Cybercrime

Featured

A wide range of computer security threats exists—including faulty software, password trafficking and fraud, and hostile groups intending to inflict damage—and awareness of these threats varies. RAND has conducted research to measure and increase understanding of the impact of cybercrime on businesses and governments and has addressed such issues as the pros and cons of counterattack, the value of deterrence and vigilance, and actions that can be taken in the face of cyberattack.

  • Smart car 3D rendering, photo by Production Perig/Adobe Stock

    Research Brief

    When an Autonomous Vehicle Is Hacked, Who Is Liable?

    Jul 12, 2019

    Hacks on autonomous vehicles could lead to deaths, property destruction, ransomware attacks, or data theft. Several scenarios illustrate the policy challenges facing the civil legal system, insurers, and others.

  • Mock Bitcoins are displayed in Berlin, January 7, 2014, photo by Pawel Kopczynski/Reuters

    Report

    Terrorist Use of Cryptocurrencies

    Mar 27, 2019

    Counterterrorism finance strategies have reduced terrorist access to official currencies. Will terrorist groups therefore increase their use of digital cryptocurrencies? New ones have emerged, including some that claim to be more private and secure than Bitcoin, but they also have limitations that make them less viable.

Explore Cybercrime

  • digital globe

    Commentary

    Cyber Operations Can Supplement a War, but They Cannot Be the War

    The U.S. military, with its high-tech systems, must protect itself from cyber threats with much the same careful management that protects it against vulnerabilities associated with, say, explosives. But there can be no choice between boots on the ground and fingers on a keyboard, writes Martin Libicki.

    Dec 19, 2012

  • Multimedia

    Crisis and Escalation in Cyberspace

    In a presentation at the Google LAX Office, Martin Libicki, Adjunct Management Scientist, RAND Corporation, discusses the evolving field of cyberwarfare, and the form of crisis and escalation in the context of cyberspace.

    Nov 15, 2012

  • gavel and laptop

    Journal Article

    Good Practice Guide Addresses Network and Information Security Aspects of Cybercrime

    The sharing and exchange of information between Computer Emergency Response Teams (CERTs) and the law enforcement community in Europe face several legal and operational barriers. This report offers recommendations for CERTs, law enforcement, and policymakers in Brussels.

    Nov 1, 2012

  • Globe surrounded by binary data

    Commentary

    The Case for a Cyber-Security Safety Board: A Global View on Risk

    Innovative approaches are needed to break the current stalemate of information sharing and to build a solid and reliable evidence base on the state of cyber-security, writes Neil Robinson.

    Jun 18, 2012

  • A hacker at his computer desk

    Commentary

    Setting International Norms on Cyberwar Might Beat a Treaty

    Restricting cyberweapon development could be harmful inasmuch as its core activity is the discovery of vulnerabilities in software—the very activity also required to bulletproof software against attacks from criminal hackers, writes Martin Libicki.

    Jun 11, 2012

  • Report

    Exploring How the EU Should Establish a Cybercrime Centre

    After visiting EU high tech crime units, conducting interviews with stakeholders, and holding a scenario-based workshop, RAND Europe researchers determined that a European Cybercrime Centre hosted by Europol would bring together input from several different entities and drive a common approach to tackling cybercrime.

    Mar 27, 2012

  • computer image with lock

    Project

    Cybersecurity: Examining Challenges for the Future

    Cyberspace is increasingly important for economic growth, openness, and democracy, but poor cybersecurity can make governments, businesses, and individuals open to cyber attack and cyber crime. RAND Europe conducts a range of research on the topic to advise policymakers.

    Feb 29, 2012

  • computer virus cyber worm

    Report

    The Characteristics of Cyberspace Pose Challenges to Those Who Seek to Defend It

    It has become clear that Stuxnet-like worms pose a serious threat even to critical U.S. infrastructure and computer systems that are not connected to the Internet. However, defending against such attacks involves complex technological and legal issues.

    Dec 20, 2011

  • Commentary

    Could Bin Laden's Death Prompt a Cyber Attack?

    A truly monumental attack that could cripple key U.S. computer systems — something akin to the Stuxnet worms attack on Iran's nuclear infrastructure, for example — would take many months of planning, significant expertise, and a great deal of money to pull off, writes Isaac Porche.

    May 6, 2011

  • Report

    Influences on the Adoption of Multifactor Authentication

    Passwords are proving less and less capable of protecting computer systems from abuse. Multifactor authentication (MFA) — which combines something you know (e.g., a PIN), something you have (e.g., a token), and/or something you are (e.g., a fingerprint) — is increasingly being required. This report investigates why organizations choose to adopt or not adopt MFA — and where they choose to use it.

    Apr 15, 2011

  • Report

    Understanding the Security, Privacy, and Trust Aspects of Cloud Computing

    Cloud computing is a model for enabling on-demand network access to a shared pool of computing resources—such as storage and applications—that can be rapidly provisioned with minimal management effort or service provider interaction. RAND Europe explored the security, privacy, and trust challenges that cloud computing poses.

    Apr 4, 2011

  • Journal Article

    Encryption and the Loss of Patient Data

    Encryption is seen as a way to prevent malicious use of patient data, but there is no empirical evidence that it does.

    Jan 1, 2011

  • Brochure

    Chaos or Control?

    What is the role of government in a borderless internet world? RAND Europe assesses the implications for policy makers.

    Mar 11, 2010

  • News Release

    U.S. Must Focus on Protecting Critical Computer Networks from Cyber Attack

    Because it will be difficult to prevent cyber attacks on critical civilian and military computer networks by threatening to punish attackers, the United States must focus its efforts on defending these networks from cyber attack.

    Oct 8, 2009

  • computer programming code

    Report

    Cyberdeterrence and Cyberwar

    Because it will be difficult to prevent cyber attacks on critical civilian and military computer networks by threatening to punish attackers, the United States must focus its efforts on defending these networks from cyber attack.

    Sep 10, 2009

  • Computer password screen

    Commentary

    The Cracks in Data Privacy

    In the future, the EU will inevitably have to adjust its system of rules to cope with the evolving uses of personal data, globalization and international data flows, write Neil Robinson and Lorenzo Valeri.

    May 19, 2009

  • Research Brief

    Cybersecurity Economic Issues: Corporate Approaches and Challenges to Decisionmaking

    This research brief addresses key cybersecurity concerns, such as protecting critical products and services and ensuring that software will work. It identifies how organizations perceive the importance of cybersecurity in making investment decisions.

    Nov 18, 2008

  • News Release

    Computer-Based Crime to Be Focus of Silicon Valley Forum

    Security experts from the technology industry, law enforcement and academia will outline what is needed to better measure and understand the effect of computer-based crime in the United States during a public forum Sept. 25 in Silicon Valley.

    Sep 13, 2007

  • Commercial Book

    Conquest in Cyberspace: National Security and Information Warfare

    Explores the potential for and limitations to information warfare, including its use in weapons systems and in command-and-control operations as well as in the generation of ''noise'' and how far ''friendly conquest'' in cyberspace extends.

    May 12, 2007

  • News Release

    RAND Launches National Computer Security Survey for Departments of Justice and Homeland Security

    On behalf of the U.S. Departments of Justice and Homeland Security, the RAND Corporation is fielding the first national survey to measure the impact of cybercrime on American businesses.

    May 2, 2006