Preface and Acknowledgements to the Second Edition

So much has happened in the world since the first edition of this book was published in 2007, and yet many of its initial observations are still valid. In this preface, I note the main changes that have occurred since the first edition was written and also point out what has remained the same.

The advent of social media, cloud technologies, the 'Internet of Things' and cryptocurrencies have augmented already emerging technological trends to lead to a marked step-change in the threat landscape, arising from malware (malicious software) and social engineering. Alongside the botnets were information-guzzling malware (to quote The Register) such as Zeus, Emotet and Trickbot. Then came the nation-state attacking Stuxnet, and more recently scareware, ransomware, data extortion and ransomhacks (automated malware which deceives individuals into paying a ransom directly to the criminals). Of worldwide concern in the middle of the third decade of the twenty-first century has been the increased use of data as the focus of cybercrime, and also the use of cybercrime in geopolitical conflicts which may direct its future trajectory. Data breaches are now commonplace in many cybercrimes and have become a major driver of crime as the importance of data is so much greater to its owners today. Infrastructure as well as the financial sector are now common targets, which indicates that the criminal actors often have political as well as financial motivations. Since the first edition of this book was published, these four technological developments have changed the cybercrime threat landscape to a point where some of the more fanciful predictions made about cybercrime in the late twentieth and early twenty-first centuries are now becoming very real and harmful. Many new attack vectors, for example, seek to victimize the organizational infrastructure in ways that were initially imagined in science fiction books. Many of the largely unfounded claims that were made in previous decades, which I was once critical of, are now starting to come true.

Whereas the first edition showed how networked and digital technologies enabled a single criminal to commit many different crimes simultaneously, this edition illustrates how we have witnessed a gradual division of labour in the organization of cybercrime in the second and third decades of the twenty-first century that has led to the emergence of a supply chain of skills for hire. This cybercrime ecosystem helps and enables cybercriminals to commit their acts. Perhaps one of the bigger changes in approach since the first edition is that, whereas I used to warn against reading cybersecurity reports (the grey literature) as they were little more than ‘weather reports from umbrella manufacturers’, 15 years later I would now advise everyone to read them, although always with a wary and critical eye.

There are times when one wonders what has actually changed in the field, because so many of the key issues that prevailed in the early 2000s are still very alive today, but bigger. New technological developments are continually being introduced and converging with others to create new creative, educational, commercial, leisure possibilities. But the main difference is that not only has the technological environment changed through cloud technologies and the Internet of Things, which speed up communications and create new information paths, but social media and cryptocurrencies have also created new ways of interaction and transaction which have shaped the social, financial and political environments in which we live. Of course, along with these opportunities (or affordances1) come new and often unintended opportunities for crime and malevolent behaviour. It is the same with the growth in popularity of social media which now dominates societal usage of the internet, followed by a revolution in internet sales and banking, which have jointly expanded the cyber-threat landscape. Moreover, its many platforms have also contributed to increases in the scale of offending and new and novel opportunities for cybercriminals. Yet, in response to these changes, most countries have now introduced national cybersecurity strategies and associated cybercrime policies, and the UN and other international bodies are exploring the development of international norms and treaties. There also exist a range of formal institutional responses for policing and prosecuting the various types of cybercrime across borders. Yet the march of progress always seems to keep offenders one step ahead of law enforcement, which still largely acts upon reports of victimization. So, it still feels as though those charged with protecting society from wrongdoing are always one step behind.

Alongside technological development has been a change in social and political cyberspace. Social media technology has become a serious force, especially in the wrong hands, where it has contributed to the fermentation of political unrest. In more tolerant regimes, flash mobbing has been used to signal disquiet both online, through distributed denial of service attacks, and also offline by enabling crowds to organize and assemble physically. Social network media (Facebook, Twitter/X, Threads, Telegram, Instagram, Snapchat, Whatsapp, TikTok and so on) were a twinkle in the technologist’s eye 15 years ago, and now they are principal forms of communication for the digital generation – many of whom now work in cybersecurity and the criminal justice system, especially policing agencies. These digital natives are no longer perplexed by new technologies but embrace them as a part of their lives without thinking about it. Access to communications technology and social media is now a ‘given’ rather than a ‘desirable’ aspect of life today, which diminishes the power of democratic governments to restrict its usage. So, when you thought it was all bad, one factor remains reassuring, which is that, just as criminals have become networked, then so have the police and the various policing agencies, so there is hope, especially as the lag between criminal and police use of technologies has reduced and new forms of artificial intelligence-driven ‘policing’ methods to assist police are being experimented with – though not without concerns for privacy. There has also not been the anticipated radical transformation in police, government and most corporate structures, because echoes of many of the cultural and organizational issues identified in the first edition of this book still linger today over a decade and a half later. So, although technology has advanced and the cyber-threat landscape has changed considerably, and the cybercrimes described have changed in terms of size and volume, as has their complexity, many of the observations made in the earlier version still stand today.

This (admittedly long overdue) second edition updates the first edition and, although the explanation and analysis of events remain much the same, new information about events and comment have been added. Moreover, a new story emerges, mentioned above, which shows how cybercrime has become a sophisticated business that now has its own dedicated supply chain and supportive ecosystem. I have, however, retained some of the earlier examples to demonstrate the lingering importance of many of the original issues and events, and also that many of the new events that scare us today are variations on a familiar theme. Not least, the internet is no longer ‘new’ and is now over 35 years old and spanning 5 decades, and it has started to develop its own history. So, I have retained examples that are still relevant and added new ones. (N.B.: an important note to students, please do not start your essays with the phrase ‘Cybercrimes are a new phenomenon caused by the internet …’ – they are not new!)

I still owe the same debts to the folk mentioned in the preface to the first edition, but I must now add to that original list my colleagues in the criminology group at Durham University between 2010 and 2015; in computer science at Newcastle University, at CEPOL and the UNODC; and also on the various research projects that I have been involved with in the past 15 years. Then there are the many others whom I have omitted because of space, but who nevertheless matter. Also, I must thank my various research colleagues over the years who have worked with me on my cybercrime research projects, including Drs Lena Connolly, Roberto Musotto, Yanna Papadodimitraki, Maria Grazia Porcedda and Harrison Whitehouse-Wall, who are now part of a new generation of academic researchers that are taking this field forward.

My family still provide loving support, entertainment and also a welcomed disruption to my endeavours, although one wonderful new development is that I am now able to discuss some of the ideas in this book with my children, who (allegedly!) are now mature adults. Between 2010 and 2015, I moved up the A1M from Leeds to Durham University, but then moved back to Leeds in 2015 to a more research-oriented position. I made a wonderful new set of colleagues in Durham and still keep in touch with many, but it is great to be back with my old and new colleagues at Leeds. I still do not, however, dedicate this book to my colleagues or family as is the custom – rather, this dedication still goes to the train drivers between York and Leeds (and for 5 years between York and Durham) and the good folk of Rosedale Abbey who have kept me sane and provided me that much needed few hours of solitude each day to have a cup of coffee and ponder on research ideas and the text of this book. I would also like to thank Jonathan Skerrett, commissioning...