CRIME

By The Global Initiative Against Transnational Organized Crime

   The illegal wildlife trade (henceforth IWT) is one of the world’s most lucrative criminal activitiesand much of the trade takes place online. The phenomenon has tremendously harmful effects on biodiversity and animal welfare, while it also exacerbates the risk of spreading zoonic diseases.2 Most online IWT occurs in the open online space – on e-commerce platforms, social media and messenger services such as WhatsApp – where sellers freely showcase wildlife or wildlife products to potential buyers. The ease with which illegal advertisements can be found online reflects the high level of impunity (and the low level of risk) enjoyed by those engaged in the trade.3 The online illegal wildlife trade is characterized by several key trends. First, traffickers exploit a diverse array of online platforms, spanning social media, marketplaces, messaging apps and encrypted channels to market and distribute illegal wildlife products. Second, online IWT is characterized by global reach, transcending geographical boundaries and regulatory jurisdictions, thereby making enforcement of wildlife protection laws a complex undertaking. Finally, the phenomenon has led to the fragmentation of traditional supply chains, with small-scale traders and individual sellers operating alongside larger criminal syndicates. Having a larger number of potential targets makes it difficult for law enforcement to efficiently prioritize and dismantle trafficking networks.5 Defining online illegal wildlife trade Recent publications have shed light on the alarming surge in IWT occurring on the internet.6 A significant hindrance in combating this crime is the dearth of data regarding the scale of the market, its dynamics, modus operandi and resultant consequences, especially on a global scale. To address this issue, ECO-SOLVE is developing a Global Monitoring System to monitor online IWT systematically and to gather global data to feed into law enforcement action and to inform policymaking. By identifying areas of high pressure on endangered species and ecosystems, surveillance activities can enable targeted interventions to prosecute traffickers and wider criminal networks

involved in this trade. Consistent monitoring may help to detect emerging trends and shifts in IWT, allowing for timely responses to new threats and challenges. This is the first in a series of Global Trend Reports, which will be published during the three year ECO-SOLVE project. Two or three of these reports will be published every year, to highlight important trends in online IWT and to contextualize these trends. Drawing on findings generated by the Global Monitoring System – a network of AI enabled ‘data hubs’ in key countries, which monitor online IWT – each Global Trend Report will showcase the latest trends in statistical data, specifically the number of adverts found, the numbers and types of species advertised and the number of platforms that host these adverts. Diving deeper into individual topics, these reports will offer regional breakdowns and include sections that contextualize and analyze findings, while also investigating changes in regulations and their effects on online IWT as well as trends in law enforcement. The reports will also discuss case studies of online IWT. This first report will set the stage for reports to come. It will review past trends in efforts to monitor the online IWT, trends in regulation and other government policies towards IWT, and the evolving role of civil society and law enforcement in responding to the phenomenon.   

Geneva, SWIT: The Global Initiative Against Transnational Organized Crime, 2024. 26p.

By  Council for Court Excellence and Office of the D.C. Auditor

While much attention is being paid to youth crime rates in D.C., little is known about the circumstances of justice-involved young people. This report finds that one characteristic many share is involvement in the child welfare system due to parental abuse and neglect. This report examines how effectively the District – and in particular the Child and Family Services Agency (CFSA) and the Department of Youth Rehabilitation Services (DYRS) -- serve young people who have had involvement in both child welfare and youth justice systems, that is, crossover youth. 

The fundamental finding of the audit is that the District lacks a unified approach to addressing the needs of these vulnerable young people. D.C. leaders are unable to accurately identify the number and traits of crossover youth in our community, to coordinate the services being offered or supervision being provided, to target specialized programming for these youth, or provide appropriate resources for their families and caregivers.

The new report includes the following key findings:  

• There is no single unified source of public data related to crossover youth in the District, making it difficult to understand the number and needs of this vulnerable population. 

• CFSA and DYRS undercount the number of crossover youth in their care because they only count dual-jacketed youth, rather than youth involved in both agencies at any point in their lives. CFSA and DYRS identified only 8 crossover youth in FY 2023, while CCE analysis of court records indicated 93 youth at the end of FY2022 were involved with the delinquency system and had current or past child welfare involvement. 

• Crossover youth are essentially invisible to CFSA and DYRS; neither clearly recognizes this population in their current operating documents, systems, policies, or practices, and their rights as justice-involved youth are not clearly identified in the Bill of Rights for Children in Foster Care. This impedes the agencies’ ability to address the special needs and manage cases of these young people, and can leave youth in New Beginnings and other facilities unaware of their rights.

• CFSA and DYRS do not sufficiently collaborate or communicate regarding crossover youth.   

Some of the report’s recommendations include:  

• D.C. Council should ensure the Office of the Ombudsperson for Children (OFC) has sufficient authority and funding to analyze and report on crossover youth annually. 

• CFSA and DYRS should reestablish the “Crossover Youth Steering Committee” to identify, manage and serve crossover youth in their care.

• CFSA and DYRS should identify and track crossover youth in their case management systems.

• CFSA and DRYS staff should be trained on the unique needs of crossover youth. Additionally, parents and foster parents should receive training and resources to help identify and meet the needs of youth who are, or are at risk of becoming, crossover youth. 

Washington, DC: Council for Court Excellence and Office of the D.C. Auditor, 2024. 125p.

By  United Nations Office on Drugs and Crime (UNODC).

  The United Nations Office on Drugs and Crime (UNODC) is proud to present this introductory analysis of darknet-enabled threats against Southeast Asian countries, which has been made possible through strong partnerships with global and regional law enforcement and justice authorities, together with private industry and academia. The report was produced thanks to kind voluntary funding from the Government of Japan. This report assesses the Darkweb from user, criminal and law enforcement perspectives with a particular focus on cybercriminality targeted at Southeast Asian countries. Darknets (i.e. networks on the Darkweb) provide the ideal environment for a wide range of criminal activities. Just as new threats appear on the Clearnet (i.e. the regular Internet), darknets can facilitate similar attacks that provide perpetrators with a greater degree of anonymity. This anonymity makes investigation and prevention more challenging, but still possible. There has been a consistent increase in darknet and Darkweb usage, both for legitimate and illegitimate reasons, whilst the COVID-19 pandemic also appears to have given rise to darknet cybercrime, including by criminals with no previous cyber experience. Despite this, there is an overall paucity of darknet criminality data specific to Southeast Asia. There is little prioritisation of darknet criminality in the region, either in policy or practice. This creates risk from the criminality itself, which is compounded by the limited political, policy and law enforcement response. There is an absolute need for a ministerial lead on cyber affairs, in each country, to ensure that law enforcers receive necessary political support to undertake the most challenging operations. Many criminal activities conducted over darknets are predictable and preventable. UNODC and its partners work hard to address these challenges by supporting and encouraging policy development, research, training and capacity building support in Southeast Asia. Awareness is fundamental for addressing cybercrime. Given, however, the challenges posed by darknets, stakeholders must increase their commitment and cooperation to developing policy, sharing intelligence and enhancing international cooperation to counter darknet crime nationally, regionally and internationally. This UNODC analysis will inform policymakers in Southeast Asia, including through the annual Senior Officials Meeting on Transnational Crime (SOMTC), as well as supporting law enforcement and judicial cooperation, and providing opportunities for darknet-focused crime prevention. 

  2020. 64p.

By Priyanka Goonetilleke, Alex Knorre, Artem Kuriksha

We present a comprehensive description of Hydra, the largest darknet marketplace in the world until its shutdown in April 2022. We document the main features of Hydra such as dead-drop delivery, feedback and reputation system, escrow, and dispute resolution. Using data scraped from the platform, we quantitatively examine the scale and the structure of the marketplace. We find that it has been highly competitive, geographically covering at least 69% of the Russian population and trading a wide variety of drugs, while also allowing the wholesale trade of drugs and precursors. The dead-drop delivery system used on Hydra was expensive, as the courier costs comprised a substantial proportion of the sale price of drugs on Hydra. We contribute to the research on drug cryptomarkets by studying an unprecedentedly large non-Western marketplace that existed substantially longer than any other known darknet market.

Policy Implications

The phenomenon of Hydra shows that shut-down policies applied to darknet marketplaces have a large effect and implicitly shape the whole drug market. Without these policies, a pervasive digitalization of the drug trade can occur. The major cost of allowing marketplaces to grow is the probable increase in the consumption of illegal drugs due to convenience for consumers and facilitated cooperation between suppliers. This cost must be weighed against the potential benefits, including a higher quality of drugs, a decrease in potential violence, and the incentives for a large marketplace to self-regulate. The case of Hydra also suggests the relevance of financial regulation to limit the growth of darknet marketplaces.

Criminology and Public Policy, Volume22, Issue4

Special Issue: Cybercrime and Cybersecurity

November 2023

Pages 735-777

By Adam Clark

Cybersecurity is the practice of protecting IT systems, devices, and the data they hold from unauthorised access and interference (known as cyber attacks). This briefing focuses on policy and legislative efforts to improve the UK’s cybersecurity. It does not discuss cyber in the context of military operations. Cybersecurity policy is a reserved matter, as are many related policy areas such as national security, product safety and consumer protection. In devolved matters, such as education, the devolved administrations have their own strategies for implementing the UK Government’s overarching cyber policy. Who carries out cyber attacks? The cyber threat to the UK comes from a range of actors, including state and state-sponsored groups, financially motivated criminal organisations, and ‘hacktivists’ with political aims. The boundaries between these groups can be unclear. For examples, cyber criminal groups can operate with the implicit backing of states, choose targets for political reasons, or sell their cyber attack services to others (known as ‘as-a-service’ business models). How are cyber attacks carried out? Cyber attacks typically involve malicious software (known as ‘malware’) being executed on the target’s system. Malware is an umbrella term for various types of software designed to damage, disable, and extract data from computer systems. Cyber attackers deliver malware to the target’s IT system by exploiting technical vulnerabilities and human error, then run the malware to achieve their aim (such as stealing or encrypting data). An estimated 95% of cyber attacks succeed because of human error. This includes ‘active’ errors such as opening malicious email attachments and ‘passive’ errors such as using weak passwords. 

Research Briefing.

London: House of Commons Library, 2024. 68p.

By Miranda Bruce, Jonathan Lusthaus, Ridhi Kashyap, Nigel Phair, Federico Varese

Cybercrime is a major challenge facing the world, with estimated costs ranging from the hundreds of millions to the trillions. Despite the threat it poses, cybercrime is somewhat an invisible phenomenon. In carrying out their virtual attacks, offenders often mask their physical locations by hiding behind online nicknames and technical protections. This means technical data are not well suited to establishing the true location of offenders and scholarly knowledge of cybercrime geography is limited. This paper proposes a solution: an expert survey. From March to October 2021 we invited leading experts in cybercrime intelligence/investigations from across the world to participate in an anonymized online survey on the geographical location of cybercrime offenders. The survey asked participants to consider five major categories of cybercrime, nominate the countries that they consider to be the most significant sources of each of these types of cybercrimes, and then rank each nominated country according to the impact, professionalism, and technical skill of its offenders. The outcome of the survey is the World Cybercrime Index, a global metric of cyber-criminality organised around five types of cybercrime. The results indicate that a relatively small number of countries house the greatest cybercriminal threats. These findings partially remove the veil of anonymity around cybercriminal offenders, may aid law enforcement and policymakers in fighting this threat, and contribute to the study of cybercrime as a local phenomenon.

PLOS ONE,  April 10, 2024

https://doi.org/10.1371/journal.pone.0297312

By The Australian National Audit Office

Australian Government entities are attractive, high-value targets for a range of malicious cybercriminals because they hold the personal and financial information of Australians. In 2022–23, approximately 31 per cent of cyber security incidents reported to the Australian Signals Directorate (ASD) were from non-corporate Commonwealth entities. Over 40 per cent of these cyber security incidents were coordinated, low-level malicious cyberattacks directed specifically at the Australian government, government shared services, or regulated critical infrastructure. Ransomware was the most destructive cybercrime threat in 2022–23, and continues to pose considerable risk to Australian government entities, businesses and individuals.

Previous audits conducted by the ANAO identified low levels of cyber resilience in entities. Low levels of cyber resilience continue to make entities susceptible to cyberattack and reduce business continuity and recovery prospects following a cyber security incident. An entity’s preparedness to respond to and recover from a cyberattack is a key part of cyber resilience. This audit was conducted to provide assurance to Parliament about the effectiveness of the selected entities’ implementation of arrangements for managing cyber security incidents.

In preparing audit reports to the Parliament on cyber security in Australian Government entities, the interests of accountability and transparency must be balanced with the need to manage cyber security risks. The ASD has advised the ANAO that adversaries use publicly available information about cyber vulnerabilities to more effectively target their malicious activities.

The extent to which this report details the cyber security vulnerabilities of individual entities was a matter of careful consideration during the course of this audit. To assist in appropriately balancing the interests of accountability and potential risk exposure through transparent audit reporting, the ANAO engaged with ASD to better understand the evolving nature and extent of risk exposure that may arise through the disclosure of technical information in the audit report. This report therefore focusses on matters material to the audit findings against the objective and criteria and contains less detailed technical information than previous audits.

Key findings:

• The implementation of arrangements by AUSTRAC and Services Australia to manage cyber security incidents has been partly effective. Neither entity is well placed to ensure business continuity or disaster recovery in the event of a significant or reportable cyber security incident.

• AUSTRAC has partly effective cyber security incident management procedures for investigating, monitoring and responding to cyber security incidents. It has established management structures and a framework of procedures to support these processes. It has not detailed the responsibilities for its Chief Information Security Officer (CISO), its approach to continuous monitoring and improvement reporting, or defined timeframes for reporting to stakeholders.

• Services Australia is partly effective in its design of cyber security incident management procedures. It has established a framework of procedures and an incident response plan. It has not documented an approach to threat and vulnerability assessments. Services Australia does

•  not have a policy covering the management of cyber security incidents.

  Auditor-General Report No. 38 2023–24

Canberra: Australian National Audit Office, 2024. 103p.

By  DeFacto Consultancy

 This analysis reveals that the media predominantly reported on cases of physical (76.9%) and sexual (68.3%) violence. On the other hand, cases of structural/systemic violence were reported in 10.9% of the analysed media reports, while cases of economic violence in 10.3% of cases. The media have the least frequently covered online or digital violence (9.8%) and selective abortion cases (7%). z In more than half of the analysed cases (58.1%) the media reported cases of gender-based violence (GBV) as a private matter. Furthermore, media have the most commonly reported physical (63.8%) and sexual (61.8%) violence as private matters, and reports on these two types of violence were least often categorized as educational in nature. In slightly more than half of the cases (50.7%), the media reported domestic violence as a private matter.

z The principle of presumption of innocence of the perpetrator was observed in 99.4% of the analysed cases. z The media have rarely use stereotypes to describe victims of GBV and infrequently provide justification for the perpetrators. z Sensationalistic elements are present in reporting on GBV, with 10.8% of the cases in headlines and 3.9% of the cases within the actual media reports. In slightly over one-fifth of the cases (21%), analysed media reports featured some form of sensationalistic audio-visual material. z The analysis shows that when reporting on GBV, the media used the statement of the victim in 14.4% and the statement of the (potential) perpetrator in 7.4% of the cases. These media reports did not record whether the statements were used with or without the consent of those quoted. z Media reporting on GBV was educational in nature in only 15.2% of cases. Additionally, statistical data were used in only 14.7% of the analysed media reports, and expert opinions were featured in only 20.9% of them. z Media reporting on GBV lacked more comprehensive contextualization of the issue; journalists rarely use comparative examples, statistical data, or legislative analysis. Effects of media reporting z Unprofessional media reporting on gender-based violence contributes to the reinforcement of societal stereotypes. z Traditional respondents (30%) tend to form negative views regarding the attribution of blame to women, the victims of violence when exposed to unprofessional media reporting. 

z 22% of citizens believe that a man is always to blame for violence committed by a man against a woman/partner. Additionally, 30.1% believe that a man is mostly to blame but that some blame falls on the woman. Furthermore, 3.4% believe that a woman is mostly to blame and that she provoked the incident. The largest group, comprising 44.5% of respondents, states that it is difficult to ascertain blame until both sides are heard. z Among respondents with authoritarian tendencies, one-third (34%) endorse sanctions if a partner does not fulfil household or marital obligations. When these respondents are exposed to unprofessional media reporting on GBV, every second person (51%) believes that sanctions should exist. z One in four respondents, i.e. 27.4 % of citizens, believe that women and girls falsely claim to be victims of violence just to attract attention to themselves. z Among respondents who say there is more violence against women today than before, there are significantly more of those who have read a professionally written article (56.3%) on GBV as part of an experimental treatment, while 25.4% have been exposed to an unprofessionally written article. 

Vienna: OSCE, 2023. 68p.

By Clara Martiny, Cécile Simmons, Francesca Visser, Rhea Bhatnagar, Isabel Jones, Allison Castillo Small

In 2022, the United States witnessed both dramatic breakthroughs and calamitous setbacks on women’s rights, from Ketanji Brown becoming the first Black woman to sit on Supreme Court of the United States to the overturning of Roe v. Wade, a legal precedent that protected a woman’s right to bodily autonomy for over 50 years. These events, among many others, had an undeniable impact on the US information environment, with 2022 seeing the rapid growth in popularity of misogynistic and male supremacist influencers who openly advocate for violence against women and campaigns of hate and disinformation targeted against women celebrities speaking out against the abuse they have faced.

This report looks back at 2022 to examine online conversations around nine different real-world events impacting women in the US and explores the potential correlation between these offline events and the targeting of women with misogynistic and abusive content on social media. This study also attempts to identify how misogyny, abusive content, and gendered disinformation may be amplified and deployed in the lead-up to the 2024 US presidential election.

Berlin: IDS - Institute for Security Dialogue, 2023. 31p.