Abstract
This paper outlines the results of a case study focusing upon hacking incidents in Germany. This work aims to identify behavioural aspects of hackers and their motives for the development of a Criminal Profile. Therefore cases of hacking incidents have been studied to find commonalities and differences for motives, as well as the Modus Operandi (MO). Cases that have been observed within this study are those in which the perpetrator had been identified in person. All cases have been provided by the Bundeskriminalamt (German Federal Criminal Police Office). A total of 12 cases are analysed, revealing a number of common traits in terms of hacker activity and the methods used. This study indicates that methods which have already been used years ago are still preferred methods today. In ten out of twelve cases the observed characteristics fit within in the stereotype of a Script Kiddie. Only two hackers differed regarding their motives compared to the Script Kiddie hackers, but a significant difference regarding their methods—the MO—could not be noticed. From the twelve cases under investigation a basic principle could be identified: the hackers take the path of the least effort. This reveals a clue for the fact that a different motive does not necessarily lead to different methods.
Similar content being viewed by others
References
Arnone, M.: White hat, gray hat, black hat: can teach government and industry valuable IT security lessons, Retrieved 25 March 2007, from http://www.fcw.com/article90994-10-03-05-Print&printLayout (2005)
Artelt, C., Baumert, J., Klieme, E., Neubrand, M., Prenzel, M., Schiefele, U., Schneider, W., Schümer, G., Stanat, P., Tillmann, K.-J., Weiß, M.: PISA 2000: Zusammenfassung zentraler Befunde, Retrieved 28 December 2006 (2001) from http://www.pisa.oecd.org/dataoecd/30/63/33684930.pdf
Buckingham A., Saunders P. (2004) The Survey Methods Workbook: from Design to Analysis. Polity Press, Cambridge
Bundeskriminalamt: Police Crime Statistics 2002: Federal Republic of Germany, Retrieved 27 December 2006 from http://www.bundeskriminalamt.de/pks/pks2002ev/pcs_2002.pdf
Bundesregierung: Lebenslagen in Deutschland: Der 2. Armutsbericht er Bundesregierung—Kurzfassung, Retrieved 5 January 2007 (2005) from http://www.bmas.bund.de/BMAS/Redaktion/Pdf/Publikationen/Armuts-und-Reichtumsbericht/armuts-und-reichtumsbericht-der-bundesregierung-2-kurz,property=pdf,bereich=bmas,sprache=de,rwb=true.pdf
Fendley, S.: As the Bot Turns, Retrieved 11 November 2006, from http://isc.sans.org/diary.php?storyid=1300&isc=c294fbd688efb0822d11c9a0c02d0583
Furnell, S.M.: The problem of categorising cybercrime and cybercriminals. In: Proceedings of the 2nd Australian Information Warfare and Security Conference, Perth, Western Australia, 29–30 November 2001
Holz, T.: A Short Visit to the Bot Zoo, Retrieved 11 November 2006 (2005) from http://pi1.informatik.uni-mannheim.de/publications/show/13
Icove, D., Seger, K., VonStorch, W.: Computer Crime: A Crimefighter’s Handbook. O’Reilly & Associates, Sebastopol (1995)
Lurhq: Phatbot Trojan Analysis, Retrieved 11 November 2006 (2004) from http://www.lurhq.com/phatbot.html
Meyr, J.: Wohnungseinbruch in München, Kriminalistik, no. 2, pp. 118–120. Kriminalistik Verlag, Heidelberg (2006)
Ollmann, G.: HTML Code Injection and Cross-site Scripting, Retrieved 3 December 2006 (2003) from http://www.technicalinfo.net/papers/CSS.html
Preuss, J., Furnell, S.M., Lea, S.J.: Research in Progress Paper, The Adoption of Criminal Profiling for Computer Crime. In: Gattiker, U.E. (ed.), EICAR 2004 Conference CD-rom: Best Paper Proceedings (ISBN: 87-987271-6-8), EICAR e.V., Copenhagen, 16 p (2004)
Schultz, A.: Neue Strafbarkeiten und Probleme—Der Entwurf des Strafrechtsänderungsgesetzes (StrafÄndG) zur Bekämpfung der Computerkriminalität vom 20.09.2006, Retrieved 17 November 2006, from http://www.medien-internet-und-recht.de/volltext.php?mir_dok_id=398
Schwartau W. (2000) Cybershock. Thunder’s Mouth Press, New York
Taylor P. (1999) Hackers: Crime in the Digital Sublime. Routledge, New York
Turkle S. (1995) Life on the Screen: Identity in the Age of the Internet. Touchstone, New York
Turvey B. (2003) Criminal profiling: an introduction to behavioral evidence analysis, 2nd edn. Academic, London
UNICEF.: A League Table of Educational Disadvantage in Rich Nations, Retrieved 28 December 2006 (2002) from http://www.unicef-icdc.org/publications/pdf/repcard4e.pdf
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Preuß, J., Furnell, S.M. & Papadaki, M. Considering the potential of criminal profiling to combat hacking. J Comput Virol 3, 135–141 (2007). https://doi.org/10.1007/s11416-007-0042-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11416-007-0042-4