Cybercrime

Featured

A wide range of computer security threats exists—including faulty software, password trafficking and fraud, and hostile groups intending to inflict damage—and awareness of these threats varies. RAND has conducted research to measure and increase understanding of the impact of cybercrime on businesses and governments and has addressed such issues as the pros and cons of counterattack, the value of deterrence and vigilance, and actions that can be taken in the face of cyberattack.

  • Eyeball on a laptop computer screen, illustration by Meriel Waissman

    Essay

    The Digital Underworld: What You Need to Know

    Jun 24, 2016

    A growing threat is emanating from a digital underworld where hackers sell their services like mercenaries and credit-card numbers can be had for pennies on the dollar.

  • A graphical model meant to help prevent hackers from attacking vulnerable computer resources, photo courtesy of Pacific Northwest National Laboratory

    Content

    Challenges and Opportunities in Cyberspace

    Sep 30, 2016

    Cyberspace provides opportunities for innovation, commerce, and societal advancement but also raises issues for policymakers in securing cyber vulnerabilities, ensuring privacy and protection of personal data, and considering the use of cyber weapons as a national security asset.

Explore Cybercrime

  • Binary code bursts from phones held by a crowd of people with an overlay of glowing electronic numbers

    Commentary

    What Is the Adversary Likely to Do with the Clearance Records for 20 Million Americans?

    The state actor that hacked the Office of Personnel Management could use the stolen information to further its domestic control against dissidents, enhance its foreign intelligence, and improve its position in the global military and economic order.

    Jan 20, 2017

  • Brochure

    A focus on cybersecurity

    Cybersecurity has risen to become a prominent issue of national and global security for governments and international organisations worldwide. A focus on cybersecurity looks at the issues and details RAND Europe's expertise and work in the area.

    Dec 19, 2016

  • Report

    A Framework for Exploring Cybersecurity Policy Options

    RAND conducted two discovery games to explore possible solutions for improving cybersecurity, assess their implications, and develop an initial framework to support debate and inform decisions regarding cybersecurity policies and practices.

    Nov 23, 2016

  • Illustration of a digital world

    Commentary

    Where Next for the Digital Society?

    Digital technologies are omnipresent, both in terms of where we are and what we do. A digital society can bring about economic and societal gain, but there are many challenges that need to be addressed beyond the actual technologies.

    Oct 14, 2016

  • Report

    Thought Leadership programme 2016: Key Findings

    Key findings from the 2016 Thought Leadership Programme, convened by Corsham Institute in conjunction with RAND Europe and St George's House exploring opportunities and challenges created by digital technologies in society.

    Oct 13, 2016

  • Concept of leaky software, data pouring out of pipe

    Commentary

    Digital Theft: The New Normal

    Absolute data breach prevention is not possible, so knowing what people want when it happens is important. Consumers and corporations alike should accept this risk as a “when,” not an “if,” and prepare for it.

    Oct 10, 2016

  • TSA agents screen a passenger at San Francisco International Airport in San Francisco, California, February 27, 2015

    Announcement

    RAND Chosen to Operate New Research Center for U.S. Department of Homeland Security

    A new center will conduct analyses and make recommendations to strengthen DHS across its missions to prevent terrorism and enhance security, secure and manage U.S. borders, enforce and administer immigration laws, safeguard and secure cyberspace, and strengthen national preparedness and resiliency.

    Oct 4, 2016

  • The headquarters of the Democratic National Committee is seen in Washington, D.C., June 14, 2016

    Commentary

    The DNC Hack: Are New Norms Needed?

    A new norm that would hold the Russian DNC hack to be unacceptable could not rest on a general prohibition against cyber-espionage or political interference. It would have to combine both prohibitions at once.

    Sep 29, 2016

  • Dmitri Dolgov, principal engineer on the software team of Google's Self-Driving Car project, speaks during a presentation in Mountain View, California, September 29, 2015

    Commentary

    The Brains Behind Autonomous Vehicles May Need a License to Drive

    Autonomous vehicles require exquisite software. To make this software secure, industry and government should consider educational standards and licensure requirements for the engineers who create it.

    Sep 27, 2016

  • News Release

    Cost of Cyber Incidents Not Large Compared with Other Business Losses; May Influence Responses by Businesses

    Data breaches have made headlines in recent years, exposing poor practices that put the personal information of millions of consumers at risk. But the cost of a typical cyber breach is much less than generally estimated, providing one possible explanation for why American companies do not invest more to improve computer security.

    Sep 20, 2016

  • A man counting pills on his laptop

    Commentary

    Dark Web Likely Isn't Fuelling International Drug Sales

    Vendors in the Netherlands have developed a fairly successful international trade of ecstasy-type drugs and stimulants from online markets, but it appears that most countries are selling illicit drugs within their own borders.

    Sep 19, 2016

  • Cyber illustration of a judge's gavel

    Commentary

    The Future of Cyber Investigations at the FBI Is Unclear

    Evidence presented by the FBI in the case of U.S. v. Jay Michaud was excluded because the agency was unwilling to reveal the software exploit used to collect it. If the FBI exposes its capabilities, other criminals can patch their computers, but concealing its techniques risks the ability to prosecute cyber criminals.

    Aug 24, 2016

  • Global internet security illustration

    Project

    Developing a Toolbox for the Global Cyber Security Capacity Centre Maturity Model

    The Cyber Security Capability Maturity Model allows organisations to map and assess maturity to achieve a healthy and resilient national cyber ecosystem. A new toolbox will aim to help policymakers identify priority areas for intervention to strengthen cyber capabilities.

    Aug 16, 2016

  • News Release

    Untangling the 'Dark Web': New Study Shows Steady Growth of the Online Illicit Drugs Trade

    The number of transactions for illicit drugs on cryptomarkets, which exist on the “dark web,” have tripled and revenues have doubled since 2013, when Silk Road 1.0 was shut down by the FBI.

    Aug 8, 2016

  • Research Brief

    The role of the 'dark web' in the trade of illicit drugs

    The Internet has fundamentally changed ways of doing business, including the operations of illegal markets. RAND Europe was commissioned to investigate the role of the Internet in facilitating the drugs trade, particularly in the Netherlands.

    Aug 5, 2016

  • Spider web

    Report

    Growth of the Online Illicit Drugs Trade

    Silk Road was the first major online marketplace for illegal goods on the hidden web. Since the FBI took it down in 2013, copycats have filled the void. Transactions for illicit drugs on cryptomarkets have tripled and revenues have doubled.

    Aug 5, 2016

  • Russian President Vladimir Putin arrives for a personal send-off for members of the Russian Olympic team at the Kremlin in Moscow, Russia, July 27, 2016

    Commentary

    How to Counter Putin's Subversive War on the West

    Russian cybercrime, Olympics doping, and other active measures have one thing in common: Moscow admits no wrongdoing. These scandals exacerbate the frigid relations between Moscow and the West. Diplomacy sometimes works slowly, but it helps.

    Aug 1, 2016

  • Guo Shengkun, China's Minister of Public Security, speaks during the Second U.S.-China High-Level Joint Dialogue on Cybercrime and Related Issues in Beijing, China, June 14, 2016

    Commentary

    The U.S.-China Cyber Agreement: A Good First Step

    The 2015 U.S.-China cyber agreement is a potentially important first step toward addressing the problem of Chinese espionage. But it is by no means a final step.

    Aug 1, 2016

  • Periodical

    RAND Review: July-August 2016

    This issue highlights the stress of military deployments and resilience of military families; RAND research on cybercrime, network defense, and data breaches; the 40th anniversary of RAND's landmark Health Insurance Experiment; and more.

    Jun 27, 2016