Portal de Periódicos da CAPES

On-line Activities, Guardianship, and Malware Infection: An Examination of Routine Activities Theory

2009; International Journal of Cyber Criminology; Volume: 3; Issue: 1 Linguagem: Inglês

0974-2891

Adam M. Bossler, Thomas J. Holt,

Sexuality, Behavior, and Technology

IntroductionThe Internet and World Wide Web have dramatically altered the way we communicate, live, and conduct business around the world. These advancements have modified traditional activities, such as banking, dating, and shopping, into activities in which individuals interact with others but neither leave the house nor actually physically meet people (Newman & Clarke, 2003). The growth and penetration of computer technology in modern life has provided criminals with efficient tools to commit crime by providing opportunities to commit crimes that could not exist without cyberspace. Few criminologists, however, have empirically assessed the impact of computer technology on victimization. As a consequence, there is a lack of understanding in the ability of traditional theories of crime to account for the prevalence and potential reduction of cybercrime victimization. In particular, routine activities theory (Cohen & Felson, 1979) may be successful in this endeavor as it has been traditionally used to examine how technological innovations affect crime patterns and victimization.One of the more common and significant forms of cybercrime victimization is the destruction of data files due to malicious software, or malware (Furnell, 2002; Taylor, Caeti, Loper, Fritsch, & Liederbach, 2006). Malware typically includes computer viruses, worms, and Trojan horse programs that alter functions within computer programs and files. Viruses can conceal their presence on computer systems and networks and spread via e-mail attachments, downloadable files, instant messaging, and other methods (Kapersky, 2003; Szor, 2005; Taylor et al., 2006). Trojan horse programs also often arrive via e-mail as a downloadable file or attachment that people would be inclined to open, such as files titled XXX Porn or Receipt of Purchase. When the file is opened, it executes some form of a malicious code (Furnell, 2002; Szor, 2005; Taylor et al., 2006). In addition, some malware is activated by visiting websites, particularly pornographic websites, which exploit flaws in web browsers (Taylor et al., 2006). Though worms do not involve as much user interaction as other malware because of its ability to use system memory and to send copies of itself, humans can facilitate its spread by simply opening e-mails that have the worm code embedded in the file (Nazario, 2003).Cybercriminals often utilize malware to compromise computer systems and automate attacks against computer networks (Furnell, 2002). These programs can disrupt e-mail and network operations, access private files, delete or corrupt files, and generally damage computer software and hardware (Taylor et al., 2006). The dissemination of viruses across computer networks can be costly for several reasons, including the loss of data and copyrighted information, identity theft, loss of revenue due to customer apprehension about website safety, time spent removing the programs, and losses in personal productivity and system functions (Symantec, 2003; Taylor et al., 2006). This is reflected in the dollar losses associated with malware infection. U.S. companies who participated in a recent Computer Security Institute reported losses of approximately $15 million because of viruses in 2006 alone (CSI, 2007). An infected system in one country can spread malicious software across the globe and cause even greater damage because of the interconnected nature of computer systems. The Melissa virus, for example, caused an estimated $80 million in damages worldwide (Taylor et al., 2006). Thus, malware infection poses a significant threat to Internet users around the globe.A large body of information security research explores the technical aspects of malicious software. These research efforts have placed special emphasis on the creation of software applications like anti-virus programs that can identify and contain malicious software on computer systems (Kapersky, 2003; PandaLabs, 2007; Symantec, 2003). …