UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Ransomware crime through the lens of neutralisation theory

Connolly, Lena Yuryna; Borrion, Hervé; Arief, Budi; (2025) Ransomware crime through the lens of neutralisation theory. European Journal of Criminology 10.1177/14773708251320464. (In press). Green open access

[thumbnail of Borrion_connolly-et-al-2025-ransomware-crime-through-the-lens-of-neutralisation-theory.pdf]
Preview
 Text
Borrion_connolly-et-al-2025-ransomware-crime-through-the-lens-of-neutralisation-theory.pdf
Download (612kB) | Preview

Abstract

This study examines ransomware crime through the lens of neutralisation theory, and explores techniques used by alleged offenders to justify their involvement in ransomware attacks. This work focuses on highly organised ransomware groups that not only conduct attacks but also operate as Ransomware-as-a-Service businesses. The interview data (n = 9) used in this research were collected by several media and cyber security companies. Drawing on Kaptein and Van Helvoort model of neutralisation techniques, we discovered that interviewees – reported ransomware offenders – distorted the facts (n = 5) and negated societal norms (n = 8). Less common, some interviewees admitted breaking norms, but they rejected responsibility by blaming the circumstances (n = 8) or their own shortcomings (n = 3). These results offer new insights that can support the development of counter-narratives.

Type: Article
Title: Ransomware crime through the lens of neutralisation theory
Open access status: An open access version is available from UCL Discovery
DOI: 10.1177/14773708251320464
Publisher version: https://doi.org/10.1177/14773708251320464
Language: English
Additional information: This article is distributed under the terms of the Creative Commons Attribution-NonCommercial 4.0 License (https://creativecommons.org/licenses/by-nc/4.0/) which permits non-commercial use, reproduction and distribution of the work without further permission provided the original work is attributed as specified on the SAGE and Open Access page (https://us.sagepub.com/en-us/nam/open-access-at-sage).
Keywords: Cybercrime community, neutralisation theory, offender justifications, ransomware
UCL classification: UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Security and Crime Science
URI: https://discovery.ucl.ac.uk/id/eprint/10207993
Downloads since deposit
49Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item