INFOSECURITY EUROPE
12 MAY/JUNE 2009
At the Infosecurity Europe show, London, on 30 April 2009, in a
session titled ‘The dynamics of e-crime’, an audience member -
an employee of the police central e-crime unit (PCeu) within the
Metropolitan police service – interrupted the panel to declare that
police are not ignoring the increasing problem of e-crime, but are
under-funded and thus unable to tackle it effectively.
“The only way we can deal with this problem is to find
professionals in the industry to advise and use their expertise”
he said, explaining that the majority of staff at the PCeU are not
trained in intelligence and do not have a technical background.
“The problem is, we can’t afford trained experts. I’m here to
ask you all to please offer your support” he said, addressing
the audience.
The panel, chaired by Nick Selby, VP and research director
of enterprise security for The 451 Group, also included Prof.
Howard Schmidt, ISF; Mike Humphrey, Serious Organised Crime
Agency (SOCA) and James Brokenshire MP, Shadow crime
reduction minister.
“The problem with e-crime” opened Selby “is that the risk
of punishment if caught is very low”. Schmidt expanded by
explaining that e-criminals are so successful because “they’ll steal
£1 from a million people rather that make one big attack. People
are unlikely to report a £1 loss, so the perpetrator gets away
with it”.
MP James Brokenshire put forward his belief that the problem
with e-crime is the forces’ inability to engage the public, and as
such has resulted in a worryingly low level of fear about cyber-
crime. “So many people try to box off e-crime as ‘something that
the technologists can deal with’. We need to break away from
terms like botnets that don’t engage the public. We need to make
them understand. From a political point of view, I’m concerned
that there are seemingly few police offers concentrating on this”.
“There’s a lot the government can do – not just through
enforcement and legislation – but by thinking about the way they
do business, and the way they are seemingly moving towards
centralising data. We need to break away from that” Brokenshire
continued, “not just because of cost and liberty reasons, but
because there are higher risks of breaches because of the wide-
sharing elements of centralisation. If you go down a track not
thinking about the implications of storing a great amount of data
in one place – you’re not doing the public a good service”.
SOCA’s Humphrey declared the inability to size the problem
of e-crime. “How can we know the reality of e-crime? The true
scale of what’s happening? People don’t report viruses or phishing
letters – they just delete them. If we allowed people to report these
things, the volume would be incredible”.
The panel agreed that stopping e-crime is impossible, and
emphasised the importance of educating the public to make them
less likely to fall victim to e-crime. “It’s our responsibility to teach
the next generation about e-security – in the same way that we
teach them about wearing a seatbelt” said Schmidt.
James Brokenshire agreed. “We need to educate children in
schools about cyber safety. Whilst young people are technology
savvy, there is a great sense of naivety about the internet and the
dangers online”.
SOCA’s Humphrey emphasised the importance of analysing
e-crime trends. “We need to put advice out to the public who are
falling victim to e-crime”.
“The online fraud centre needs to be used not just as a tool
to analyse threats and problems but used as law enforcement
to bring these criminals to justice” said Brokenshire. “It needs
to share good practice and educate police centres around the
country about technology crimes. We need to look at how forensics
can be triaged much more effectively” he concluded.
Police central e-crime unit can’t afford to tackle e-crime
The Right Honourable David Blunkett, MP, the former Home Secretary,
has eschewed his original support in the 1990s for national ID cards in
favour of biometric passports.
This interesting twist to Mr Blunkett’s approach to national security
was revealed when he made the keynote speech at the Infosecurity
Europe show in London.
In what appears to be a mellowing of his approach to national
security, the former Home Secretary dismissed suggestions that the
UK has become a surveillance society, noting that the days when a
community leader such as a doctor or vicar could vouch for you when
applying for an official document such as a passport or similar are now
long gone.
As a result, he told the keynote audience, there is a need for citizens
to self-identify themselves and, in this regard, he says, biometric
passports are an ideal solution.
The UK is, he explained, facing a serious security threat in
the shape of possible attacks in the run up to, or during, the
2012 London Olympic Games. In addition, there is a distinct lack
of joined-up government when it comes to collating data for national
security purposes, Blunkett told his audience.
The announcement - made the week before Infosecurity
Europe - by the government to scrap plans for a single email
and internet database is not a good thing, he said. Not from
a national security perspective, but from the point of trying to
protect the multiple databases that citizen’s data is - and will
continue to be - stored upon.
“As already indicated, it is crucial that people understand the
enormity of the potential of identity theft,” he said.
“That is why biometric documentation with properly authenticated
and reliable methods of verification is so crucial,” he added.
“This is still an underestimated area of our life in Britain. Without
that knowledge and appropriate action, not only major events like
the Olympics but our business future could potentially be damaged,”
he concluded.
Rt Hon David Blunkett MP supports biometric passports