Ken Jochims Oct 8, 2020 17 min read

Bank robbery in the new era of crime

A few years down the line, when someone thinks of a bank robbery, they won't imagine a couple of guys entering a bank with guns. Shouting the famous line "This is a robbery, everybody get on the ground!" will no longer come to mind.

There will be no ski masks or dozens of police officers stationed outside the bank. This image of a bank robbery is about to become something of the distant past, something like the stagecoach robberies of the Wild West. The world is changing, and with it crime and criminals are changing as well.

A few years ago, the profile of a bank robber was that of a violent man, trained in the use of weapons and with extensive criminal experience. Nowadays, that profile has changed, being a risk taker is no longer a requirement, nor is it necessary to know how to handle weapons or how to drive at full speed to escape from the police. Today, bank robbers never set foot in any branch, they don't have a getaway car waiting at the exit and they're armed only with a computer.

The world of crime is evolving, and criminology, as a science that studies and analyzes this crime, must also evolve to adapt its theories and explanatory models to today's reality. For several decades now, there has been a new type of crime that didn't exist before: crimes that occur in cyberspace. The virtual world has brought about a revolution in all areas: communication, entertainment, business, economics... as well as in the world of crime.

Criminology has tried to use some of the traditional theories and adapt them to cybercrime, some of which we've already covered in other posts.

However, although crime is a behavior, something that's carried out in the physical or virtual world, and although criminals are people, it seems obvious that there are several specific elements of cyberspace that must be included, which make virtual crime something unique and unlike the crime that takes place in the physical world.


Some of the traditional theories can provide us with a few explanations, but these explanations are likely to be a bit of a stretch for theories that were devised and developed to explain a type of crime that takes place in a dimension that is completely different from that which occurs in the virtual world.

Some criminologists and professionals in this field are already working on a new theoretical model, in an approach that has come to be called "Cybercriminology", a sub-discipline within general Criminology that studies, analyzes and explains this specific phenomenon.

This development still needs a few years of work, not only because most criminologists have yet to adapt to the cyber world, but because the current world and its people aren't fully aware yet of what the new digital world really is.

New technologies have been implemented and evolved so rapidly that neither the citizens themselves, nor the police, judges or politicians have been able to adapt to everything that's associated with the internet and the virtual world.

Indeed, many of the cybercrimes that currently occur, including everything from phishing to grooming, have taken advantage of this slowness to adapt in order to encourage the commission of these crimes and gain access to defenseless victims.


Still, most citizens think that an email from our bank is a real email or that an Instagram contact who claims to be 15 years old is really a teenage friend.

It's possible that the "Z" generation, the so-called "centennials", digital natives in their own right, will be capable of processing and adapting to technological changes as quickly as they occur.

Cybercrime, as we know it today, is likely to be as outdated 10 years from now as it is for us to imagine outlaws robbing trains. It is also quite likely that centennial criminologists are already capable of generating purely digital crime theories.

While these criminologists slowly replace us, those of us who are straddling the two current realities must now begin to try to provide answers and explanatory models for cybercrime.

Next, we are going to try to present some differentiating elements of the digital world that we must take into account when formulating criminological theories of cybercrime. Although we will focus on a very specific type of crime, bank robbery, much of the above can also be extrapolated to other types of cybercrime.

First off, and referring back to the situation presented in the first few lines of this post, we must identify the main differentiating element: the space.

Space as we know it in the physical world has nothing to do with what cyberspace is. There are no barriers in the digital world, no obstacles, there are no geo-referenced and spatially delimited places.

Bank X in cyberspace is as close to Spain as it is to Australia or Japan. That bank no longer has walls or doors to break down, money is not hidden in vaults or safes, but in computerized processes of zeroes and ones.


How can we apply the traditional Situational Theories of Criminology here?

According to these theories, the situation, the spatial context, influences whether or not a crime is committed in such a way that by placing physical security structures, we can make a bank a safe place.

For example, for many years it was thought that the best security for banks was their ability to be impenetrable through thick cement and reinforced concrete walls. Later, a new term appeared in criminology, "Natural Surveillance".

This term referred to the fact that secure places could be built by making citizens and others unconsciously become their guardians or watchmen. If robbers were finally able to enter a bank full of thick walls, no one could see them or know what was happening inside, thus creating a security situation even for the robbers themselves.

So, with natural surveillance we do the opposite, instead of building large walls, we make branches with large windows, we place these branches on street corners and, if possible, next to bars or very crowded areas.

The effect we achieve is that if robbers enter the branch and draw their weapons, everyone on the street becomes a witness who can then call the police. Passersby or those who are just having a beer can see what is happening inside the branch through the windows.

This is just one example of managing the space and the situation to condition a bank robbery. But how can we adapt this experience to Bank X in cyberspace? We're working in a completely different dimension, where the situation is no longer spatial as we know it.

Another differentiating aspect or element of the virtual world has to do with the criminal's personal motivation

The virtual world offers a series of characteristics that make people more predisposed or motivated to commit a crime on the internet that they would never consider committing in the physical world.

This is very important, since what we're saying is that the virtual world facilitates and attracts crime. This has a very clear explanation: crimes in cyberspace are relatively easy to commit, they can be very lucrative and, most importantly, they may go unpunished.

If I rob a bank the "old way", I have to be ready to handle a difficult situation, I have to use force, threaten others, possibly confront security guards or employees, in addition to doing things very quickly so as not to run into policemen and snipers at the door.

Today's bank branches are often short on cash, not to mention time-delay safes or other systems that prevent large sums of money from being obtained, and the fact that physical money weighs a lot and must be transported.

Finally, if the police arrive before I leave the branch, I can give up right then and there. Dozens of police, helicopters and road closures will make it very difficult for me to successfully get away. Even if I do, during the robbery it's possible I'll have left behind a bunch of tangible forensic evidence that will sooner or later help the police to end up knocking on my door. Once again, space has made things difficult.

Someone may, however, argue that a digital bank robbery isn't easy to do either. While that may be true, the level of exposure and risk is much lower for a cyber thief than for someone who enters a branch with a gun.

If I'm able to bypass the bank's cybersecurity, I could potentially access a much larger sum of money than I could access in a physical robbery. In this case, there is nothing physical about the crime, I don't have to carry or transport anything, everything is a computer process with numbers on a computer screen.


In addition, the anonymity and the speed that the internet offers make it very difficult for me to be stopped (or at least more difficult). The police, judges and legal policies that do exist in the physical world don't seem very useful when it comes to their application in a virtual environment, making it complicated to prosecute the crime. Maybe I'm so clumsy in the attempt that I'm identified as the thief of that Bank X, but can the police arrest me, or the courts extradite me or try me depending on the country that I'm in?  

In cyberspace it's easier for us to be ghostlike and invisible, much more so than the authorities and governments would like. As long as this doesn't change, as long as the impunity of cybercrime isn't worked on, we can't generate a deterrent effect on a person who would never even consider robbing the local branch in their neighborhood, but who would, however, dare to give it a go with an online bank.

But this is also more dangerous than we think. It's not that cybercrime can attract people who in the physical world wouldn't commit a crime, but that criminals from the physical world are also beginning to be attracted to cyberspace to transfer over or expand their criminal activity.

Groups of organized crime that were dedicated to fraud or scam in the physical world have started to become interested in cyberspace, since these elements that characterize the digital world make it much more attractive.

Another important aspect, which has already been somewhat discussed above, has to do with physical interaction versus digital interaction. If I enter a bank to rob it, I must be prepared to deal with physical interactions, mainly through violence. I'll very likely have to use physical force and I may even hurt someone else. Furthermore, maybe I'm the one who will end up getting injured or hurt.

All of this disappears in cyberspace, where cybercrime takes place without any need for physical force or violence. This reduces the risk to the criminal and removes the inhibitory or deterrent effect that the use of violence can have on some people.

What all of this tell us is that the norms and values of the physical world are very different from the norms and values of the virtual world. Our "animal-like" behavior is very much based on physical contact, on what we can see, touch and feel through our senses.

What I can see is real, what is close by may be a danger to me, others can see me and judge me in the vicinity of my behavior. All of this doesn't work, it doesn't apply, in cyberspace.

Criminology, specifically cybercriminology, must imagine what the bank robbery of the future will look like and must be able to include cyberspace into its elements of study, not as an expansion of the physical space, but as its own and unique dimension. And the sooner it does this, the better.



Ken Jochims

Ken has over 25 years of enterprise software product marketing experience delivering fraud prevention, customer support, identity and access management and IT infrastructure solutions to financial institutions and fortune 1000 companies. Prior to Arxan Technology Ken worked for Neustar, ThreatMetrix, Guardian Analytics, Genesys, CA Technologies, NeXT Computer and Apple. Ken received a BS in Engineering Technology from California State University, Long Beach, and outside of work Ken can be found hiking, mountain biking and working on cars.