Cybercrime

Featured

A wide range of computer security threats exists—including faulty software, password trafficking and fraud, and hostile groups intending to inflict damage—and awareness of these threats varies. RAND has conducted research to measure and increase understanding of the impact of cybercrime on businesses and governments and has addressed such issues as the pros and cons of counterattack, the value of deterrence and vigilance, and actions that can be taken in the face of cyberattack.

  • Illustration of a large gavel crashing down on self-driving cars, illustration by Chris Philpot

    Essay

    Who's Responsible When Your Car Gets Hacked?

    Oct 23, 2019

    Cars are becoming "fast, heavy artificial intelligences on wheels," a RAND report cautions, and that means they're becoming vulnerable. Potentially billions of dollars ride on the question of who has the legal responsibility to keep hackers from grabbing the wheel or cutting the brakes.

  • Cybercrime concept of handcuffs icon on a digital background, photo by blackboard/Adobe Stock

    Report

    What Could Help Law Enforcement Deal with Crime on the Dark Web?

    Oct 29, 2019

    Crime in traditional online forums often leaves a trail of data that can be followed. But on the dark web, the process of collecting those data and turning them into evidence can be difficult. A panel of law enforcement practitioners and researchers identified ways to address this challenge.

Explore Cybercrime

  • Blog

    White Supremacist Terrorism, Wildfires, the Dark Web: RAND Weekly Recap

    This weekly recap focuses on violent white supremacy, power outages to prevent wildfires, how to catch criminals on the dark web, and more.

    Nov 1, 2019

  • Concept of artificial intelligence winning at chess, photo by JohnDWilliams/Getty Images

    Report

    The Emerging Risk of Virtual Societal Warfare

    Living in an information society opens unprecedented opportunities for hostile rivals to cause disruption, delay, inefficiency, and harm. Social manipulation techniques are evolving beyond disinformation and cyberattacks on infrastructure sites. How can democracies protect themselves?

    Oct 9, 2019

  • Blog

    Data Breaches, Correctional Security, Fentanyl: RAND Weekly Recap

    This weekly recap focuses on how consumers respond to data breaches, new security challenges facing correctional institutions, how fentanyl is changing the opioid crisis, and more.

    Aug 2, 2019

  • Report

    Fostering Innovation to Respond to Top Challenges in Law Enforcement: Proceedings of the National Institute of Justice's 2018 Chiefs' Panel on Priority Law Enforcement Issues and Needs

    An expert panel of law enforcement leaders identified challenges facing law enforcement today, and their priorities are presented in this report. Panel members discussed needs for innovation that, if pursued, might help resolve those challenges.

    Jul 22, 2019

  • Report

    When Autonomous Vehicles Are Hacked, Who Is Liable?

    The arrival of autonomous vehicles (AVs) on the roads will require policymakers, industry, and the public to adapt to the risk of hackers attacking these vehicles. RAND researchers explored the civil liability issues related to hacked AVs.

    Jul 12, 2019

  • Smart car 3D rendering, photo by Production Perig/Adobe Stock

    Research Brief

    When an Autonomous Vehicle Is Hacked, Who Is Liable?

    Hacks on autonomous vehicles could lead to deaths, property destruction, ransomware attacks, or data theft. Several scenarios illustrate the policy challenges facing the civil legal system, insurers, and others.

    Jul 12, 2019

  • A portion of a city model glows red indicating a cyber threat to infrastructure at the DarkMatter booth during the Black Hat information security conference in Las Vegas, Nevada, July 26, 2017

    Commentary

    Fighting and Winning the Undeclared Cyber War

    Russia has executed deliberate intrusions into U.S. critical infrastructure since at least 2011. These systems have included government entities, commercial facilities, water resource plants, and aviation institutions. What actions or policies can the U.S. execute to improve security?

    Jun 24, 2019

  • Mock Bitcoins are displayed in Berlin, January 7, 2014, photo by Pawel Kopczynski/Reuters

    Report

    Terrorist Use of Cryptocurrencies

    Counterterrorism finance strategies have reduced terrorist access to official currencies. Will terrorist groups therefore increase their use of digital cryptocurrencies? New ones have emerged, including some that claim to be more private and secure than Bitcoin, but they also have limitations that make them less viable.

    Mar 27, 2019

  • Hawaii Air National Guardsmen evaluate network vulnerabilities during the Po’oihe 2015 Cyber Security Exercise at the University of Hawaii Manoa Campus, Honolulu, HI, June 4, 2015, photo by Airman 1st Class Robert Cabuco/Hawaii Air National Guard

    Commentary

    Developing an Objective, Repeatable Scoring System for a Vulnerability Equities Process

    If governments seek to create an objective framework for decision making about whether or when to disclose software vulnerabilities, what might that look like? What questions should be included, how should they influence the outcome and how can one interpret the results?

    Feb 5, 2019

  • Accountability in Cyberspace: The Problem of Attribution

    Multimedia

    How to Achieve Accountability in Cyberspace

    Identifying the responsible party behind malicious cyber incidents is necessary for holding bad actors accountable. But there are many challenges that accompany cyber attribution. Creating an independent, global organization that investigates and publicly assigns blame for major hacks could help.

    Jan 14, 2019

  • Journal Article

    Economics of Vulnerability Disclosure

    This study serves as a follow up to the 2015 ENISA Good Practice Guide on Vulnerability Disclosure and seeks to provide a glimpse into the economics, costs, and incentives related to discovering and disclosing vulnerabilities.

    Dec 14, 2018

  • World map with electronic circuits

    Commentary

    When Cyber Attacks Occur, Who Should Investigate?

    Data breaches and cyberattacks cross geopolitical boundaries, targeting individuals, corporations and governments. Creating a global body with a narrow focus on investigating and assigning responsibility for cyberattacks could be the first step to creating a digital world with accountability.

    Dec 6, 2018

  • Journal Article

    The Trade in Small Arms and Light Weapons on the Dark Web: A Study

    A summary of the main findings and implications of the first empirical study investigating the scale and scope of arms trafficking on the dark web, illustrating the range of weapons traded, their market price and most common transit routes.

    Oct 24, 2018

  • Processor pins of a microchip

    Commentary

    Examining the Weak Spots in Tech's Supply Chain Armor

    When an attack on the supply chain occurs, manufacturers and purchasers should be better positioned to respond and recover. Even the simplest devices can rely on parts from multiple suppliers, which may have their own suppliers and so on. But every supplier, no matter how small, represents a potential weak link in the chain.

    Oct 16, 2018

  • Hacker on a laptop

    Commentary

    Have a Victim Response Plan for Data Breaches

    In a large data breach, there could be a real risk to victims' financial or personal security. Though responsible organizations should do everything in their power to ensure data is protected in the first place, they also should prepare a plan to ensure prompt victim response.

    Oct 2, 2018

  • Report

    Developing Cybersecurity Capacity: A proof-of-concept implementation guide

    This document is a proof-of-concept operational toolbox designed to facilitate the development of national-level cybersecurity capacity building programmes and of holistic policy and investment strategies to tackle challenges in the cyber domain.

    Aug 2, 2018

  • Malware or virus inside microchip on electronic circuit

    Commentary

    What Do Meltdown, Spectre, and RyzenFall Mean for the Future of Cybersecurity?

    Unlike most previous cyber threats, a new wave of vulnerabilities attack a computer's hardware, rather than its software. What does this mean for cybersecurity as a whole?

    May 3, 2018

  • Server room data center with icon representing cloud storage

    Report

    Identifying Law Enforcement Needs for Access to Digital Evidence in Remote Data Centers

    Researchers discuss the challenge of accessing data in remote data centers, summarize the discussion of an expert panel, and provide a list of needs identified and prioritized by the panel to inform concerned communities and stakeholders.

    Apr 23, 2018