A new target group in probation: cybercrime offenders

What is cybercrime?

“In scientific literature two categories of cybercrime are being distinguished. The first one is ‘cyber-dependent crimes’: new types of crimes that not only use IT, but also have IT as a target. Think of hacking, DDos attacks, infecting computers with malware or ransomware and using computers for botnets. The second category is ‘cyber-enabled crimes’: ‘traditional’ crimes that use IT as a recourse. Think of cyberbullying, fraud via the internet and online stalking. ‘Cybercrime’ is the umbrella term for both categories.”

What makes dealing with cybercrime offenders different from dealing with other offenders?

“That is what we are trying to find out. Research in this field is all very recent. It seems that most of the cybercrime offenders have a different risk profile from the more traditional offenders. They usually don’t seem to have a lot of problems like homelessness, debts, alcohol or drug abuse or hanging in the streets with peers that have a negative influence on them. They have done things that had or could have had serious impact on their victims’ lives, companies or on the society as a whole.

There are differences in bullying someone online and doing it in the real world. For a start, online you cannot see what you are doing to the victim, what the consequences are and how the victim reacts. The offenders feel like they are anonymous on the internet and they easily get the feeling that whatever they do, they will never be punished for it. In fact, the chance of getting caught while committing crimes online is indeed much lower than in the real world. There also is a group of offenders that does not see their behavior as offending at all. These are mainly young men, very good with computers and quite often bullied or not respected at school. In their online community, they can convince each other that hacking, for example, a bank is just a bit of fun.”

But it isn’t…?

“No, it certainly is not. These hacks undermine the trust of the public in the safety of banks and in the ability of the government or companies to safeguard the storage of personal information. These institutions will spend a lot of money and time trying to prevent hacks or find out who did it. Hackers usually do not realise what the consequences of their behaviour are. A few weeks ago a Dutch teenager set up a DDoS attack against a bank, an internet provider and the Dutch tax authority. Before he was arrested, he gave an interview by email to one of the main newspapers. He was very proud about the fact that the press was speculating that what he had done, could have been a cyberattack from Russia. He thought that was cool. “Why did you do it?”, the newspaper asked. “Because it is fun”, was his answer. Clearly, he did not realise that you can go to jail for committing this kind of crimes. School kids that hack the computer of a teacher to obtain a school test often see this as a joke. As a way of being cool. But breaking in to someone’s computer or using someone’s email password is a serious crime, for which you could be sent to jail.”

How should probation officers deal with a teenager hacking ‘for fun’?

“Recent scientific research has shown that these cyber-dependent criminals have much more self-control than ‘normal’ offenders that, for example, commit violent crimes. They put a lot of effort in trying to hide their tracks. Not only when they are hacking a bank for fun, but also if they perform DDoS attacks for personal intrinsic gain or sell malware to criminals, knowing that they use their work to steal bank passwords or rob people. On the other side, cybercriminals do have exceptional skills. The trick is to get them to use these skills in a positive way. For example by working for an IT company to help making the internet a safer place. The first step in that direction would be to make them see why their behavior was wrong, to give them a moral compass. That is the core business of any probation officer dealing with any offender.”

Does that mean that probation services don’t need specialised knowledge about cybercrime?

“We don’t need a lot of specific technical knowledge. It is not our task to detect cybercrime offenders. We do need to know what their world looks like. Especially when we are dealing with offenders that committed cyber-dependent crimes. In that way we will not only be able to prevent recidivism, but we can also help these clients in a better way. We must understand the clients, we need to know why they have done what they have done. If we know this, we can involve their social networks in a way that they will help the offender to keep them on the right path in the online world. Keeping a cybercrime offender away from his negative online world is not the same as keeping an offender that has committed crimes on the streets away from his street gang, but of course there are similarities. Dealing with offenders of cyber-enabled crimes in many cases, online fraudsters, is not very different from treating offenders that have tricked old ladies at their front door.”

How do you explain the increase of cybercrime offenders that probation officers deal with?

“In the first place: we all use computers, tablets and smartphones much more than in the past. This means more crimes take place in the digital world, it is as simple as that. Secondly, the police now has more expertise and resources to deal with cybercrime. More police investigations can lead to more prosecutions and more probation cases. Thirdly, our National Expertise Network Cybercrime is actively informing the police, prosecutors and judges about how the Probation Service deals with cybercrime offenders. The better our partners in the criminal justice system know what we can do, the better we can contribute and the more judges will give the Probation Service a role in dealing with cybercrime offenders.”

Are you interested in reading more about cybercrime offenders? Please read Cyber-offenders versus traditional offenders: an empirical comparison, written by Marleen Weulen Kranenbarg, VU University Amsterdam.