Differentiating Insider and Outsider Cyberattacks on Businesses
| dc.contributor.author | Dearden, Thomas E. | en |
| dc.contributor.author | Parti, Katalin | en |
| dc.contributor.author | Hawdon, James E. | en |
| dc.contributor.author | Gainey, Randy | en |
| dc.contributor.author | Vandecar-Burdin, Tancy | en |
| dc.contributor.author | Albanese, Jay | en |
| dc.date.accessioned | 2024-08-09T13:43:34Z | en |
| dc.date.available | 2024-08-09T13:43:34Z | en |
| dc.date.issued | 2023-08-01 | en |
| dc.description.abstract | The use of information and communication technologies in business has opened several new ways for employees to commit cybercrimes against their employers. Utilizing opportunity theory, the current paper investigates the characteristics of businesses victimized by employee-committed cyberattacks and compares insider- and outsider-committed cybercrime in terms of the damage they cause to the business. We used online sampling to obtain information on 350 businesses in the Commonwealth of Virginia, revealing 29 outsider cases and 17 insider attacks that were clearly identified. We found that insider attacks were more costly, resulting in more damage than external attacks; the most frequent attack type was impersonating the organization online for insiders, and viruses, spyware, and malware for outsiders. Our data suggested restricting personal devices, making cybersecurity a priority, cybersecurity updates among management, and employee training do not significantly lessen the risk or mitigate the effects of insider attacks. We suggest that organizational security culture must be refined and strengthened to identify and prevent insider attacks successfully. | en |
| dc.description.version | Accepted version | en |
| dc.format.extent | Pages 871-886 | en |
| dc.format.extent | 16 page(s) | en |
| dc.format.mimetype | application/pdf | en |
| dc.identifier.doi | https://doi.org/10.1007/s12103-023-09727-7 | en |
| dc.identifier.eissn | 1936-1351 | en |
| dc.identifier.issn | 1066-2316 | en |
| dc.identifier.issue | 4 | en |
| dc.identifier.orcid | Parti, Katalin [0000-0002-8484-3237] | en |
| dc.identifier.orcid | Dearden, Thomas [0000-0003-0549-927X] | en |
| dc.identifier.orcid | Hawdon, James [0000-0002-0273-2227] | en |
| dc.identifier.uri | https://hdl.handle.net/10919/120899 | en |
| dc.identifier.volume | 48 | en |
| dc.language.iso | en | en |
| dc.publisher | Springer Nature | en |
| dc.rights | In Copyright | en |
| dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | en |
| dc.subject | insider cyberattack | en |
| dc.subject | businesses | en |
| dc.subject | opportunity theory | en |
| dc.subject | cost | en |
| dc.subject | harm | en |
| dc.title | Differentiating Insider and Outsider Cyberattacks on Businesses | en |
| dc.title.serial | American Journal of Criminal Justice | en |
| dc.type | Article - Refereed | en |
| dc.type.dcmitype | Text | en |
| dc.type.other | Article | en |
| dcterms.dateAccepted | 2023-06-30 | en |
| pubs.organisational-group | /Virginia Tech | en |
| pubs.organisational-group | /Virginia Tech/All T&R Faculty | en |
| pubs.organisational-group | /Virginia Tech/Liberal Arts and Human Sciences | en |
| pubs.organisational-group | /Virginia Tech/Liberal Arts and Human Sciences/Sociology | en |
| pubs.organisational-group | /Virginia Tech/Liberal Arts and Human Sciences/CLAHS T&R Faculty | en |