We directly assessed the amount of time respondents spent on specific computer activities by asking the respondents how much time they spent on the computer each week, on an average, over the past 6 months for each of the following activities:. The options were:. Note that a positive response means that they do not use on-line banking or these websites. Deviant Behavior. In order to examine the relationship between deviant computer activities and data loss due to malware infection, respondents were asked how many times options being never, , , and 6 or more times they used a computer in the past 12 months to:.
Averaging these three items allowed the other deviance measures to have the same influence in the deviant behavior measure, rather than having three of the seven items included in the scale be hacking related. We included guardianship measures that could be categorized as: personal, physical, and social.
Respondents were asked to assess their skill level with computers and technology skill level to serve as a proxy measure of their ability to protect their computers and themselves while interacting or performing various activities online. This assessment was based on a three-point ordinal scale adapted from Rogers :. The modal category Physical guardianship was measured by adding these seven items together and creating an additive scale.
We also examine the independent effects of the seven items on malware victimization as a precaution that physical guardianship cannot be operationalized as an additive scale. It is important to note that our assessment of physical guardianship may not accurately reflect the use of these programs by the respondents.
Choi notes that respondents may not understand the definition or utility of protective software programs, thus any attempt to explore their use must be carefully developed by researchers. As we did not provide definitions for each type of program in the survey, we are careful to moderate our discussion of these variables in the findings of this study. Social guardianship was assessed by asking the respondents how many of their friends had pirated software fr.
Results and Discussion. The correlation matrix, presented in Table 1, illustrates that most routine activities on the computer, as well as personal and physical guardianship, are not correlated with data loss from malware victimization.
Furthermore, friends pirate software is the only item from the social guardianship measure not correlated with data loss from malware victimization. Although the matrix does not indicate strong relationships between legitimate computer activities and malware victimization, these univariate analyses provide enough evidence to further explore our hypotheses via multivariate analyses.
We estimated logistic regression models with data loss caused by malware victimization as the dependent variable see Schreck, ; Holtfreter et al. For our main analyses, we ran two models see Table 2. Model A contains the items as described in the measurement section, meaning that the components of RAT are represented as constructs.
In model B, we do not use the general constructs but use the specific items that comprised the scales. Researchers have traditionally used RAT as a framework to understand how specific behaviors and conditions are related to victimization, rather than creating scales of the concepts themselves. Table 2.
Wireless -- -- Pirate software -- -- Pirate media -- -- -- -. Pornography -- -- Hacking -- -- These regression models indicate that neither computer ownership nor legitimate computer-related activities, such as chat rooms and email, appear to have an influence on the risk of data loss caused by malware infection.
The only routine activity measure that is statistically related to data loss from malware infection is having T-1 internet connection speed. While we originally conceived of connectivity as a lifestyle factor, because of the demographic correlates of connectivity and being able to access websites faster, the observed relationship between connectivity and the likelihood of malware infection may be a result of protective factors related to one's Internet connection.
High speed users, particularly on T1 connections, are more likely to use the University as their Internet Service Provider see Hinduja, Large institutions are more likely to have significant filtering and firewalls in place to protect users than those at home on dial-up or dsl modems. This insularity may play a role in reducing the risk of infection. Additionally, dial-up users are more likely to be impacted by unique forms of malicious software designed to subvert the modem that connects the computer to the Internet Nazario, There is, however, a need for future research to explore and disentangle the operationalization of connectivity as either a guardianship or lifestyle measure.
Spending time performing illegitimate computer activities was also not a strong predictor of malware infection. The only form of personal deviance that increased the risk of malware infection was pirating media. Such behavior is particularly prevalent among college students and younger people who regularly use computers Gopal et al.
Those who pirate media make suitable targets for malware writers as piracy requires individuals to open files for their own benefit. Motivated offenders can easily conceal their malware to appear as a music or movie file that an individual would want to download Szor, ; Taylor et al. Thus, these findings illustrate the importance of including measures covering multiple forms of computer deviance in order to avoid model misspecification.
Strong computer skills and careful password management, what we termed as personal guardianship, did not reduce the threat of malware victimization. Furthermore, malware infection was not influenced by physical guardianship.
This finding is contrary to the current understanding of malware protection, considering that anti-virus software and firewalls are made to stop computer infiltration and infection by viruses, worms, and Trojans. The cross-sectional design of our study could possibly nullify a significant negative relationship between physical guardianship measures and malware infection.
If respondents purchased anti-virus programs and firewalls as a preventive measure before and after victimization, physical guardianship would have a non-significant effect in a cross-sectional design.
This logic, however, assumes that the theoretical negative relationship between physical guardianship and infection is so small that the relationship could be nullified by only a few victims purchasing physical guardianship after victimization. Our models also indicate that associating with friends who view on-line pornography increases the risk of malware infection.
Peers who view pornography online may increase the risk of malware infection as these programs can spread to other computers through e-mail address books or other techniques Szor, As a consequence, their actions place all individuals in their social network at risk of victimization. Finally, some demographic correlates of malware infection were found.
Being female increased the odds of malware victimization by 1. Since the literature implies that computers in general are the primary targets for malware writers and not specific groups i. These additional tests found no differences regarding the effects of guardianship on malware victimization. The only factor that was significant in at least one of the two models and statistically different in comparison to the other model was the number of hours the respondent spent using chat rooms, IRC, or Instant Messaging.
For every one unit increase in the chat room measure, the odds of female malware victimization increased by 1. Thus, malware, or at least the use of it, might not be as indiscriminate as it appears. Conclusions and Policy Implications. Over the last 20 years, the rise of the personal computer and Internet has provided enormous advantages to our society. At the same time, it has also provided more opportunities for motivated offenders to victimize individuals in brand new ways.
RAT has historically been fruitful in providing a useful framework to understand how technological shifts affect a wide variety of criminal offenses.
Criminologists, however, have been slow to examine how computer routine activities and guardianship affect cybercrime. We addressed this gap by conducting an exploratory analysis of RAT to account for a computer-focused crime, malware infection.
Our findings provide partial support for the application of RAT to data loss from malicious software. Spending more time on computer activities theoretically related to malware infection, such as on-line shopping, e-mailing, and chat rooms, did not increase the odds of victimization.
At the same time, individuals who engage in media piracy were at an increased risk of victimization. In addition, those whose peers viewed pornography in cyberspace were at a significant risk of malware infection. These are excellent vectors for a motivated offender to distribute malicious code since media and pornographic files are attractive packages that many individuals would want to open Furnell, ; Szor, ; Taylor et al.
Thus, the findings suggest that the relationship between crime and victimization in the real world may be replicated in on-line environments. Computer software that has been created specifically to decrease malware victimization had no significant impact for this sample. Our findings support recent studies on malicious software that highlights the difficulty of security measures to prevent malware infection see PandaLabs, Almost 25 percent of personal computers around the world that use a variety of security solutions have malware loaded into their memory, compared with In addition, we did not find that different forms of personal guardianship decreased victimization.
These results may, however, be a consequence of our assessment of protective software. Choi recommends careful measurement and elaboration of security software concepts to respondents in order to properly address their use. As we did not use such information in the course of this study, it is possible that the findings of this analysis are measurement-related.
Thus, future researchers should explicitly define and clearly assess the influence of protective software on the risk of malware victimization see also Choi, These studies argued that taking safety precautions was not effective when the victimization experienced was caused by friends and not strangers. Physical guardianship measures will not be as effective in decreasing malware infection since physical guardianship tools are most useful for addressing victimization caused by strangers rather than friends.
Thus, these findings do not support target hardening as the strongest protection tool to decrease the probability of data loss from malware in a college sample. Instead, individuals must be aware of the possible consequences of their behavior and that of their peers and attempt to change their behavior. The above findings strongly support the role that criminology can play in developing a framework to understand and prevent malware infection.
Malware infection will not be decreased substantially through a single approach based solely on criminology or information technology. Both physical target hardening through security solutions and behavioral changes based on RAT will have a role in future programs and policies meant to decrease the damage caused by malware.
The continued examination of the behavioral correlates of malware infection using a RAT framework is vital. A key policy implication from this study is the need for greater awareness of the connection between computer deviance and malware victimization. The significant concentration of media piracy among young people, coupled with the increasing sophistication and efficacy of malware, suggests that this population is extremely susceptible to victimization.
Most media campaigns against piracy focus on the significant financial harms caused by this crime Higgins, These programs may, however, have little impact as piracy is largely perceived to have little effect on the artists and greater benefits for the individual see Gopal et al. Instead, anti-piracy campaigns need to focus on the risk to individuals and their peers who download media illegally.
Considering the significant volume of piracy that occurs in dorms on college campuses see Higgins, ; Hinduja, , educating students and computer security personnel on the risks of piracy may be an important preventative tool to decrease the risk of computer crime victimization on college campuses. A further practical implication may be to expand the regulatory power of system administrators to withhold service. Currently, system administrators can cut Internet connectivity to computer systems that are suspected of malicious activity or violations of terms of service.
Those who utilize large amounts of bandwidth for piracy purposes may also be tied to the spread of malicious software across networks. Thus, regular monitoring of Internet use for potential piracy, and selective removal of those users, may help to minimize the occurrence of infection.
Though such a measure may be helpful, it would require great technical resources for administrators as Internet Service Providers have very large customer populations.
Improving the automated monitoring protocols that can detect and remove anomalous traffic may be a key to help combat the problem of malicious software. Although this exploratory study increases our knowledge of cybercrime, further study is needed to elaborate and expand on the issue of malicious software infection.
Specifically, we used a convenient sample of college students from a single university, populated primarily by individuals from the same state. The characteristics of how malware spreads would indicate that our findings would be generalizable to other universities around the country. In addition, we assessed whether the respondents had experienced a severe form of malware victimization by asking whether they had lost computerized data.
This method does not capture information on malware that caused other forms of victimization, such as identity theft, or malware that is present, but benign. Future research should utilize more direct and specific measures of malware infection to triangulate the reality of malware on a system, such as diminished functionality and identification by antivirus programming see Choi, ; PandaLabs, Measures must also be employed to identify the time at which antivirus and other protective software were placed on a computer system.
Finally, our study only explored the applicability of routine activities theory to malware infection and did not examine the influences of concepts from other theories, such as self-control or rational choice theories. Clearly the participation in risky computer activities is an indicator of low self-control as well as behavior that places individuals in closer proximity to motivated offenders. Such explorations will improve our understanding of cybercrime victimization and the applicability of traditional theories of crime to account for victimization in virtual environments.
The missing data respondents were as likely to be victimized by malware over the last 12 months. Additionally, no pattern emerges that clearly separates the missing data respondents from the cases analyzed regarding their computer routines. In order to examine whether spending time on the computer in general affects malware victimization, we also measured the number of hours per week spent on the computer for work or school and also outside of work or school.
The options were: less than 5 hours, hours, hours, hours, and 21 or more hours. These two measures were not statistically significant in any regression model. The last two categories were collapsed because of limited responses in this largest category. The data set does not contain a question assessing whether the respondents have knowingly created or distributed malware with the intent to cause computer damage.
As the literature review illustrated, however, the deviant computer behaviors measured for this study can place an individual at risk for victimization as criminals may place malware within software, media, and pornographic websites. Additionally, engaging in hacking activities increases the risk of victimization from other hackers.
It should be noted that our skill level measure acts as a proxy measure for personal guardianship, but it could also be interpreted as a computer usage measure and therefore be considered a proxy for routine computer activity.
We consider skill level to be a guardianship measure because we have controlled for various computer-related routine activities as discussed above.
Any possible effect that skill level has on victimization would mostly be reduced to guardianship influences. We also examined race and age as these demographics have been related to traditional victimization. We ran full models with dummy variables for each group, but no racial group was significantly related to malware infection. Thus, we excluded these two demographics from our full models presented in Table 2 to simplify the models. We provide a full correlation matrix, including all of our measures for models A and B, because of the exploratory nature of our study and to provide the reader and future researchers as much information as possible regarding the correlates of malware victimization.
Multicollinearity, however, was not an issue for the models. No VIF was over 10 and no tolerance level fell below. In Model A, deviant behavior tolerance of. In Model B, pirating media tolerance of. Additionally, including measures for both downloading files and media piracy did not cause problems.
Models ran without the downloading files measure produced substantively similar results to the findings presented in Table 2. Some readers might be concerned that our Full Model B, male model, and female model do not have enough cases for the number of measures included and that Type II error is present.
In other words, would some of the non-significant results be significant if we had either more cases or fewer independent variables? There are no accepted rules for the number of cases needed per independent variable in logistic regression i.
Instead, the issue is whether the results are stable depending on the number of variables included in the models. We illustrate the stability of our models two different ways.
First, we provide a full correlation matrix see Table 1 that illustrates that many of the measures were not significantly correlated with malware victimization even at the zero-order level. Thus, even when only one independent variable is being examined, most of the measures are not significantly related.
Second, and most importantly, we conducted further analyses not reported in the text. Following past traditional routine activities research, we ran full and reduced models to examine the stability of the models. Similar to the work of Mustaine and Tewksbury ; , we included all of our measures into the regression model.
Specifically, we were examining whether measures that were not previously significant would be significant when fewer measures were in the models. In addition, we also ran models that only contained the measures that pertained to each construct i.
The findings did not substantively differ in any of the extra models. Thus, the findings presented in Table 2, and our conclusions based off these models, are not affected by the number of measures included in our models.
We had argued that Internet connectivity is a lifestyle measure because individuals with faster connections can access websites more effectively and efficiently. In addition, previous research has found that Internet connectivity is related to socioeconomic factors such as race, income, and whether individuals live in rural areas Pew Internet, Because we found that connectivity is related to malware victimization, this would suggest that connectivity could mediate the effects of socioeconomic factors on malware victimization.
This does not appear to be the case, however, with our data set. In addition, when all of the measures discussed above, with the exception of the connectivity measures, are included in a logistic regression model with malware victimization as the dependent variable, only employment status is significant [Exp B 1. When both connectivity measures are included in the model, the effects of employment status does not change substantively [Exp B 1. Thus, these zero-order correlations and regression models do not indicate that connectivity mediates any possible effects of demographics on malware victimization.
At the same time, our findings could be limited to that of a college sample. Of the students, only 28 4. Thus, a more representative sample of the U. Clearly, this is an important issue for future research to investigate. Bocij, P. Cyberstalking: Harassment in the Internet age and how to protect your family. Westport: Praeger. Choi, K. Computer crime victimization and integrated theory: An empirical assessment.
International Journal of Cyber Criminology, 2 1 , — Cohen, L. Social change and crime rate trends: A routine activity approach. American Sociological Review, 44 , Computer Security Institute Computer crime and security survey.
Coupe, T. Daylight and darkness targeting strategies and the risks of being seen at residential burglaries. Criminology, 44 , Cromwell, P. Breaking and entering: Burglars on burglary. Belmont, CA: Wadsworth. Felson, M. Crime and everyday life , Third Edition. Thousand Oaks, CA: Sage. Finn, J. A survey of online harassment at a university campus.
Journal of Interpersonal Violence , 19 , Furnell, S. Cybercrime: Vandalizing the information society. Boston, MA: Addison-Wesley. Gopal, R. A behavioral model of digital music piracy. Journal of Organizational Computing and Electronic Commerce, 14 , Grabosky, P. Virtual criminality: Old wine in new bottles? Social and Legal Studies, 10 , Telecommunication fraud in the digital age: The convergence of technologies. Wall Ed. Crime and the internet.
London: Routledge. Higgins, G. Deviant Behavior, 26 , Hinduja, S. Correlates of Internet software piracy.
Journal of Contemporary Criminal Justice, 17 , Cyberbullying: An exploratory analysis of factors related to offending and victimization. Deviant Behavior, 29 , Holt, T. Subcultural evolution? Examining the influence of on- and off-line experiences on deviant subcultures. Deviant Behavior, 28 , Examining the applicability of lifestyle-routine activities theory for cybercrime victimization.
Deviant Behavior , 30 , Holtfreter, K. Low self-control, routine activities, and fraud victimization. Criminology, 46 , Joseph, J. Cyberstalking: An international perspective. Jewkes Ed. Cullompton: Willan Press. Kapersky, E. The classification of computer viruses. Lynch, J. Routine activity and victimization at work. Journal of Quantitative Criminology, 3, Mell, P.
Guide to malware incident prevention and handling:. Recommendations of the National Institute of Standards and Technology. Miethe, T. Contextual effects in models of criminal victimization. Social Forces , 71, As a long-time developer, I can picture the team of malware developers pulling all-nighters to put out a critical patch to their software the same way I once did.
And in fact, it appears that as the malware market matures, we will get more and more separation of duties. Teams of developers are already beginning to sell their products to a black market of criminals, the actors who in turn deploy the attacks.
Within that marketplace, there will certainly be complete mirroring of legitimate business practices. The black markets, ironically, need to be built on the same kinds of trust models and mechanisms that legitimate markets must have in order to work. What a win, in my opinion; by operating in good faith, they got some of us to decide to cave. In fact, to many, the cost of preventative measures, like backing up and managing backups of your systems, is much more than the price the criminals are asking.
0コメント