Evolution, crime and security

How evolutionary ideas can help in understanding crime and terrorism, and developing security interventions

Most people think of evolution in biological terms – survival of the fittest, adaptation of organisms to their habitat, and the origin of species. However, evolutionary-type processes – variation, selection, replication – are far more widespread. They operate not just in the biology of genes and species, but wherever evolutionary-like processes occur – for example in the immune system, in the physiology and psychology of the developing/ learning brain, in technology and in the wider culture, including the accumulation of knowledge.

In Darwin’s Dangerous Idea, Daniel Dennett’s (1995) philosophical take on evolution, refers to this generic process as the evolutionary algorithm.

Another important process is co-evolutionary arms races – where predators and prey both seek, over a protracted timescale, to out-evolve the other in speed, agility and offensive/ defensive capabilities; or where medical science undertakes the equivalent campaign against infectious diseases which fight back with resistance to antibiotics and antivirals.

These key insights offer a bridge for interdisciplinary thinking – and in particular, application to crime and security in diverse ways, presented on this page. The applications range from the evolution of technology and the opportunities it provides for both criminals and security; the arms race between these parties; and evolutionary and psychological/ cultural influences on crime and terrorism.

Evolution, technology and opportunity

The chapter Technology, opportunity, crime and crime prevention – current and evolutionary perspectives (Ekblom 2017e) embodies the cross-disciplinary connections that can be made between evolution, the design of products, systems and places, and the concept of opportunity. See abstract:

‘This chapter seeks to link technology and crime science, including situational crime prevention. It starts by briefly considering the nature of technology. It then looks at the relationship between technology, opportunity, problems and solutions. But opportunity is a more subtle concept than many in the field assume, needing further development for present purposes. It is therefore discussed in relation to both traditional frameworks of crime science and to a more integrated and detailed counterpart, the Conjunction of Criminal Opportunity. But all the opportunity frameworks need supplementing by an account of the dynamics of crime, especially through the concepts of scripts and script clashes.

‘A major section then examines the relationship between crime and technological change, covering adaptations and clashes over longer timescales, in the shape of co-evolutionary arms races between offenders and preventers. This spans both biological and cultural evolution. Then come sections on the practicalities of adopting a deliberately evolutionary approach to prevention – gearing up against crime, innovation and design – and finally some weaknesses of purely technological approaches to crime prevention.

‘The conclusion reviews the significance of understanding technology for crime science. This enhanced understanding of how changing technology can both create and block opportunity for crime, nuisance and terrorism (henceforth, crime) is needed to help us anticipate, detect and respond to the many changes in the crime and security world we can expect to encounter during the rest of the 21^st Century.‘

Another chapter, Crime, situational prevention and technology – the nature of opportunity and how it evolves, for a handbook on technology and crime (Ekblom 2017b), covers a similar field albeit with different emphases, e.g. more on the Conjunction of Criminal Opportunity Framework:

‘This chapter seeks … to understand what is meant by technology and to relate it to key concepts in situational crime prevention. It first considers the nature of technology. It then examines how technology relates to opportunity, problems and solutions. But these concepts themselves needs more development. The chapter therefore covers both traditional frameworks of SCP and a more integrated and detailed counterpart, the Conjunction of Criminal Opportunity. And ‘static’ opportunity needs extending to address crime dynamics, especially through the concept of scripts.

‘A major section then examines the relationship between crime and technological change, covering adaptations and conflicts over longer timescales, viewed as arms races between offenders and preventers and drawing on ideas from biological and cultural evolution. Then come sections on the practicalities of adopting a deliberately evolutionary approach to prevention, and weaknesses of purely technological approaches. The conclusion reviews the significance of understanding technology for SCP. Throughout, low-tech and hi-tech, material and cyber technology are covered in parallel.‘

Evolution and arms races – gearing up against crime

Gearing up against crime was an early publication (Ekblom 1997) on criminal arms races, design and innovation thinking. It argued for a step change in security strategy: that of out-innovating adaptive offenders against a background of technological and social changes that gave advantage first to one side, then the other. This requires the security side to take a co-evolutionary perspective. See abstract:

‘This paper is a first, exploratory, attempt at providing some background, and a framework, to help designers more systematically incorporate crime prevention in their remit. The scope includes design of technological items, environments, systems and services. With all these products this is design against misappropriation, damage and misuse in the furtherance of crime; and design of products explicitly intended for the furtherance of prevention.

‘The intention is to stimulate designers, commissioners of design and those like criminologists who conduct research that informs design in two ways: 1) shifting perspective from user to misuser to aid the day-to-day process of incorporating the preventive function in specific design tasks; and 2) in the more strategic process of helping crime prevention evolve as fast as crime in a world of adaptable criminals and changing opportunities, many of which stem from the permeation of society by IT. This involves setting up the infrastructure to speed up the feeding of information on crime and prevention to designers, and to promote the durability of preventive techniques. For the one certain thing in prevention is the obsolescence, sooner or later, of any individual measure.‘

A second publication on evolution and arms races, Can we Make Crime Prevention Adaptive by Learning from other Evolutionary Struggles? explored lessons from not just natural biological arms races but, for example, pests vs pesticides, bacteria vs antibiotics and of course the eponymous military cases. The results of this investigation were quite surprising. There was relatively little to learn from individual instances from, say nature, such as the lizard’s detachable tail enabling escape from an attacker – human ingenuity had already recapitulated on that idea in the shape of police officers’ detachable tie designed to avoid strangulation. There was more to learn from processes, as the abstract describes:

‘Crime prevention faces a perpetual struggle to keep up with changing opportunities for crime and adaptable offenders. To avoid obsolescence, it has to become adaptive itself. The task of keeping prevention up to date resembles other ‘evolutionary struggles’ such as biological co-evolution between predator and prey (e.g. continually sharper teeth versus continually tougher hide), or military arms races (e.g. more powerful guns versus heavier armour). These are both examples of protracted coevolution of conflicting parties against a background of incidental disturbances which from time to time give the edge to offenders or to defenders. The disturbances in question originate from natural processes or human ones (such as the arrival of new technology).

‘This paper explores the lessons for crime prevention which might be drawn from the other struggles at several levels: technology/ engineering, generic new methods of prevention and strategic concepts in prevention. An extremely wide range of possible lessons is identified which can take crime prevention a long way up the learning curve, but caution and consolidation are advised. Some ways of achieving this consolidation through systematic mapping are considered but not yet attempted.‘

The arms race approach continued to be embedded within the rest of the design, technology, futures and evolutionary work (especially Co-Eco-Devo-Evo, below), and surfaced again when applied to terrorism. Terrorism – lessons from natural and human co-evolutionary arms races (Ekblom 2016b):

‘This chapter takes the perspective of how conflicts tactically and strategically unfold, and how this process can be influenced for the differential benefit of the ‘good side’. The ‘how’ essentially concerned the process of adaptation, whereby organisms as individuals, groups or species change over some relevant timescale to become better fitted to survival, flourishing and reproduction in their habitual environment. Adaptation for potentially violent and destructive conflict such as carrying out terrorism or defending against it is the core concern of this chapter, although adaptation for cooperation and straightforward foraging with or without violence also play a part.

‘The aim is to explore the lessons for counter-terrorism from evolutionary studies of adaptation in both human and natural domains. This is partly to come up with some practical suggestions at tactical and strategic levels; but partly also to foster a distinctive and, I will argue, promising way of thinking among policymakers, security services, engineers, planners and designers.‘

Revisiting Paul Gill’s substantial study (Gill 2017) of the changing weaponry of the Provisional Irish Republican Army from a co-evolutionary perspective, led to Evolution, crime science and terrorism: the case of Provisional IRA weaponry (Ekblom and Gill 2018). See abstract:

‘This chapter adopts a long-term, evolutionary perspective, bringing together crime science and ideas from cultural and biological evolution. By way of illustration it discusses in detail how evolutionary processes operating at the technological and tactical level played out in a specific, prolonged period of conflict between the Provisional Irish Republican Army (PIRA) and the UK security services including the police and the military from 1970-1998. This conflict saw not just a steady evolution of terrorist attack techniques and weapons technologies including improvised explosive devices (IEDs), but a co-evolutionary arms race with the security side.

‘The advantage of an evolutionary perspective on terrorism and counter-terrorism is that it helps us understand and exploit past history, beneficially influence present risks, and prepare for future challenges. The co-evolutionary perspective confers additional benefits in highlighting the simultaneous consideration of attack and defence, move and counter-move, and the symmetries and asymmetries between the opposing parties in a complex adaptive system. More generally, it enables us to detach ourselves from immediate battles and view the conflict strategically.

‘Specific practical implications of the anticipation of counter-moves, handling arms races and drawing on design are discussed. The (co-)evolutionary approach can equally apply to the struggles with organised crime or indeed to any offending which develops and exploits technological and operational advances.‘

Co-Eco-Devo-Evo Framework – reciprocal change over different timeframes

The rapid variation, selection (by market forces) and replication of cyber-technology enables evolution to proceed especially fast – and that includes co-evolutionary arms races between criminals and the security side.

The chance to consider how evolutionary/ arms race perspectives can be used to inform the understanding of cybercrime and to guide the strategy and tactics of cybersecurity arose in the course of Project ACCEPT (UK EPSRC-funded: Addressing cybersecurity and cybercrime via a co-evolutionary approach to reducing human-related risks).

An introductory published paper, A Socio-Technical and Co-Evolutionary Framework for Reducing Human-Related Risks in Cyber Security and Cybercrime Ecosystems (Islam et al. 2019), set the scene for this work:

‘The focus on cyber security as an interaction between technical elements and humans has typically confined consideration of the latter to practical issues of implementation, conventionally those of `human performance factors’ of vigilance etc., `raising awareness’ and/or `incentivisation’ of people and organizations to participate and adapt their behavior. But this is far too narrow a view that seriously constrains the ability of cyber security as a whole to adapt and evolve to keep up with adaptive, innovative attackers in a rapidly-changing technological, business and social landscape, in which personal preferences of users are also dynamically evolving.

‘While there is isolated research across different research areas, we noticed the lack of a holistic framework combining a range of applicable theoretical concepts (e.g., cultural co-evolution such as technological arms races, opportunity management, behavioral and business models) and technological solutions on reducing human-related risks in the cyber security and cybercrime ecosystems, which involve multiple groups of human actors including offenders, victims, preventers and promoters.

‘This paper reports our ongoing work in developing such a socio-technical framework 1) to allow a more comprehensive understanding of human-related risks within cyber security and cybercrime ecosystems and 2) to support the design of more effective approaches to engaging individuals and organizations in the reduction of such risks. We are in the process of instantiating this framework to encourage behavioral changes in two use cases that capture diverse and complicated socio-technical interactions in cyber-physical systems.‘

Work on a major paper is ongoing, though latest thinking (March 2023) is to develop this into a book. Current draft abstract of the article:

‘This article seeks to take thinking, research and practice in cyber security to new levels. It builds on a sophisticated understanding of here-and-now interactions between criminals, users and security, to encompass change, and reciprocity between adversaries both within ICT and the wider human systems in which ICT is embedded. The change in question covers tactical changes in the ecological here-and-now; developmental processes including learning and acquisition of knowhow and tools, throughout careers in offending and security; and shifts over evolutionary timeframes involving populations and generations. Populations cover anything from individuals and the cultures in which they operate and develop, to artificially-designed products, places and systems. Generations cover replication of some product or practice beyond high-fidelity copying of the original, involving some kind of (re)design and/or reconstruction process.

‘To begin, we introduce basic biological concepts of evolution, co-evolution and development. Then, we make the challenging transition from biological to social/technological counterparts – i.e. centring on cultural evolution – with brief reference to cybercrime/security examples. Next, we review the limited field of existing evolutionary/developmental approaches within cybercrime/ security. We then present our initial thinking on an ontology for cybercrime/security which is fit for the purpose of supporting a more strategic and anticipatory approach to managing cybercrime; which encompasses psychological, social and technological perspectives and applies over diverse timescales; and which can support greater computability for cybersecurity functions. Finally, we illustrate the potential of this Co-Eco-Devo-Evo Framework for posing new questions and challenges for security researchers and practitioners, using the example of scripts; and identify some ways forward.’

An exposition of the thinking behind the Co-Eco-Devo-Evo Framework is in this 2019 presentation, and here is a summary diagram representing the key concepts:

Useful evolutionary frameworks/ concepts

The following frameworks from evolutionary studies are of use within Crime Science – though the usual caution is needed in extrapolating from one discipline to another:

Jablonka and Lamb’s four dimensions

Jablonka and Lamb distinguish four dimensions in which evolution can take place – albeit via different underlying mechanisms, and hence with different ‘variations-on-a-theme’ characteristics:

• Genetic – via conventional changes in DNA code
• Epigenetic – via markers placed on genes to turn them on or off, which may persist over generations
• Behavioural – via copying and emulation of the viewed actions of other individuals
• Symbolic – via linguistic mechanisms and computer code

Tinbergen’s four questions

In 1963 the Dutch biologist Niko Tinbergen distinguished four different questions to ask of some manifest trait in a given organism, or population of organisms. The trait could be anatomical, physiological or behavioural. The questions can be adapted to apply to cultural evolution, where it can cover behaviours, norms, the design of products and places etc, at individual and group levels.

Tinbergen’s four questions partially overlap with the Security Function Framework for describing designed products, places, services or systems – Function = Purpose and Niche; Mechanism = Mechanism and Technicality – operation; Development = Technicality – construction. They also connect with the Co-Eco-Devo-Evo Framework, above.

Walsh’s concept of affordance landscapes

Dennis Walsh, a philosopher of evolution, has done much to characterise the interaction between offender and setting in a way that is congruent with the approach to situations and opportunities within the Crime Frameworks (and also with the perspective of Hardie 2020 and Situational Action Theory more generally – Wikström 2018).

Walsh’s (2015) ‘affordance landscape’ describes how what the organism perceives, has to cope with or can exploit is irreducibly co-determined by properties of environment and of the organism itself. So, for example, colour blindness would rule out a career as a forger of banknotes. The niche is another such interactionist concept.