Research in The Hague: How to prevent curious youngsters from becoming cybercriminals?

Type: Recent developments
Topic: Cybersecurity
Publication date: 21 Feb

To find all this out, Rutger Leukfeldt, professor in Cybercrime & Cybersecurity at The Hague University of Applied Sciences (THUAS), has started a groundbreaking five year research program this February, for which he received a 1,5 million Starting Grant from the European Research Council (ERC). 

Discovering the pathways

Its official title: ‘Cybercrime Pathways; The online-offline nexus in cybercrime: Examining online and offline pathways into and out of cybercrime’. In plain English: what steps do youngsters take before they eventually cross the line?

Rutger Leukfeldt “I am particularly interested in how a twelve or fourteen year old, who knows something about computers and has an affinity with IT, ends up in the cybercrime world. What makes someone go down that path? What are the first steps? How does someone learn that? Because if we know that, we can ensure that those people do not make the wrong choices. Now, authorities or commercial cybersecurity companies only focus on this group once they have committed their crime and have already caused a lot of damage. Then it’s too late.”

Joint operation

The Hague has a unique cybersecurity network with knowledge institutions, internationally renowned institutions and the Hague Security Delta (HSD) Campus. This research is a good example of the innovative initiatives that emerge from this network. The city welcomes these types of relevant research, since The Hague, like every city, has to deal with cybercrime. The European funding enables criminologist Leukfeldt to bring together a unique team of professionals, experts and students specializing in cybersecurity, criminology and behavioural psychology from THUAS, The Netherlands Institute for the Study of Crime and Law Enforcement NSCR - where Leukfeldt is a senior researcher- , Leiden University - where he is a professor in Governing Cybercrime - and the Cyber Offender Prevention (COP) Team of the National Police.

Never done before

When the research has pointed out what these pathways are, the next question is: what kind of prevention programs can you develop to persuade youngsters to use their skills for better purposes? That second goal makes the program unique, because this has never been done on such a large scale in Europe before. In preparation for the program, Leukfeldt and his team conducted a year-long systematic literature review. All studies into risk factors and pathways into cybercrime were analysed. “The results are extremely poor,” he says. “Most studies are very small and methodologically poor. Everyone understands that this kind of research is relevant, but no one has ever properly invested in it. That makes this a unique program. We are really going to collect empirical data here and link it to building interventions. That has never been done before.”

Interviewing young hackers

Leukfeldt has been researching cybercrime for seventeen years. Especially from a psychological perspective. “I’m trying to understand: who are the perpetrators? What are their motives? Why are they doing this? And how can we stop them?”, he says. To study this, Leukfeldt and his team will get access to police files and interrogations reports with perpetrators. In the coming years they will also interview young hackers and cyber criminals who have been arrested. Leukfeldt has already done that in recent years by interviewing firsts offenders who received an alternative punishment.

Learned on Google

Once he had interviewed 25 of them, he started to recognize patterns. “They all said: I didn’t learn it from anyone. I just Googled it or searched on YouTube. Everything is there,” he says. These often involved young gamers who were themselves victims of online bullying or fraud. To take revenge on the perpetrators, they looked for ways to hack, Phish or set up a DDoS attack. You can find all kinds of information about this on Google, YouTube or Telegram. There are all kinds of tutorials on YouTube and it’s easy to find links to hacking forums. Leukfeldt: “Google says the same as a real library: If you want to know more about this, you have to look there. Look at this hacker forum, etc. In this way they are gradually drawn deeper and deeper into that criminal world.”


Two types of criminals

Leukfeldt started his research into criminal cybercrime networks around 2011, when the banking world was hit hard by a lot of phishing attacks. On the one hand, he saw specialists with high-tech skills who made contact with other hackers around the world to carry out cyber attacks. Very difficult crimes to fight. On the other hand, he saw traditional street gangs with a few young people with technical knowledge, who could also launch these types of cyber attacks. “People who want to make money quickly, who previously did so offline and now do so online. You can easily fight this from the Netherlands or other European countries. They are simply physically located in a neighbourhood and in a city,” he explains. “Citizens and companies suffer a lot from the latter group, because they carry out the fraud. It’s not only about the networks from Russia or China.”

Contact with criminal networks

He noted that traditional street gangsters are adopting cybercrime in their criminal repertoire. The question was how young computer enthusiasts came into contact with these types of criminals?

Rutger Leukfeldt “Traditionally, where you are born and grew up often determines whether you come into contact with criminals or organized crime. This is completely different with cybercrime. Where you live doesn’t matter much. Through the online world or places such as Telegram you can easily get in touch with people who do not live nearby or go to school with you. Criminal networks cannot place an advertisement in the newspaper, but they can do so on the dark web or Telegram. The question was: how does such a new type of perpetrator with these skills, who would never end up in a criminal network on the street, come into contact with such an online network to carry out phishing attacks or commit all kinds of fraud? These new young people ensure that such a traditional criminal network has many more opportunities to commit fraud.”
Rutger Leukfeldt “This program will focus on that first steps. I call those baby steps. So you started as an eight, twelve or sixteen year old. You started looking for information, which is not a felony yet, but it was a kind of starting point. At that moment you did not receive any signals like: hey, be carefull! This is a criminal offence. A warning that you might have received in the real world. This program wants to develop and test relevant interventions to ensure that you build in early warning signs on Google, YouTube and other online platforms, making these people realize that they should not do go that way. There is still so little knowledge about this group. That is something I want to dive deep in for the next five years.”

70,000 ads on Google

By developing intervention tools the program becomes more than just scientific research. Together with the COPS team of the national police, Leukfeldt has already carried out an initial pilot. They purchased advertisements via Google that appeared on websites where young people searched for terms such as ‘How do I carry out a DDoS attack?’, ‘How do I buy the necessary booter services?’ or ‘How can I get a hacking tool?’ Rookies who searched for this were shown different banners with texts like: ‘Hey, pay attention, what you are doing is a felony, so you should not do that’. In twelve weeks, the ads were shown 70,000 times to people looking for this type of illegal service. The campaign was so successful that police in seven other countries adopted this method. Leukfeldt: “We are already working on the interventions that we will further develop later in the program. We want this to be a program with impact. Something that the police, authorities or other parties that have a role in crime prevention can immediately use and deploy. Ultimately, it is about setting up a major international program, because this also applies in other countries.”

Saida van Kalsbeek, Program Manager Cybersecurity at the Municipality of The Hague. “The Hague deals with cybercrime on a daily basis, just like any other city. Therefore, we encourage initiatives like this research program. In the city, we accommodate a unique and extensive cybersecurity network where innovation, cooperation and knowledge sharing are central. From pioneering public-private partnerships to groundbreaking research collaborations, we take pride in our multifaceted approach towards safeguarding our cybersecurity network wherein knowledge institutions play a crucial role. This research is a great example of a successful collaboration that is formed in The Hague.”
The research program For more information about the 5-year program on pathways into cybercrime by Rutger Leukfeldt:
Centre of Expertise and Cybersecurity For more information about Centre of Expertise and Cybersecurity of The Hague University of Applied Sciences
Dutch Security Cluster For more information about the Dutch Security Cluster