Cybercrime

Featured

A wide range of computer security threats exists—including faulty software, password trafficking and fraud, and hostile groups intending to inflict damage—and awareness of these threats varies. RAND has conducted research to measure and increase understanding of the impact of cybercrime on businesses and governments and has addressed such issues as the pros and cons of counterattack, the value of deterrence and vigilance, and actions that can be taken in the face of cyberattack.

  • A woman with a smartphone is seen in front of social media logos, May 25, 2021, photo by Dado Ruvic/Reuters

    Report

    Understanding the Online Extremist Ecosystem

    Dec 2, 2021

    By the early 2010s, it was clear that the internet provided white supremacists and other extremists a tool to operationalize their hateful ideas and cause real-world harms. How can the average user understand their risk of exposure to extremist content and make informed decisions about the platforms they use?

  • U.S. President Joe Biden speaks about the Colonial Pipeline shutdown at the White House in Washington, D.C., May 13, 2021, photo by Kevin Lamarque/Reuters

    Commentary

    How to Deter Ransomware Attacks

    Aug 9, 2021

    To rein in ransomware attacks, the United States needs to upend the risk-reward ratio for hackers and for the countries that harbor or support them. Such a strategy would make networks harder to breach, hit back harder against hackers, and claw back gains from those who succeed.

Explore Cybercrime

  • Man in living room with smart television

    Commentary

    Are You Sitting Comfortably? Understanding the Security and Privacy Implications of the Internet-Connected Living Room

    The modern living room contains a range of Internet-connected devices. This increased connectivity comes with privacy and security concerns, threats to consumers, and challenges for industry.

    Sep 3, 2014

  • Two boys sitting on a couch playing video games, photo by Sean Davis/Fotolia

    Report

    Living Room Connected Devices: Opportunities, Security Challenges, and Privacy Implications

    The "Internet-connected living room" poses security and privacy implications for industry and consumers, offering potential benefits as well as threats associated with the technical capabilities of living room connected devices.

    Sep 2, 2014

  • Astronomical observatory

    Periodical

    RAND Review: Vol. 38, No. 2, Summer 2014

    The cover story discusses the rising wave of cybercrime and possible responses to it, while other features highlight research on medical innovation and U.S. security cooperation, plus public policy insights from Victor Hugo.

    Aug 7, 2014

  • car interior with a dashboard computer

    Commentary

    Sounding the Car Alarm on Hackers

    Security protections on vehicles have not kept pace with systems that control safety features, navigation capabilities, and wireless communication functions. Onboard computer networks will likely become much more attractive to hackers.

    Jun 30, 2014

  • News Release

    News Release

    Shortage of Cybersecurity Professionals Poses Risk to National Security

    The nationwide shortage of cybersecurity professionals -- particularly for positions within the federal government -- creates risks for national and homeland security.

    Jun 17, 2014

  • two men working in a bright office

    Report

    Shortage of Cybersecurity Professionals Poses Risk to National Security

    Demand for trained cybersecurity professionals who work to protect organizations from cybercrime is high nationwide, but the shortage is particularly severe in the federal government, which does not offer salaries as high as the private sector.

    Jun 17, 2014

  • hands on a computer keyboard in a dark room

    Commentary

    The Hackers' Bazaar

    Today's cyber black markets have evolved into playgrounds of financially driven, highly organized and sophisticated groups, often connected with traditional crime organizations.

    Apr 11, 2014

  • News Release

    News Release

    Black Markets for Hackers Are Increasingly Sophisticated, Specialized and Maturing

    Black and gray markets for computer hacking tools, services, and byproducts such as stolen credit card numbers continue to expand, creating an increasing threat to businesses, governments, and individuals.

    Mar 24, 2014

  • An analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory

    Report

    Black Markets for Hackers Are Increasingly Sophisticated, Specialized, and Maturing

    Black and gray markets for computer hacking tools, services, and byproducts such as stolen credit card numbers continue to expand, creating an increasing threat to businesses, governments, and individuals.

    Mar 24, 2014

  • digital globe

    Report

    Case Studies Explore Future Technology Landscapes

    Case studies explore a growing volume of primarily civil technology that can both potentially impact and be exploited as UK defense and security capabilities.

    Dec 5, 2013

  • President Barack Obama shakes hands with Jeh Johnson during an announcement for Johnson to be his nominee for Secretary of Homeland Security

    Commentary

    Challenges and Opportunities Ahead for New Homeland Security Secretary

    To ensure the Department of Homeland Security makes progress in the current constrained budget environment, its new secretary must put in place a strategic perspective to guide priorities for how to address the country's most pressing problems in disaster management, immigration reform, cybersecurity, violent extremism, and nuclear terrorism.

    Oct 24, 2013

  • Network defender working at the Air Force Space Command Network Operations & Security Center at Peterson Air Force Base in Colorado Springs

    Commentary

    Don't Buy the Cyberhype

    Although the risk of a debilitating cyberattack is real, the perception of that risk is far greater than it actually is, writes Martin Libicki. In fact, a major cyberattack of the kind intelligence officials fear has not taken place in the 21 years since the Internet became accessible to the public.

    Aug 16, 2013

  • server, datacenter, computer, network, room, interior, data, center, networking, rack, hosting, internet, web, framework, farm, workstation, render, pc, tower, cluster, database, business, security, technology, mainframe, equipment, white, processor, ethernet, storage, servers, industry, connection, row, firewall, hardware, service, infrastructure, system, information, domain, host, object, terminal, telecommunication, communication, black, net, connectivity, 3d

    Report

    Stocktaking Military Cyber Defense Capabilities in the European Union

    As the stakes of cyber threats rise, the EU needs to be able to provide a consistent level of cyber defense capability across member states. This stocktaking exercise aimed to inform further action at the EU and national level.

    Jun 3, 2013

  • close up of person using an ATM

    Commentary

    The Real Cyber Threat

    The fact is that the United States needs to gear up for the coming era of cyber threats — and start by ensuring its financial flank is not catastrophically compromised, writes Mark Sparkman.

    May 21, 2013

  • Boston Marathon bombings

    Commentary

    Forget What You Think You Know

    What's the difference if they ascribe this atrocity to a neo-Nazi, radical Islamist, or separatist anti-government ideology? Whatever their motive, they're cowardly murderers who need to be brought to justice, writes Andrew Liepman.

    Apr 19, 2013

  • Globe and computer keyboard

    Commentary

    What Is an Act of Cyberwar? It's a Decision, Not a Conclusion

    Perhaps making war can persuade the attacker to stop. Yet, war also risks further disruption, great cost, as well as possible destruction and death—especially if matters escalate beyond cyberspace, writes Martin Libicki.

    Mar 4, 2013

  • Commentary

    Opening of the European Cybercrime Centre — a Journey Begins

    While the opening of the EC3 at Europol, in line with our first-choice scenario, is very welcome, our study uncovered a range of risks that the EC3 will need to confront if it is to tackle cybercrime in a more coordinated and effective manner, writes Neil Robinson.

    Jan 11, 2013

  • Running a test in a U.S. Air Force cyber lab

    Blog

    A Cybercrisis Is Inevitable — and Manageable

    The United States can manage a cybercrisis by taking steps to reduce the incentives for other states to step into crisis, by controlling the narrative, understanding the stability parameters of the crises, and trying to manage escalation if conflicts arise.

    Jan 9, 2013

  • Binary code and laptops

    Commentary

    A Matter of Degree: Who Can Authorize a Cyberattack?

    Understanding when the United States should engage in cyberwar and who should approve cyberattacks requires understanding that cyberwar has multiple personalities: operational, strategic, and that great gray area in-between, writes Martin Libicki.

    Jan 8, 2013

  • Report

    Report

    Cybercrises Can Be Managed with Multiple Strategies

    The chances are growing that the United States will find itself in a crisis in cyberspace. Such crises can be managed by taking steps to reduce the incentives for other states to step into crisis, by controlling the narrative, understanding the stability parameters of the crises, and trying to manage escalation if conflicts arise from crises.

    Jan 3, 2013