Home Affairs Committee calls for better cyber crime reporting and awareness
Home Office to spearhead £4 million awareness campaign
Greater awareness and better sources of reporting online crime are required for the general public.
According to the UK Home Affairs Committee report on e-crime for 2013-2014, a dedicated and state-of-the-art espionage response team should be established so that British companies, media and institutions can immediately contact it to report an attack so that effective action can be taken.
Its report called for greater awareness, saying that it was of "great concern that the majority of cyber crime could be prevented" by better user awareness. The committee called for "all organisations, businesses and schools must provide users with appropriate information and risk management training". This was especially the case for the government and the private sector, which it said "have a strong incentive to educate users and maintain awareness of cyber crime".
Further on in the report the committee called on better education of children about staying safe online, and said that this was as important as learning about crossing the road safely. “We welcome teaching about online safety and security taking place in schools and initiatives such as ‘safer internet week',” it said.
Adrian Culley, EMEA technical consultant at Damballa and former e-crime lead at Scotland Yard, said that what is needed for children is a form of the cycling proficiency test but for the internet. He told SC Magazine that this could be adapted for primary and secondary school children, but also for all ages.
He said: “It doesn't have to be expensive or complex, but it could give the public some skills and how to know when you are safe, as this will strengthen the economy.
“I'd like this to be run by government agencies, including the department for education, Home Office, Foreign Office for GCHQ and while it is not connected, MI5 should be involved.”
To help the public report e-crime, the committee recommended the establishment of a dedicated espionage response team that British companies, media and institutions can immediately contact to report an attack, and who can also provide training in order to counter attacks.
It also called for an improvement in the way in which e-crime is reported and recorded, as it was important that there was an up-to-date and accurate estimate of the threats from e-crime. It also said that the government should "publicly distance itself from the £27 billion estimate of the annual cost of e-crime to the UK economy".
To help analysis and reporting of e-crime the committee called on the government to commission a working group of experts, to include representatives from the cyber security industry and independent experts, to produce annual figures that show the incidence of e-crime and any observable trends.
However, it questioned why the government continues to use "highly controversial figures" in its basis for policy-making, but welcomed efforts to form a single National Cyber Crime Unit.
Klaus Gheri, vice president of product management for Europe at Barracuda Networks, said: “The growing threat of internet crime is not specific to the UK. It is the same everywhere. Law agencies are ill equipped to protect against cyber warfare.
“The government has the biggest responsibility here. It needs to pass legislation for all businesses to have a prescribed minimal amount of cyber security. There should also be an obligation for businesses to report any hacks and data loss.”
Darren Anstee, solutions architect global team lead for Arbor Networks, said: “Any organisation operating online in the UK is a potential target, and it was recently reported by the GCHQ that the UK faces at least 70 sophisticated cyber attacks a month. To stay on top of this authorities in the UK must look to develop a cohesive strategy for dealing with cyber crime.”