Understanding Cybercrime

Existing cybercrime research in the information systems (IS) field has focused on a subset of corporate incidents (e.g., fraud, hacking intrusions), and emphasized solutions designed to repel attacks or to minimize their aftermath (e.g., barrier technologies, enhanced security procedures). This focused, defensive, and pragmatic posture is valuable and necessary as an immediate triage response, to "stop the bleeding" and provide protection from imminent harm. However, the extant work has not painted a sufficiently broad picture of the scope of cybercriminal activity, nor paid adequate attention to its root causes. This paper presents a different view. It analyzes 113 U.S. Department of Justice federal cybercrime cases from 2008 and 2009, categorizes these cases using an applied criminal offense framework developed by the FBI, considers philosophical explanations for criminal motives, and then identifies the apparent motive(s) that led to the commission of each crime. This paper seeks to contribute to an improved understanding of what cybercrime is, and why it is occurring at the individual level, in order to develop more proactive and effective solutions.