UK National Crime Agency: Criminals Winning 'Cyber Arms Race'

Businesses and law enforcement agencies are losing the "cyber arms race" with online criminals, the UK's National Crime Agency has warned.

The technical capabilities of criminal gangs are outpacing the UK's ability to deal with their threat, the NCA added.

It said there were 2.46 million "cyber incidents" last year, including 700,000 frauds - with the biggest threat coming from "a few hundred" criminals.

The government is to spend £1.9bn over the next five years on cyber-defences. The NCA's annual assessment of cybercrime found a key threat to the UK comes from international gangs. Some are so well-developed they run call centres and employ translators.

"Cybercriminals targeting the UK include international serious organised crime groups as well as smaller-scale, mostly domestic, criminals and hacktivists," it said.

"The NCA assesses that the most advanced and serious cyber-crime threat to the UK is the direct or indirect result of activity by a few hundred international cyber criminals, typically operating in organised groups, who target UK businesses to commit highly profitable malware-facilitated fraud.

"These cyber-attacks include attacks directly targeting business systems and attacks against individuals."

The NCA said the "accelerating pace of technology and criminal cyber-capability development" currently outpaces the UK's collective response to cybercrime.

"This 'cyber arms race' is likely to be an enduring challenge, and an effective response requires collaborative action from government, law enforcement, industry regulators and, critically, business leaders," the report added.

The NCA says the true scale of criminality is likely to be far bigger because of what it calls "a serious problem" of under-reporting.

It urged businesses to report when they are victims of cybercrime and to share more intelligence, "both with law enforcement and with each other".

In response to the threat, the UK government plans a new National Cyber Security Centre, as well as working with internet service companies to block online attacks.

BBC

« UK IP Bill Will Allow Government To Spy On Journalists
A Strategic Company: The Internet of Things & How ARM Fits In »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Octopus Cybercrime Community

Octopus Cybercrime Community

The Octopus Community is a platform for information sharing and cooperation on cybercrime and electronic evidence.

Aqua Security Software

Aqua Security Software

Aqua Security helps enterprises secure their cloud native applications from development to production, whether they run using containers, serverless, or virtual machines.

Cyber Risk Agency

Cyber Risk Agency

Cyber Risk Agency is a cybersecurity consulting firm specializing in managing cyber risks for SMEs.

Saviynt

Saviynt

Saviynt is a leading provider of Cloud Security and Identity Governance solutions.

Immersive

Immersive

Immersive unifies Cyber Drills, Exercises, Sims, Ranges, and Training into one single, adaptive platform. One Platform. Total Cyber Resilience.

National Cyber Security Centre (NCSC) - Ireland

National Cyber Security Centre (NCSC) - Ireland

The National Cyber Security Centre (NCSC) is the operational side of the Department of Communications in regard to network and information security in the Republic of Ireland.

SGBox

SGBox

SGBox is a highly flexible and scalable solution for IT security. Choose the modules which your company needs and implement it without any modification to your network infrastructure.

Maven Technologies

Maven Technologies

Maven Technologies specialize in secure data destruction, electronics recycling, asset management, and highly detailed reporting.

WebOrion

WebOrion

WebOrion is an All-in-One Web Security & Performance Suite. Fortify, accelerate and monitor your website today.

Crosspoint Capital Partners

Crosspoint Capital Partners

Crosspoint Capital Partners is a private equity investment firm focused on the cybersecurity and privacy sectors.

Audea

Audea

Audea is a consultancy firm specialising in cybersecurity, risk and compliance. We provide professional services addressing all areas of Cybersecurity and GRC.

DigitalWell

DigitalWell

DigitalWell provide fully managed IT and communications solutions for a truly innovative end-to-end experience - for your customers and teams.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

NexusTek

NexusTek

NexusTek is a managed IT services provider with a comprehensive portfolio comprised of end-user services, cloud, infrastructure, cyber security, and IT consulting.

Mantodea Security

Mantodea Security

Mantodea Security is an industry-agnostic powerhouse backed by extensive experience and expertise in the realm of IT security.

CODA Intelligence

CODA Intelligence

CODA's AI-powered attack surface management platform helps you sort out the important remediations needed in order to avoid exploits on your systems.