The Profile of a Cyber CriminalAdded 24th Aug 2011
- Recent research points out that criminal profiling has a success rate of 77 percent in assisting traditional investigations.
Which of the following is most likely to get stopped and interrogated at the JFK International Airport?
a) An eccentric scientist carrying exotic species of insects?
b) Charlie Sheen?
c) A brown-skinned man wearing a robe?
If you’re thinking C then you’re probably aware that criminal profiling is a practice that law enforcement agencies around the world use. In fact, it’s being used so much that it’s given profiling a bad name. But the basic premise is sturdy: Bad guys are predictable because they are creatures of habit.
And that’s why criminal profiling is beginning to spread to the cyber world.
For years now, forensic psychologists and behavioral sciences have been working in collaboration with law enforcement agencies to integrate psychological science into criminal profiling.
The most popular method of criminal profiling, offender profiling, aims to identify criminals based on an analysis of their behavior while they engage in the crime. The underlying rational is simple: If behavior is common across crimes, it is probably the same criminal because behavior is related to the psycho-socio characteristics of an offender.
Behavior is revealed by the choices offenders make while committing a crime. This could include their modus operandi, the location of the crime, and the weapon of choice among others. This information is then combined with other pieces of physical evidence, and compared with the characteristics of known personality types and mental abnormalities to develop a practical working description of an offender. This study of the psyche of a criminal is considered ‘the third wave’ of investigative science.
Criminal profiling began being used as a tool for investigation as far back as the beginning of the 20th century. The role of profiling first garnered interest following the infamous Jack, the Ripper killings in England. “Traditional policing systems like the Kotwali system, too, had a system of recording behavioral traits of criminals to arrive at some sort of a profile of a criminal,” says S. Murugan, deputy inspector general of police, Cyber Cell, Bangalore.
But it’s only recently that the science has really caught the fancy of the public. TV shows including CSI, the Mentalist, and Castle have all gotten on the study-the-mind-of-a-killer bandwagon.
In reality though, much more ground needs to be covered. “The criminal profile practice in India is largely done by the police with the help of forensic experts. But there is not a great degree of psychoanalysis of offenders,” admits Murugan.
“The current practice of criminal profiling is based on crime scene characteristics and demographic details; it does not include much of behavioral tendencies and personality traits,” continues Dr. S.L. Vaya, director, Institute of Behavioral Science at the Gujarat Forensics Science University, which claims to be the first of its kind in India.
Part of the problem is the controversy surrounding the effectiveness of criminal profiling, along with lack of empirical evidence supporting its effectiveness. But recent research points that criminal profiling is estimated to have a success rate of 77 percent in assisting traditional investigations.
The world of cyber crime significantly reshuffles the rules of criminal investigation. Unlike traditional crime scenes, evidence often exists only in the cyber-world; in a computer, a network, or the Internet. The weapon of choice—also a computer, a network, or the Internet—is volatile and easily contaminated or destroyed. And that’s why CIOs and CISOs need to build robust ecosystems that can create accurate and reliable logs and audit trails.
But even that has its limitations. While log and audit trails could lead security analysts to a perpetrator, most often the trail ends at a computer, a server or a network —not the face behind it. As a result only five percent of cyber criminals are caught and prosecuted.
It is this faceless dimension of cyber crime that compounds its challenge. And that’s why the use of profiling will almost certainly grow over time.
“I think the concept of profiling is an excellent step. However, since most of cyber crimes are faceless attacks, what would be great is if we could extend the concept of profiling to websites or URLs that are most likely to send malicious content or associated with criminal activity,” says Manish Dave, CISO, Essar Group.
If cyber criminals rely on the pseudo-anonymous nature of the Internet and technology to camouflage their true identities, it is up to security leaders to use another method to locate them. Fortunately, a cyber criminal’s facelessness doesn’t extend to other telling signs of crime: Motivation, MO, and signature behaviors. And criminal profiling relies heavily on such clues.
“Criminal profiling can also be especially useful during the process of recruiting. As the trend of planting snitches in companies increases, it would be a great tool to keep in mind while conducting background checks of employees,” says Parag Deodhar, chief risk officer, and VP process excellence and program management, Bharti AXA General Insurance.
Thanks to mobile and Internet, job hunting can now be done on the go. V Suresh of Naukri.com speaks about the how the transformation came about.
“IoT is not what CIOs see upfront in IT infrastructure but it is what they see round the corner. IoT is a journey than a mere product push,” says Neil Carey, Sales Director, EMEA and India, MultiTech.
The e-commerce boom has resulted in logistics companies having to revamp their entire operating procedures in a bid to stay relevant.
Stop thinking about technology so much and think more about customers and your organization’s ability to innovate, says Dane Anderson, VP and Research Director, Asia Pacific, Forrester Research.
By looking behind the language your customers use, Stylometry can tell a lot about them. Imagine that power in the hands of your business.
Every business is now a software business, and organizations need to buck up if they do not want to be left behind in this application economy.
The Group CIO of the company shares his top expectations from the Union Budget this year and explains why he thinks they are crucial for the IT industry.
While Dell always provides its clients with the necessary solutions, at the end of the day, it is the client’s prerogative if he wants to utilize them, says Enrico Bracalente, Dell.
With the business environment going through a continuous churn, the COO has to be on his toes all the time to ensure that benefits initiated from various processes reach the customers.
At the CIO Executive Boards held in Mumbai and Gurgaon, CIOs discussed the growing adoption of cloud and mobility.
At the CIO Executive Board this year, mobility took center stage.
At the CIO Executive Board this year in Gurgaon, cloud computing took center stage.
At the CIO Executive Board event held in Mumbai, CIOs discussed the different forms of cloud adoption in enterprises.
The retail chain may not be the first one to use this approach, but it is clearly among the first ones to use it astutely—topping it up with market research—to build futuristic technology solutions.
Elango R., Global CHRO and EVP, Emerging Geographies Business Unit at Mphasis, says that a lot of career conversations should be about developing capabilities around new technologies.