Chapters of ‘Essentials in Cybercrime’ available in open access

On 22 December 2021, our book ‘Essentials in cybercrime. A criminological overview for education and practice’ (edited by W. van der Wagen, J.J. Oerlemans & M. Weulen Kranenbarg) was published.

Our book is intended for students and professionals and offers insight into the various manifestations and features of cybercrime, offender and victim characteristics, quantitative and qualitative methods for studying crime in the digital domain, criminological theories that can be used to understand cybercrime, as well as possible interventions.

In addition to criminological aspects, the book also deals with a number of legal topics, including the criminalisation of cybercrime (under the Convention on Cybercrime) and the investigative powers that can be used by the police in the online domain.

My chapters ‘Types of cybercrime and their criminalisation’ (.pdf) (together with dr. Wytske van der Wagen) and ‘Cybercrime investigations’ (.pdf) (together with dr. Maša Galič) are now available in open access.

The rest of the is available at the store of Eleven Publishing (with Chapter 1 freely available) and stores like

Table of contents:

Chapter 3 – Types of cybercrime and their criminalisation

Jan-Jaap Oerlemans & Wytske van der Wagen

3.1         Introduction

3.2         Cyber-dependent crime

3.2.1     Hacking Computer hacking Ethical hacking

3.2.2     Malware Ransomware

3.2.3     Botnets

3.2.4     Ddos attacks

3.3         Cyber-enabled crime

3.3.1     Cyber-enabled fraud

3.3.2     Online drug trafficking

3.3.3      Money laundering and virtual currency

3.3.4     Online sex offences Child pornography Sexting Grooming Sextortion Revenge porn

3.3.5     Content crimes

3.4         Future developments

3.4.1     Increased involvement of state actors

3.4.2     The ‘internet of things’

3.4.3     The use of artificial intelligence by cybercriminals

3.5         To conclude

3.6         Discussion questions

3.7         Core concepts

Please cite as:

Oerlemans, J.J., & Van der Wagen, W. (2022). Types of cybercrime and their criminalisation. In Essentials in cybercrime: A criminological overview for education and practice. Eleven International Publishing, 53-98.

Table of contents

Chapter 8 – Cybercrime investigations

Jan-Jaap Oerlemans & Maša Galič

8.1         Introduction

8.2         Digital investigations and criminal procedure law

8.2.1     Regulating investigative methods

8.2.2     Jurisdiction and cybercrime

8.3         IP addresses as digital leads

8.3.1      Data production and preservation orders

8.3.2     Seizing and analysing data on computers

8.3.3     Network computer searches

8.4         The challenge of anonymity

8.4.1     Proxy and VPN services

8.4.2     Tor

8.4.3     Open source investigations

8.4.4     Online undercover operations

8.5         The challenge of encryption

8.5.1     Encryption in storage

8.5.2     Encryption in transit

8.5.3     Hacking as an investigative method

8.6         Disrupting cybercrime

8.7         To conclude

8.8         Discussion questions

8.9         Core concepts

Please cite as:

Oerlemans, J.J. & Galič, M. (2022). Cybercrime investigations. In Essentials in cybercrime: A criminological overview for education and practice. Eleven International Publishing, 197-254.

Investigating Cybercrime

Posted on 15/02/2017

On 10 January 2017, I successfully defended my PhD thesis ‘Investigating Cybercrime’. In this blog post, I would like the share my main research results.

Cybercrime investigations

My study shows that in cybercrime investigations, evidence is often gathered by following the two digital leads of IP-addresses and nicknames. I explain how evidence is gathered, based upon these leads. In cybercrime investigations, law enforcement officials often encounter the three challenges of anonymity, encryption and jurisdiction. These challenges can leave law enforcement officials empty-handed in certain circumstances.

However, law enforcement officials can use digital investigative methods to deal with these challenges. The following four investigative methods are identified and further analysed in the study: (1) gathering publicly available online information, (2) issuing data production orders to online service providers, (3) applying online undercover investigative methods, and (4) performing hacking as an investigative method.

Regulating digitale investigative methods on a national level

On a national level, my research shows that the identified digital investigative methods are not regulated in a foreseeable manner in the Netherlands. The reason is that the scope and manner in which investigative methods are applied are not sufficiently clear. In addition, I argue that the quality of the law for certain investigative methods is not adequate. The main and concrete results of my analysis are as follows:

  • The manual and automated gathering of publicly available online information should be regulated in detail, outside criminal procedural law. These regulations should indicate how data protection regulations should be applied in a concrete manner when these digital investigative methods are used.
  • The regulations for undercover investigative methods (both online and offline) should be improved by incorporating supervision by an investigative judge.
  • A warrant requirement should apply for obtaining traffic data and content data from online service providers. The category of ‘content data’ should be defined more clearly by the legislator or Public Prosecution Service.
  • Regulating hacking as an investigative power is necessary. The proposal to regulate this investigative method in the Computer Crime Act III is adequate. However, the investigative power is formulated in a rather broad manner and the legal consequences of its application to ‘disrupt cybercrime’ are uncertain.

Regulating digital investigative methods on an international level

On an international level, my research shows that the application of digital investigative methods are not sufficiently taken into consideration in mutual legal assistance treaties. States should realise and take into consideration that unilateral cross-border digital evidence-gathering activities already take place.

The application of digital investigative methods can endanger both State sovereignty and the legal certainty of individuals in certain circumstances. At the same time however, I argue that unilateral cross-border digital evidence-gathering activities should be permissible in certain circumstances. Ideally, States agree on what terms these evidence-gathering activities are allowed and protect the right and freedoms of the individuals involved in mutual legal-assistance treaties or on an ad-hoc basis. In the meantime, States should create a policy for their law enforcement authorities to determine under which circumstances unilateral cross-border digital evidence-gathering activities are allowed. I provide recommendations about these restrictions for the Dutch legislator.

Finally, I would like to say that it has been a pleasure performing research as a PhD Candidate at Leiden University. I will continue to do research in cybercrime, cybersecurity, digital investigations and privacy in the future.

This is a cross-post from LeidenLawBlog. My book is also commercially available at (among others).