Cyber cops face a tough challenge

Document Sample
Cyber cops face a tough challenge Powered By Docstoc
					At the beginning of October, Policing Minister Vernon Coaker announced the launch
of a new £7m policing unit to tackle cyber crime and Internet fraud.

But while the Police Central e-crime Unit (PCeU) was welcomed in some quarters,
there have already been concerns voiced by politicians, IT experts and businesses
about the relatively small amount of funding available to target a multi-billion pound
criminal industry, and questions over the Government's real level of commitment to
cracking down on Internet crime.

There's little doubt that the Government needed to take some sort of action on Internet
crime as, since the closure of the National Hi-Tech Crime Unit (NHTCU) in 2006,
there have been claims of a major gap in the fight against cyber criminals. The
NHTCU had been a high profile organisation, launched amidst a blaze of publicity
and with £25m of funding. By comparison the e-crime unit of the Serious and
Organised Crime Agency (SOCA) was a much more reserved organisation, with a
lower profile. Unfortunately that approach has been interpreted by some businesses as
representing a lack of support for those being targeted by online criminals.

In March this year, Catherine Bowen, head of crime policy at the British Retail
Consortium, said that SOCA had failed to maintain the links developed between
industry and the NHTCU, and that the retail sector seemed "to have fallen off the
bottom of the scale" as far as policing was concerned since the Unit had been merged
with SOCA. There were similar fears raised by the Confederation of British Industry
and the Federation of Small Businesses, which described the policing arrangements
on cyber crime as "lamentable".

In fact SOCA has had more impressive results than many realised. The Agency's
2007-08 report, published in May this year, highlighted notable cyber crime success
including Operation Ajowan, which broke up a web-based crime ring where criminals
traded stolen bank, credit and identity information that could have cost the UK
finance sector at least £6m.

SOCA also sent out 46 alerts to UK business, including 11 alerts to UK financial
institutions detailing more than 46,000 online account details that had been
compromised by phishing and virus attacks.

But while the Agency rightly stated that there were now more staffing resources
targeted directly at Internet crime than in the days of the NHTCU, it was also clear
that cyber criminals were not a major priority for SOCA, at least not compared with
the government-set priorities of drug-trafficking, organised immigration crime and
fraud. Many business organisations and IT experts were instead pinning their hopes
on the proposals put forward by ACPO and the Metropolitan Police Service for the
PCeU and, despite delays on funding, those proposals finally came to fruition at the
beginning of October.
The new unit will receive £3.5m of Government funding and £3.9m from the Met
over three years, and will be based within the Met, under the leadership of Deputy
Assistant Commissioner Jane Williams of the Serious Crime Directorate. It will be a
national resource working alongside the National Fraud Reporting Centre and the
National Fraud Intelligence Bureau to support the development of the police response
to online crime across the country. But its work will not overlap with the existing
remit of SOCA's e-crime unit, or the Child Exploitation and Online Protection (CEOP)

DAC Williams, who became the ACPO lead on e-crime in April this year, said the
unit would become a 'centre of excellence' for combating cyber criminals. "We have
worked closely with the Home Office, City of London Police and SOCA to address
e-crime issues and bring this unit to fruition," she added.

"Electronic crime is a growing phenomenon of the 21st Century and has the potential
to affect us all. This unit will provide a law enforcement solution and work towards
limiting the impact of this crime on society."

From next spring the PCeU will co-ordinate law enforcement of all online offences
and lead national investigations into the most serious cyber-crime. It will also train
officers in local forces in dealing with high-tech crimes, and it will work with the
National Policing Improvement Agency to identify how e-crime reports made to local
forces are handled. But it will not centrally collate all reports of e-crime from the 44
forces of England and Wales, including the BTP. Other key aims for the PCeU
include: · the intelligence-led disruption of e-crime, · analysing and developing
intelligence on computer crime to produce actionable operational products, in
collaboration with other agencies, · developing a network of police, government and
industry partners on e-crime, · the provision of education and preventative advice
about e-crime to industry and the public, · promoting standards for training, procedure
and response to e-crime, and · investigating serious e-crime incidents that fall within
the Case Acceptance Criteria.

So has the launch of the new unit satisfied the concerns voiced by so many? Not quite.
Within days of the launch of the PCeU, experts were already querying the level of
funding for the unit. David Roberts, chief executive of the Corporate IT Forum (Tif),
said: "£7m over three years seems a very small sum for a very large problem. We
doubt whether it will be enough to tackle an issue that the Home Office itself calls a
global menace."

A survey by Tif - published earlier this month - of more than 50 of the UK's main IT
users found that 68 per cent of chief security officers spend up to 40 per cent of their
total security budget on tackling e-crime. Yet despite that level of cyber-crime,
businesses were described as "so disillusioned" by the lack of support from the police
that only four per cent of companies said they always report e-crime attacks, with the
majority, 57 per cent, saying they "didn't feel the crimes would be investigated
properly". Politicians have added their voices to the concerns about Internet crime,
calling for more money to fund the PCeU. In a recent Parliamentary debate on
Internet fraud, Conservative MP Nigel Evans said that the £7m "may not be enough
and the Government may need to look at that again." S

hadow crime reduction minister, James Brokenshire said that while he welcomed the
launch of the PCeU, "we should be under no allusions that the Police Central e-Crime
Unit is a panacea. There is the question over the resources it will have and the abilities
it will have.

"E-crime is the most rapidly expanding form of crime in this country. If this
government does not take e-crime seriously it reinforces in the mind of the criminal
that this country is a soft touch."

Liberal Democrat MP Tom Brake added: "There are concerns about whether £7m
put into the e-crime unit will be sufficient and whether it will be sufficiently resourced
to do the job in hand."

However, Home Officer Minister Alan Campbell claims that criticism over the
PCeU's funding is misguided, as the unit will be supported by other bodies under the
£29m National Fraud Programme, which includes the National Fraud Strategic
Authority (NFSA) and the National Fraud Reporting Centre (NFRC).

"This is not the only unit seeking to tackle online fraud. That figure is not the end of
the story," added Campbell.

The British Banking Association, and the UK Payments Association, APACS, have
also welcomed the new unit; although neither would comment on its funding, both
have said that any initiative to tackle online fraud was a "good idea".

So while there is consensus among all parties - police, business, government and IT
experts - that the growth of e-crime represents a huge threat to both the individual and
the economy, the jury is still out on whether the current approach to tackling online
crime is the right one, or has the right funding.

What is clear is that much will depend on how effective the wider National Fraud
Programme is, and how strong the links are between forces and businesses at a local
level. While only four per cent of companies are reporting every e-crime attack, the
impact of policing on cyber crime will inevitably be limited. So all eyes will be on the
PCeU next spring to see how it can increase the level of confidence among businesses
and IT experts in its ability to police Internet crime.

Shared By: