October 2002 is the tenth European Cybersecurity Month aimed at raising awareness of cybersecurity. The police participate in the campaign with the same message as in previous years: Our operating environment is constantly changing with the further development of digitalisation. Technological development has increased the risk of becoming a victim of cybercrime, whereas the threshold for committing such crime has become lower. Nowadays, one does not have to have advanced knowledge or skills in order to commit criminal acts, as various tools for committing crime are relatively readily available on both internet and dark web. This is due to the 'commercialisation' or 'servitisation' of cybercrime (Cybercrime as a Service, CaaS).
Cybercrime statistics in both Finland and other countries highlight the role of minors and young people. The amount of cybercrime by young people has gone up in recent years, whereas other crime has gone down. According to a study conducted in 2021, today's young people between the ages of 10 and 19 are the most networked generation in history; they have already spent half of their waking hours on the net. Their cyber-physical view of the world is totally different from that of previous generations.
Information networks and online access to services may contribute to crime and to a sense that there are no boundaries: net users can present themselves as the type of persons they want and try to hide their real personality by means of various anonymity services. People can create and maintain an entire living environment on the net in real time with cryptocurrency, online market places and forums etc. Such testing of boundaries, or a sense that there are no boundaries, is especially problematic in situations where children or young people end up committing criminal acts because of their lack of understanding. Such situations may arise out of pure curiosity while testing new skills. The fact that services and tools for committing crimes are readily available and easy to use and not costly has substantially lowered the threshold for committing cybercrime. The police have observed that this has also resulted in using these tools and services for other activities, such as interference.
When it comes to young net users, it does not necessarily even occur to them that it might be illegal to use tools available on the net. They might use them as part of their normal daily life, for example in games to shake off a competitor or a bully with a distributed denial of service (DDoS) attack. This is very easy and can even be done just by pressing a button.
The next step for young people might be that they realise that they are capable of creating better tools and they may offer these to others, thus moving from the use of cybercrime services to production, and further to enabling cybercrime.
Minor offences by children and young people may lead to the spiral of more serious, generally economically motivated cybercrime as early as under the age of 15, which is the age of criminal responsibility in Finland. General reasons leading young people to committing cybercrime are their age, interest in technology, technical skills and, particularly at an early stage, non-traditional motives such as curiosity, boredom or joking. Several myths are also related to cybercrime; some might think that cybercrime has no victims or that the perpetrator cannot be caught. The potential of the available technology, providing a sense of anonymity and control, and speed, may also influence the activities.
Signs of criminal activity may include increased time on the net, sudden income, isolation and reluctance to talk about one's activities. It is challenging to detect crime, since criminal activities usually take place in a safe environment at home. The family or friends are not usually aware of the criminal activities and, therefore, a contact by the police may be a shock to them.
Young people's interest and skills in information networks and technology and their role as future professionals are very important in the digitalising world. When it comes to information and cyber security, we should bear in mind that we reinforce or weaken this security through our own actions by using information networks. The development of technology, the automation of tools and the use of different platforms and services enable their multiple use for both legal and illegal purposes. With this in mind, children and young people should not be left out from cybersecurity. Their knowledge and skills and interests should not be underestimated. Open dialogue and guidance into responsible and ethical behaviour on the net is as important as outside the net.
To prevent young people from committing cybercrime, the police have adopted an approach to breaking the spiral of cybercrime. The approach has been developed within the Cybercrime Exit project of the NBI. The project aims to prevent the phenomenon, put the approach into practice, and support young people who want to move away from a criminal lifestyle. Viivi Lehtinen Aki Somerkallio Cybercrime Exit - preventing young people from committing cybercrime
The Cybercrime Exit project is part of the Government's Cyber Security Development Programme for 2022.
This blog post is published as part of the European Cybersecurity Month.