London police boosts cyber-crime fighting and CNI threat tackled

In a double boost for the UK's cyber security, London's Met Police has launched a new cyber-crime and fraud team called Falcon, while the Government has pumped £2.5 million into protecting the critical national infrastructure from cyber-attacks, with security firm Thales playing a role.

London police boosts cyber-crime fighting and CNI threat tackled
London police boosts cyber-crime fighting and CNI threat tackled

Falcon was launched by Met Police Commissioner Sir Bernard Hogan-Howe on Wednesday. It aims to build up to 500 officers – the largest cyber-crime and fraud team in Europe – and is targeting crimes like hacking and online retail fraud, as well as fraud with no online element.

Falcon (which stands for ‘Fraud and Linked Crime Online') is led by Detective Superintendent Jayne Snelgrove. It actually began operating in August but was only unveiled this week.

The Met said it has created the unit “as a response to the increasing trend in fraud and theft being committed online. The proceeds of such crimes are frequently used to fund other serious crime, including organised crime and terrorism”.

In the 12 months to August, 17,000 reports of fraud made to Action Fraud - the national reporting centre for fraud - were referred to the Met Police. Of these, 54 percent were cyber-enabled and 30 percent involved businesses as victims.

But Falcon has been criticised for causing renewed confusion between the different police units targeting cyber-crime.

It has appeared after the Met Police's previous Central e-Crime Unit (PCeU) was subsumed into the National Crime Agency – ‘Britain's FBI' – when it launched last October. Falcon also now sits alongside the City of London Police, which is held to be the lead police force on fraud.

Security consultant and former Scotland Yard cyber-crime detective, Adrian Culley, told SCMagazineUK.com: “A bit like Gandhi saying what do you think about western civilisation, ‘it would be a very good idea' – it's great that they're replacing the PCeU but it's a bit unclear how that fits in with the City of London's national lead on fraud and where it's going.”

Culley welcomed the launch but warned that the police need to do much more to modernise and properly tackle cyber-crime.

“Society is now digital so policing needs to be digital,” he said. “The Robert Peel policing model stood us in good stead for 185 years but there is now a clear delivery gap between that model and digital society. It's encouraging to hear there are more officers but they're papering over the cracks.

“Digital cyber-crime is a problem for every country around the world. I suspect crime is not necessarily dropping, it's just being committed in other forms that aren't being recorded.”

Sir Bernard Hogan-Howe said Falcon will work with the security and banking industries and other police agencies.

Karen Bradley, Minister for Modern Slavery and Organised Crime, said: "The threat from cyber-crime is ranked as a major threat in our National Security Strategy and the Government is investing £860 million over five years to tackle it. I am very pleased to see the Metropolitan Police's commitment to dealing with fraud and cyber crime.”

As part of the same national strategy, the Government is spending £2.5 million on four university-led schemes to combat the threat from hackers and malware to the UK's manufacturing plants, power stations, electricity grid and rail network – its critical national infrastructure (CNI).

The projects, which are supported by intelligence agency GCHQ, include a team from Birmingham University building software tools to identify vulnerable parts of the National Grid and rail network; London's City University creating modelling software to risk-assess CNI; Lancaster University working with industry partners including Thales on ways to measure the business risk from cyber security breaches of industrial control systems; and Queen's University Belfast working with Thales and others to investigate vulnerabilities in the National Grid as renewables energy comes on stream.

The schemes are being co-ordinated by London's Imperial College, whose Professor Chris Hankin said; “Where control systems are linked to the internet we need to understand how failures could cascade across the system. We will be looking at new ways of repairing damage to systems if an attack happens.

“We need to address how to approach network maintenance for industrial control systems, particularly as most systems operate on a 24/7 basis. So we will be looking at how we can ensure better protection without compromising performance.”

The projects are being co-funded by the Government's Engineering and Physical Sciences Research Council (EPSRC) and the National Cyber Security Programme, with support from GCHQ and the Centre for the Protection of National Infrastructure (CPNI).