News

Infosec 2013: Cyber crime challenges law enforcement

Warwick Ashford

Cyber crime is forcing police and law enforcement agencies to rethink the basic skills needed for the job, according to a panel of experts at Infosecurity Europe 2013 in London.

The US Federal Bureau of Investigation (FBI) is hiring more computer scientists than ever before, said Scott Cruse, legal attaché for the FBI at the US embassy in London.

“With cyber crime a fast-emerging threat and cyber attacks being recognised as a threat to national security, we have to re-tool and training priorities are changing to include cyber threats,” said Cruse.

Part of the role of the FBI’s 75 legal attachés is to grow the agency’s knowledge and capabilities through developing collaborative relationships with academics and other cyber experts.

Similarly, in the UK, there is a growing need to increase police capacity to deal with cyber crime, said detective superintendent Charlie McMurdie, who heads the Metro Police Central e-Crime Unit (PCeU).

“Ensuring that law enforcement capability is fit for purpose to respond to industry and other victims of cyber crime is one of the biggest concerns for me,” she said.

Providing support nationally to investigate and mitigate cyber crime is a challenge for the PCeU, which currently has only around 100 members.

There is a need to raise the knowledge and capability across the members of all UK police forces, said McMurdie, although the PCeU is to be complemented with a new national cyber crime unit in October.

It is imperative, she said to bolster the cyber capabilities of UK law enforcement because of the billions of pounds that it is draining out of the national economy.

“Cyber criminals come from all walks of life, but the biggest and most common motivation is financial gain, relatively few are in it for the hacking status or political and ideological reasons,” said McMurdie.

The most commonly reported crime is the theft of financial login credentials, which are then sold through criminal forums for high-volume, low-value fraud, which is causing serious economic harm.

Ready-made tools have helped grow the number of people engaged in cyber crime by lowering the barriers to entry, said Arnie Bates, head of information security at Scotia Gas Networks.

“The emergence of off-the-shelf tools means that just about anyone who wants money can be a cyber criminal,” he said.

Another contributory factor to swelling the number of people involved in crime in cyberspace is that many do not view it as crime and do not feel the same responsibility for actions in cyberspace.

McMurdie said carrying out a denial-of-service (DoS) attack is still a crime because it has a cost to the companies targeted.

“Many people who download tools like Low Orbit Ion Canon to DoS organisations for ideological reasons would never dream of committing a physical crime,” she said.

When planning defences against criminal activity, organisations need to assess the likelihood of being the target of the various kinds of criminals and then defend against the techniques the most commonly use.

“Put in responses around systems, people and processes to defend against the most likely attack methods and focus resources on the crown jewels of your business,” said McMurdie.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy