UK Police Ill-Equipped to Deal with Cybercrime

3570908.png

Police are still playing catch-up with cyber-crime, and are particularly struggling with poor reporting, a lack of data and the InfoSec skills shortage, said Ian Maxted, safer cyber coordinator at the UK’s Gloucestershire Constabulary.
Speaking at the ILEC Centre in London, Maxted offered a candid view of the police's technology capabilities, which was perhaps unsurprising given his own IT security background, including as a former penetration tester and a security consultant for Encryption.
He started his presentation by saying that the ever-increasing use of the Internet and big data is ‘creating opportunities for criminals' but also causing issues for police who remain ‘largely ill-equipped to deal with cyber-crime'. This proliferation was particularly worrying given the ‘siloed' nature of police forces, where idea and data sharing is not generally embraced.
Citing recent statistics, which indicated that that one in three adults suffered from online crime last year, he said that most organisations focus on achieving the bare minimum compliance and to this day have no board buy-in on cyber-security. These companies, said Maxted, “don't understand the benefits of good practice” and wouldn't truly understand until they have “become a victim and change their behaviour.”
One of the main problems, he added, is the reporting of cyber-crime with firms fearing reputational damage and crashing share prices, while also not trusting the police to bring the culprits to justice. In a warning to attending police staff, he said: “The reason industry is not engaging [with you] is because they don't trust you.”
Gloucester remains at the top when it comes to cyber-crime, winning high praise from HMIC in a report released last year, but even Maxted admits that this is just the start, with much of his job still ‘translating' the threat.
Legislation is also an issue and ‘ill-equipped' to deal with the fast moving pace of technology, said Maxted, who cited the Computer Misuse Act as an example; established in the 1990s in relation to landlines, mobiles and some email, it is now being used to judge on so much more. “The law is a grey area and open to interpretation,” said Maxted.
The security expert wasn't finished there, also urging police to liaise more closely with industry and to share data. For this, police would need to incentivize private firms enough to get involved. “Law enforcement is used to putting the hammer down and say ‘you will do this', but they can't do that now.”
He added that collaboration and more funding is needed, with education a continuing concern.
“Education is the biggest problem we have with corporations and with police officers. They've been focused on traditional crime so long that [cyber-crime] is alien to them.” Gloucester has forged ahead with ‘CEOP Think U Know' and social media campaigns.
Despite these problems, Maxted said that cyber-crime isn't as advanced as sometimes promoted, with DoS attacks and hackers exploiting vulnerabilities, poor patching or excessive open ports. Doing these basics is “like putting a seatbelt on”.
“We need to share nationally with what works and what doesn't. We welcome sensible discussions to move things forward, because you can't do it on our own. If you can help, with any advice, please tell me. We do care.”
Later in the day, Kevin Williams, general manager of TC-UK and formerly of the National Crime Agency's National Cyber Crime Unit, painted a more positive picture, citing CERT-UK and CISP as examples of positive public data sharing. “One of the great things I've experienced in law enforcement is collaboration that has taken place over the last couple of years with CERT UK.”
He noted however that sharing is important for “not only saving pounds” for also for stopping harm caused to others, and said that it can be efficiently done so long as this sharing of sensitive information is anonymised.
However, on internet policing, he was less definitive. “Who should police the internet? If you throw in [Edward] Snowden, this is a really complex question,” he said, citing legislation and geographic borders as recurring issues for law enforcement trying to deal with cyber-crime, which has been described as a ‘borderless' crime.
Williams continued that law enforcement is also having to contend with increasingly fast and agile criminals; he cited one example of a group that had their infrastructure up online for one day, conducted their criminality the next and “they were gone on day three”.
“It often means they've carried out attack, no one has seen the attack, and weeks later the criminality is found. But by then any logs that did exist have gone.” Instead, he said that this should get businesses thinking about their log management process.
SC Magazine:  http://bit.ly/1QOXqY9

 

« IBM Breakthrough In Quantum Computing
Data Protection Drives Cloud Security Market »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

AV Test

AV Test

The AV-TEST Institute is a leading international and independent service provider in the fields of anti-virus research and IT security.

Original Software

Original Software

Original Software offers a test automation solution focused completely on the goal of effective software quality management.

Joe Security

Joe Security

Joe Security specializes in the development of automated malware analysis systems for malware detection and forensics.

OASIS Open

OASIS Open

OASIS Open is where individuals, organizations, and governments come together to solve some of the world’s biggest technical challenges through the development of open code and open standards.

Nok Nok Labs

Nok Nok Labs

Nok Nok is a market leader in next generation authentication for cloud, mobile and IoT applications.

Kivu Consulting

Kivu Consulting

Kivu Consulting combines technical and legal expertise to deliver data breach response, investigative, discovery and forensic solutions worldwide.

Safetica

Safetica

Safetica Technologies is a Czech software company that delivers data protection solutions for businesses of all types and sizes.

Octane OC

Octane OC

OCTANe is building the SoCal of tomorrow. We drive innovation and growth by connecting people, resources and capital. Our Incubator focus is FinTech, Data Analytics and Cybersecurity.

Elysium Analytics

Elysium Analytics

Elysium Cognitive Security Analytics delivers the latest and most flexible security system to reduce cost and complexity while providing unmatched scalability.

Vivitec

Vivitec

Vivitec security services are tailored for your business, industry, risk, technology, and size to ensure great protection and planned response for the inevitable cyber-attacks on your business.

Netacea

Netacea

Netacea provides a revolutionary bot management solution that protects websites, mobile apps and APIs from malicious attacks such as scraping, credential stuffing and account takeover.

Ampliphae

Ampliphae

Ampliphae gives you an easy-to-deploy, sophisticated and affordable cloud-discovery, security and compliance platform.

Q6 Cyber

Q6 Cyber

Q6 Cyber is an innovative threat intelligence company collecting targeted and actionable threat intelligence related to cyber attacks, fraud activity, and existing data breaches.

Horizon3.ai

Horizon3.ai

Horizon3.ai is a leader in security assessment and validation enabling continuous security overwatch from an attacker’s perspective through our NodeZero SaaS solution.

SOC Prime

SOC Prime

SOC Prime is the only Threat Detection Marketplace where researchers monetize their content to help security teams defend against attacks easier, faster and more efficiently than ever.

senhasegura

senhasegura

senhasegura is a global Privileged Access Management vendor. Our mission is to eliminate privilege abuse in organizations around the globe and build digital sovereignty.