Inside out: Characterising Cybercrimes Committed Inside and Outside the Workplace

Abstract

This comparison of cybercrime offenders within and outside the workplace reveals they display very different types of offending behaviour, involving different demographics, initiation pathways, and types of offence. The Cambridge Computer Crime Database (CCCD) is a database of open source information about cybercrime arrests and prosecutions in the United Kingdom. This study analyses data from the CCCD spanning nine years, from 1 January 2010 to 31 December 2018. Insiders are more likely to be older, and commit less-technical offences, primarily data and system breaches. They are less likely to offend with others, the offences are less likely to be international in nature, and they are less likely to receive a custodial sentence. Most alleged offenders are men, but women are more likely to offend within their occupation than outside the workplace. Of those that offend in the workplace, the largest group consists of police officers or police staff. This is likely to reflect differences in the type of organisations that pursue criminal action against insiders. We draw on a strain theory framework to argue that these findings accord with different kinds of strain and differing reactions to strain. The data for crimes outside the workplace support a `subcultural' pattern of adaptation to strain, with offenders tending to be younger, male and linked to co-offenders. The findings relating to insiders support an opportunity model of crime, with inter-workplace variation in opportunities, working cultures and sources of strain present in different workplaces.