NCA wants more powers to snoop on Brits

News by Tim Ring

The backlash against international cyber-crime strengthened this week with the head of the UK's National Crime Agency (NCA) calling for more powers to 'snoop' on British citizens.

NCA director general Keith Bristow, the UK's top law enforcement officer, is urging Britons to accept a greater loss of ‘digital freedoms' in return for greater safety from serious criminals and terrorists.

In a Guardian interview published on Tuesday, Bristow warned that the biggest threats to public safety are migrating to the internet and that crime fighters are struggling to keep up.

In response, he said, the NCA wants new powers to monitor data about emails and phone calls - but only if the public consent.

His views on ‘consent' were echoed by Jamie Saunders, director of the NCA's National Cyber Crime Unit (NCCU), who spoke exclusively to

Saunders told us that, with criminals using the dark web and Tor to evade justice, law enforcement must be given a helping hand.

“We need to maximise our ability to pursue them. It's a matter of having the powers and the capabilities that we need to be able to do that,” he told SC.

“We will use the tools the government has given us to the best of our ability to combat crime. When it comes to judgements about the extent of what those powers should be, that is what the democratic process is about.”

Meanwhile, in related news, security firm Kaspersky has partnered with the international law enforcement agency, Interpol, to issue a new warning on the mobile cyber-crime threat.

Based on data from five million Android users in 200 countries, their ‘Mobile Cyber Threats' report says attacks on these users rose nearly tenfold in the space of 10 months, from 35,000 in August 2013 to 242,000 in March 2014.

Over a 12-month period, Kaspersky found more than a million mobile users were infected by a total of around 3.4 million pieces of malware.

Around 60 percent of this malware was designed to steal money. It comprised mainly SMS-sending Trojans but the number of banking Trojans increased 14-fold over 12 months, from a few hundred to more than 5,000. These were mainly samples of Faketoken, Svpeng and Marcher.

The countries experiencing most attacks were Russia, India, Kazakhstan, Vietnam, Ukraine and Germany, though Kaspersky warned its country statistics were not necessarily representative.

In response, the firm is calling for more international co-operation between law enforcement agencies, rather than stronger surveillance powers.

Its report says: “Today, cyber-criminals launch attacks against people in other countries without fear, taking advantage of the many issues that beset international multi-jurisdictional investigations. The more effectively cyber police forces of different countries work together, the harder it will be for cyber-criminals to avoid liability.”

Kaspersky also warns CISOs that introducing BYOD (Bring Your Own Device) “can expose your company to virtually all 'consumer' IT security risks: sensitive corporate data stored on an employee's personal phone could be a valuable find for cyber criminals”.

It says employees should be given simple IT security rules: “Training people to handle their mobile devices appropriately will be a worthwhile investment.”

Commenting on Kaspersky's call for more international co-operation, cyber law enforcement expert Adrian Culley, a security consultant and former Scotland Yard cyber-crime detective, said the problems preventing it were political and legal, rather than a lack of will within law enforcement.

He told “There's always been a need for more inter-jurisdictional co-operation. However the reason it doesn't always happen is that, unfortunately the second you step into that arena, it becomes not a local law enforcement issue but an international political issue.

“What gets in the way of many inter-jurisdictional investigations is international politics. There's also a very lengthy mechanism needed to get a mutual legal assistance agreement in each case.

“The way international law stands is, every time you want police force A to work with police force B it's got to be authorised. It goes back to the 19th century where this happened once a year, now it's happening once a minute. The legal procedures behind international co-operation are not fit for the 21st century.”

The Kaspersky-Interpol report echoes the recent Europol 2014 Internet Organised Crime Threat Assessment (iOCTA) study, which found cyber-criminals are increasingly offering specialised products and services to each other, in a new ‘cybercrime-as-a-service' business model.

Similarly, Kaspersky reports a “drastic change” in the structure of organised criminal groups, from lone hackers to now three types of threat actors – ‘Infectors' who mass-propagate malware and indiscriminately harvest data from devices; ‘Analysts' who study and process the data, and monetise it by selling it on underground markets, blackmailing users or insider trading; and ‘investors' who fund the activity and reap most of the profits.

Kaspersky concludes: “When it comes to mobile devices, it has been underlined that they can be a greater source of personal or business information than desktop computers. That, coupled with the fact that these devices are often less secure, has caused infectors to refocus their efforts onto the mobile device sector.”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews