Cybercrime is a lucrative business with a very positive return on investment. To combat the cybercrime business, it helps to understand how it operates. The authors use the value chain analysis method to find the 24 key activities or processes that drive the cybercrime business, and then structure these into what they call the “cybercriminal service ecosystem framework.” The framework was reviewed by more than 30 experienced business people. It fits on one page--perfect.

The paper’s key diagram organizes the 24 key activities into eight groups, including weapon development and enhancement, delivery, marketplace, and of course the cyber attack itself. Using these services provides agility and little capital expenditure--a modern business approach.

The implication is that a new criminal business only needs an innovative idea and the money to buy the services to execute it, not any hacking skills worth mentioning. Therefore, expect that cybercrime mills will not slow down unless we find ways to put sand in the machines.

The goal is not to help new start-ups in this line of work. The idea is that an understanding of criminal business will reveal how to cripple it or slow it down. In the last section, the authors briefly highlight how the framework may help combat cybercrime. Knowing the enemy’s strengths and weaknesses by highlighting critical processes in the value chain is a first step.

An important contribution, the authors’ extensive research data shows that services in the framework not only exist but are available “as a service” (XaaS). An impressive list of references (six pages) covers every single process. Together with this paper, they form the ammunition to convince nonbelievers of the clear and present danger of cybercrime to digital business. The approach is one that business people should understand and appreciate.