Evolution, crime and security

This page covers a range of evolutionary approaches to crime and security:

How evolutionary ideas can help in understanding crime and terrorism, and developing security interventions

Most people think of evolution in biological terms – survival of the fittest, adaptation of organisms to their habitat, and the origin of species. However, evolutionary-type processes – variation, selection, replication – are far more widespread. They operate not just in the biology of genes and species, but wherever evolutionary-like processes occur – for example in the immune system, in the physiology and psychology of the developing/ learning brain, in technology and in the wider culture, including the accumulation of knowledge.

In Darwin’s Dangerous Idea, Daniel Dennett’s (1995) philosophical take on evolution, refers to this generic process as the evolutionary algorithm.

Another important process is co-evolutionary arms races – where predators and prey both seek, over a protracted timescale, to out-evolve the other in speed, agility and offensive/ defensive capabilities; or where medical science undertakes the equivalent campaign against infectious diseases which fight back with resistance to antibiotics and antivirals.

These key insights offer a bridge for interdisciplinary thinking – and in particular, application to crime and security in diverse ways, presented on this page. The applications range from the evolution of technology and the opportunities it provides for both criminals and security; the arms race between these parties; and evolutionary and psychological/ cultural influences on crime and terrorism.

Evolution, technology and opportunity

Evolution and arms races – gearing up against crime

Cheetah chasing impala

This paper is a first, exploratory, attempt at providing some background, and a framework, to help designers more systematically incorporate crime prevention in their remit. The scope includes design of technological items, environments, systems and services. With all these products this is design against misappropriation, damage and misuse in the furtherance of crime; and design of products explicitly intended for the furtherance of prevention.

The intention is to stimulate designers, commissioners of design and those like criminologists who conduct research that informs design in two ways: 1) shifting perspective from user to misuser to aid the day-to-day process of incorporating the preventive function in specific design tasks; and 2) in the more strategic process of helping crime prevention evolve as fast as crime in a world of adaptable criminals and changing opportunities, many of which stem from the permeation of society by IT. This involves setting up the infrastructure to speed up the feeding of information on crime and prevention to designers, and to promote the durability of preventive techniques. For the one certain thing in prevention is the obsolescence, sooner or later, of any individual measure.

Crime prevention faces a perpetual struggle to keep up with changing opportunities for crime and adaptable offenders. To avoid obsolescence, it has to become adaptive itself. The task of keeping prevention up to date resembles other ‘evolutionary struggles’ such as biological co-evolution between predator and prey (e.g. continually sharper teeth versus continually tougher hide), or military arms races (e.g. more powerful guns versus heavier armour). These are both examples of protracted coevolution of conflicting parties against a background of incidental disturbances which from time to time give the edge to offenders or to defenders. The disturbances in question originate from natural processes or human ones (such as the arrival of new technology).

This paper explores the lessons for crime prevention which might be drawn from the other struggles at several levels: technology/ engineering, generic new methods of prevention and strategic concepts in prevention. An extremely wide range of possible lessons is identified which can take crime prevention a long way up the learning curve, but caution and consolidation are advised. Some ways of achieving this consolidation through systematic mapping are considered but not yet attempted.

This chapter takes the perspective of how conflicts tactically and strategically unfold, and how this process can be influenced for the differential benefit of the ‘good side’. The ‘how’ essentially concerned the process of adaptation, whereby organisms as individuals, groups or species change over some relevant timescale to become better fitted to survival, flourishing and reproduction in their habitual environment. Adaptation for potentially violent and destructive conflict such as carrying out terrorism or defending against it is the core concern of this chapter, although adaptation for cooperation and straightforward foraging with or without violence also play a part.

The aim is to explore the lessons for counter-terrorism from evolutionary studies of adaptation in both human and natural domains. This is partly to come up with some practical suggestions at tactical and strategic levels; but partly also to foster a distinctive and, I will argue, promising way of thinking among policymakers, security services, engineers, planners and designers.

This chapter adopts a long-term, evolutionary perspective, bringing together crime science and ideas from cultural and biological evolution. By way of illustration it discusses in detail how evolutionary processes operating at the technological and tactical level played out in a specific, prolonged period of conflict between the Provisional Irish Republican Army (PIRA) and the UK security services including the police and the military from 1970-1998. This conflict saw not just a steady evolution of terrorist attack techniques and weapons technologies including improvised explosive devices (IEDs), but a co-evolutionary arms race with the security side.

The advantage of an evolutionary perspective on terrorism and counter-terrorism is that it helps us understand and exploit past history, beneficially influence present risks, and prepare for future challenges. The co-evolutionary perspective confers additional benefits in highlighting the simultaneous consideration of attack and defence, move and counter-move, and the symmetries and asymmetries between the opposing parties in a complex adaptive system. More generally, it enables us to detach ourselves from immediate battles and view the conflict strategically.

Specific practical implications of the anticipation of counter-moves, handling arms races and drawing on design are discussed. The (co-)evolutionary approach can equally apply to the struggles with organised crime or indeed to any offending which develops and exploits technological and operational advances.

Co-Eco-Devo-Evo Framework – reciprocal change over different timeframes

The focus on cyber security as an interaction between technical elements and humans has typically confined consideration of the latter to practical issues of implementation, conventionally those of `human performance factors’ of vigilance etc., `raising awareness’ and/or `incentivisation’ of people and organizations to participate and adapt their behavior. But this is far too narrow a view that seriously constrains the ability of cyber security as a whole to adapt and evolve to keep up with adaptive, innovative attackers in a rapidly-changing technological, business and social landscape, in which personal preferences of users are also dynamically evolving.

While there is isolated research across different research areas, we noticed the lack of a holistic framework combining a range of applicable theoretical concepts (e.g., cultural co-evolution such as technological arms races, opportunity management, behavioral and business models) and technological solutions on reducing human-related risks in the cyber security and cybercrime ecosystems, which involve multiple groups of human actors including offenders, victims, preventers and promoters.

This paper reports our ongoing work in developing such a socio-technical framework 1) to allow a more comprehensive understanding of human-related risks within cyber security and cybercrime ecosystems and 2) to support the design of more effective approaches to engaging individuals and organizations in the reduction of such risks. We are in the process of instantiating this framework to encourage behavioral changes in two use cases that capture diverse and complicated socio-technical interactions in cyber-physical systems.

Work on a major paper is ongoing, though latest thinking (March 2023) is to develop this into a book. Current draft abstract of the article:

This article seeks to take thinking, research and practice in cyber security to new levels. It builds on a sophisticated understanding of here-and-now interactions between criminals, users and security, to encompass change, and reciprocity between adversaries both within ICT and the wider human systems in which ICT is embedded. The change in question covers tactical changes in the ecological here-and-now; developmental processes including learning and acquisition of knowhow and tools, throughout careers in offending and security; and shifts over evolutionary timeframes involving populations and generations. Populations cover anything from individuals and the cultures in which they operate and develop, to artificially-designed products, places and systems. Generations cover replication of some product or practice beyond high-fidelity copying of the original, involving some kind of (re)design and/or reconstruction process.

To begin, we introduce basic biological concepts of evolution, co-evolution and development. Then, we make the challenging transition from biological to social/technological counterparts – i.e. centring on cultural evolution – with brief reference to cybercrime/security examples. Next, we review the limited field of existing evolutionary/developmental approaches within cybercrime/ security. We then present our initial thinking on an ontology for cybercrime/security which is fit for the purpose of supporting a more strategic and anticipatory approach to managing cybercrime; which encompasses psychological, social and technological perspectives and applies over diverse timescales; and which can support greater computability for cybersecurity functions. Finally, we illustrate the potential of this Co-Eco-Devo-Evo Framework for posing new questions and challenges for security researchers and practitioners, using the example of scripts; and identify some ways forward.’

The Co-Eco-Devo-Evo Framework

Useful evolutionary frameworks/ concepts

The following frameworks from evolutionary studies are of use within Crime Science – though the usual caution is needed in extrapolating from one discipline to another:

Jablonka and Lamb’s four dimensions

  • Genetic – via conventional changes in DNA code
  • Epigenetic – via markers placed on genes to turn them on or off, which may persist over generations
  • Behavioural – via copying and emulation of the viewed actions of other individuals
  • Symbolic – via linguistic mechanisms and computer code

Tinbergen’s four questions

  • Function (adaptive significance) – how does it contribute to the survival of the organism in the here and now? In cultural evolutionary terms, how does it serve the agent’s or the group’s goals?
  • Mechanism (causality) – how does the trait have its effect in the here and now?
  • Development (ontogeny) – how does the trait emerge during the development of the individual?
  • Evolutionary history (phylogeny) – how was the trait selected for in previous generations of the lineage? The history of selection may or may not relate to the current function, as traits may become repurposed, either in biological evolution or during development.

Walsh’s concept of affordance landscapes

Evolutionary psychology of offending and response to crime

Evolutionary psychology attempts to explain current behavioural tendencies of humans as a whole – rather than individual differences – in terms of historical adaptations to our past environments, e.g. as hunter-gatherers in small bands during the Pleistocene. The field is not without controversy, both internally and from disciplines such as traditional sociology with its view of the human individuals born as tabulae rasae (clean slates), gaining their psychological makeup solely from what they learn through cultural socialisation and from their own lifetime experiences.

Cultural evolution and violent extremism

Biological evolution and its influence on human psychology is only one of several perspectives required to understand human behaviour and misbehaviour. Human culture also evolves, with consequences for crime and security. The presentation below spans both psychological and cultural evolutionary processes:

Evolutionary approaches to knowledge

Two perspectives are introduced, representing the two branches of ‘evolutionary epistemology‘:

  • The evolutionary epistemology of theories – giving a new angle on the What Works/ Evidence-Based Policing movement
  • The evolutionary epistemology of cognitive mechanisms – the evolution of rationality, obviously relevant to the Rational Choice perspective within Crime Science