![Sample our Politics & International Relations journals, sign in here to start your FREE access for 14 days]({"type":"image" , "src" : "/sda/5947/TOC-Subject-Sample-2021-Politics-International-Relations.jpg"})
Abstract
The Internet is a global infrastructure, connecting individuals, regardless of their proximity to one another. But, the ability to connect on such a large scale has also been leveraged to coordinate illicit activities. This has led to the emergence of online illicit networks that have enabled broader participation in cybercrime. Online stolen data markets have been of particular interest to researchers, though the networks involved in the development, deployment and distribution of malicious software are far less explored, despite being intricately tied to the growing issue of cyber security. The current study identifies community structures within a larger network of hackers, malware writers and market actors and examines the underlying characteristics of these networks. Results suggest that the network is composed of modular communities formed largely of weak, non-redundant ties that follow the ubiquitous structure of complex networks. Implications, limitations and directions for future research conclude this paper.
Acknowledgements
The authors thank the reviewers for their helpful comments on a previous draft of this paper.
Disclosure statement
No potential conflict of interest was reported by the authors.
Notes
1. Burt, “Social Capital.”
2. Raab and Brinton Milward, “Dark Networks as Problems.”
3. Kilger et al., “Profiling,” 16.
4. Holt, “Exploring Stolen Data Markets”; Holt and Lampke, “Stolen Data Markets Online”; Soudijn and Zegers, “Cybercrime and Convergence Settings”; and Yip et al., “Analysis of Criminal Networks.”
5. Wang et al., “Hacker Forums.”
6. Holt, “Examining Cybercrime Markets Online”; Holt, “Exploring the Social Organisation”; and Holt and Lampke, “Stolen Data Markets Online.”
7. Holt, “Examining the Forces Shaping”; and Holt and Lampke, “Stolen Data Markets Online.”
8. Zhang and Li, “Survival Analysis on Forums.”
9. While there is little to no consensus on the estimated costs resulting from data breaches, this source was chosen due to its international reach and cooperation with organizations around the world. In addition, compared with computer cyber security firms, the United Nations has no blatant conflicts of interest that may potentially bias this estimate.
10. United Nations, “Cybersecurity: A Global Issue.”
11. Dingman et al., “Hackers.”
12. Symantec, Internet Security Threat Report, Vol. 20.
13. IBM, Threat Intelligence Quarterly; and Trend Micro, Cybersecurity in the Americas.
14. Ponemon Institute, 2015 Megatrends in Cybersecurity.
15. Symantec, Internet Security Threat Report, Vol. 16.
16. See note 12 above.
17. Brenner, Cyberthreats.
18. Brenner, Cyberthreats; and Hellström, “Critical Infrastructures and Systematic Vulnerability.”
19. Hellström, “Critical Infrastructures and Systematic Vulnerability.”
20. Von Lampe, “Assessing Organized Crime.”
21. Holt, “Technology, Crime, and Terror”; and Holt, “Examining Cybercrime Markets Online.”
22. Holt, “Examining Cybercrime Markets Online”; Holt, “Exploring Stolen Data Markets”; Holt and Lampke, “Stolen Data Markets Online”; Hutchings and Holt, “A Crime Script Analysis”; and Soudijin and Zegers, “Cybercrime and Convergence Settings.”
23. Kalm, “Illicit Networks in Cyberspace”; Morselli, Inside Criminal Networks; and Xu and Chen, “Topology of Dark Networks.”
24. Holt, “Subcultural Evolution?”; Holt and Lampke, “Stolen Data Markets Online”; and Holt et al., “Social Networks of Hackers.”
25. Broadhurst et al., “Organizations and Cyber Crime.”
26. See note 2 above.
27. Holt, “Examining Cybercrime Markets Online”; Holt, “Exploring Stolen Data Markets”; and Holt and Lampke, “Stolen Data Markets Online.”
28. Wasserman and Faust, Social Network Analysis.
29. Streeter and Gillespie, “Social Network Analysis.”
30. Morselli, Inside Criminal Networks.
31. Everton, “Network Topography.”
32. Broadhurst et al., “Organizations and Cyber Crime”; Kalm, “Illicit Networks in Cyberspace.”
33. Watts, “The Small-World Phenomenon.”
34. Albert and Barabási, “Mechanics of Complex Networks.”
35. See note 31 above.
36. Kalm, “Illicit Networks in Cyberspace.”
37. McGuire, Organised Crime.
38. See note 34 above.
39. See note 36 above.
40. Newman, “Community Structure in Networks.”
41. Watts and Strogatz, “Small-World Networks.”
42. Granovetter, “Strength of Weak Ties.”
43. Ibid.
44. Everton, “Network Topography”; Watts, “The Small-World Phenomenon”; and Watts and Strogatz, “Small-World Networks.”
45. Xu and Chen, “Topology of Dark Networks.”
46. See note 31 above.
47. Yip et al., “Analysis of Criminal Networks.”
48. Hein et al., “Scale-Free Networks”; and Ravasz and Barabási, “Hierarchical Organization.”
49. Barabási et al., Structures in Complex Networks.
50. See note 34 above.
51. Hein et al., “Scale-Free Networks.”
52. Ravasz and Barabási, “Hierarchical Organization.”
53. See note 37 above.
54. See note 27 above.
55. See note 47 above.
56. Holt, “Examining Cybercrime Markets Online.”
57. Décary-Hétu and Dupont, “Social Networks of Hackers”; and Holt, “Examining Cybercrime Markets Online.”
58. See note 36 above.
59. Décary-Hétu and Dupont, “Social Networks of Hackers”; Holt, “Examining Cybercrime Markets Online”; Holt, “Exploring Stolen Data Markets”; and Holt and Lampke, “Stolen Data Markets Online.”
60. See note 27 above.
61. Motoyama et al., “Analysis of Underground Forums.”
62. The web crawler used for data collection was designed by co-author, Dr. Richard Frank. For detailed information regarding the technical components of the software, see Macdonald et al., “Identifying Digital Threats.”
63. Décary-Hétu and Leppänen, “Criminals and Signals”; and Holt, “Qualitative Strategies Using On-line Data.”
64. Gephi Consortium, “Gephi.”
65. Abbasi et al., “Expert Hackers in Web Forums.”
66. Holt and Lampke, “Stolen Data Markets Online.”
67. See note 40 above.
68. Blondel et al., “Communities in Large Networks.”
69. Hanneman and Riddle, Introduction to Social Networks.
70. Haythornthwaite, “Exploring Multiplexity.”
71. Freeman, “Centrality in Social Networks.”
72. Décary-Hétu and Dupont, “Social Networks of Hackers”; Holt et al., “Social Networks of Hackers”; and Lu et al., “Network Analysis of Hackers.”
73. See note 69 above.
74. Borgatti et al., Analyzing Social Networks.
75. See note 31 above.
76. See note 69 above.
77. Onnela et al., “Structure and Tie Strength.”
78. See note 69 above.
79. See note 41 above.
80. See note 69 above.
81. See note 74 above.
82. Ibid.
83. See note 33 above.
84. See note 51 above.
85. Dorogovtsev and Mendes, “Evolution of Networks.”
86. Cobb et al., “Social Network Structure”; Ravid and Rafaeli, “Asynchronous Discussion Groups”; and Xu and Chen, “Topology of Dark Networks.”
87. See note 51 above.
88. See note 52 above.
89. Ravasz et al., “Modularity in Metabolic Networks”; and Ravasz and Barabási, “Hierarchical Organization.”
90. See note 52 above.
91. Broadhurst et al., “Organizations and Cyber Crime”; and Holt et al., “Social Networks of Hackers.”
92. See note 37 above.
93. See note 41 above.
94. Ravid and Rafaeli, “Asynchronous Discussion Groups.”
95. See note 51 above.
96. Ibid.
97. Ibid.
98. Ibid.
99. See note 52 above.
100. Ibid.
101. See note 89 above.
102. Kalm, “Illicit Networks in Cyberspace”; and Xu and Chen, “Topology of Dark Networks.”
103. See note 47 above.
104. Betweenness centrality is an indirect measure of centrality that calculates the extent to which nodes occupy the shortest path between two otherwise unconnected nodes. Nodes scoring high in betweenness centrality are positioned as bridges within social networks and, subsequently, influence the transfer of information, resources and/or opportunities amongst unconnected nodes.
105. See note 51 above.
106. See note 45 above.
107. See note 47 above.
108. Abbasi et al., “Expert Hackers in Web Forums”; Holt et al., “Social Networks of Hackers”; Jordan and Taylor, “A Sociology of Hackers”; and Kilger et al., “Profiling,” 16.
109. Granovetter, “Ignorance, Knowledge, and Outcomes.”
110. Hein et al., “Scale-Free Networks”; Xu and Chen, “Topology of Dark Networks”; and Yip et al., “Analysis of Criminal Networks.”
111. Xu and Chen, “Topology of Dark Networks”; and Yip et al., “Analysis of Criminal Networks.”
Additional information
Funding
Notes on contributors
Mitch Macdonald
Mitch Macdonald is a graduate student in the School of Criminology at Simon Fraser University. His research interests include cybercrime, financial crime, the structure of illicit networks and criminal career trajectories. Currently, Mitch is exploring the intersection between hacking and fraud and the Internet’s facilitation of money laundering.
Richard Frank
Richard Frank is an Assistant Professor in the School of Criminology at Simon Fraser University and Associate Director of the International Cybercrime Research Centre. He holds PhDs in Computer Science and Criminology from Simon Fraser University. Richard has applied his technical background to criminological research, developing the custom web crawler discussed in this study. Modifications of this software have also been used to identify online child exploitation networks and analyse extremist propaganda on the Internet.