The new National Crime Agency (NCA) has changed the UK law enforcement landscape, says Andy Archibald, head of...
the NCA’s National Cyber Crime Unit (NCCU)
“And the NCCU is a core part of that,” he told the Govnet Cyber Security Summit 2013 in London.
According to Archibald, the difference is due to the fact that the NCA is the mandated lead, co-ordinator and support for the UK’s response to serious and organised crime.
“The NCCU is building on the work of previous cyber crime fighting agencies, but its leadership role enables it to harness skills across government, law enforcement, industry and internationally,” he said.
This means that the NCCU is able to work in partnership with all these stakeholders to better assess, understand and prioritise cyber threats.
“The NCA has been about doing things very differently from the outset through strategic partnerships and international collaboration,” said Archibald.
A top priority for the NCCU for 2014 will be tackling those who develop and distribute malware, but he said, success in this will require a level of international collaboration at an unprecedented scale.
“I believe the UK is in a unique position to take a leadership role in law enforcement through its key partnerships and links with Europol, Interpol, FBI and the Five Eyes strategy group,” he said.
Most cyber investigations are across multiple jurisdictions, which presents legal and cultural challenges.
Read more on NCA and NCCU
“It is therefore essential that we develop new alliances and new ways of doing things to develop a new international model for tackling cyber crime,” said Archibald.
The effectiveness of the new approach taken by the NCA and NCCU was endorsed by fellow speaker, Richard Cox, CIO for anti-spam organisation, The Spamhaus Project.
In March 2013, activists unleashed the largest recorded distributed denial-of-service (DDoS) attack on Spamhaus.
According to Cox, existing UK cyber-crime fighting agencies were unable to understand and respond to the information that Spamhaus was able to provide.
“The shadow NCCU, however, was able to understand and respond because of the way it is structured,” he said.
Cox said the NCCU is not merely a question of rebranding, but represents a new way of thinking and acting that led to an arrest.
However, he said he was unable to go into any further details as legal proceedings are still pending.
Cox also vented his frustration at the frequent inability of the Crown Prosecution Service (CPS) to act to bring cyber criminals to justice.
“The CPS cyber skills are weak; it is an Achilles heel that the government has got to address,” he said.
According to Cox, if the CPS had had the necessary skills to prosecute hacker Gary McKinnon as they should have done, the years of a threatened extradition to the US could have been avoided.
He complained that some issues that affect the functioning of the internet have typically not been dealt with in the past because of inadequate UK legislation and law enforcement organisations.