Cybercrime

Featured

A wide range of computer security threats exists—including faulty software, password trafficking and fraud, and hostile groups intending to inflict damage—and awareness of these threats varies. RAND has conducted research to measure and increase understanding of the impact of cybercrime on businesses and governments and has addressed such issues as the pros and cons of counterattack, the value of deterrence and vigilance, and actions that can be taken in the face of cyberattack.

  • Illustration of online extremists by Jessica Arana/RAND Corporation from Sean Rayford/Alamy; dem10/Getty Images; sestovic/Getty Images; Dilok Klaisataporn/Getty Images; Comstock/Getty Images

    Report

    How Extremism Operates Online

    Extremist groups use internet-based tools for financing, networking and coordination, recruitment and radicalization, inter- and intra-group knowledge transfer, and mobilization to action. How do internet users engage with these efforts? And can the internet be leveraged to counter extremism?

    Apr 12, 2022

  • Blue and red cables transmitting data signals, image by Alexey Novikov/Adobe Stock

    Report

    Response Options to Cyberattacks on U.S. Government Networks

    The United States has proved vulnerable to cyber incidents, and a lack of response has emboldened Russia and China to expand their cyber espionage activities. Have U.S. responses changed over time or affected adversary behavior? What lessons do these cases offer for future policymaking?

    Apr 29, 2022

Explore Cybercrime

  • The headquarters of the Democratic National Committee is seen in Washington, D.C., June 14, 2016

    Commentary

    The DNC Hack: Are New Norms Needed?

    A new norm that would hold the Russian DNC hack to be unacceptable could not rest on a general prohibition against cyber-espionage or political interference. It would have to combine both prohibitions at once.

    Sep 29, 2016

  • Dmitri Dolgov, principal engineer on the software team of Google's Self-Driving Car project, speaks during a presentation in Mountain View, California, September 29, 2015

    Commentary

    The Brains Behind Autonomous Vehicles May Need a License to Drive

    Autonomous vehicles require exquisite software. To make this software secure, industry and government should consider educational standards and licensure requirements for the engineers who create it.

    Sep 27, 2016

  • News Release

    News Release

    Cost of Cyber Incidents Not Large Compared with Other Business Losses; May Influence Responses by Businesses

    Data breaches have made headlines in recent years, exposing poor practices that put the personal information of millions of consumers at risk. But the cost of a typical cyber breach is much less than generally estimated, providing one possible explanation for why American companies do not invest more to improve computer security.

    Sep 20, 2016

  • A man counting pills on his laptop

    Commentary

    Dark Web Likely Isn't Fuelling International Drug Sales

    Vendors in the Netherlands have developed a fairly successful international trade of ecstasy-type drugs and stimulants from online markets, but it appears that most countries are selling illicit drugs within their own borders.

    Sep 19, 2016

  • Cyber illustration of a judge's gavel

    Commentary

    The Future of Cyber Investigations at the FBI Is Unclear

    Evidence presented by the FBI in the case of U.S. v. Jay Michaud was excluded because the agency was unwilling to reveal the software exploit used to collect it. If the FBI exposes its capabilities, other criminals can patch their computers, but concealing its techniques risks the ability to prosecute cyber criminals.

    Aug 24, 2016

  • News Release

    News Release

    Untangling the 'Dark Web': New Study Shows Steady Growth of the Online Illicit Drugs Trade

    The number of transactions for illicit drugs on cryptomarkets, which exist on the “dark web,” have tripled and revenues have doubled since 2013, when Silk Road 1.0 was shut down by the FBI.

    Aug 8, 2016

  • Spider web

    Report

    Growth of the Online Illicit Drugs Trade

    Silk Road was the first major online marketplace for illegal goods on the hidden web. Since the FBI took it down in 2013, copycats have filled the void. Transactions for illicit drugs on cryptomarkets have tripled and revenues have doubled.

    Aug 5, 2016

  • Research Brief

    Research Brief

    The role of the 'dark web' in the trade of illicit drugs

    The Internet has fundamentally changed ways of doing business, including the operations of illegal markets. RAND Europe was commissioned to investigate the role of the Internet in facilitating the drugs trade, particularly in the Netherlands.

    Aug 5, 2016

  • Russian President Vladimir Putin arrives for a personal send-off for members of the Russian Olympic team at the Kremlin in Moscow, Russia, July 27, 2016

    Commentary

    How to Counter Putin's Subversive War on the West

    Russian cybercrime, Olympics doping, and other active measures have one thing in common: Moscow admits no wrongdoing. These scandals exacerbate the frigid relations between Moscow and the West. Diplomacy sometimes works slowly, but it helps.

    Aug 1, 2016

  • Guo Shengkun, China's Minister of Public Security, speaks during the Second U.S.-China High-Level Joint Dialogue on Cybercrime and Related Issues in Beijing, China, June 14, 2016

    Commentary

    The U.S.-China Cyber Agreement: A Good First Step

    The 2015 U.S.-China cyber agreement is a potentially important first step toward addressing the problem of Chinese espionage. But it is by no means a final step.

    Aug 1, 2016

  • Periodical

    Periodical

    RAND Review: July-August 2016

    This issue highlights the stress of military deployments and resilience of military families; RAND research on cybercrime, network defense, and data breaches; the 40th anniversary of RAND's landmark Health Insurance Experiment; and more.

    Jun 27, 2016

  • Eyeball on a laptop computer screen

    Essay

    The Digital Underworld: What You Need to Know

    A growing threat is emanating from a digital underworld where hackers sell their services like mercenaries and credit-card numbers can be had for pennies on the dollar.

    Jun 24, 2016

  • Illustration of data encryption

    Blog

    RAND's Lillian Ablon Presents 'Lessons from a Hacker'

    Lillian Ablon, a cybersecurity and emerging technologies researcher, spoke at a RAND Policy Circle Conversation on the world's expanding cyber vulnerability, those who are out there to take advantage of those vulnerabilities, as well as consumer attitudes toward breaches.

    Jun 1, 2016

  • Congressional Briefing Podcast

    Multimedia

    Getting to Yes with China in Cyberspace: Is It Possible?

    In this May 2016 congressional briefing, RAND experts Scott W. Harold and Martin Libicki discuss the differing perspectives and interests of the United States and China in cyberspace.

    May 2, 2016

  • Journal Article

    Journal Article

    Good Practice Guide on Vulnerability Disclosure: From Challenges to Recommendations

    Vulnerabilities are 'flaws' or 'mistakes' in computer-based systems that may be exploited to compromise the network and information security of affected systems.

    Apr 27, 2016

  • Infographic

    Infographic

    Data Theft Victims, and Their Response to Breach Notifications

    This infographic highlights the results of a study of consumer attitudes toward data breaches, notifications of those breaches, and company responses to such events.

    Apr 14, 2016

  • Woman typing into a laptop

    Report

    Few Consumers Penalize Hacked Companies for Data Breaches

    About a quarter of American adults surveyed reported that they received a data breach notification in the past year, but 77 percent of them were highly satisfied with the company's post-breach response. Only 11 percent of respondents stopped dealing with the company afterwards.

    Apr 14, 2016

  • News Release

    News Release

    One-Fourth of American Adults Notified of Data Breach in Past Year; Few Consumers Penalize Hacked Companies

    About a quarter of American adults reported that they were notified about their personal information being part of a data breach in the previous year, but only 11 percent of those who have ever been notified say they stopped doing business with the hacked company afterwards.

    Apr 13, 2016

  • View to an operating room through an office window

    Commentary

    Ransomware Hackers Are Coming for Your Health Records

    Cyber criminals may be preying on hospitals because cyber protection measures likely have not kept pace with electronic data collection and because hospitals typically do not have backup systems and databases in place, even though such attacks can strain health care systems and potentially put patients' lives at risk.

    Apr 11, 2016

  • Transportation soldiers and civilian harbormasters move cargo containers onto awaiting vessels in a training exercise at Joint Base Langley-Eustis

    Commentary

    Ten Years After the Safe Port Act, Are America's Ports Secure?

    The economic importance and visibility of America's ports make them attractive terrorism targets. Port security has improved, but many of the threats that motivated the Safe Ports Act in 2006 remain, and new dangers have emerged, including cyber threats.

    Apr 6, 2016