol, Social Policy Research Centre, University of New South Wales, Sydney NSW 2052, Ph: (02) 9385 7816, [email protected] MAKING A DIFFERENCE: FINAL REPORT Acknowledgements First and foremost, we thank all the young people who generously shared their stories and insights about economic adversity. We have also benefitted enormously from the insights of the parents we interviewed, who helped us understand the complexities of raising children on low incomes.
  • Contextual Social Networking

    Contextual Social Networking

    Technische Universit¨atM¨unchen Fakult¨atf¨urInformatik Contextual Social Networking Dipl.-Phys., Dipl.-Inform. Dr.rer.nat. Georg Groh Habilitationsschrift Mitglieder des Habilitationskomittees: Prof. Dr. Johann Schlichter Prof. Dr. Bettina Berendt Prof. Dr. Helmut Seidl Kurz-Zusammenfassung Der zentrale Gegenstand der vorliegenden Arbeit ist die vielschichtige Frage, wie Kontexte detektiert und abgeleitet werden k¨onnen,die dazu dienen k¨onnen,neuar- tige kontextbewusste Social Networking Dienste zu schaffen und bestehende Di- enste in ihrem Nutzwert zu verbessern. Die (noch nicht abgeschlossene) erfolgre- iche Umsetzung dieses Programmes f¨uhrtauf ein Konzept, das man als Contextual Social Networking bezeichnen kann. In einem grundlegenden ersten Teil werden die eng zusammenh¨angendenGebiete Contextual Social Networking, Mobile Social Networking und Decentralized Social Networking mit verschiedenen Methoden und unter Fokussierung auf verschiedene Detail-Aspekte n¨aherbeleuchtet und in Zusam- menhang gesetzt. Ein zweiter Teil behandelt die Frage, wie soziale Kurzzeit- und Langzeit-Kontexte als f¨urdas Social Networking besonders interessante Formen von Kontext gemessen und abgeleitet werden k¨onnen. Ein Fokus liegt hierbei auf NLP Methoden zur Charakterisierung sozialer Beziehungen als einer typischen Form von sozialem Langzeit-Kontext. Ein weiterer Schwerpunkt liegt auf Methoden aus dem Mobile Social Signal Processing zur Ableitung sinnvoller sozialer Kurzzeit-Kontexte auf der Basis von Interaktionsgeometrien und Audio-Daten. Es wird ferner unter- sucht, wie pers¨onliche soziale Agenten Kontext-Elemente verschiedener Abstraktion- sgrade miteinander kombinieren k¨onnen.Der dritte Teil behandelt neuartige und verbesserte Konzepte f¨urkontextbewusste Social Networking Dienste. Es werden spezielle Formen von Awareness Diensten, neue Formen von sozialem Information Retrieval, Konzepte f¨urkontextbewusstes Privacy Management und Dienste und Plattformen zur Unterst¨utzungvon Open Innovation und Kreativit¨atuntersucht und vorgestellt.
  • Hiscox Cyberclear Glossary Unscrambling Cyber Security Terms Hiscox Cyberclear Glossary

    Hiscox Cyberclear Glossary Unscrambling Cyber Security Terms Hiscox Cyberclear Glossary

    Hiscox CyberClear glossary Unscrambling cyber security terms Hiscox CyberClear glossary Access control Bug The process of granting or denying specific requests or An unexpected and relatively small defect, fault, flaw attempts to: or imperfection in an information system, software D obtain and use information and related information code or device. processing services; and D enter specific physical facilities. Command-and-control server A computer that issues instructions to members of Advanced persistent threat (APT) a botnet. A type of high-level targeted attack carried out by an attacker who has time and resources to plan an infiltration Cookie into a network. These are usually seeking to obtain Files placed on your computer that allow websites to information, proprietary or economic, rather than simple remember details. financial data. APTs are persistent in that the attackers may remain on a network for some time and usually Cyber essentials bypass regular security controls. A government-backed cyber security certification scheme that sets out a good baseline of cyber security. Air gap The base level requires completion of a self-assessment The physical separation or isolation of a system from questionnaire, which is reviewed by an external certifying other systems or networks. body. Cyber essentials plus adds an extra level by requiring tests of systems to be made by the external body. Anti-malware/anti-virus (AV) Software which uses a scanner to identify programs Data loss prevention (DLP) that are, or may be, malicious. A set of procedures and software tools to stop sensitive data from leaving a network. Attack surface All of an organisations internet-facing assets including Distributed denial-of-service attack (DDoS) both hardware and software.
  • Semantic Social Network Analysis Foresees Message Flows

    Semantic Social Network Analysis Foresees Message Flows

    Semantic Social Network Analysis Foresees Message Flows Matteo Cristani, Claudio Tomazzoli and Francesco Olivieri Dipartimento di Informatica, University of Verona, Strada le Grazie 15, Verona, Italy Keywords: Social Network Analysis, Information Flow, Semantics of Data Flow. Abstract: Social Network Analysis is employed widely as a means to compute the probability that a given message flows through a social network. This approach is mainly grounded upon the correct usage of three basic graph- theoretic measures: degree centrality, closeness centrality and betweeness centrality. We show that, in general, those indices are not adapt to foresee the flow of a given message, that depends upon indices based on the sharing of interests and the trust about depth in knowledge of a topic. We provide an extended model, that is a simplified version of a more general model already documented in the literature, the Semantic Social Network Analysis, and show that by means of this model it is possible to exceed the drawbacks of general indices discussed above. 1 INTRODUCTION message passing in certain application contexts. Three basic measures have been developed that Social Networks are considered, on the current belong to the family of centrality measures: degree panorama of web applications, as the principal vir- centrality, closeness centrality and betweeness cen- tual space for online communication. Therefore, it is trality. In this paper we criticize the models of so- of strong relevance for practical applications to un- cial network analysis developed for these measures, derstand how strong a member of the network is with showing that there are cases in which these measures respect to the others.
  • A Discussion on Social Software: Concept, Building Blocks and Challenges

    A Discussion on Social Software: Concept, Building Blocks and Challenges

    International Journal for Infonomics (IJI), Volume 3, Issue 4, December 2010 A Discussion on Social Software: Concept, Building Blocks and Challenges Roberto Pereira M. Cecilia C. Baranauskas Sergio R. P. da Silva Institute of Computing Institute of Computing Department of Informatics University of Campinas University of Campinas State University of Maringá Abstract interaction are extended to issues related to human- computer-human interaction in social situations. The possibility of developing more interactive and Despite the popularity and the growing in the innovative applications led to an explosion in the number of users of the social software, just a small amount of systems available on the web in which fraction of systems is really successful. To Webb [2], users interact with each other and have a primary the main particularity of social software is in the role as producers of content — the so-called social design process, because human factors and group software. However, despite their popularity, few of dynamics introduce design difficulties that are not these systems keep an effective participation of users, obvious without considering the human psychology promoting a continuous and productive interaction. and nature. Moreover, as Silva and Pereira [3] argue, This paper examines the concept of social software due to the recent emergence and popularization of and analyzes the social software honeycomb, a social software it is still necessary to understand the framework to help in understanding this kind of impacts that this new range of applications cause, system. Based on the analysis of an inclusive social both in social and technological aspects. Likewise, it network and on literature review, we revisit that is necessary to study the new challenges raised by framework.
  • Hacking,Phreaking & Carding

    Hacking,Phreaking & Carding

    Hacking, Phreaking, Carding & Social Engineering: back to the r00ts. Workshop della Commissione Calcolo e Reti dell'INFN Hotel Ambasciatori Rimini 11 - 15 giugno 2018 Speaker: Raoul “Nobody” Chiesa DISCLAIMER • This presentation aims to tell you, throught examples and historical case studies which really happened, a piece of history of “telematics”, with a special focus towards the hacking, phreaking and carding scene. • DON’T TRY THIS AT HOME!!! We do not advise to use this material in order to break into telecommunication operators or IT systems. • Anyhow the author cannot be held responsible if you will decide, despite this disclaimer, to explore those systems, evaluating the whole thing as pretty sexy and fascinating, thus starting making mistakes, leaving tracks that would eventually allow the Law Enforcement to identify and bust you… • As a last note, whenever and wherever existing and applicable, the crimes committed and explained in this presentation are from more than 10 years ago, so they are fallen into “prescription” * 1983 # At the very beginning.. • What generated more than 75M USD$ on that year? • Well.. The very same thing that pushed most of us towards a deep interest on some topics… WARGAMES * 1986 # • Cellular phone network, 450 Mhz: the “car phones” or “portable” phones: today we may label them as a personal defense weapon ;) • 300 BPS modem (Bits per Second!) • Fidonet for “the mass” (very few people anyhow) • A few “alternative” boards (BBS), designed for a few l33t users • Family’s fights ‘cause of phone bills (300 BPS modem calls PAID towards USA) «Portable» phones - LOL «Portable» phones - LOL * 1988 # • CEPT2/CEPT3 (1200/75 bps) in Italy, France, Germany, UK, etc.
  • The Importance of the Social Web – Implications for the Tourism Industry and for Society

    The Importance of the Social Web – Implications for the Tourism Industry and for Society

    The Importance of the Social Web – Implications for the Tourism Industry and for Society Daniel Amersdorffer a, Florian Bauhubera b, and Jens Oellricha a a Tourismuszukunft – Institute for eTourism Eichstätt, Germany {d.amersdorffer, j.oellrich}@tourismuszukunft.de b Department of Cultural Geography Catholic University Eichstätt-Ingolstadt, Germany [email protected] Abstract The social web is more than a technological innovation: it is a social innovation – it changes the way people and companies interact and communicate. New business models, new structures and new hierarchies in tourism enterprises and tourism organisations are the consequences of this transformation. The environment of tourism will be changed permanently by the influence of the social web on media landscapes, on media consumption and on construction of tourism imaginations. The central starting points of the debate are seized on in this article trying to visualise the challenges in tourism associated with the developments of the social web out of a scientific and practical point of the view. Keywords: Social Web, Tourism, Principles, Internet, Society, Business Management 1 Introduction The tourism industry always had high expectations of the internet. Tourism as an intangible service product can be perfectly adapted for electronic data transfer. Online travel communities and online ticket sales were said to have a bright future due to the fact that the presentation of necessary information for purchasing products in the internet is easy and the costs for daily updates are comparatively small. Moreover, the emotionalisation of travel products can be attained more simply compared to other kinds of the media, e.g. through the integration of pictures and videos (Buhalis, 2003).
  • Cybercrime Project: Better Policing Collaborative (BPC) Dr David Hicks

    Cybercrime Project: Better Policing Collaborative (BPC) Dr David Hicks

    Cybercrime Project: Better Policing Collaborative (BPC) Dr David Hicks Dr Siddhartha Bandyopadhyay Mr Nir Tolkovsky Ms Ariana Matsa University of Derby University of Birmingham Inaugural Workshop Centre for Crime, Justice and Policing University of Birmingham 1 July 2016 www.derby.ac.uk Better Policing Collaborative (BPC): This work is funded by the College of Policing, the Higher Education Funding Council for England, and the Home Office and is being carried out as part of a collaborative project of the University of Nottingham, University of Liverpool, University of Birmingham, University of Derby, University Campus Suffolk, Crest Analytics (UK) Ltd and Skills for Justice. www.derby.ac.uk Scope of the project • Identifying the evidence gap through consultation with police and specialist cyber units, businesses and individuals affected by it; • Developing both the evidence base and a practical evidence typology; • Working with force specialist units and/or regional cyber units to: – Provide support via evidence review, evaluation and technical support to shape evidence-based tactical and strategic decisions; – Pool information towards a standardised approach based upon identified good practice within and across forces. www.derby.ac.uk Reductions in crime and victimisation? Office for National Statistics (ONS, 2015) www.derby.ac.uk Preliminary consultations Outreach to law enforcement, businesses, and individuals affected by cybercrime to obtain: 1) A sample of key words for a literature search of academic sources supplemented by professional