ZDNet UK / News and Analysis / Business of IT / IT Strategy

Lack of reporting hits cybercrime fight

By Matt Loney, ZDNet.co.uk, 25 April, 2002 16:47

Daily Newsletters

Sign up to ZDNet UK's daily newsletter.

Topics

Cybercrime, national high tech crime unit, tony neate, e-Crime, NHTCU, EDS

NEWS
A reluctance by UK industry to report cybercrime incidents to police is resulting in a lack of statistics and intelligence which is in turn hampering the fight against cybercrime. It's a vicious catch-22. The industry points to confusion over just which police agency cybercrime should be reported to, together with a lack of follow-up by police when crimes are reported. But the police say the reporting process is as easy as for normal crime, and say that to really boost staffing in key agencies it needs the statistics -- which it cannot get unless more cybercrime is reported. To try to break the cycle, the National High-Tech Crime Unit is introducing new measures such as confidentiality agreements and an online crime reporting service, according to the NHTCU's tactical and technical industry liaison officer Tony Neate. Citing the Information Security Breaches Survey 2002, which was published at Infosec on Tuesday by PricewaterhouseCoopers, Neate noted that only 41 percent of UK companies said regarded as 'very important' the reporting of a serious incident to police. "For many companies, reporting the crime to the police is a last priority," said Neate. When it comes to online fraud, the ratio of reported incidents may be even smaller, according to David Spinks, director of information assurance at outsourcing giant EDS, which manages more than 3.5m desktop PCs on behalf of its clients. "It is my view the amount of security breaches reported is only tip of iceberg. For every one admitted might be 100 more held within companies. We don't have the right statistics showing breaches of crime related to security systems." A major cause of this, believes Spinks, is that there is no central point of contact with law enforcement. "We have five or six different law enforcement agencies who ware all saying we're responsible for cybercrime. Ideally we need one body." Roland Perry, vice chairman of the Internet Crime Forum, agrees: "It is not obvious who are right people to report crime to," he said. The ideal solution solution, he said, would be a one-stop shop. "Where do you go if you get a Nigerian email?" he said, referring to the well-known email scam carried out from West African -- mainly Nigerian -- states, which he estimates to be worth £50m a year. "Do you report it to the National Criminal Intelligence Service, the Metropolitan Police, or the Fraud Squad, the NHTCU or your local police? If you take one of these emails to your local police, what is the chap behind the desk supposed to do with it?" At the NHTCU, Neate denied the situation was this complicated. "We are looking at an online cybercrime reporting system," said Neate, for reporting such crimes to the Unit. But, he added, not everyone needs to use this. "There are 43 police forces in this country. If your house is broken into you phone your local police force. That's how we deal with it, that's how we have always dealt with it. If you get West African scam letters or discover paedophile activity, you can report it to your local police," Neate said crimes reported to local police will be passed on to a national law enforcement agency where necessary. "We are a national organisation, we deal with serious organised crime on a national and trans-national basis. We want confidential reporting but we have to be realistic -- there are 40 of us now, rising to 90 in the next year or two." Minor email scams will probably not be dealt with by the NHTCU, said Neate, but large extortion rackets will be, for instance. Neate admitted that there are a lot of grey areas in the middle. "If it is serious and organised and we have the resources at the time we will investigate. We want more people, but so does every law enforcement agency, and we will not get more unless we get more statistics, and we can't get stats unless industry reports the crimes." To aid better reporting, the NHTCU is now prepared to protect the confidentiality of victims of e-crime, signing non-disclosure agreements where necessary. "Why? Because we want to lock up the bad guys, but can't do that unless industry tells us what the problems are." The NHTCU, said Neate, will keep companies' names "extremely confidential -- there may be incidents that come in that only three people in the office will know about." And the attitude of the police has changed drastically over the past few years, he added. "Three years ago the police might have come in and taken your systems away -- possibly causing more damage than the criminals did. We now work with you -- it may take months, even a year, but it works, and there doesn't not have to be any publicity." So seriously is any contract of confidentiality taken, said Neate, that if at trial the defence asks for the original evidence, the NHTCU will plead public interest immunity. "But if we are forced by the judge we will stop the investigation and not go any further. We take it that seriously. If we make a mistake once with one company then we are dead in the water."
See the Net Crime News Section for the latest on fraud, crime, child protection and related issues. Have your say instantly, and see what others have said. Go to the Security forum. Let the editors know what you think in the Mailroom.

Related stories

More cybercrime laws will be counter-productive, says thinktank

FBI builds cybercrime division

Council of Europe approves cybercrime treaty

Heart of England NHS begins massive digitisation plan

Hard-drive woes hit PC shipments in fourth quarter

Talkback

Ihave recieved these e-mail last year in nov 05. there is a mr cadwel ,dr paul bapou advocat kofi 30 millions dollars us under my name as an enhrited of a late prince gohil but i have to pay $125,500.00 to pay govenment taxes before they release me the money.
advocate kofi send me a letter for financial help of $125,500.00 to a compagny to london and the lender name is mr henry wamack,and i believe them and i sent the letter to him and they promised me i am not going to pay anything back until i recieve my claims.
i didn't konw how stupid i was until now.and i am verry ambaress to talk about it .they even give me my account number of the claims please tell me what to do.

via Facebook 11 February, 2006 16:31
Reply

hmmm....i also have a bridge in brooklyn for sale...dont believe that crap.

via Facebook 28 June, 2006 22:36
Reply

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your ZDNet UK account below

  • Login

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ

Get ZDNet UK's daily newsletter

Enter your email address to sign up

ZDNet UK Live

Burn-IT

Nine people? £30m? Who's back pocket is that lot going in? And IF they say it is for new buildings, what about all the ones the government has...

17 minutes ago by Burn-IT on Police set to launch three £30m e-crime hubs
ewallace

Just to be clear, nobody knows what is in the text of ACTA, here is a photograph of the text of ACTA http://twitpic.com/8h9iju as submitted to the...

23 minutes ago by ewallace on ACTA: Facts, misconceptions and questions
fgvrg56

Unfortunately main issue is that ASUS is refusing to accept that they make some mistake on this version of asus Transformer prime. 1 - GPS sensor...

2 hours ago by fgvrg56 on Asus Eee Pad Transformer Prime Wi-Fi & GPS problems?
Ben Woods

@Marcus A fair question. Just talked with Archos which said it was working on an announcement for next week....

3 hours ago by Ben Woods on Archos confirms G9 Ice Cream Sandwich update schedule
Marcus Karlsson

Any update on this, considering the claimed "first week of February"?

4 hours ago by Marcus Karlsson via Facebook on Archos confirms G9 Ice Cream Sandwich update schedule
apexwm

Bill Goodrich : Just as al_langevin pointed out, with Windows Server 2008 there is no Services for Macintosh anymore. It's gone, not available....

12 hours ago by apexwm on Windows Server 2008 drops the ball for Mac compatibility
txtrainguy

Replying to an old topic that I'm currently facing with my CEO (who is on a Mac). Our servers are primarily Windows Servers, office is about...

19 hours ago by txtrainguy on Windows Server 2008 drops the ball for Mac compatibility
k0tcs3

Sure, that makes perfect sense. Pay wrong-doers money and thank them for breaching your security and pointing out your flaws, that would surely...

19 hours ago by k0tcs3 on US indicts Romanian over NASA climate change hack
Random_Error

I think he's referring specifically to Android apps, as Apple do regulate their App Store, but Google seem to let any old crap onto the Android store!

19 hours ago by Random_Error on RIM: BlackBerry will keep 'garbage' apps out of store
Paul Fezziwig

Keep the crap apps out?! How will they compete with Android and Apple's claim to fame of having so many life changing apps? I wonder if the media...

1 day ago by Paul Fezziwig via Facebook on RIM: BlackBerry will keep 'garbage' apps out of store
Aigars Mahinovs

It has been shown time after time that if there is an author store that sells the songs at even 1$ per song and gives you a high-quality digital...

1 day ago by Aigars Mahinovs via Facebook on Copyright isn't working, says European Commission
awbMaven

""As a result of Butyka's alleged conduct, researchers were unable to use the computers for more than two months while NASA removed the malicious...

1 day ago by awbMaven on US indicts Romanian over NASA climate change hack
subhorup

It simultaneously worries me and uplifts me that a self-proclaimed group of internet activists name themselves after Indian mythical figures....

2 days ago by subhorup on Anonymous activists release PCAnywhere source code
naviathan

It's actually far easier to work anonymously on the internet than you think. With tools like Tor bouncing your traffic around the world before...

2 days ago by naviathan on Anonymous activists release PCAnywhere source code
Agnostic_OS

1000272134 and bluedalmatian with you both there but then I'm still in 10.04 land (and happy with it)

2 days ago by Agnostic_OS on Ten factors that make Ubuntu 11.10 a hit
apexwm

Interesting article and definitely see your points on the products mentioned. One of the top products for our Help Desk (approximately 20% of all...

2 days ago by apexwm on Ten flawed products that derail productivity
Paul Hutchinson

Absolutely - this should obviously not be handled my isp - but handled by their hosting operator. What's been suggested here is that my isp police...

2 days ago by Paul Hutchinson via Facebook on MPs urge ISPs to take down terrorist material
Techs UK

Looks like a great phone. I don't notice any deficiencies in WP7. used IOS before, that's pretty good. I don't spend much time in Apps, all i need...

2 days ago by Techs UK on Nokia pins US 're-entry' hopes on Lumia 900
Larry Bloggy

Now with the help of these apps you are always synced with MS outlook while on the move. Just download apps like xobni or outlookreflex and get...

2 days ago by Larry Bloggy via Facebook on Outlook Social Connector beta 2 and the LinkedIn connector
mike40g123

Your details are wrong. The version currently being made is the one with 2 USB ports, 256MB RAM and a network port. This is the Model B. The...

2 days ago by mike40g123 on Raspberry Pi boards set to go on sale

Latest in IT Strategy

Heart of England NHS begins massive digitisation plan

Hard-drive woes hit PC shipments in fourth quarter

Featured white papers

How cloud adds strategy to IT outsourcing

SAVVIS

How cloud adds strategy to IT outsourcing

Thanks to cloud computing, IT outsourcing is back, but this time it can help both in cutting costs and helping the business... Read more

Tech breakthroughs to watch in 2012

ZDNet UK

Tech breakthroughs to watch in 2012

From invisibility cloaks to virtual atom smashing, from Cern to Nasa, this ZDNet UK guide presents the discoveries to watch in... Read more

Key trends driving global business resilience and risk

IBM

Key trends driving global business resilience and risk

This IBM research paper looks at how businesses are thinking more about business resilience by improving the ability to adapt to a continuously changing business... Read more

Inside ZDNet UK

Microsoft reveals Windows On ARM will bind developers

Microsoft reveals Windows On ARM will bind developers

2012 Predictions: VCE FastPath, VI SAN Probe & Hadoop

2012 Predictions: VCE FastPath, VI SAN Probe & Hadoop

BlackBerry Bold 9790

BlackBerry Bold 9790

Case study: How cloud enables growth

Case study: How cloud enables growth

Ten factors that make Ubuntu 11.10 a hit

Ten factors that make Ubuntu 11.10 a hit

Toshiba Portégé Z830-10P Review

Toshiba Portégé Z830-10P Review

BT's archive: Pictures from the vault

BT's archive: Pictures from the vault