Proposals for the government's ‘Cyber Crime Strategy' have been detailed in a brief House of Commons statement.
The parliamentary under-secretary of state for the Home Department, Alan Campbell, claimed that cyber crime is a large and growing problem and is responsible for a significant amount of social and economic harm, both financially and through threats to children and in the move of government services online.
- Co-ordination to tackle cyber crime across government: there is already significant work across government to tackle cyber crime and it will ensure that there is enhanced leadership to provide a clear focus for cyber crime issues. It will ensure that this work will link closely with the overall cyber security approach set out in the government's Cyber Security Strategy.
- Provision of an effective law enforcement response: it will continue to support all of the existing law enforcements units that respond to cyber crime, and will seek to enhance their operational and intelligence functions through the development of accurate reporting mechanisms for the public.
- Raise public confidence: it will strengthen the links with Get Safe Online and with the work done on the ‘Think U Know' programme run by the Child Exploitation and Online Protection (CEOP) Centre, to ensure that the public continue to have accurate information on how to keep themselves safe online.
- Work with industry: It will work with the private sector to prevent e-crime, through the e-crime and disorder reduction partnership, and through the cyber industrial strategy being developed by the Office of Cyber Security (OCS).
- Work internationally: it will maximise collective efforts overseas - from capacity building through to strengthening multilateral institutions. It will continue to lead efforts to ensure that children are protected online and that there is good cooperation between law enforcement agencies internationally.
Campbell said: “The overarching theme of the new strategy is that there is significant scope to extend our response to cyber crime, as part of the overall government focus on cyberled by the Office for Cyber Security.”
Speaking on cyber crime Mikko Hypponen, CTO of F-Secure, claimed that the internet is the most likely place to be hit by crime.
He said: “In the real world, online crime can be organised but gangs can be people who meet on forums and do not know each other and do not want to meet, so it is not like regular organised crime, but it is crime that is organised.
“There is a huge shift for banking security as the base is not geographic, which is why we do not see law enforcement paying attention to it. If you saw a black van turn up outside a bank and some guys got out and robbed the bank, you would call the police and they would send a SWAT team in ten minutes. If you see a banking Trojan and report it they will say ‘the technical guys are back in Monday and will deal with it then'.”
Jon Ramsey, CTO of SecureWorks, said: “Criminals are very entrepreneurial and are able to profit by simply using someone else's computer and network resource. If you think you don't have anything the criminal wants and don't defend yourself it is exactly what the criminal is hoping and looking for.”
“If you want to reduce your risk by half you have to roughly double your spend on security. At some point you have to decide what the right risk/spend balance is for you. The objective is to get the most risk reduction and reward out of what you are spending. In doing so it is important to remember that the criminal is adaptive and dynamic and technology alone will not be able to adapt to criminals. You will need expertise.”