Victims of computer crime suffer psychological and emotional harm that can be as traumatic as the impact on those who have been physically attacked or robbed—in some cases even more so, according to a United Kingdom survey.
“There has been a perception that cybercrimes don’t have as bad an impact as some physical crimes,” said Prof. Mark Button, lead author of the survey conducted by the University of Portsmouth.
“(But) we found victims who compared the cyber attacks to physical assaults, some [who compared it to] rape, and some [who were] contemplating suicide as a consequence.”
A team of researchers led by Button, director of the Centre for Counter Fraud Studies at the Institute of Criminal Justice Studies at the University of Portsmouth, surveyed 252 victims of “computer misuse,” a legal term in the UK that includes activities such as ransomware, hacking, identity theft, intentional virus infections, and denial of service attacks.
It was the first such survey ever conducted in the UK, where cybercrime accounted for 9 percent of reported crime in England and Wales in 2018, the last year for which statistics were available.
The survey found that few of the victims received systematic police support and only four of the 52 victims interviewed at length reported that the perpetrators had been identified and charged.
Button said the survey was not meant to be comprehensive but should serve as a “wakeup” call for authorities about the toll cybercrime takes on those who experience it.
Nearly one million computer-misuse crimes were reported to UK authorities in 2018, but just 22,683 were registered by Action Fraud, the UK’s national reporting center for fraud and cybercrime, operated by the City of London police.
“This illustrates significant under-reporting, and highlights a subsequent lack of support for those who have often been left deeply affected by the crimes,” Button said.
Reports on cybercrime in the U.S. generally focus on the data breaches in major companies and financial institutions that have exposed the private information of millions of Americans, but there have been few broad studies of victim impacts.
In a similar survey in the U.S., conducted in 2018, 32.7 percent of respondents reported being the victims of computer hacking. A second survey conducted the same year found that over 14 percent had been hacked at least twice.
The UK report highlighted poignant accounts by victims who reported being traumatized.
“I felt raped,” said one.
Another victim said a hacker “put me through hell for a few months, and he invaded my personal world, and tried to take away my future and my kids’ future.”
Button said such stories underlined the need for law enforcement authorities and policy makers to devote the same serious attention to the impact of cybercrime on individual citizens as they did to its impact on the larger economy.
“We found…some victims struggling to report these crimes, with for example one woman whose laptop camera had been hacked by criminals, dismissed by police,” he said in a statement accompanying release of the survey.
In another case, he said a woman whose computer was hacked by her estranged husband to secure advantage in divorce negotiations was told by police “it was not a crime.”
Underlining the troubling health impact on cybercrime victims, 53 percent of the survey respondents said they had difficulty sleeping; 45 percent reported panic or anxiety-related illnesses; and 43 percent reported depression.
Some 20 percent of the respondents said they had “suicidal thoughts.”
In a set of recommendations to the UK Home Office, the cabinet department responsible for public safety, the University of Portsmouth researchers said authorities should improve the infrastructure for providing support and advice to victims, and called for more police training on investigating cyberfraud and assessing its impact.
An executive summary of the survey, along with links to the full report, can be accessed here.