Antivirus Software Concealed Thousands Of Cybercrime Reports

The UK’s national strategy for tackling cybercrime is well established but, outside national agencies, its relevance is limited. Within police forces, the threat from cyber-dependent crime is often not fully understood and is rarely seen as a priority. Knowledge about good practice isn’t shared in a structured way, and as a result there is quite a lot of variation in the local responses to a national threat. 

Recently it was found that thousands of reports of cybercrime were quarantined on a police database instead of being investigated because software designed to protect the computer system labelled them a security risk.

The backlog at one point stretched to about 9,000 reports of cybercrime and fraud, some of them dating back to October last year. The reports had been made to Action Fraud and handed to the National Fraud Intelligence Bureau (NFIB), run by the City of London police.

Just one of Britain's 43 police forces treats online crime as a priority, while the Action Fraud organisation managed to withhold 9,000 so-called cyber-crime reports from police forces, thanks to badly configured antivirus on its reporting portal, according to a government watchdog. 

Software intended to screen reports about online threats sent to Action Fraud by members of the public was incorrectly triggered when members of the public, tried to report cyber threats against them.

A police database called Know Fraud, operated by the NFIB, was incorrectly holding some detailed reports in quarantine after an "updating" of the system in October 2018. "In some cases the automated system mistakenly identified reports as containing malicious coding," reported the national police inspection agency, HMICFRS

Around 9,000 reports were found to be languishing in quarantine. City of London Police, owners and operators of the NFIB, began work on the backlog, which has now been significantly  reduced.

Meanwhile, the report's authors tried to strike a positive note in their summary and foreword, the detail gave the game away. More than a quarter of police forces "told us that cyber-dependent crime, and cybercrime more generally, were not a specific strategic priority," said HMICFRS.

Businesses reporting cybercrimes against them "were less likely to be considered vulnerable" by police workers, even though the NFIB stated a few months ago that businesses were at a "high risk of becoming victims" of cybercrime, prompting police to treat them "differently from other victims" and even delaying their response, particularly for SMEs.

Although all UK police forces do now have cybercrime units, it appears from the HMICFRS report that there is something of an internal police power struggle over which police units should receive, classify and allocate online crime reports for investigation, as well as deciding who gets to investigate. 

While Action Fraud is designated as the he preferred initial point of contact, it is increasingly seen by the general public as an ineffectual as it seems to do little to tackle cybercrime. HMICFRS said it had "found several examples of forces not committing to the regionally managed, locally delivered model agreed by chief constables". 

HMICFS Report:      National Crime Agency:     The Register:         Guardian

You Might Also Read:

British Police At War Against Cyber Crime:

Is Antivirus Software Now Dead?:

 

« Artificial Intelligence Is Already Reshaping Our Lives
A Massive Datacenter On Single Chip »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Zentek Digital Investigations

Zentek Digital Investigations

Zentek has been providing digital forensics services to the public and private sector for computers and mobile devices since 2004.

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

GE Digital

GE Digital

GE Digital is a leading software company for the Industrial Internet. Products include Industrial Cyber Security for Operational Technology (OT).

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

BELAC

BELAC

BELAC is the national accreditation body for Belgium.

Banshie

Banshie

Banshie is an independent cyber security company with a small team of recognized specialist that are among the best in their field.

SAST

SAST

SAST provide Static Application Security Testing as a service based on SAST Tools.

HancomWITH

HancomWITH

Hancomwith is an information security company. We provide optimized blockchain solutions in areas including next-generation authentication, security and digital asset transaction.

eSec Forte Technologies

eSec Forte Technologies

eSec Forte Technologies is a CMMi Level 3 certified Global Consulting and IT Security Services company.

Darkbeam

Darkbeam

Darkbeam provides a unified solution to protect against security, brand and compliance risks across your digital infrastructure.

Pratum

Pratum

Pratum is an information security services firm that helps clients solve challenges based on risk, not fear.

Altospam

Altospam

Altospam is a full service corporate email protection, integrating multiple security levels for your emails.

IONOS

IONOS

IONOS is a leading provider of cloud infrastructure, cloud services, and hosting with more than 8.5 million customers contracts.

Applied Insight

Applied Insight

Applied Insight work closely with government agencies and industry to overcome technical and cultural hurdles to innovation, empowering them with the latest cloud, data and cyber capabilities.

TeamT5

TeamT5

TeamT5 Inc. is a leading cybersecurity company dedicated to cyber threat research and solutions.

Cyber Advisors

Cyber Advisors

Cyber Advisors offers customizable cyber security solutions and IT services for businesses of all sizes across the nation from experts you can trust.