This research develops an empirical typology of cybercrime based on an assessment of all cases prosecuted by the federal government in 2019 calendar year. There have been several previous efforts to develop a typology of cybercrimes, but this research examines serious cases resulting in federal prosecutions for which a burden of proof has been established and detailed information is available. The result is a typology that includes three major elements: a description of the conduct, how it was carried out, and the objective of the illegal act. A keyword search identified every federal prosecution involving cybercrimes over 12 months in all regions of the US. The resulting typology shows two general types of cybercrime occurring, along with several subtypes in each category: computers either as targets (for purposes of fraud, damage, or subverting infrastructure), or computing devices used as an instrument (to buy or sell illicit goods or services, phish for fraud victims, or transmit threats). This work begins to form an empirical basis for directing enforcement and prevention priorities more systematically.
cybercrime, typology, offender targets, objectives, methods, organized crime
There have been several efforts to develop a typology of cybercrimes, but many use self-reports and include a large number of minor thefts and frauds. This research examines major cases that resulted in federal prosecutions for which a burden of proof has been established and detailed information is available. This research secured identification of every federal prosecution involving cybercrimes over a 12-month period in 2019 in all regions of the US through a keyword search of Department of Justice case announcements. A typology of cybercrime offenses begins to form an empirical basis for targeting enforcement and prevention priorities more systematically.
Cybercrime is a generic term that encompasses a wide range of illegal behaviors involving computers, phones, and other electronic devices, the Internet, and a variety of substantive offenses such as theft, fraud, stalking, counterfeiting, and extortion, among others (Cross, 2015; Higgins & Marcum, 2011; Wall, 2004). It is sometimes difficult to determine the precise role of the “cyber” in crime. Is it simply the targeting of computers to commit a crime, a necessary element to committing a particular offense, or is it central to the purpose of the crime? Actual cases can be used to illustrate that cybercrimes can be carried out for each of these illicit uses.
There are many definitions of cybercrime in the literature, and the list is expanding. For example, some definitions define cybercrime by the offense intended: cyber-trespass, cybervandalism, cybertheft, interpersonal cybercrime, public order cybercrime, organized cybercrime, and political cybercrime (Maras, 2017:4). Others define it by the role that computers play in the commission of the crime, as a tool, mechanism, or instrument (Taylor et al., 2019; Black & Fennelly, 2021). Definitions need to be precise because overbroad definitions can lead to “moral panic” among the public that cybercrime is everywhere and no one is safe (Lavorgna, 2019; Lim, 2013; Marion & Hill, 2018). Panic can lead to irrational public policy responses based on single unrepresentative incidents, or on very recent events, rather than an objective assessment of true patterns or trends.
A concise definition of cybercrime is simply: offenses enabled by technology (Furnell, 2002; Holt, 2018; Viano, 2017). It is true that nearly every offense, including “traditional” offenses, can be aided by cyber elements (e.g., a burglary assisted by technology that indicates when an occupant is away, or a target of larceny pre-selected through the illicit purchase of stolen financial information). At the same time, it is useful to obtain an indication of which types of cybercrimes are most common in order to gauge our attention toward prevention and intervention accordingly. It is the purpose of this article to specify an empirical typology of cybercrime based on a large sample of cybercrime cases for which a burden of proof has been reached. This effort is designed to guide the contemporary discussion and response to cybercrime toward the specific manifestations seen most often in practice.
There has been much discussion and debate about the true nature and status of cybercrime. Evidence is mixed over whether cybercrimes are shifting more toward economic crimes, such as malware or ransomware, or remains focused primarily on simpler frauds of various kinds (Brenner, 2010; Rajput, 2020; Sarre, Yiu-Chung, & Chang, 2018). There are many known cases of transnational cybercrimes committed by criminal groups or networks, but it is not established whether these are typical or aberrant behavior in the world of cybercrime. Similarly, the types of cybercrime offenders also appear to vary widely, so it is difficult to distinguish particular incidents and offenders from actual trends over large numbers of cases (Booz-Allen-Hamilton, 2020; McCusker, 2013; Muggah, 2020).
There have been multiple efforts to take stock of what the research literature reveals about cybercrime. This work has been useful, but not systematic, in assessing the broad scope of the field. Holt and Bossler (2014) carried out an assessment of studies using a previous typology (Wall, 2001) that grouped all cybercrime into four types: (1) cyber-trespass; (2) cyber-deception-theft; (3) cyber-porn and obscenity; and (4) cyberviolence. They concluded that “researchers need to assess under-examined forms of cybercrime offending and victimization” (2014:33). A subsequent meta-analysis of 106 studies relied on the same four-part typology (Barnor & Patterson, 2020).
Another meta-analysis was conducted of the characteristics of online sex offenders, which concluded that research of this particular crime type “is too new to conclude whether online offenders are truly distinct from offline offenders” (Babchishin, Hanson & Hermann, 2011:110). A review of 70 studies of cybercrime and cyber threats found a general increase in incidents with “most of these attacks motivated by criminal, financial intent.” In addition, most attacks came from outside the organization targeted (Gehem, Usanov, Frinking, & Rademnaker, 2015:10). It can be seen from the growing number of meta-analyses that there is a large, and growing, body of research in the area of cybercrime with most of it focused on specific manifestations and crime types. This article aims to add to this literature in organizing an approach to cybercrime by developing an empirical typology based on prosecuted cases for which a burden of proof has been established.
Typologies have proven useful in related areas, such as organized crime, in order to focus research and practice objectively on the issues of greatest concern. Otherwise, public policy and resources follow sensational cases in the headlines, rather than a more representative assessment of the true nature of the problem. Clinard And Quinney’s early work (1973) on criminal typologies noted they should focus on more than a single dimension of crime. An initial effort to establish a typology of organized crime focused on three elements: a description of the conduct, how it was executed, and the objective of the illegal act. The description of organized crime was simply, “a crime committed by two or more offenders who are or intend to remain associated for the purpose of committing crimes” (Maltz, 1976: 342). This typology, based on a review of the available literature, found organized crime to be conducted for either economic or political objectives. The objectives were either illicit profit, or attempts to influence police, judges, prosecutors, or politicians to protect ongoing illicit operations. How these crimes were conducted were descriptive, using terms such as corruption, violence, theft, deception, or coercion. Maltz conceded that his typology was “not exact,” but “it permits one to distinguish among the many disparate activities now lumped together and to eliminate the vagueness and contradictions surrounding the use of the term organized crime” (1976, p.344).
Other typologies have focused on the types of organizations that underlie organized crime from local ethnic groups to hierarchical structures to organized crime as illicit business enterprises (Albanese, 2015; Albini, 1971; Calavita & Pontell, 1993; Smith, 1978). Others focused primarily on the motivations of those involved (Dickson-Gilmore & Whitehead, 2002) or the roles performed by members of the organized crime group (Leukfeldt, Kleemans & Stol, 2017). The typology developed here will focus on the three central elements identified by Maltz (1976): description of the conduct, how it was executed, and the objective of the illegal act.
The current study is comprised of an examination of all case announcements of federal criminal cases involving cybercrime that occurred in 2019. These announcements are archived on the website of the U.S. Department of Justice (www.justice.gov). The year 2020 was not considered, given the COVID crisis, which exploded early that year and temporarily closed many courts (see Transactional Records Access Clearinghouse, 2020). The cases selected for this analysis were included because they met a burden of proof (probable cause for arrest or indictment, and proof beyond reasonable doubt for conviction). As a result, all the cases in this sample reveal convictions or formally charged criminal conduct involving cybercrimes, avoiding opinion or speculation about whether the offense was actually criminal in nature.
Federal criminal cases were selected for study because most cybercrime cases in the US are prosecuted federally due to multi-state crimes, investigative resources, and cybercrime laws. This situation occurs because cybercrimes (offenders and victims) usually cross state lines (Brenner, 2006; Brunner, 2019). The cases also require investigative expertise more commonly available at the federal level, and state-level cybercrime laws are uneven and not comprehensive (Bossler, 2020; Brenner, 2008; 2011). As it has been noted, “the capacity of local and state agencies to investigate computer hacking, fraud, and related economic-driven forms of cybercrime is much less than that of federal agencies” (Holt, 2018: 151).
U.S. Attorney’s Offices, under the supervision of the Department of Justice (DOJ), are inclusive in the cybercrime cases they consider for prosecution. Under the oversight of the DOJ’s Computer Crime and Intellectual Property Section, prosecution decisions are made based on announced priorities, which are published publicly. The case must “serve a substantial federal interest,” as indicated by such factors as the nature and extent of harm, impact on public security or infrastructure, impact on third parties, violations involving misuse of authority or trust, or whether or not another jurisdiction will pursue the case (U.S. Department of Justice, 2016). As a result, the cases selected for federal prosecution are the most serious, and unlikely to be prosecuted by state-level agencies.
Using the government’s own classification system to determine whether a case is related to cybercrime, this project reviewed and coded every case announcement issued by one of the 94 U.S. Attorney’s Offices that contained anywhere the term “cyber,” “computer,” or “cybercrime.” To create the sample every document released by the DOJ that contained these terms was reviewed. Only documents that reported on specific criminal cases were included in this analysis (excluding other announcements of various community or government initiatives or public statements, which did not involve actual prosecutions). The sample of cases that resulted includes only cases involving cybercrimes that involved extradition, an arrest, indictment, conviction, or sentence during a single calendar year (2019).
U.S. Attorney’s Offices issue public announcements when a cybercrime case results in legal action, such as an arrest, indictment, conviction, or sentence. Interviews with former career Department of Justice (DOJ) prosecutors confirm that cases involving public corruption, organized crime, and other sophisticated forms of crime are disseminated broadly due to widespread public concern and the significant investment of government agency investigative resources (Albanese & Artello, 2019). In addition, the U.S. Department of Justice has a specialized unit to address cybercrime, and there is currently significant public interest in cybercrime (Legg, 2021; Pipikaite, Barrachin, & Crawford, 2021). Therefore, public announcements describing new criminal cases offer the DOJ an opportunity to publicize and disseminate its work against cybercrime threats.
Alternate methods to gather cybercrime cases are not comprehensive. U.S. government does not make accessible Department of Justice charging documents, indictments, guilty pleas, or sentencing memos in a systematic fashion. Details from cases involving cybercrimes cannot be separated from other non-cyber cases with efficiency using government records, because the crimes involve an array of different types of substantive offenses from theft to fraud to extortion. Similarly, news media reports are not comprehensive in their coverage of arrests, indictments, convictions, and sentences, so it is an incomplete data source. The public announcements from U.S. Attorney’s Offices provide a comprehensive alternative because they include all federal cybercrime cases prosecuted, and also include the names of principals in those cases. This source enables connecting multiple defendants involved in a single criminal scheme, who are arrested, extradited, prosecuted, convicted, or sentenced at different times, thereby avoiding double-counting of cases.
There are 94 U.S. Attorney’s Offices in the United States, distributed geographically across the country. Each office’s output was reviewed for this study, resulting in 305 total reports involving unique cybercrime cases. This search for unique cybercrime cases over a single calendar year was not straightforward. Given that an arrest, indictment, conviction, or sentence can result in separate announcements for an individual case at different stages of the criminal process, it was important to link cases involving the same scheme or defendants. In addition, cybercrime cases can involve multiple defendants prosecuted separately. Therefore, this study involved the careful review of a large number of cases, descriptions, and locations of criminal operations, and linking individual defendants into distinct criminal schemes. In some cases, multiple defendants are arrested, indicted, or convicted at different times, but only after a review of documents was it found that they were part of a single criminal scheme. In these cases, documents that referred to the same case were linked together as one, because they simply reported on the same case at different stages of criminal procedure. Given the large number of cases discovered, only those that occurred in calendar year 2019 were analyzed for this study. The research design is cross-sectional, although it includes every cybercrime case reported over 12 months.
Cybercrime cases were brought in nearly every U.S. region in 2019, but the cases are not evenly distributed geographically. Some regions had very few cases, while others experienced large numbers. Table 1 reveals that only 10 of the 94 federal judicial districts accounted for nearly half of all cases brought (47 percent). In addition, the cases are not concentrated in large urban areas, as one might assume. Jurisdictions such as Western Missouri, Nebraska, and Eastern Kentucky were in the top 10 most active regions in generating cybercrime cases. Therefore, factors other than urban environments play an important role in cybercrime activity.
Table 1. Cybercrime Cases by Federal District
N of cases
California-Central (Los Angeles)
New York-South (Manhattan)
Missouri-Western (Kansas City)
New Jersey (Newark)
Connecticut (entire state)
Nebraska (entire state)
New York-Western (Buffalo)
Top 10 districts combined = 47%
Remaining US (other 84 districts) = 53%
The cases discovered were at different stages of adjudication during 2019. Of the total 305 unique cybercrime cases found during the calendar year, the vast majority (more than 90%) were either indictments (formal charges), convictions, or sentences imposed (see Figure 1 for a summary). Other cases were at the arrest stage or were extraditions from other countries. Cybercrime cases are often sophisticated, requiring extended evidence gathering, and sometimes involving multiple defendants and victims, so it is common for a case to take several years from arrest through sentencing. The cross-sectional sample employed here captures these cases at a single point in time, regardless of adjudication status. Other work on case trends over 30 years found that the federal government prosecutes two-thirds of investigative referrals in organized cases, and most of these adjudicated cases result in convictions (Artello & Albanese, 2019a). Once a case is initiated in a case involving complex forms of criminal conduct, therefore, it is likely to result in a successful prosecution.
Figure 1. Cybercrime Cases by Adjudication Status
Source: Case status in calendar year 2019. A cross-sectional design captures cases at different stages of the adjudication process, because it is uncommon for serious and often complex cases to begin and end in a single calendar year.
Given increasing global attention to transnational cybercrime, an effort was made to determine the extent to which these cases, prosecuted in the US, had documented connections to other regions of the world. The connections usually involved criminal actors in one country targeting potential victims in another.
Table 2. Transnational Connections in Cybercrime Cases
Table 2 indicates that 80 percent of all cases (N=244) prosecuted involved U.S. citizens as defendants. Eighteen percent of cases involved defendants from other countries. It cannot be determined from these data whether additional non-U.S. suspects were referred to other countries for prosecution. International suspects and defendants may be excluded from prosecution because there does not exist an extradition agreement with the country where the defendant resides. Extradition may also not occur when the underlying crime is not part of existing agreements (e.g., cyberstalking or online child solicitation), or there is a reluctance to extradite defendants who have never been physically present in the accusing country (Al Haitt, 2014; Kennedy & Warren, 2020; Mann, Warren & Kennedy, 2018).
An important part of this project was to identify the nature of the cybercrimes prosecuted, as a reflection of both their incidence and level of public and government concern. Table 3 summarizes the nature of the charges that resulted in prosecution (the top three criminal charges are included when more than a single charge was involved). These charges are grouped into eight substantive categories of illegal behavior. Fraud was, by far, the most common charge (45%), followed by sexual exploitation, which included pornography, solicitation of children, and related commercial sexual offenses (32%). Together, these two offense categories appear in 77 percent of all cases prosecuted.
Table 3. Charges Brought in Cybercrime Cases
Percent of cases included
Total is more than 100% due to cases involving more than one charge
This summary listing of offenses in Table 3 does not indicate the ways in which cyber capacities were used in carrying out the offense. Whether computers, phones, or the Internet were used as a tool used to commit a crime, or were central to the purpose of the crime, required a review of the facts of each case to determine how the cyber element of the criminal activity manifested itself.
A second-level review of cases examined the context in which the offenses occurred. It revealed that in all of the cases computers and other computing devices, including smartphones, (usually using the Internet) were employed either as the target of the offense or as the instrument of the offense. When used as a target, the computer was employed for one of three purposes: hacking for information to defraud, hacking to cause damage, malware, or ransomware attacks, or hacking to subvert government or infrastructure. When used as an instrument, the computer was employed for three different purposes: buying or selling illicit goods or services, phishing for fraud victims, or transmitting threats or extortion. All 305 cases in this sample corresponded to one of these categories. This typology is summarized in Table 4.
Table 4. An Empirical Typology of Cybercrime
1. Computer as Target
a. Hack for information to use to defraud.
b. Hack for damage/malware/ransom
c. Hack to subvert government or infrastructure
2. Computer as Instrument
a. Buy/sell illicit goods or services
b. Phishing for fraud victims
c. Transmit threats/extortion
Table 4 indicates that the use of a computer as an instrument to commit crimes is the most common form of cybercrime, as measured by actual prosecutions. Buying or selling illicit goods or services, phishing for fraud victims, and transmitting threats are the three most common types of cybercrime schemes. Together, they constitute more than three-fourths (76%) of all cybercrime prosecutions. On the other hand, computers are the target of cybercrimes to carry out schemes that are often more serious in terms of potential harm. Hacking for information to defraud, hacking to cause damage, malware, or ransomware attacks, and hacking to subvert government or infrastructure can result in harm to many more potential victims over extended periods, although they occur less frequently (24% of cases).
This typology, summarized in Figure 2, is important because it is empirically derived from serious cases in which a burden of proof has been established, and it includes an entire year of federal prosecutions (N=305), which includes transnational cybercrimes. It reveals that fraud and sexual exploitation are the two most common motivations for cybercrime, although money laundering, extortion, illicit computer access or damage, and stalking comprise a significant number of cases. All of these cyber schemes were carried out in terms of one of two general types of patterns: using a computer as either a target or an instrument to carry out a crime.
Figure 2. Diagram of a Typology of Cybercrime
The empirical typology shows two general types of cybercrime with several subtypes in each category. Computers are either the target (for purposes of fraud, damage, or subverting infrastructure), or they are an instrument (to buy or sell illicit goods or services, phish for fraud victims, or transmit threats). The typology follows the structure of organized crime typologies set forth by Maltz (1976) in offering three elements: a description of the conduct, how it was carried out, and the objective of the illegal act.
This study reviews one calendar year of cybercrime prosecutions occurring in the United States. There are two primary limitations of this work: a cross-sectional design and an official data source. This project examined all cases (N=305) prosecuted and reported by the U.S. Department of Justice during calendar year 2019 in the US. The keyword search used could conceivably miss a few cases. It also would be necessary to review cases over multiple years in order to examine trends and patterns over time. This task requires greater resources than are currently available. Of course, a multi-year perspective has its own limitations. It would have to account for other factors occurring simultaneously over time, such as changing prosecution priorities over time, world events (e.g., COVID-19, economic recessions, regional conflicts), and related factors that might impact cybercrime prosecution trends. These simultaneous factors and events are fluid in that their role and influence in the causal chain of events are difficult to assess. Prior work has found prosecution trends in organized schemes (such as organized crime cases) show no significant increases in prosecution referrals over time (Artello & Albanese, 2019). However, this pattern must be demonstrated for cybercrimes as well.
A second limitation is the use of official data. Government prosecutions against cybercrime reflect its priorities; it does not necessarily reflect changes in the nature of cybercrime itself. There have been multiple studies of cybercrime that rely on surveys of individuals and businesses, but it cannot always be established whether or not these cases constituted proof of crimes, or distinguished successfully among different types of cyber victimization. These surveys show a significant rate of victimization, but samples are usually less systematic or representative than the present study (Buil-Gil, Miro-Linares, Moneva, Kemp & Diaz-Castano, 2021; Internet Crime Complaint Center, 2020; Rantala, 2004; Reep-van den Bergh & Junger, 2018; Riek & Böhme, 2018).
Nevertheless, this study reflects the universe of cybercrime cases prosecuted in the US over a full calendar year, including transnational cases. This sample of more than 300 cases reflects significant government investigative and prosecution efforts against cybercrime. It provides many insights into the nature of cybercrime activity discovered during this period.
Discussion & Conclusions
Cybercrime is a generic term that now lies at the center of public attention, after years of concern without corresponding action (Bossler, 2020: Executive Order, 2021; Johnson, 2021). Major security breaches, theft of massive amounts of individual, government, and business financial and security information, and victimization of the most vulnerable in child sexual exploitation schemes have resulted in actions by many countries. The United Nations is considering a global binding convention on cybercrime (Global Initiative against Transnational Organized Crime, 2021; Tennis, 2020). This growing global experience of cybercrime victimization has pushed businesses, governments, and individuals to devote resources to self-protection, the protection of employees, and safeguarding citizens (Mee & Chandrasekhar, 2021; U.S. Department of Homeland Security, 2021). The current situation creates pressure on resources and finances because it is impossible to create public policy and private sector solutions for all problems at once.
The value of this study lies in its effort to begin mapping the terrain of the nature and extent of serious cybercrime cases investigated and prosecuted. The resulting typology of offense types starts to lay the groundwork for where enforcement and prevention resources might be targeted. As proposed here, an empirical typology provides a mechanism by which to rank the seriousness and frequency of different types of cybercrime, so that resources can be directed to the largest problems proportionately. A validated typology on different samples over time can provide a method by which the risk of victimization from different types of cybercrime can be assessed and ranked. Ultimately, a basis is provided for directing enforcement and prevention resources to those manifestations of cybercrime that are the most common and most serious.
This effort can be built upon further to determine the validity and reliability of the typology developed from the current sample of 305 cases. Larger samples of cases over time will provide information on whether this typology can be validated, or needs to be expanded or revised in order to capture the full scope and threats posed by cybercrime offending and victimization. As noted by Choo (2008), organized groups that engage in cybercrime might be of different types, given their methods of operation, locations in which they have domain or influence, and the presence of any political motivations. As he notes, “there is little incentive for financially motivated cybercrime groups to have a hierarchical organizational structure (or to be affiliated with traditional organized crime groups) since they are able to generate profits quite successfully on their own” (Choo, p.290). Additional data will allow for the further analysis of these ideas.
Cybercrime overlaps with organized crime in that many cybercrime cases involve two or more persons in the scheme, and most crimes are rationally designed for illicit profit. In the sample in the current study, there were 81 cases where at least one charge in the case was conspiracy (i.e., two or more individuals planning to commit an offense). Therefore, cybercrime is often a form of organized crime, which also involves at least two or more persons involved in a criminal scheme (Arsovska, 2014; Hagan, 2006). A recent analysis of organized crime cases found cybercrime schemes among them with similar objectives to the sample analyzed here, such as fraud, money laundering, and violence (Albanese, 2021). Indeed, the central feature of most organized crime cases is financial gain, so its similarities with cybercrime offenses cannot be overlooked in directing future research and policy that highlights the similarities, rather than the differences, among the various types of criminal schemes.
It is noteworthy that cybercrime prosecutions are widely distributed geographically, but nearly half the cases occurred in only 10 of the 94 US federal districts. A closer look at the investigation and prosecution expertise and resources in these districts will provide a better understanding of the reasons for differences in prosecutions between regions. In addition, most of the cybercrime cases prosecuted occurred entirely within the US. It remains to be investigated whether this is the true nature of existing cybercrime activity, or whether it reflects the difficulty in discovery, proof, and extradition in making cases involving transnational crimes.
Declaration of Interest Statement
The author declares that they have no conflicts of interest.
Al Hait, A.A.S. (2014). Jurisdiction in Cybercrimes: A Comparative Study. Journal of Law, Policy and Globalization, 22, 75-84.
Albanese, J.S. (2021). Organized Crime as Financial Crime: The Nature of Organized Crime as Reflected in Prosecutions and Research, Victims & Offenders: An International Journal of Evidence-based Research, 16, 431-443.
Albanese, J.S. (2015). Organized Crime: From the Mob to Transnational Organized Crime. Routledge.
Albanese, J.S. & Artello, K. (2019). The Behavior of Corruption: An Empirical Typology of Public Corruption by Objective & Method, Criminology. Criminal Justice, Law & Society, 20(1), 1-12.
Albini, J.L. (1971). The American Mafia – Genesis of a Legend. Appleton-Century-Crofts.
Arsovska, J. (2014). Organized Crime. The Encyclopedia of Criminology and Criminal Justice. Wiley.
Artello, K. & Albanese, J.S. (2019). Investigative Decision-making in Public Corruption Cases: Factors Influencing Case Outcomes. Social Sciences, 5, 1-15.
Artello, K. & Albanese, J.S. (2019a).The Calculus of Public Corruption Cases: Hidden Decisions in Investigations and Prosecutions. Journal of Criminal Justice and Law, 3, 21-36.
Babchishin K.M., Hanson, R.K. & Hermann, C.A. (2011). The Characteristics of Online Sex Offenders: A Meta-Analysis. Sexual Abuse, 23, 92-123.
Barnor, J.N. & Patterson, A.A. (2020). Cybercrime Research: A Review of Research Themes, Frameworks, Methods, and Future Research Directions. Handbook of Research on Managing Information Systems in Developing Economies. IGI Global.
Black, I.S. & Fennelly, L.J. (2021). Cybercrimes and investigations. In Investigations and the Art of Investigative Interviewing, 4th ed. Butterworth-Heinemann.
Booz-Allen-Hamilton. (2020). Cyber Threat Trends Outlook. Booz Allen Hamilton. https://www.boozallen.com/c/insight/publication/8-cyber-threat-trends-for-2021.html
Bossler, A.M. (2020). Cybercrime Legislation in the United States. In T. J. Holt, A. M. Bossler, eds., The Palgrave Handbook of International Cybercrime and Cyberdeviance. Palgrave Macmillan.
Brenner, S. W. (2006). Cybercrime jurisdiction. Crime, law and social change, 46(4), 189-206.
Brenner, S.W. (2008). Cyberthreats: The Emerging Fault lines of the Nation State. Oxford University Press.
Brenner, S.W. (2010). Cybercrime: Criminal Threats from Cyberspace. Praeger.
Brenner, S.W. (2011). Defining cybercrime: A review of federal and state law. In Cybercrime: The investigation, prosecution, and defense of a computer-related crime, 3rd ed., R.D. Clifford, ed. 95–104. Carolina Academic Press.
Brunner, M. (2019). Challenges and opportunities in state and local cybercrime enforcement. Journal of National Security Law and Policy, 10, 563.
Buil-Gil, D., Miro-Linares, F., Moneva, A., Kemp, S. & Diaz-Castano, N. (2021). Cybercrime and shifts in opportunities during COVID-19: A Preliminary Analysis in the UK. European Societies, 23, 547–559. https://doi.org/10.1080/14616696.2020.1804973
Calavita, K., & Pontell, H. N. (1993). Savings and Loan Fraud as Organized Crime: Toward a Conceptual Typology of Corporate Illegality. Criminology, 31(4), 519-548.
Choo, K-K.R. (2008). Organised Crime Groups in Cyberspace: a Typology. Trends in Organized Crime, 11, 270–295.
Clinard, M.B. & Quinney, R. (1973). Criminal Behavior Systems: A Typology, 2nd ed. Holt, Rinehart and Winston.
Cross, C. (2015). No Laughing Matter: Blaming the victim of online fraud. International Review of Victimology, 21, 187–204.
Dickson-Gilmore, E. J., & Whitehead, C. (2002). Aboriginal organized crime in Canada: developing a typology for understanding and strategizing responses. Trends in Organized Crime, 7(4), 3-28.
Executive Order. (2021). Improving the Nation's Cybersecurity. E.O. 14028 of May 12.86 FR 26633. https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity
Furnell, S. (2002). Cybercrime: Vandalizing the Information Society. Addison-Wesley.
Gehem, M., Usanov, A. Frinking, E. & Rademnaker, M. (2015). Assessing Cyber Security: A Meta-analysis of Threats, Trends, and Responses to Cyber Attacks. The Hague Centre for Strategic Studies.
Global Initiative against Transnational Organized Crime. (2021). Contested Domain: UN Cybercrime Resolution. https://globalinitiative.net/analysis/un-cybercrime-resolution/
Hagan, F.E. (2006). “Organized Crime” and “organized crime”: Indeterminate Problems of Definition. Trends in Organized Crime, 9, 127-37.
Higgins, G.E. & Marcum, C.D. (2011). Digital Piracy: An integrated theoretical approach. Carolina Academic Press.
Holt, T.J. (2018). Regulating Cybercrime through Law Enforcement and Industry Mechanisms. ANNALS, AAPSS, 679, 140-157.
Holt, T.J. & Bossler, A.M. (2014). An Assessment of the Current State of Cybercrime Scholarship. Deviant Behavior, 35, 20-40, DOI: 10.1080/01639625.2013.822209
Internet Crime Complaint Center. (2020). 2019 Internet Crime Report. Federal Bureau of Investigation. https://www.ic3.gov/Home/AnnualReports
Johnson, L. (2021). CISA Launches Joint Cyber Defense Initiative. https://www.meritalk.com/articles/cisa-launches-joint-cyber-defense-collaborative/ August 5.
Kennedy, S. & Warren, I. (2020). The Legal Geographies of Extradition and Sovereign Power. Internet Policy Review, 19, 1-18.
Lavorgna, A. (2019). Cyber-organised Crime. A Case of Moral Panic? Trends in Organized Crime, 22, 357-374.
Legg, J. (2021). Pushing Back Against the Rising Tide of Cybercrime. Forbes, July 19.
Lim, M. (2013). The Internet and Everyday Life in Indonesia: A New Moral Panic?, Bijdragen totde taal-, land- en volkenkunde / Journal of the Humanities and Social Sciences of Southeast Asia, 169, 133-147. doi: https://doi.org/10.1163/22134379-12340008
Leukfeldt, E. R., Kleemans, E. R., & Stol, W. P. (2017). A Typology of Cybercriminal Networks: from low-tech all-rounders to high-tech specialists. Crime, Law and Social Change, 67(1), 21-37.
Maltz, M.D. (1976). On Defining “Organized Grime”: The Development of a Definition and a Typology. Crime & Delinquency, 22(3), 338–346.
Mann, M., Warren, I. & Kennedy, S. (2018) The Legal Geographies of Transnational Cyber-prosecutions: Extradition, Human rights and Forum shifting. Global Crime,19, 107-124.
Maras, M.H. (2017). Cybercriminology. Oxford University Press.
Marion, N. & Hill, J.B. (2018). Presidential Rhetoric as Crime Control Theater: The Case of Cybercrime. Criminology, Criminal Justice, Law & Society, 19, 81-97.
McCusker, R. (2013). Transnational Organised Cyber Crime: Distinguishing Threat from Reality. Routledge.
Mee, P. & Chandrasekhar, C. (2021). Cybersecurity is Too Big a Job for Governments or Business to Handle Alone. World Economic Forum, May 3. https://www.weforum.org/agenda/2021/05/cybersecurity-governments-business/
Muggah, R. (2020). The Pandemic Has Triggered Dramatic Shifts in the Global Criminal Underworld. Foreign Policy, May 8. https://foreignpolicy.com/2020/05/08/coronavirus-drug-cartels-violence-smuggling/
Pipikaite, A., Barrachin, M. & Crawford, S. (2021). These are the Top Cybersecurity Challenges of 2021. World Economic Forum, January 21. https://www.weforum.org/agenda/2021/01/top-cybersecurity-challenges-of-2021/
Rajput B. (2020). Emerging Trends and Patterns of Cyber Economic Crimes. In: Cyber Economic Crime in India. Springer Series on Asian Criminology and Criminal Justice Research. Springer. https://doi.org/10.1007/978-3-030-44655-0_6
Rantala, R. R. (2004). Cybercrime against Businesses. Washington, D.C.: Bureau of Justice Statistics.
Reep-van den Bergh, C.M.M. & Junger, M. (2018). Victims of Cybercrime in Europe: A Review of Victim Surveys. Crime Science, 7, 1-15.https://doi.org/10.1186/s40163-018-0079-3
Riek, M. & Bohme, R. (2018). The Costs of Consumer-facing Cybercrime: An Empirical Exploration of Measurement Issues and Estimates. Journal of Cybersecurity, 4, 1-15 https://doi.org/10.1093/cybsec/tyy004
Sarre, R., Yiu-Chung, L. & Chang, L.Y.C. (2018). Responding to Cybercrime: Current Trends, Police Practice and Research, 19, 515-518, DOI: 10.1080/15614263.2018.1507888
Smith, D. C. (1978). Organized crime and entrepreneurship. International Journal of Criminology and Penology, 6(2), 161-177.
Taylor, R., Saylor, M.R. & Tafoya, W.L. (2019). Cyber Crime and Cyber Terrorism. 4th ed. Pearson.
Tennis, M.M. (2020). A United Nations Convention on Cybercrime. Capital University Law Review, 48, 189-236.
Transactional Records Access Clearinghouse. (2020). Federal Criminal Prosecutions Plummet in Wake of COVID-19. https://trac-syr-edu.proxy.library.vcu.edu/tracreports/crim/609/
U.S. Department of Homeland Security. (2021). Cybersecurity. https://www.dhs.gov/topic/cybersecurity
U.S. Department of Justice. (2016). Department Releases Intake and Charging Policy for Computer Crime Matters. October 25. https://www.justice.gov/archives/opa/blog/department-releases-intake-and-charging-policy-computer-crime-matters
Viano, E.C. (2017). Cybercrime: Definition, Typology, and Criminalization. In Viano E., ed. Cybercrime, Organized Crime, and Societal Responses. Springer.
Wall, D. (2001). Cybercrimes and the Internet. In Crime and the Internet, edited by D.S. Wall. Routledge.
Wall, D. (2004). Digital Realism and the Governance of Spam as Cybercrime. European Journal on Criminal Policy and Research, 10, 309–35.