The creation of the cybercrime classification methodology was a response to the need for a comprehensive approach to understanding different types of cybercriminals and their motives. A scholarly and practical book entitled “Cyber Fenshui” (2015), from the Instituteʼs private library, provides the fundamental basis for this methodology. Since then, the methodology has been regularly updated and expanded to help classify and understand new and emerging types of cybercriminals.
The study of cybercriminals spans various scientific disciplines, including cybersecurity, criminalistics, sociology, psychology, law, and political science.
Some of the parameters included in the cybercrime classification methodology:
1. Physical marks that can help identify specific cybercriminals or groups.
2. Classification of cybercriminals according to the type of cybercrime they specialize in.
3. Social markers such as lifestyle or behavioral patterns which can help to identify cybercriminals through analysis.
4. Motivation and reasons behind a cybercriminal’s actions, such as financial gain, philosophy, or personal motive.
5. Geographical location to determine where different types of cybercriminals and their organizations are located.
6. Classification of cybercriminals based on the specific types of crimes they commit.
7. Methods of committing a crime: Techniques and tactics that cybercriminals use to carry out their attacks.
8. The level of skill and technical knowledge possessed by the cybercriminal.
9. Specific goals or objectives of the attack, such as stealing sensitive data, disrupting services, or extorting money.
Studying cybercriminals and understanding their motivations, tactics, and techniques is crucial when seeking to effectively combat them and protect against future attacks. This classification contains an analysis of more than 200 cases, and is constantly updated with new incidents. By constantly updating the classification with new incidents, we can gain a deeper understanding of the changing cybercrime landscape and stay one step ahead.
The importance of having a classification also stems from the fact that cybercriminals may become radicalized over time and may escalate to the level of terrorism and other forms of violence in wartime. In some cases, cybercriminals may be recruited by terrorist organizations to carry out cyber attacks as a way to achieve their goals. Also, cybercriminals may be hired by military organizations or governments to carry out government cyber attacks.
Regardless of the motivation of cybercriminals, learning and understanding their tactics and techniques allows us to effectively combat them and defend against future attacks. This includes understanding the potential for radicalization and how governments and organizations recruit and motivate cybercriminals to engage in terrorism, warfare, or other forms of violence.