Antivirus Software Concealed Thousands Of Cybercrime Reports

The UK’s national strategy for tackling cybercrime is well established but, outside national agencies, its relevance is limited. Within police forces, the threat from cyber-dependent crime is often not fully understood and is rarely seen as a priority. Knowledge about good practice isn’t shared in a structured way, and as a result there is quite a lot of variation in the local responses to a national threat. 

Recently it was found that thousands of reports of cybercrime were quarantined on a police database instead of being investigated because software designed to protect the computer system labelled them a security risk.

The backlog at one point stretched to about 9,000 reports of cybercrime and fraud, some of them dating back to October last year. The reports had been made to Action Fraud and handed to the National Fraud Intelligence Bureau (NFIB), run by the City of London police.

Just one of Britain's 43 police forces treats online crime as a priority, while the Action Fraud organisation managed to withhold 9,000 so-called cyber-crime reports from police forces, thanks to badly configured antivirus on its reporting portal, according to a government watchdog. 

Software intended to screen reports about online threats sent to Action Fraud by members of the public was incorrectly triggered when members of the public, tried to report cyber threats against them.

A police database called Know Fraud, operated by the NFIB, was incorrectly holding some detailed reports in quarantine after an "updating" of the system in October 2018. "In some cases the automated system mistakenly identified reports as containing malicious coding," reported the national police inspection agency, HMICFRS

Around 9,000 reports were found to be languishing in quarantine. City of London Police, owners and operators of the NFIB, began work on the backlog, which has now been significantly  reduced.

Meanwhile, the report's authors tried to strike a positive note in their summary and foreword, the detail gave the game away. More than a quarter of police forces "told us that cyber-dependent crime, and cybercrime more generally, were not a specific strategic priority," said HMICFRS.

Businesses reporting cybercrimes against them "were less likely to be considered vulnerable" by police workers, even though the NFIB stated a few months ago that businesses were at a "high risk of becoming victims" of cybercrime, prompting police to treat them "differently from other victims" and even delaying their response, particularly for SMEs.

Although all UK police forces do now have cybercrime units, it appears from the HMICFRS report that there is something of an internal police power struggle over which police units should receive, classify and allocate online crime reports for investigation, as well as deciding who gets to investigate. 

While Action Fraud is designated as the he preferred initial point of contact, it is increasingly seen by the general public as an ineffectual as it seems to do little to tackle cybercrime. HMICFRS said it had "found several examples of forces not committing to the regionally managed, locally delivered model agreed by chief constables". 

HMICFS Report:      National Crime Agency:     The Register:         Guardian

You Might Also Read:

British Police At War Against Cyber Crime:

Is Antivirus Software Now Dead?:

 

« Artificial Intelligence Is Already Reshaping Our Lives
A Massive Datacenter On Single Chip »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

April 4, 2024 | 11:00 AM PT: Join this webinar to find out about six emerging trends dominating the cloud cybersecurity landscape.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Protective Intelligence

Protective Intelligence

Protective Intelligence brings together a group of information security specialists with a passion for delivering high-quality solutions.

City Security Magazine

City Security Magazine

City Security magazine helps promote best security practices and keep businesses informed on a wide variety of security-related issues.

UpGuard

UpGuard

UpGuard's discovery engine brings visibility to complex IT environments, enabling teams to identify risk, confirm compliance and make business safer.

Momentum

Momentum

The Cyber Security team at Momentum offers a professional and specialist recruitment service across Cyber & IT Security.

enSilo

enSilo

enSilo secures customers data on premise or in the cloud. Regardless of the where the threat comes from, enSilo can protect your data.

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center is a not-for-profit organization focused on regional cybersecurity excellence and readiness, with a special emphasis on the maritime community.

Avira

Avira

Avira provide a portfolio of antivirus, security and performance applications for Windows, Android, Mac, and iOS.

Center for Research on Scientific & Technical Information (CERIST)

Center for Research on Scientific & Technical Information (CERIST)

CERIST is a scientific and technical research centre with activities focused in the area of networks, information systems and IT security.

Axellio

Axellio

Axellio provides economic, end-to-end cyber security solutions designed for your team, environment, and security objectives, providing packet level visibility across your network.

Invicti Security

Invicti Security

Invicti Security is an AppSec leader transforming the way web applications are secured.

Traced

Traced

TRACED is changing the detection paradigm. Empowering defenders to go on the offense to engage cyber attackers before they compromise your organization.

Prime Technology Services

Prime Technology Services

Prime Tech are a group of Red Hat, Microsoft & Cisco Certified IT Professionals with an impressive track record of consistently delivering value to our corporate clients.

WinMagic

WinMagic

At WinMagic, we’re dedicated to making authentication and encryption solutions that protect data without causing user friction so that everyone can work freely and securely.

Sayers

Sayers

Sayers is best known for its ability to solve business challenges with IT solutions. Our areas of expertise include cloud, storage, virtualization, security, mobility and networking.

Cyviation

Cyviation

Cyviation's mission is to mitigate ever-growing and menacing Cyber Security threats, focusing on aircraft, airlines and airports.

Vultara

Vultara

Vultara provides web-based product security risk management tools for electronics manufacturers.