You are here

Column: A cyber world of difference

Column: A cyber world of difference

1 March 2018

A cyber world of difference: cyber criminals are not the same as traditional criminals.

By: Dr Marleen Weulen Kranenbarg 

The 18-year-old Jelle S., who is suspected of having carried out various DDoS attacks earlier this month, wrote in a mail exchange with the de Volkskrant newspaper that he did this ‘because it is fun’ and ‘to see if it is possible for a teenager to simply cripple all banks with a relatively simple attack’. In my PhD research, in which I compared cyber criminals with traditional criminals, these were exactly the types of motives for this type of cybercrime. Cyber criminals who commit offences such as hacking, defacing and DDoS attacks state that they do this 'out of boredom, curiosity or thrill seeking' and 'because it was fun and/or felt good’. The respondents who committed Internet-related crimes, such as defacements or DDoS attacks, stated that besides these intrinsic motives they also did it to 'set something right and/or to convey a message’. This was also a clear factor in the motives of Jelle S.

However, the general picture about cybercrime is that these offences are committed for financial gain. This was almost never indicated in my research and it does not appear to have played any role in the case of Jelle S. Of course there are enough types of cybercrime in which a lot of money is earned. However, there is also an important category of perpetrators who cause a lot of damage without any financial gain. This is a group whose crimes are possibly correctly referred to by de Volkskrant as online mischief, but then with considerable financial or other consequences. A lack of financial motives and committing offences based on intrinsic motivation, such as curiosity, is an important difference between cybercrime and traditional criminality.

Besides these differences in motives, I also investigated other domains in criminology that are traditionally seen as important for understanding criminal behaviour. The first domain was the age of incidence. I asked myself at which moments in their lives cyber criminals are most inclined to commit cyber offences. From research into traditional criminality we know that criminals are, in general, less inclined to commit offences during the years in which they live together with a family and the years in which they have work or are following an educational course. That is because there is more at stake in these years. A possible conviction can have major consequences for work, education or family. In addition, there are simply less opportunities to commit crime in these circumstances. However, employment and following an educational course could actually provide opportunities for cybercrime. After all, having a job, especially in the IT sector, provides access to a wide range of IT systems that you would normally not have access to and you spend a relatively large amount of time behind a computer where you could commit cybercrime.

I also saw this in my research, which revealed that having work or following an educational course is not a protective factor for cybercrime. In addition, I found that in the population of cybercrime suspects, these offences are mainly committed in the years in which the suspects had a job in the IT sector or they followed an educational course. Living with a family is still a protective factor, and so the most logical conclusion that can be drawn from this is that the opportunity for cybercrime occurs in entirely different situations and that there is too little social control in those situations to prevent the criminality of this group of suspects. Of course it needs to be stated that this does not mean that everybody who works in the IT sector is a potential cyber criminal. In combination with the motives for cybercrime this offers a possible solution. If we could succeed in giving cyber criminals a legal alternative in which they could satisfy their curiosity, such as a job in the IT sector, and also increase the social control in such a situation then we may be able to prevent such individuals from continuing to commit these offences.

Another important difference I found with traditional criminality was the correlation between a person's behaviour and his or her direct social environment. Although that relationship is present in cybercrime, it is far less strong than for traditional criminality. There is therefore much less cyber-criminal behaviour or attitudes in the direct social environment of cyber criminals than the social environment of traditional criminals. It is quite possible that this is related to the relatively low chance of being arrested and the anonymity of cyber criminal behaviour; this means it is less relevant what your social environment thinks about your cyber criminal behaviour in view of the fact that they will probably never find out about it. Furthermore, with the help of information on the Internet, cyber criminals can increase their knowledge of how to abuse IT systems without the need for meaningful social interactions with others.

Finally, important differences were also found between cyber criminals. The perpetrators of more technical types of cybercrime, such as forms of hacking, were found to differ from perpetrators of less technical offences in certain ways. For example, IT knowledge was more important for the more technical perpetrators and they also exhibited quite specific online activities in which they could acquire knowledge such as the frequent use of fora. In addition, these perpetrators were found to have a higher level of self-control, which may enable them to be better at planning and executing the more technical offences. The perpetrators of less technical offences had a lower self-control and that is also the case for traditional criminals.

Due to the emergence of booter services, which were also used by Jelle S., I expect an enormous increase in cyber criminals within this last group. A decreasing amount of technical knowledge is probably required for the commitment of cybercrimes, so that cyber criminals in the future might exhibit more similarities with traditional criminals. However, I also expect that the differences I have found with respect to opportunity, motives and social environment will continue to play an important role in the future in combatting cybercrime.


On 26 January 2018, Marleen Weulen Kranenbarg gained her doctorate from VU University Amsterdam for her research entitled ‘Cyber-offenders versus traditional offenders: an empirical comparison’. You can download the English summary or her entire thesis via this link: http://dare.ubvu.vu.nl/handle/1871/55530