Boost UK govt cybercrime resources

A parliamentary report due next month will call for the Home Office to increase funding to combat cyber-threats such as phishing,...

A parliamentary report due next month will call for the Home Office to increase funding to combat cyber-threats such as phishing, corporate hacks and worm attacks, according to sources familiar with the plans.

The report comes amid parliamentary criticism that the UK's cybercrime law-enforcement operations are woefully under-resourced.

The All-Party Internet Group (APIG) this month completed a review of the 14-year-old Computer Misuse Act (CMA), analysing whether the UK's cybercrime law - written before the internet era - is in need of an overhaul.

While the inquiry found the law to be surprisingly sound, the committee has come to the conclusion that the real problem is lack of attention and resources for enforcement.

The APIG report is likely to call for the Home Office to get serious about cracking down on computer crime, which is estimated to cost European businesses billions of pounds every year.

"[Cybercrime enforcement] is under-resourced," said APIG chairman Derek Wyatt. In giving evidence to the hearings, for example, the Metropolitan Police said it has only about 250 staff devoted to cybercrime, he said.

One problem is that, officially, the government is not aware of exactly how big a problem cybercrime is, since figures are not audited by the National Audit Office - and this means there is no political pressure to deal with the issue.

"The first thing we have to do is find out the extent of the problem. We won't win the battle of resourcing the police if we don't get the crimes recorded," Wyatt said.

The lack of resources is particularly worrisome for businesses, as business-related attacks are at the bottom of the list of enforcement activities, according to security software firm Prevx, which is sponsoring the APIG report.

"The National Hi-Tech Crime Unit is focused on its priorities, addressing online child pornography, major fraud and other serious issues. What isn't being addressed is virus writers and hackers, who cause massive amounts of damage to millions worldwide," said Prevx chief executive Nick Ray.

He agreed that getting official recognition for cybercrime figures would be key. "That would put a lot of pressure on politicians. At the moment this is not on their radar," Ray said.

Putting pressure on other countries to introduce more stringent measures of their own is also key, Ray said.

APIG's final recommendations will follow late in June. The next step will be to get a response from the Home Office, with the aim of getting the a cybercrime plan into the Queen's speech in November, Wyatt said.

Matthew Broersma writes for

Read more on IT risk management