Victims must speak up to beat cybercrime

The National Hi-Tech Crime Unit, the first police unit in the UK to tackle organised computer crime, is under increased scrutiny...

The National Hi-Tech Crime Unit, the first police unit in the UK to tackle organised computer crime, is under increased scrutiny as it approaches its third birthday in April.

Over the past three years, it has grown dramatically and overseen a huge expansion in the capability of local police forces to deal with computer crime. At the same time, computer crime has mushroomed. Devastating computer viruses, phishing attacks and extortion now feature regularly in the pages of daily newspapers. Yet many companies are still unwilling to report attacks for fear that a lack of police resources will make the exercise pointless.

Ask detective chief superintendant Len Hynds, who heads the unit, what his most important achievements have been over the past three years and you might expect him to launch into tales of dawn raids, officers tracking down hackers over the internet, and disruption operations against criminal gangs. But Hynds’ mind turns to more down-to-earth matters.

"Three years ago we were in a situation where there was a lack of intelligence about the scale of the problem. We did not even have premises. Here we are in year three with a staff of 57. We have people from police, customs, the military and intelligence agencies. We have the training profiles in place and we have identified the core skills."

Hacker arrests

Of course, the unit has been responsible for spectacular successes. They include the arrest of 31-year-old Gary Mckinnon in 2001, who is facing charges for breaking into networks belonging to Nasa, the US Navy and the US Army. It was also behind the prosecution of an organised gang that was using the internet to steal identities from elderly people to defraud banks and lenders out of more than £10m.

Detectives made arrests in Durham last year after a joint investigation into the international hacking group behind the TK worm which caused an estimated £5.5m of damage.

The unit began life with £25m in ring-fenced funding to tackle computer crime. Today it has to fight for its share of funding - currently £8.3m a year - from its parent organisation the National Crime Squad. About £3m of this goes to regional police forces to pay for salaries, training, and basic equipment for forensic and network investigators. The rest supports the work of the central unit in gathering intelligence about organised crime and mounting operations.

The work of the National Hi-Tech Crime Unit reflects the priorities of the National Crime Squad. It now focuses on five areas: fraud and extortion, online child abuse, class A drug trafficking over the internet, and computer crimes such as hacking and virus writing.

Extortion by computer crime groups is one of the items at the top of Hynds’ agenda, following a wave of threats against online casinos and traditional businesses.

"We have identified that there are significant computer crime groups engaged in extortion that randomly target companies, some of which are in the UK. We have had some significant successes against those groups, identifying the money laundering networks engaged in this activity."

International collaboration

The work has been made possible through links between the Hi-Tech Crime Unit and police forces in the former Eastern Bloc and parts of the Far East. The unit has used Foreign Office funds to train overseas police in forensic techniques and to kit them out with specialist equipment.

"By putting down those foundations 18 months ago we have developed relationships that are really paying dividends," said Hynds. "We have examples of companies contacting us, saying, ‘We are losing significant amounts of money every minute we are talking, please help.’ And within hours we have formulated a strategy, working alongside our overseas counterparts, and as a result effected arrests."

The unit is currently investigating the wave of phishing attacks against UK banks. Forty cases were reported last year, and seven have been reported so far this year. Intelligence points to organised criminal gangs in Eastern Europe.

"We are seeing links between different types of high-tech crime, extortion and fraud. Some of the groups we are focusing on are practicing a number of methodologies," said Hynds.

Securing the budgets to fight this rising tide of crime has always been tough. The unit only secured half the funds it thought it needed when it was formed three years ago, after failing to prove to the government that computer crime was a serious enough problem. Then, as now, the unit found it difficult to persuade businesses to report computer crime.

Hynds has some sympathy with those businesses that do not report computer crime because they feel the chances of it being investigated are slim.

"If you look at high-tech crime across the board, that is a reasonable comment. Here in the unit we have financial resources and we are committed to focusing them against organised crime. If we can identify a link to an organised crime group, we will commit resources from the unit and we will also secure resources from counterparts in foreign jurisdictions."

Privately, detectives working in some local forces say they are frustrated that the high priority given to investigations into online child pornography means that investigations into hacking and computer crime are being put on the back burner. The Hi-Tech Crime Unit caps its budget for paedophile investigations at 25%.

"It is important that we recognise that as significant and abhorrent as that particular crime is, we need to tackle a whole range of criminal activity," said Hynds.

Gathering evidence

Hynds said he has made great strides in gathering hard evidence on the extent of high-tech crime. The introduction of a confidentiality charter in 2002, which protects the identities of companies that report computer crimes or share intelligence, has given businesses more confidence to approach the unit. The charter has attracted 3,500 enquiries.

But there is still a long way to go. One of the unit’s coups has been to persuade every chief constable in the UK to sign a protocol agreeing to develop crime reporting systems that will allow high-tech components of crimes to be recorded.

The unit has also developed training programmes that could allow all future police recruits to be given training in the basics of computer crime.

"I do not have any authority over the speed at which that moves. All I can do is raise the awareness of it. One of the issues for me is keeping high-tech crime on the radar," said Hynds.

Hynds is encouraging the Home Office to make high-tech crime a standard performance indicator for police forces. Without it, he said, chief constables are not going to take computer crime as seriously as they should.

"There is a performance culture in law enforcement. You can only expect those chief constables to be really alive to the issues when they know they are going to be judged against them," he said. "I am confident that it will happen. I have had some good support from the Home Office. But it is a slow process in terms of winning over the hearts and minds of chief police officers."

The future of high-tech policing

The government’s review of policing strategy could mean some major changes for the National Hi-Tech Crime Unit. One of the ideas under consideration is a merger between the Hi-Tech Crime Unit, the National Crime Squad and other law enforcement agencies to form a national police unit.

The way the unit and local police forces interact is also likely to be simplified, making it clearer which work will fall in to the remit of the national unit and which will be handled by local forces.

Hynds is confident that the changes will mean more funding for fighting high-tech crime. Plans are at an early stage, but he is looking to create satellite offices in the Midlands and the North of England to complement the London office.

This was last published in February 2004

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close