Antivirus Software Concealed Thousands Of Cybercrime Reports

Uploaded on 2019-12-10 in GOVERNMENT-Law Enforcement, FREE TO VIEW

The UK’s national strategy for tackling cybercrime is well established but, outside national agencies, its relevance is limited. Within police forces, the threat from cyber-dependent crime is often not fully understood and is rarely seen as a priority. Knowledge about good practice isn’t shared in a structured way, and as a result there is quite a lot of variation in the local responses to a national threat. 

Recently it was found that thousands of reports of cybercrime were quarantined on a police database instead of being investigated because software designed to protect the computer system labelled them a security risk.

The backlog at one point stretched to about 9,000 reports of cybercrime and fraud, some of them dating back to October last year. The reports had been made to Action Fraud and handed to the National Fraud Intelligence Bureau (NFIB), run by the City of London police.

Just one of Britain's 43 police forces treats online crime as a priority, while the Action Fraud organisation managed to withhold 9,000 so-called cyber-crime reports from police forces, thanks to badly configured antivirus on its reporting portal, according to a government watchdog. 

Software intended to screen reports about online threats sent to Action Fraud by members of the public was incorrectly triggered when members of the public, tried to report cyber threats against them.

A police database called Know Fraud, operated by the NFIB, was incorrectly holding some detailed reports in quarantine after an "updating" of the system in October 2018. "In some cases the automated system mistakenly identified reports as containing malicious coding," reported the national police inspection agency, HMICFRS

Around 9,000 reports were found to be languishing in quarantine. City of London Police, owners and operators of the NFIB, began work on the backlog, which has now been significantly  reduced.

Meanwhile, the report's authors tried to strike a positive note in their summary and foreword, the detail gave the game away. More than a quarter of police forces "told us that cyber-dependent crime, and cybercrime more generally, were not a specific strategic priority," said HMICFRS.

Businesses reporting cybercrimes against them "were less likely to be considered vulnerable" by police workers, even though the NFIB stated a few months ago that businesses were at a "high risk of becoming victims" of cybercrime, prompting police to treat them "differently from other victims" and even delaying their response, particularly for SMEs.

Although all UK police forces do now have cybercrime units, it appears from the HMICFRS report that there is something of an internal police power struggle over which police units should receive, classify and allocate online crime reports for investigation, as well as deciding who gets to investigate. 

While Action Fraud is designated as the he preferred initial point of contact, it is increasingly seen by the general public as an ineffectual as it seems to do little to tackle cybercrime. HMICFRS said it had "found several examples of forces not committing to the regionally managed, locally delivered model agreed by chief constables". 

HMICFS Report:      National Crime Agency:     The Register:         Guardian

You Might Also Read:

British Police At War Against Cyber Crime:

Is Antivirus Software Now Dead?:

 

« Artificial Intelligence Is Already Reshaping Our Lives
A Massive Datacenter On Single Chip »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Hitachi ID Systems

Hitachi ID Systems

Hitachi ID Systems offers comprehensive identity management and access governance, privileged access management and password management solutions.

Stratus Cyber

Stratus Cyber

Stratus Cyber is a premier Cyber Security company specializing in Managed Security Services. Our services include Blockchain Security, Pentesting, and Compliance Assessments.

White & Black

White & Black

White & Black are specialist corporate & technology lawyers based in London & Oxford.

iHLS Startups Accelerator

iHLS Startups Accelerator

iHLS Accelerator is the first startup accelerator in the world in the security and homeland security field.

SafeTech Informatics & Consulting

SafeTech Informatics & Consulting

Safetech's OTShield detects, prevents and analyses cyber-attacks in SCADA and Industrial IoT systems by utilising state of the art deception techniques.

Qrator Labs

Qrator Labs

Qrator Labs is a leader in DDoS attack mitigation, helping organizations protect their websites from the most harmful, sophisticated DDoS attacks.

Digital Boundary Group (DBG)

Digital Boundary Group (DBG)

Digital Boundary Group (DBG) is an information technology security assurance services firm providing information technology security auditing and compliance assessment services to clients worldwide.

Stronger International

Stronger International

Stronger International provides expert cyber services and training to organizations and individuals to enhance IT and security knowledge.

Appurity

Appurity

Appurity specialises in mobile and application security, delivering comprehensive solutions across all verticals.

Kobalt.io

Kobalt.io

Kobalt are bringing the monitoring capabilities of enterprise-class security teams to smaller organizations.

Singtel Innov8

Singtel Innov8

Singtel Innov8, the venture capital arm of the Singtel Group, invests in and partners with innovative technology start-ups globally.

Harbor Networks

Harbor Networks

Harbor Networks is a communications systems integrator and managed services provider. We provide business consultation services for voice and data communication technology.

Strata Information Group (SIG)

Strata Information Group (SIG)

Strata Information Group (SIG) is a trusted partner in IT solutions and consulting services.

SecuCenter

SecuCenter

Secucenter is a trusted partner for SOC services, offering security expertise in a cost-effective way.

CyberAntix

CyberAntix

CyberAntix offers Premium CyberSecurity for your business using an advanced Security Operations Centre technology and process platform reinforced by a steadfast and expert SOC team.

Yokai

Yokai

Yokai is a secure, distributed platform for data communication with enhanced security features tailored for classified environments such as finance, defence, healthcare, cybersecurity, and more.