A focus on who is collecing data and those who do it, as well as services which “enable criminality” are in the eye of the National Crime Agency (NCA) and the National Cyber Crime Unit (NCCU).
Speaking at the Cyber Security Conference in London, NCCU deputy head Lee Miles said that as cyber crime has escalated to those who are not “technically astute”, it needs to focus on the propietors of bullet proof hosting and the anonymity offered by software such as TOR.
He said: “The NCCU is leading the UK’s fight on cyber crime to provide a single response. It will work to reduce criminal opportunities and part of its effort is to address mainstream issues. Now we can address every crime with a cyber element with policing, so they know how to handle exhibits, evidence or the people associated with the crime.”
Miles said that there is a “four ps” concept of pursue, prevent, protect and prepare and everything has be within that lens, and its apporach gives them a real approach to tackle issues.
However the real challenge is in establishing partnerships, as “all cyber crime is international”. He said: “We are at the forefront of international thinking with our partners and we chair a strategic alliance working group of ‘Five Eyes’. We are putting more staff into Europol and into counties who want to be part of that. Also into IGCI in Singapore and we have one staff member heading up the Fusion centre, as the intelligence opportunities out of the Asian sub-continent are huge.
“We are also investing in working with the private sector as they own the internet and share data and goodwill on working with skills. New crimes need new skills and while there are programs in place for training, it is not a short term fix and industry pays better than Government, so we have got to train. We can only tackle cyber crime by working together and from the citizen up.”
Stephanie Daman, CEO of the Cyber Security Challenge, echoed EC predictions that the UK will need 500,000 more people in cyber by next year, while the CBI said that 39 per cent are already struggling with a shortage of people with science, technology, engineering and maths (STEM) skills.
She said: “We need professionals to make things safe and everyone knows it is an issue and everyone is working really hard. There are partners and apprentice schemes, and a real sense of cooperation if everyone plays well in the sandbox.”
Miles said that there is “not a crime that is not internationally focused” when it comes to cyber, and this is not solved just with international involvement, but by working with companies who are not UK based. “The coordinated effort on GOZeus botnet showed who recognised that the issues are global and as we work with law enforcement partners, you will see more activity from the NCA and NCCU over the next year on operational issues to tackle larger issues that impact us in many ways.”
Sally Scutt, deputy chief executive of the British Banker Association, said that partnerships are “critical” as everyone is under resourced, and sharing information is critical to fight attacks. She said: “Despite good efforts, we still need to do so much more, but some do not and that needs to be changed. A lack of awareness and cultural resistance is something we need to work harder to overcome as most businesses do not have the information needed to defend against attacks.
“Over the next 12 months, we need to make more progress on information sharing, as the fraud environment has too many ‘little groups’ and the system as a whole has not done enough on the civil level of fraud. We need to be
able to draw some way of sharing amongst industry.”