Impulse online shopping, downloading music, and compulsive email use are all signs of a certain personality trait that make someone a target for malware attacks. Newly published research examines the behaviors—both obvious and subtle—that lead someone to fall victim to cybercrime involving Trojans, viruses, and malware.
"People who show signs of low self-control are the ones we found more susceptible to malware attacks," says Thomas Holt, professor of criminal justice and lead author of "Testing an Integrated Self-Control and Routine Activities Framework to Examine Malware Infection Victimization," published in Social Science Computer Review. "An individual's characteristics are critical in studying how cybercrime perseveres, particularly the person's impulsiveness and the activities that they engage in while online that have the greatest impact on their risk."
Low self-control comes in many forms, Holt says. The person may show signs of short-sightedness, negligence, physical versus verbal behavior, and an inability to delay gratification.
"Self-control is an idea that's been looked at heavily in criminology in terms of its connection to committing crimes," Holt says. "But we find a correlation between low self-control and victimization; people with this trait put themselves in situations where they are near others who are motivated to break the law."
The research assessed the self-control of nearly 6,000 survey participants, as well as their computers' behavior that could indicate malware and infection. To measure victimization, Holt and his team asked participants a series of questions about how they might react in certain situations. For computer behavior, they asked about their computer having slower processing, crashing, unexpected pop-ups, and the homepage changing on their web browser.
"The Internet has omnipresent risks," Holt says. "In an online space, there is constant opportunity for people with low self-control to get what they want, whether that is pirated movies or deals on consumer goods."
Holt says hackers and cybercriminals know that people with low self-control will be scouring the Internet for what they want—or think they want—which is how hackers know what sites, files, or methods to attack.
Understanding the psychological side of self-control and the types of people whose computers become infected with malware—and who likely spread it to others—is critical in fighting cybercrime, Holt says. What people do online matters, and the behavioral factors at play are entirely related to risks.
Computer scientists, Holt says, approach malware prevention and education from a technical standpoint; they look for new software solutions to block infections or messaging about the infections themselves. This is important, but it is also essential to address the psychological side of messaging to those with low self-control and impulsive behaviors.
"There are human aspects of cybercrime that we don't touch because we focus on the technical side to fix it," he says. "But if we can understand the human side, we might find solutions that are more effective for policy and intervention."
Additional authors of the Social Science Computer Review article are Johan van Wilsem of the Dutch Ministry of Security and Justice, the Netherlands, and Steve van de Weijer and Rutger Leukfeldt of the Netherlands Institute for the Study of Crime and Law Enforcement.
Looking ahead, Holt hopes to help break the silos between computer and social sciences to think holistically about fighting cybercrime.
"If we can identify risk factors, we can work in tandem with technical fields to develop strategies that then reduce the risk factors for infection," Holt says. "It's a pernicious issue we're facing, so if we can attack from both fronts, we can pinpoint the risk factors and technical strategies to find solutions that improve protection for everyone."
No entries found