British Police IT Systems Cannot Cope With Cyber Crime

The criminal world is vastly changing. More and more crimes of every type involve cyber activity and the UK’s police computer systems are often old and electronically obsolete.

Right now, it looks like their their whole system requires both an update and an independent strategic review to improve it’s effectiveness.

This is what police analysts have privately told Cyber Security Intelligence.

A replacement IT system scheduled to be completed last year is now not expected to be completed until 2025-26 at the very earliest, posing potential problems for officers needing to access crucial information.

The rapidly evolving Information Revolution has established an environment within which cyber crime has been allowed to flourish and is constantly increasing. Hacking, data breaches, and hate crimes have expanded into an entirely new category of crime. Some online forums have become platforms for extremist views, radicalisation, and publishing hate documents before mass shootings and the police are having trouble monitoring them and engaging with the new criminal activity. 

It is widely understood that cyber crime can harm public safety, undermine national security, and damage economies, but what is less well known are the hidden costs that organisations may not be aware of, such as lost opportunities, wasted resources, and the real damage caused to staff morale.

Several million cases of fraud and of computer misuse are reported to the UK police every year. And the police attempt to deal with these crimes, but the extent and global nature of these crimes makes it extremely difficult for national police forces to deal with. 

A report from McAfee has estimated that global losses from cyber-crime globally topped $1 trillion in 2020, and they think it will increase to more trillions by the end of 2021. 

The theft of intellectual property and monetary assets is damaging, but some of the most overlooked costs of cyber-crime come from the damage to company performance. McAfee’s survey revealed 92 percent of businesses felt there were other negative effects on their business beyond financial costs and lost work hours after a cyber incident. The report further explored the hidden costs and the lasting impact and damage cyber-crime can have on an organisation.

Globally, there is an abundance of opportunities and targets, motivated offenders and an absence of effective deterrence or defenders, has driven cyber crime to its current scale. 

In the US increasingly, criminals are abandoning their guns for sophisticated computer-assisted weapons. Recent acts of electronic crime in the United States, such as the $15 million white-collar case dubbed “Operation Derailed” in Atlanta, Georgia, demonstrate the need for increased vigilance by law enforcement. 

Categorising cyber crime is not a simple process; this is evidenced by the lack of an internationally agreed upon definition. Different states and organisations have established their individual criteria for cyber crime and, while there is much overlap, these multiple definitions leave gaps between them.

The lack of a widely accepted definition has serious implications for  jurisdiction and criminal prosecution; further, it can also significantly influence the size and scope of the issue. 

One area in need of policing clarification is the scope of cyber crime is state-sponsored activity. Where entities highly likely to be associated to state authorities are involved in criminal activity. From a user point of view one constant cyber-criminal activity is phishing emails are designed to steal from you by installing malicious software on your computer. Also, as the number of cyber crimes continues to rise inexorably, so too do the police skills needed to deal with them. 

The UK government is taking the risk seriously, designating cyber crime as a tier-1 national security threat and investing almost £2 billion in a National Cyber Security Strategy designed to counter it.

However, expanding cyber crime resources like this means a big increase in the number of trained staff required. And while forces are busily hiring, most of the new expertise is set to come through large-scale training programmes but hiring competent cyber analysts is something the police often can’t afford to do. 

While the number of cyber attacks reported to police in the latest report by the Office of National Statistics is just 26,000, the actual estimate is that the number of cyber attacks in the same period was around 976,000, which means that barely 3% of cyber attack are being brought to the attention of police.

  • The Deep Web contains a lot of information useful for police investigations. For example, there are forum discussion threads on the Deep Web inciting hate speech, being used to target individuals, organise physical threats.
  • The Dark Web is comprised mainly of either marketplaces, discussion forums, or news/commentary sites. This is where law enforcement can find vendors selling goods and services illegally. As with Deep Web forums, it’s also useful for finding suspect chatter about a range of illegal activities and extremism.

Technology is often just a means to an end to help officers do their jobs better and more efficiently but most police operations are not using the technology effectively. The private sector has the human, financial, and technical resources to conduct cyber crime investigations, and can assist national security agencies, law enforcement authorities, and other government agencies on cyber crime matters. 

In light of this, internationally, numerous public-private partnerships have been developed to enhance countries' capabilities to investigate cyber crime. A case in point is Interpol's Cyber Fusion Centre, which includes both law enforcement and industry cyber experts, who work together to provide actionable intelligence and share this intelligence with relevant stakeholders. 

What is really required is increased international law enforcement cooperation among nations and the private sector and investment in more resources for investigation and this is certainly required in the UK. 

This is also needed among developing nations and in all countries there is a need for coordination of cyber security requirements to boost security in all critical sectors like commerce, finance and health care. Cyber crime is progressing at an incredibly fast pace, with new trends constantly emerging. Cyber criminals are becoming more agile, exploiting new technologies with lightning speed, tailoring their attacks using new methods, and cooperating with each other in ways we have not seen before.

Complex criminal networks operate across the world, coordinating intricate attacks in a matter of minutes.
Police must therefore keep pace with new technologies and their systems should probably become one to cover the entire UK and have connections to aspects of it GCHQ intelligence agency’s  systems. 

This update of their computer systems should happen with a new policing strategy to focus on the changing cyber criminal world as they need to understand the new electronic ways criminals are operating.

Developments In The US

The technology used for sales-people documentation and evaluation is now helping police departments. The vast majority of police body camera footage never gets reviewed, with police departments typically only analysing instances where there’s a use of force or other major incidents. 

Police departments really need to be able to analyse audio from body cameras and get better insights into the interactions between officers and the public. A new body camera audio analytics platform will help police departments automatically sift through hours of footage to identify instances of positive and negative interactions by police officers. 

The new tool being developed by startup Truelo analyses every police interaction and can flag a circumstance where an officer is acting out of line. When the technology determines an officer has had a negative interaction with a civilian, the department can intervene and provide the proper training to the officer.The system uses natural language processing technology. 

The idea is to help build trust between law enforcement agencies and the public, give departments better data on officer interactions, and flag problem officers before a tragedy occurs. A negative interaction includes things like when an officer uses profanity, or when an officer’s tone becomes disrespectful. The company is working with around a dozen police departments in the US on a pilot basis, with another half dozen expected by the end of the year. 

Met.Police:      Academia. Edu:      Justice Inspectorate UK:     Raconteur:      Computer Weekly

EchoSec:     Police1:     NBC:      McAfee:    United Nations:    US Dept. of Justice:     I-HLS:    Independent

You Might Also Read: 

Police Get New Tools To Process Digital Evidence:

 

« Ukraine Police Arrest Botnet Attack Controller
Iranian Hackers Attack Dropbox »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alan Turing Institute

Alan Turing Institute

Alan Turing Institute is the UK national institute for data science. A major focus is Big Data analysis with applications including cyber security.

BeOne Development

BeOne Development

BeOne Development provide innovative training and learning solutions for information security and compliance.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

DCIT

DCIT

DCIT is a specialist in providing comprehensive consulting and auditing services in the field of information technology, PROVYS development software and security system AuditSquare.

VKANSEE

VKANSEE

VKANSEE offer the world's thinnest optical fingerprint sensor for mobile device protection.

Cybersecurity Competence Center (C3)

Cybersecurity Competence Center (C3)

The Cybersecurity Competence Center was created to further strengthen the Luxembourg economy in the field of cybersecurity.

IntaPeople

IntaPeople

IntaPeople are IT and engineering recruitment specialists. We have specialist teams for job sectors including Cybersecurity, IT infrastructure and DevOps.

Digital Craftsmen Ltd

Digital Craftsmen Ltd

We're ISO27001 & Cyber Essentials Cybersecurity experts, delivering full cloud security and managed services. We take a bespoke approach for each client from hosting, optimising & securing them online

Venari Security

Venari Security

Venari is an award-winning cybersecurity SaaS provider that has developed an ETA (Encrypted Traffic Analysis) platform which fundamentally changes the way encrypted traffic is analysed.

Digital Element

Digital Element

Digital Element is a global IP geolocation and intelligence leader with unrivaled expertise in leveraging IP address insights to deliver new value to companies.

Veriti

Veriti

Veriti is a unified security posture management platform that integrates with your security solutions and proactively identifies and remediates potential risks and misconfigurations.

LastPass

LastPass

LastPass provides award-winning password and identity management solutions that are convenient, effortless, and easy to manage.

Seraphic Security

Seraphic Security

Seraphic Security provides attack protection to enable safe browsing for employees or contractors, as well as advanced governance controls to enforce enterprise policies across devices.

Access Venture Partners

Access Venture Partners

Access Venture Partners are an early stage VC firm investing in bold founders and helping every step of the way. Areas we give special focus to include cybersecurity.

NewEvol

NewEvol

Don’t React, Evolve! Outsmart threats with real-time AI-powered dynamic defense capability of NewEvol all-in-one cybersecurity platform.

PDI Technologies

PDI Technologies

PDI Technologies helps convenience retail and petroleum wholesale businesses around the globe increase efficiency and profitability by securely connecting their data and operations.