The Home Affairs Select Committee’s report on e-crime warns that the threat to national security from cyber attacks is real and growing. An equal threat comes from e-crime which ranges from attacks on networks, identity theft, industrial espionage, fraud, phishing, and forgery.
The annual global cost of e-crime is an estimated £250bn. E-crime transcends national borders and can take place at almost any time or in any place; the UK is a prime target for state-sponsored cyber-espionage as well as criminal gangs based in Russia and Eastern Europe.
The National Fraud Intelligence Bureau has found 25 countries where criminals were predominantly targeting Britain; there is deep concern that fellow EU countries are not doing enough to prevent these attacks.
The UK is Failing to Respond to Cyber Crime Adequately
The Home Affairs Select Committee’s report states that the UK must do more to stop “low-level internet-based financial crime”, much of which is not currently reported to the police. It suggests that the police need more trained officers in digital crime detection and e-crime experts to “keep pace” with cyber criminals. Also, banks are not doing enough to pursue fraudsters and should be required to report all e-crime to police.
A robust response to e-crime is hampered by too lenient sentences for hacking and cyber-crime and the report recommends that the DPP review sentencing guidelines and ensure e-criminals receive the same sentences as if they had stolen the same amount of money or data offline.
The Committee is concerned about the preparedness and capability of the UK to fight e-crime; particularly given the probability that up to 25% of the UK’s 800 specialist e-crime officers could be lost due to budget cuts. It said that a “dedicated state of the art espionage response team should be established so that British companies, media, and institutions can immediately contact it to report an attack so that effective action can be taken”.
The government claims that it is taking appropriate action and is investing more than £850m via its national cyber-security programme to improve its capabilities.
Better Management of Information Online
GCHQ claims that 80% of cyber-attacks could be prevented by better management of information online. However, the report recommends that banks and businesses be required to report all e-fraud, however small, to the police.
The CBI questioned the need to force businesses to report a cyber attack as soon as it happens, when they should be focused on countering it. Early reporting could prove “counterproductive” and “put firms at greater risk”, but the need “to keep pace with criminals as they target the web” was acknowledged.
Whether mandatory reporting of e-crimes is introduced or not, the report makes it clear that both the scale and scope of cyber-crime is increasing and presents a very serious threat to UK businesses.
The report cites personal responsibility and user awareness as necessary defences against cyber-crime stating that both government and businesses have a strong incentive to educate users and maintain awareness of cyber crime. Also investment in security expertise and systems is essential, together with a greater willingness to co-operate fully with law enforcement.
If you need assistance to ensure your IT policies and reporting procedures comply with the latest regulations, Rollingsons has experienced lawyers who can assist you. For more information please contact Michael Czechyra via e-mail MCzechyra@rollingsons.co.uk or by telephone on 0207 611 4848.