Advanced search
Publication Cover
Global Crime Volume 18, 2017 - Issue 1: Illegal markets in cyberspace
Submit an article Journal homepage
2,790
Views
58
CrossRef citations to date
0
Altmetric
Articles

The online stolen data market: disruption and intervention approaches

Alice HutchingsComputer Laboratory, University of Cambridge, Cambridge, UKCorrespondence[email protected]
View further author information
&
Thomas J. HoltSchool of Criminal Justice, Michigan State University, East Lansing, MI, USAView further author information
Pages 11-30 | Published online: 21 Jun 2016

Bibliography

  • Afroz, S., A. Caliskan-Islam, A. Stolerman, R. Greenstadt, and D. McCoy. “Doppelgänger Finder: Taking Stylometry to the Underground.” IEEE Symposium on Security and Privacy, San Jose, CA, May 18–21, 2014.
  • Akerlof, G. A. “The Market for ‘Lemons’: Quality Uncertainty and the Market Mechanism.” The Quarterly Journal of Economics 84, no. 3 (1970): 488–500. doi:10.2307/1879431.
  • Attorney-General’s Department. “Document Verification Service.” http://www.dvs.gov.au/Pages/default.aspx
  • Bachmann, M. “Deciphering the Hacker Underground: First Quantitative Insights.” In Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications, edited by T. J. Holt and B. H. Schell, 105–126. Hershey: Information Science Reference, 2010.
  • Bangeman, E. “Slowloris DDoS Tool Used by Anonymous Hacked to Include Zeus Trojan.” http://arstechnica.com/tech-policy/2012/03/slowloris-ddos-tool-used-by-anonymous-hacked-to-include-zeus-trojan/
  • Biryukov, A., I. Pustogarov, and R. Weinmann. “Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization.” Paper presented at the IEEE Symposium on Security and Privacy, San Francisco, CA, May 19–22, 2013.
  • Bocij, P. Cyberstalking: Harassment in the Internet Age and How to Protect Your Family. Westport, CT: Greenwood Publishing Group, 2004.
  • Bossler, A. M., and T. J. Holt. “On-Line Activities, Guardianship, and Malware Infection: An Examination of Routine Activities Theory.” International Journal of Cyber Criminology 3, no. 1 (2009): 400–420.
  • Bossler, A. M., and T. J. Holt. “The Effect of Self-Control on Victimization in the Cyberworld.” Journal of Criminal Justice 38, no. 3 (2010): 227–236. doi:10.1016/j.jcrimjus.2010.03.001.
  • Brenner, S. W. “Fantasy Crime: The Role of Criminal Law in Virtual Worlds.” Vanderbilt Journal of Entertainment and Technology Law 11, no. 1 (2008): 1–97.
  • Brown, R., E. Evans, S. Webb, S. Holdaway, G. Berry, S. Chenery, B. Gresty, and M. Jones. The Contribution of Financial Investigation to Tackling Organised Crime: A Qualitative Study. London: Home Office, 2012.
  • Burns, R. G., K. H. Whitworth, and C. Y. Thompson. “Assessing Law Enforcement Preparedness to Address Internet Fraud.” Journal of Criminal Justice 32, no. 5 (2004): 477–493. doi:10.1016/j.jcrimjus.2004.06.008.
  • Chiu, Y. N., B. Leclerc, and M. Townsley. “Crime Script Analysis of Drug Manufacturing in Clandestine Laboratories: Implications for Prevention.” British Journal of Criminology 51, no. 2 (2011): 355–374. doi:10.1093/bjc/azr005.
  • Christin, N. “Traveling the Silk Road: A Measurement Analysis of a Large Anonymous Online Marketplace.” Paper presented at the Proceedings of the 22nd international conference on World Wide Web, Rio de Janeiro, May 13–17, 2013.
  • Chu, B., T. J. Holt, and G. J. Ahn. Examining the Creation, Distribution and Function of Malware On-Line. Technical Report for National Institute of Justice. NIJ Grant No. 2007‐IJ‐CX‐0018. Washington, DC: National Institute of Justice, 2010.
  • Cohen, L. E., and M. Felson. “Social Change and Crime Rate Trends: A Routine Activity Approach.” American Sociological Review 44, no. 4 (1979): 588–608. doi:10.2307/2094589.
  • Coordination Centre for TLD RU. “The Terms and Conditions of Domain Names Registration in Domains .Ru and .Рф.” http://cctld.ru/en/docs/rules.php
  • Cornish, D. B. “Crime as Scripts.” Proceedings of the International Seminar on Environmental Criminology and Crime Analysis, Coral Gables, FL, May 26–28, 1994.
  • Cornish, D. B. “The Procedural Analysis of Offending and Its Relevance for Situational Prevention.” In Crime Prevention Studies, edited by R. V. Clarke, 151–196. Monsey, NY: Criminal Justice Press, 1994.
  • Cornish, D. B., and R. V. Clarke. “Understanding Crime Displacement: An Application of Rational Choice Theory.” Criminology 25, no. 4 (1987): 933–948. doi:10.1111/crim.1987.25.issue-4.
  • Finn, J. “A Survey of Online Harassment at a University Campus.” Journal of Interpersonal violence 19, no. 4 (2004): 468–483. doi:10.1177/0886260503262083.
  • Franklin, J., V. Paxson, A. Perrig, and S. Savage. “An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants.” ACM Conference on Computer and Communications Security (CCS), Alexandria, VA, October 29–November 2, 375–388, 2007.
  • Furnell, S. Cybercrime: Vandalizing the Information Society. London: Pearson Education Limited, 2002.
  • Garland, D. “The Limits of the Sovereign State.” The British Journal of Sociology 36, no. 4 (1996): 445–471.
  • Gibbs, J. P. Crime, Punishment and Deterrence. New York: Elsevier Scientific Publishing Company, 1975.
  • Glenny, M. Darkmarket: Cyberthieves, Cybercops and You. London: The Brodley Head, 2011.
  • Goodin, D. “Bombshell Truecrypt Advisory: Backdoor? Hack? Hoax? None of the Above?” http://arstechnica.com/security/2014/05/bombshell-truecrypt-advisory-backdoor-hack-hoax-none-of-the-above/
  • Grabosky, P. “Secrecy, Transparency and Legitimacy.” http://www.india-seminar.com/2014/655/655_peter_grabosky.htm
  • Hancock, G., and G. Laycock. “Organised Crime and Crime Scripts: Prospects for Disruption.” In Situational Prevention of Organised Crimes, edited by K. Bullock, R. V. Clarke, and N. Tilley, 172–192. Devon: Willan Publishing, 2010.
  • Herley, C., and D. Florêncio. “Nobody Sells Gold for the Price of Silver: Dishonesty, Uncertainty and the Underground Economy.” In Economics of Information Security and Privacy, edited by T. Moore, D. Pym, and C. Ioannidis, 33–53. New York: Springer, 2010.
  • Higgins, K. J. “Target, Neiman Marcus Data Breaches Tip of the Iceberg.” http://www.darkreading.com/attacks-breaches/target-neiman-marcus-data-breaches-tip-o/240165363
  • Hoe, S. C., M. Kantarcioglu, and A. Bensoussan. “A Game Theoretical Analysis of Lemonizing Cybercriminal Black Markets.” In Decision and Game Theory for Security, edited by J. Grossklags and J. Walrand, 60–77. Berlin: Springer, 2012.
  • Hollinger, R. C. “Crime by Computer: Correlates of Software Piracy and Unauthorised Account Access.” Security Journal 4, no. 1 (1993): 2–12.
  • Holt, T. J. “Subcultural Evolution? Examining the Influence of On- and Off-Line Experiences on Deviant Subcultures.” Deviant Behavior 28, no. 2 (2007): 171–198. doi:10.1080/01639620601131065.
  • Holt, T. J., and K. R. Blevins. “Examining Sex Work from the Client’s Perspective: assessing Johns Using On-Line Data.” Deviant Behavior 28, no. 4 (2007): 333–354. doi:10.1080/01639620701233282.
  • Holt, T. J., K. R. Blevins, and J. B. Kuhns. “Examining Diffusion and Arrest Avoidance Practices among Johns.” Crime & Delinquency 60, no. 2 (2014): 261–283. doi:10.1177/0011128709347087.
  • Holt, T. J., and A. M. Bossler. “Examining the Applicability of Lifestyle-Routine Activities Theory for Cybercrime Victimization.” Deviant Behavior 30, no. 1 (2008): 1–25. doi:10.1080/01639620701876577.
  • Holt, T. J., and A. M. Bossler. “An Assessment of the Current State of Cybercrime Scholarship.” Deviant Behavior 35, no. 1 (2014): 20–40. doi:10.1080/01639625.2013.822209.
  • Holt, T. J., A. M. Bossler, and S. Fitzgerald. “Examining State and Local Law Enforcement Perceptions of Computer Crime.” In Crime on-Line: Correlates, Causes, and Context, edited by T. J. Holt, 221–246. Raleigh: Carolina Academic Press, 2010.
  • Holt, T. J., Y.-T. Chua, and O. Smirnova. “An Exploration of the Factors Affecting the Advertised Price for Stolen Data.” Paper presented at the eCrime Researchers Summit (eCRS), San Francisco, CA, September 17–18, 2013.
  • Holt, T. J., and E. Lampke. “Exploring Stolen Data Markets Online: Products and Market Forces.” Criminal Justice Studies 23, no. 1 (2010): 33–50. doi:10.1080/14786011003634415.
  • Holt, T. J., and O. Smirnova. Examining the Structure, Organization, and Processes of the International Market for Stolen Data. Washington DC: National Criminal Justice Reference Service, 2014.
  • Holt, T. J., O. Smirnova, and Y. T. Chua. “Exploring and Estimating the Revenues and Profits of Participants in Stolen Data Markets.” Deviant Behavior 37, no. 4 (2016): 353–367. doi:10.1080/01639625.2015.1026766.
  • Hutchings, A. “Theory and Crime: Does It Compute?” PhD diss., Griffith University, 2013.
  • Hutchings, A., and T. J. Holt. “A Crime Script Analysis of the Online Stolen Data Market: Table 1.” British Journal of Criminology 55, no. 3 (2015): 596–614. doi:10.1093/bjc/azu106.
  • Jacobs, B. A. “Deterrence and Deterrability*.” Criminology 48, no. 2 (2010): 417–441. doi:10.1111/j.1745-9125.2010.00191.x.
  • Jansen, R., F. Tschorsch, A. Johnson, and B. Scheuermann. “The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network.” Paper presented at the Network and Distributed Systems Security Symposium (NDSS), San Diego, CA, February 23–26, 2014.
  • Kravets, D. “Are the FBI and ‘Weev’ Both Hackers?” http://arstechnica.com/tech-policy/2014/09/are-the-fbi-and-the-weev-both-hackers/
  • Kravets, D. “US Says It Can Hack into Foreign-Based Servers without Warrants.” http://arstechnica.com/tech-policy/2014/10/us-says-it-can-hack-into-foreign-based-servers-without-warrants/
  • Krebs, B. “Silk Road Lawyers Poke Holes in FBI’s Story.” http://krebsonsecurity.com/2014/10/silk-road-lawyers-poke-holes-in-fbis-story/
  • Leclerc, B., R. Wortley, and S. Smallbone. “Getting into the Script of Adult Child Sex Offenders and Mapping out Situational Prevention Measures.” Journal of Research in Crime and Delinquency 48, no. 2 (2011): 209–237. doi:10.1177/0022427810391540.
  • Leontiadis, N., and A. Hutchings. “Scripting the Crime Commission Process in the Illicit Online Prescription Drug Trade.” Journal of Cybersecurity 1, no. 1 (2015): 81–92.
  • Levi, M., and M. Maguire. “Reducing and Preventing Organised Crime: An Evidence-Based Critique.” Crime, Law and Social Change 41, no. 5 (2004): 397–469. doi:10.1023/B:CRIS.0000039600.88691.af.
  • Martin, A. “Lulzsec Hacker Exposed by Service He Thought Would Hide Him.” http://www.thewire.com/technology/2011/09/lulzsec-hacker-exposed-service-he-thought-would-hide-him/42895/
  • Maurushat, A. Data Breach Notification Law across the World from California to Australia. University of New South Wales Law Research Series Paper No. 11. Sydney: University of New South Wales, 2009.
  • McCalley, H., B. Wardman, and G. Warner. “Analysis of Back-Doored Phishing Kits.” In Advances in Digital Forensics VII, edited by G. Peterson and S. Shenoi, 155–168. Berlin: Springer, 2011.
  • McCoy, D., K. Bauer, D. Grunwald, T. Kohno, and D. Sicker. “Shining Light in Dark Places: Understanding the Tor Network.” Paper presented at the Privacy Enhancing Technologies, Leuven, July 23–25, 2008.
  • McCusker, R. Review of Anti-Corruption Strategies. Canberra: Australian Institute of Criminology, 2006.
  • Menn, J. “Talk on Cracking Internet Anonymity Service Tor Withdrawn from Conference.” http://www.reuters.com/article/2014/07/21/cybercrime-conference-talk-idUSL2N0PW14320140721
  • Mirante, D., and J. Cappos. Understanding Password Database Compromises. Technical Report TR-CSE-2013-02. Brooklyn, NY: Department of Computer Science and Engineering Polytechnic Institute of NYU, 2013.
  • Morselli, C., and J. Roy. “Brokerage Qualifications in Ringing Operations.” Criminology 46, no. 1 (2008): 71–98. doi:10.1111/j.1745-9125.2008.00103.x.
  • Motoyama, M., D. McCoy, K. Levchenko, S. Savage, and G. M. Voelker. “An Analysis of Underground Forums.” In 2011 ACM SIGCOMM conference on Internet Measurement, 71–80. Berlin, Germany: ACM, 2011.
  • Murdoch, S. J. “Hot or Not: Revealing Hidden Services by Their Clock Skew.” Paper presented at the Proceedings of the 13th ACM conference on Computer and Communications Security, Alexandria, October 30–November 3, 2006.
  • Murdoch, S. J., and R. Anderson. “Tools and Technology of Internet Filtering.” In Access Denied: The Practice and Policy of Global Internet Filtering, edited by R. Deibert, J. Palfrey, R. Rohozinski, and J. Zittrain, 57–72. Cambridge: MIT Press, 2008.
  • Newman, G. R., and R. V. Clarke. Superhighway Robbery: Preventing E-Commerce Crime. Devon: Willan Publishing, 2003.
  • Øverlier, L., and P. Syverson. “Locating Hidden Servers.” Paper presented at the 2006 IEEE Symposium on Security and Privacy, Oakland, May 21–24, 2006.
  • Pauli, D. “Oz Privacy Comish Says Breaches Could Be Double This Year.” http://www.theregister.co.uk/2014/10/20/2014_a_bumper_year_for_aussie_breaches/
  • Peacock, T., and A. Friedman. “Automation and Disruption in Stolen Payment Card Markets.” In 13th Annual Workshop on the Economics of Information Security, June 23–24. State College: Pennsylvania State University, 2014.
  • Peretti, K. K. “Data Breaches: What the Underground World of Carding Reveals.” Santa Clara Computer & High Tech Law Journal 25 (2009): 375–413.
  • Ponemon Institute. Cost of Data Breach Study: Global Analysis. Traverse City, MI: IBM, 2014.
  • Poulsen, K. Kingpin: The True Story of Max Butler, the Master Hacker Who Ran a Billion Dollar Cyber Crime Network. Sydney: Hachette Australia, 2011.
  • Poulsen, K. “Visit the Wrong Website, and the FBI Could End up on Your Computer.” http://www.wired.com/2014/08/operation_torpedo/
  • Rawlinson, K. “Websites Linked to £500m Credit Card Fraud Shut Down by Police.” http://www.independent.co.uk/news/uk/crime/websites-linked-to-500m-credit-card-fraud-shut-down-by-police-7681808.html
  • Reyns, B. W., B. Henson, and B. S. Fisher. “Stalking in the Twilight Zone: Extent of Cyberstalking Victimization and Offending among College Students.” Deviant Behavior 33, no. 1 (2012): 1–25. doi:10.1080/01639625.2010.538364.
  • Romanosky, S., R. Telang, and A. Acquisti. “Do Data Breach Disclosure Laws Reduce Identity Theft? (Updated).” Journal of Policy Analysis and Management 30, no. 2 (2011): 256–286. doi:10.1002/pam.20567.
  • Samani, R., F. Paget, and M. Hart. Digital Laundry: An Analysis of Online Currencies, and Their Use in Cybercrime. Santa Clara, CA: McAfee, 2013.
  • Sanders, T. “Selling Sex in the Shadow Economy.” International Journal of Social Economics 35, no. 10 (2008): 704–716. doi:10.1108/03068290810898927.
  • Schell, B. H., and J. L. Dodge. The Hacking of America: Who’s Doing It, Why, and How. Westport, CT: Greenwood Publishing Group, 2002.
  • Schneier, B. “How the NSA Attacks Tor/Firefox Users with Quantum and Foxacid.” https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html
  • Science and Technology Committee. Personal Internet Security Volume II: Evidence. London: House of Lords, 2007.
  • Seals. “2014 So Far: The Year of the Data Breach.” http://www.infosecurity-magazine.com/news/2014-the-year-of-the-data-breach/
  • Skinner, W. F., and A. M. Fream. “A Social Learning Theory Analysis of Computer Crime among College Students.” Journal of Research in Crime and Delinquency 34, no. 4 (1997): 495–518. doi:10.1177/0022427897034004005.
  • Smith, R. G. Trends & Issues in Crime and Criminal Justice No. 202: Cross-Border Economic Crime: the Agenda for Reform. Canberra: Australian Institute of Criminology, 2001.
  • Smith, R. G., and P. Jorna. “Corrupt Misuse of Information and Communication Technologies.” In Handbook of Global Research and Practice in Corruption, edited by A. Graycar and R. G. Smith, 255–281. Cheltenham: Edward Elgar Publishing Limited, 2011.
  • Smith, R. G., N. Wolanin, and G. Worthington. Trends & Issues in Crime and Criminal Justice No. 243: e-Crime Solutions and Crime Displacement. Canberra: Australian Institute of Criminology, 2003.
  • Stajano, F. “Pico: No More Passwords!” Chap. 6. in Security Protocols XIX, Lecture Notes in Computer Science, edited by B. Christianson, B. Crispo, J. Malcolm, and F. Stajano, 49–81. Berlin: Springer, 2011.
  • Sunshine, J., and T. R. Tyler. “The Role of Procedural Justice and Legitimacy in Shaping Public Support for Policing.” Law & Society Review 37, no. 3 (2003): 513–548. doi:10.1111/1540-5893.3703002.
  • Symantec Corporation. Internet Security Threat Report. Mountain View, CA: Symantec Corporation, 2014.
  • The Economist. “Banks and Fraud: Hacking Back.” http://www.economist.com/news/finance-and-economics/21600148-bankers-go-undercover-catch-bad-guys-hacking-back
  • Tyler, T. R. “Enhancing Police Legitimacy.” The Annals of the American Academy of Political and Social Science 593, no. 1 (2004): 84–99. doi:10.1177/0002716203262627.
  • Wall, D. S. “Maintaining Order and Law on the Internet.” In Crime and the Internet, edited by D. S. Wall, 167–183. London: Routledge, 2001.
  • Wall, D. S. Cybercrime: The Transformation of Crime in the Information Age. Cambridge: Polity Press, 2007.
  • Wehinger, F. “The Dark Net: Self-Regulation Dynamics of Illegal Online Markets for Identities and Related Services.” Paper presented at the Intelligence and Security Informatics Conference (EISIC), 2011 European, Athens, September 12–14, 2011.
  • Western Union. “What Is Considered Valid Identification to Pick up a Money Transfer?” http://www.westernunion.co.uk/gb/faq-send-money-in-person
  • Wilson, D. G., W. F. Walsh, and S. Kleuber. “Trafficking in Human Beings: Training and Services among US Law Enforcement Agencies.” Police Practice and Research 7, no. 2 (2006): 149–160. doi:10.1080/15614260600676833.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.