Cybercrime is (often) boring: maintaining the infrastructure of cybercrime economies

Ben Collier, Richard Clayton, Alice Hutchings, Daniel R. Thomas

Research output: Contribution to conferencePaperpeer-review

23 Downloads (Pure)


It is generally accepted that the widespread availability of specialist services has helped drive the growth of cybercrime in the past fifteen to twenty years. Individuals and groups involved in cybercrime no longer need to build their own botnet or send their own spam because they can pay others to do these things. What has seldom been remarked upon is the amount of tedious administrative and maintenance work put in by these specialist suppliers. There is much discussion of the technically sophisticated work of developing new strains of malware or identifying zero-day exploits but the mundane nature of the day to day tasks of operating infrastructure has been almost entirely overlooked. Running bulletproof hosting services, herding botnets, or scanning for reflectors to use in a denial of service attack is unglamorous and tedious work, and is little different in character from the activity of legitimate sysadmins. We provide three case studies of specialist services that underpin illicit economies and map out their characteristics using qualitative sociological research involving interviews with infrastructure providers and scraped data from webforums and chat channels. This enables us to identify some of the distinct cultural and economic factors which attend this infrastructural work and to note, in particular, how its boring nature leads to burnout and the withdrawal of services. This leads us to suggest ways in which this new understanding could open novel avenues for the disruption of cybercrime.
Original languageEnglish
Number of pages25
Publication statusPublished - 14 Dec 2020
EventWorkshop on the Economics of Information Security - Brussels, Belgium
Duration: 14 Dec 202015 Dec 2020


ConferenceWorkshop on the Economics of Information Security
Abbreviated titleWEIS


  • cybercrime
  • economics
  • criminal infrastructure
  • DDoS
  • botnets
  • deviant sysadmin


Dive into the research topics of 'Cybercrime is (often) boring: maintaining the infrastructure of cybercrime economies'. Together they form a unique fingerprint.

Cite this