British Police IT Systems Cannot Cope With Cyber Crime

Uploaded on 2021-10-15 in GOVERNMENT-National, GOVERNMENT-Law Enforcement, FREE TO VIEW

The criminal world is vastly changing. More and more crimes of every type involve cyber activity and the UK’s police computer systems are often old and electronically obsolete.

Right now, it looks like their their whole system requires both an update and an independent strategic review to improve it’s effectiveness.

This is what police analysts have privately told Cyber Security Intelligence.

A replacement IT system scheduled to be completed last year is now not expected to be completed until 2025-26 at the very earliest, posing potential problems for officers needing to access crucial information.

The rapidly evolving Information Revolution has established an environment within which cyber crime has been allowed to flourish and is constantly increasing. Hacking, data breaches, and hate crimes have expanded into an entirely new category of crime. Some online forums have become platforms for extremist views, radicalisation, and publishing hate documents before mass shootings and the police are having trouble monitoring them and engaging with the new criminal activity. 

It is widely understood that cyber crime can harm public safety, undermine national security, and damage economies, but what is less well known are the hidden costs that organisations may not be aware of, such as lost opportunities, wasted resources, and the real damage caused to staff morale.

Several million cases of fraud and of computer misuse are reported to the UK police every year. And the police attempt to deal with these crimes, but the extent and global nature of these crimes makes it extremely difficult for national police forces to deal with. 

A report from McAfee has estimated that global losses from cyber-crime globally topped $1 trillion in 2020, and they think it will increase to more trillions by the end of 2021. 

The theft of intellectual property and monetary assets is damaging, but some of the most overlooked costs of cyber-crime come from the damage to company performance. McAfee’s survey revealed 92 percent of businesses felt there were other negative effects on their business beyond financial costs and lost work hours after a cyber incident. The report further explored the hidden costs and the lasting impact and damage cyber-crime can have on an organisation.

Globally, there is an abundance of opportunities and targets, motivated offenders and an absence of effective deterrence or defenders, has driven cyber crime to its current scale. 

In the US increasingly, criminals are abandoning their guns for sophisticated computer-assisted weapons. Recent acts of electronic crime in the United States, such as the $15 million white-collar case dubbed “Operation Derailed” in Atlanta, Georgia, demonstrate the need for increased vigilance by law enforcement. 

Categorising cyber crime is not a simple process; this is evidenced by the lack of an internationally agreed upon definition. Different states and organisations have established their individual criteria for cyber crime and, while there is much overlap, these multiple definitions leave gaps between them.

The lack of a widely accepted definition has serious implications for  jurisdiction and criminal prosecution; further, it can also significantly influence the size and scope of the issue. 

One area in need of policing clarification is the scope of cyber crime is state-sponsored activity. Where entities highly likely to be associated to state authorities are involved in criminal activity. From a user point of view one constant cyber-criminal activity is phishing emails are designed to steal from you by installing malicious software on your computer. Also, as the number of cyber crimes continues to rise inexorably, so too do the police skills needed to deal with them. 

The UK government is taking the risk seriously, designating cyber crime as a tier-1 national security threat and investing almost £2 billion in a National Cyber Security Strategy designed to counter it.

However, expanding cyber crime resources like this means a big increase in the number of trained staff required. And while forces are busily hiring, most of the new expertise is set to come through large-scale training programmes but hiring competent cyber analysts is something the police often can’t afford to do. 

While the number of cyber attacks reported to police in the latest report by the Office of National Statistics is just 26,000, the actual estimate is that the number of cyber attacks in the same period was around 976,000, which means that barely 3% of cyber attack are being brought to the attention of police.

  • The Deep Web contains a lot of information useful for police investigations. For example, there are forum discussion threads on the Deep Web inciting hate speech, being used to target individuals, organise physical threats.
  • The Dark Web is comprised mainly of either marketplaces, discussion forums, or news/commentary sites. This is where law enforcement can find vendors selling goods and services illegally. As with Deep Web forums, it’s also useful for finding suspect chatter about a range of illegal activities and extremism.

Technology is often just a means to an end to help officers do their jobs better and more efficiently but most police operations are not using the technology effectively. The private sector has the human, financial, and technical resources to conduct cyber crime investigations, and can assist national security agencies, law enforcement authorities, and other government agencies on cyber crime matters. 

In light of this, internationally, numerous public-private partnerships have been developed to enhance countries' capabilities to investigate cyber crime. A case in point is Interpol's Cyber Fusion Centre, which includes both law enforcement and industry cyber experts, who work together to provide actionable intelligence and share this intelligence with relevant stakeholders. 

What is really required is increased international law enforcement cooperation among nations and the private sector and investment in more resources for investigation and this is certainly required in the UK. 

This is also needed among developing nations and in all countries there is a need for coordination of cyber security requirements to boost security in all critical sectors like commerce, finance and health care. Cyber crime is progressing at an incredibly fast pace, with new trends constantly emerging. Cyber criminals are becoming more agile, exploiting new technologies with lightning speed, tailoring their attacks using new methods, and cooperating with each other in ways we have not seen before.

Complex criminal networks operate across the world, coordinating intricate attacks in a matter of minutes.
Police must therefore keep pace with new technologies and their systems should probably become one to cover the entire UK and have connections to aspects of it GCHQ intelligence agency’s  systems. 

This update of their computer systems should happen with a new policing strategy to focus on the changing cyber criminal world as they need to understand the new electronic ways criminals are operating.

Developments In The US

The technology used for sales-people documentation and evaluation is now helping police departments. The vast majority of police body camera footage never gets reviewed, with police departments typically only analysing instances where there’s a use of force or other major incidents. 

Police departments really need to be able to analyse audio from body cameras and get better insights into the interactions between officers and the public. A new body camera audio analytics platform will help police departments automatically sift through hours of footage to identify instances of positive and negative interactions by police officers. 

The new tool being developed by startup Truelo analyses every police interaction and can flag a circumstance where an officer is acting out of line. When the technology determines an officer has had a negative interaction with a civilian, the department can intervene and provide the proper training to the officer.The system uses natural language processing technology. 

The idea is to help build trust between law enforcement agencies and the public, give departments better data on officer interactions, and flag problem officers before a tragedy occurs. A negative interaction includes things like when an officer uses profanity, or when an officer’s tone becomes disrespectful. The company is working with around a dozen police departments in the US on a pilot basis, with another half dozen expected by the end of the year. 

Met.Police:      Academia. Edu:      Justice Inspectorate UK:     Raconteur:      Computer Weekly

EchoSec:     Police1:     NBC:      McAfee:    United Nations:    US Dept. of Justice:     I-HLS:    Independent

You Might Also Read: 

Police Get New Tools To Process Digital Evidence:

 

« Ukraine Police Arrest Botnet Attack Controller
Iranian Hackers Attack Dropbox »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

D-RisQ

D-RisQ

D-RisQ is focussed on delivering techniques to reduce the development costs of complex systems and software whilst maximising compliance

Coalfire

Coalfire

Coalfire specialises in cyber risk management and compliance. Our services span the cybersecurity lifecycle from advisory and compliance, to testing and engineering, monitoring and optimization.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

ZeroFox

ZeroFox

ZeroFox safeguards modern organizations from dynamic security risks across social, mobile, surface, deep and dark web, email and collaboration platforms.

ZM CIRT

ZM CIRT

ZM CIRT is the national Computer Incident Response Team for Zambia.

Garrison Technology

Garrison Technology

Garrison SAVI® is a unique technology for secure remote browsing that can dramatically change the risk profile for enterprise cyber security.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

Elliptic

Elliptic

Elliptic solve the crucial problem of identity in cryptocurrencies, with the sole purpose of combating suspicious and criminal activity.

Rublon

Rublon

Rublon protects endpoints, networks and applications by providing trusted access via two-factor authentication (2FA).

ENAC

ENAC

ENAC is the national accreditation body for Spain. The directory of members provides details of organisations offering certification services for ISO 27001.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Heidrick & Struggles International

Heidrick & Struggles International

Heidrick & Struggles is a premier provider of leadership consulting and senior-level executive search services for roles including Information & Technology Officers and Cybersecurity.

Privasee

Privasee

Make GDPR compliance simple with Privasee. Our software makes it easy to protect your data and ensure you’re compliant with the new regulations.

GO Business

GO Business

GO Business are a specialised B2B team within GO that caters to the communication needs of the local business community in Malta.

HTX (Home Team Science & Technology Agency)

HTX (Home Team Science & Technology Agency)

HTX brings together science and engineering capabilities to transform the homeland security landscape and keep Singapore safe.

VCI Global (VCIG)

VCI Global (VCIG)

VCI Global is a diversified holding company. Through its subsidiaries, it focuses on consulting, fintech, AI, robotics, and cybersecurity.