NCA signs up Trend and Intel to help find the crooks

The UK's National Crime Agency (NCA) has revealed it has enlisted the help of two cyber-security companies.  

Trend Micro and Intel Security will provide real-time intelligence for the NCA as part of “virtual threat teams”, according to Andy Archibald, head of NCA's cyber-crime unit.

In an interview with the BBC, he said the closer relationship had developed over the past 10 months following collaboration between the law enforcement agency and the companies that had led to arrests in the UK for creating malware, laundering money and running specialist hosting services for cyber-criminals.

In the traditional model of policing, he said, there is a victim who reports a crime to the police which is then investigated. However, cyber-crime often fails to fit into that model. "Security firms have a far greater understanding of the threats in terms of what they see on a day-to-day basis," he told the BBC.

Private firms would be able to provide a global view of the threat landscape, he said. In some cases, it was not possible to identify the people behind an attack, which means that the NCA sometimes has to target the hackers' resources rather than the hackers themselves.

Raj Samani, CTO Europe, Intel Security said they had produced some “remarkable” results in 10 months of collaboration including GameOverZeus, Cryptolocker, Blackshades and Beebone.

Following the takedown of Beebone in April, security consultant Brian Honan told SCMagazineUK.com that the way the takedown was orchestrated was a model for the future.  “There was an exceptionally high level of co-operation, something that can be difficult to achieve,” Honan said.

In that case, Intel Security worked with law enforcement agencies across Europe plus Kaspersky Lab and the Shadowserver Foundation.  “Shadowserver did a great deal: We needed to ensure that we suspended the right domains and Shadowserver helped on that.  If we didn't get the right domain the bad guys could go back to do it again,” Samani told SC at the time.