Antivirus Software Concealed Thousands Of Cybercrime Reports

The UK’s national strategy for tackling cybercrime is well established but, outside national agencies, its relevance is limited. Within police forces, the threat from cyber-dependent crime is often not fully understood and is rarely seen as a priority. Knowledge about good practice isn’t shared in a structured way, and as a result there is quite a lot of variation in the local responses to a national threat. 

Recently it was found that thousands of reports of cybercrime were quarantined on a police database instead of being investigated because software designed to protect the computer system labelled them a security risk.

The backlog at one point stretched to about 9,000 reports of cybercrime and fraud, some of them dating back to October last year. The reports had been made to Action Fraud and handed to the National Fraud Intelligence Bureau (NFIB), run by the City of London police.

Just one of Britain's 43 police forces treats online crime as a priority, while the Action Fraud organisation managed to withhold 9,000 so-called cyber-crime reports from police forces, thanks to badly configured antivirus on its reporting portal, according to a government watchdog. 

Software intended to screen reports about online threats sent to Action Fraud by members of the public was incorrectly triggered when members of the public, tried to report cyber threats against them.

A police database called Know Fraud, operated by the NFIB, was incorrectly holding some detailed reports in quarantine after an "updating" of the system in October 2018. "In some cases the automated system mistakenly identified reports as containing malicious coding," reported the national police inspection agency, HMICFRS

Around 9,000 reports were found to be languishing in quarantine. City of London Police, owners and operators of the NFIB, began work on the backlog, which has now been significantly  reduced.

Meanwhile, the report's authors tried to strike a positive note in their summary and foreword, the detail gave the game away. More than a quarter of police forces "told us that cyber-dependent crime, and cybercrime more generally, were not a specific strategic priority," said HMICFRS.

Businesses reporting cybercrimes against them "were less likely to be considered vulnerable" by police workers, even though the NFIB stated a few months ago that businesses were at a "high risk of becoming victims" of cybercrime, prompting police to treat them "differently from other victims" and even delaying their response, particularly for SMEs.

Although all UK police forces do now have cybercrime units, it appears from the HMICFRS report that there is something of an internal police power struggle over which police units should receive, classify and allocate online crime reports for investigation, as well as deciding who gets to investigate. 

While Action Fraud is designated as the he preferred initial point of contact, it is increasingly seen by the general public as an ineffectual as it seems to do little to tackle cybercrime. HMICFRS said it had "found several examples of forces not committing to the regionally managed, locally delivered model agreed by chief constables". 

HMICFS Report:      National Crime Agency:     The Register:         Guardian

You Might Also Read:

British Police At War Against Cyber Crime:

Is Antivirus Software Now Dead?:

 

« Artificial Intelligence Is Already Reshaping Our Lives
A Massive Datacenter On Single Chip »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Evidence Talks Ltd

Evidence Talks Ltd

A leading forensic computing authority developing unique digital forensic technologies. Tools that detect potential terrorists & criminals & used by the military, enforcement & intelligence commmunity

Tigera

Tigera

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

Cynterra

Cynterra

Cynterra is a next generation cloud cyber security and data analytical service provider offering cloud security compliance, data protection, visibility and threat protection services.

Techleap.nl

Techleap.nl

Techleap.nl is a non-profit publicly funded organisation helping to quantify and accelerate the tech ecosystem of the Netherlands.

World Informatix Cyber Security (WICS)

World Informatix Cyber Security (WICS)

World Informatix Cyber Security provides a range of cyber security services to protect valuable information assets to global business and governments.

BreachQuest

BreachQuest

BreachQuest brings together cybersecurity experts with decades of experience identifying security flaws, penetrating networks, and responding to incidents.

Morpheus Enterprises

Morpheus Enterprises

Morpheus Enterprises offer managed security solutions designed to keep your web applications secure and your business running smoothly.

Ontinue

Ontinue

Ontinue ION is an MXDR service that provides Nonstop SecOps through five key capabilities that enable your organization to respond to attacks and continuously reduce risk.

DEKRA

DEKRA

DEKRA’s promise is to ensure the safety of human interaction with technology and the environment.

Supra ITS

Supra ITS

Supra ITS is a leading full-service technology partner offering IT Consulting, Cloud Services, 24x7 Managed IT & Cybersecurity Services, and IT Project Support.

Cysurance

Cysurance

Cysurance is a next-generation risk mitigation company that insures, warranties and certifies security solutions.

CXI Solutions

CXI Solutions

CXI Solutions: Your trusted partner in cybersecurity. We offer a full range of cybersecurity solutions to protect your business from digital attacks and virtual threats.

Flawnter

Flawnter

Flawnter is a security testing software that finds hidden security and quality flaws in your applications.

CardinalOps

CardinalOps

The CardinalOps platform continuously assesses your detection posture and eliminates coverage gaps in your existing detection stack so you can easily implement a threat-informed defense.

Neptune Shield

Neptune Shield

Neptune Shield's mission is to deliver cutting edge Maritime focused Cyber Security & Threat Protection through our Hampton Roads based Tech & Cyber Security Hub.

Layer 8 Security

Layer 8 Security

Layer 8 Security is a cybersecurity advisory, consulting, and technical services firm that arms businesses with practical compliance, risk management, and security program strategies.