UK Police Ill-Equipped to Deal with Cybercrime

3570908.png

Police are still playing catch-up with cyber-crime, and are particularly struggling with poor reporting, a lack of data and the InfoSec skills shortage, said Ian Maxted, safer cyber coordinator at the UK’s Gloucestershire Constabulary.
Speaking at the ILEC Centre in London, Maxted offered a candid view of the police's technology capabilities, which was perhaps unsurprising given his own IT security background, including as a former penetration tester and a security consultant for Encryption.
He started his presentation by saying that the ever-increasing use of the Internet and big data is ‘creating opportunities for criminals' but also causing issues for police who remain ‘largely ill-equipped to deal with cyber-crime'. This proliferation was particularly worrying given the ‘siloed' nature of police forces, where idea and data sharing is not generally embraced.
Citing recent statistics, which indicated that that one in three adults suffered from online crime last year, he said that most organisations focus on achieving the bare minimum compliance and to this day have no board buy-in on cyber-security. These companies, said Maxted, “don't understand the benefits of good practice” and wouldn't truly understand until they have “become a victim and change their behaviour.”
One of the main problems, he added, is the reporting of cyber-crime with firms fearing reputational damage and crashing share prices, while also not trusting the police to bring the culprits to justice. In a warning to attending police staff, he said: “The reason industry is not engaging [with you] is because they don't trust you.”
Gloucester remains at the top when it comes to cyber-crime, winning high praise from HMIC in a report released last year, but even Maxted admits that this is just the start, with much of his job still ‘translating' the threat.
Legislation is also an issue and ‘ill-equipped' to deal with the fast moving pace of technology, said Maxted, who cited the Computer Misuse Act as an example; established in the 1990s in relation to landlines, mobiles and some email, it is now being used to judge on so much more. “The law is a grey area and open to interpretation,” said Maxted.
The security expert wasn't finished there, also urging police to liaise more closely with industry and to share data. For this, police would need to incentivize private firms enough to get involved. “Law enforcement is used to putting the hammer down and say ‘you will do this', but they can't do that now.”
He added that collaboration and more funding is needed, with education a continuing concern.
“Education is the biggest problem we have with corporations and with police officers. They've been focused on traditional crime so long that [cyber-crime] is alien to them.” Gloucester has forged ahead with ‘CEOP Think U Know' and social media campaigns.
Despite these problems, Maxted said that cyber-crime isn't as advanced as sometimes promoted, with DoS attacks and hackers exploiting vulnerabilities, poor patching or excessive open ports. Doing these basics is “like putting a seatbelt on”.
“We need to share nationally with what works and what doesn't. We welcome sensible discussions to move things forward, because you can't do it on our own. If you can help, with any advice, please tell me. We do care.”
Later in the day, Kevin Williams, general manager of TC-UK and formerly of the National Crime Agency's National Cyber Crime Unit, painted a more positive picture, citing CERT-UK and CISP as examples of positive public data sharing. “One of the great things I've experienced in law enforcement is collaboration that has taken place over the last couple of years with CERT UK.”
He noted however that sharing is important for “not only saving pounds” for also for stopping harm caused to others, and said that it can be efficiently done so long as this sharing of sensitive information is anonymised.
However, on internet policing, he was less definitive. “Who should police the internet? If you throw in [Edward] Snowden, this is a really complex question,” he said, citing legislation and geographic borders as recurring issues for law enforcement trying to deal with cyber-crime, which has been described as a ‘borderless' crime.
Williams continued that law enforcement is also having to contend with increasingly fast and agile criminals; he cited one example of a group that had their infrastructure up online for one day, conducted their criminality the next and “they were gone on day three”.
“It often means they've carried out attack, no one has seen the attack, and weeks later the criminality is found. But by then any logs that did exist have gone.” Instead, he said that this should get businesses thinking about their log management process.
SC Magazine:  http://bit.ly/1QOXqY9

 

« IBM Breakthrough In Quantum Computing
Data Protection Drives Cloud Security Market »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

SecureNinja

SecureNinja

SecureNinja provides professional training, certifications & professional services related to all facets of Information Technology and Cyber Security.

Sikur

Sikur

Sikur have developed a communication platform that sets new boundaries for corporate privacy and security.

Emsisoft

Emsisoft

Emsisoft protects your devices against all types of malware, ransomware and other threats with no-bloat anti-malware & antivirus solutions.

Devel

Devel

Devel is a LATAM cybersecurity company specialized in providing red, blue and purple team services for the financial sector.

Culinda

Culinda

Culinda secures medical IoT devices in hospitals with An Artificial Intelligence platform and security gateway.

Nubeva Technologies

Nubeva Technologies

Nubeva provide a breakthrough TLS Decrypt solution with Symmetric Key Intercept to gain the visibility needed to monitor and secure network traffic.

Dasera

Dasera

Dasera’s Radar and Interceptor products deliver visibility, governance, and protection solutions for data-agile companies.

Kape Technologies

Kape Technologies

Kape Technologies is a cybersecurity company focused on helping consumers around the world have a better digital experience with greater privacy and protection.

Swissbit

Swissbit

Swissbit AG is the leading European manufacturer of storage, security and embedded IoT solutions for demanding applications.

ITQ Latam

ITQ Latam

ITQ Latam are specialists in cybersecurity, in a convergent ecosystem of technological solutions in infrastructure, cloud and security networks.

Sycope

Sycope

Sycope is focused on designing and developing highly specialised IT solutions for monitoring and improving network and application performance.

Borwell

Borwell

Borwell delivers software and IT solutions to the UK MoD and to UK Government departments, which are secure by design.

SEALSQ

SEALSQ

For the last 25 years, SEALSQ have been developing secure semiconductor chips, secure embedded firmware, and tested hardware provisioning services to serve the vision of a safer connected world.

Defence Labs

Defence Labs

Defence Labs is a cybersecurity company specialising in cost effective penetration testing for small-to-medium sized enterprises.

DNSFilter

DNSFilter

DNSFilter is the most accurate threat detection and content filtering tool on the market today.

Clango

Clango

Clango employs an identity-centric approach to optimizing your cybersecurity investment while minimizing risk.