Routine Activity Theory was first proposed in 1979 as one of the first situational explanations of crime. Later on, four factors of target suitability were further defined by the theory’s originators. The rapid and recent development of cybercrime has meant that application of this theory’s components to cyberattacks is still rather limited. This study will contribute to this growing literature, focusing especially on the relationship between several target characteristics and the perpetrator’s nation-state sponsorship in committing the cyberattack. Target type, attack isolation, and vulnerability use were used to measure the proposed target suitability, against perpetrator state-sponsorship. Motivation, group affiliation, technical skills, and attack type were used as controls. Logistic regression with no control variables proved a weak fitting model (Pseudo R2 = 0.094). Various models with differing controls led to a range of model fits, including better and worse models (Pseudo R2 = 0.152 – 0.423). However, a final model with only significant control variables proved the best fit (Pseudo R2 = 0.607). Given these results and based on this dataset, routine activity theory may not provide the best explanation for nation-state sponsored cybercrime target selection. More research will be needed to find the best criminological explanation for cybercriminal perpetrator motivations.
Read
