Hieronymus Ukkel - Fotolia
Finding the balance between privacy and security is one of the biggest challenges to law enforcement, especially regarding cyber crime, according to the UK’s National Crime Agency (NCA).
“The whole world has been turned upside down in the post-Snowden era,” said Mike Hulett, head of operations at the NCA’s National Cyber Crime Unit (NCCU).
“On the one hand, law enforcement is encouraging the use of encryption because it is good practice and helps prevent crime; but on the other hand encryption is something that can be exploited by criminals and we need a way of being able to see what is going on,” he told the cyber threat intelligence conference at the Security & Counter Terror Expo in London.
Hulett said there were still things law enforcement could do to counteract the increased use of encrypted communication services, but refused to be drawn on what these might be, saying there was a “lot of sensitivity” around how law enforcement and security services are dealing with that.
However, part of the problem, he said, is that public perception about the data law enforcement and security agencies collect is generally “wholly inaccurate”.
“Often there is the perception that there is an army of thousands of people looking through data, reading people’s emails and so on – but that is simply not true,” said Hulett.
Read more about the NCA and NCCU
- A joint investigation by the NCA and information security firm Trend Micro has led to two arrests in connection with a crypting website.
- Hackers target global financial institutions and payment systems with Dridex malware, with UK losses estimated at £20m, warns the National Crime agency (NCA).
- UK police have arrested 57 cyber crime suspects in 25 separate operations co-ordinated by the National Crime Agency.
- UK law enforcement officers work with public and private sector partners to help businesses and consumers guard against cyber crime.
Public reassurances over surveillance
At the same time, he said, law enforcement has a public responsibility to demonstrate that officers are not seeking blanket information just because they can, but for a specific reasons that result in tangible outcomes.
“If we don’t succeed in that challenge, then we will lose the debate and the job of law enforcement will become a lot more difficult and, as a result, it is a constant challenge for us to get that balance right,” said Hulett.
In terms of cyber crime challenges, he said, UK law enforcement officials are dealing with around 2.5 million cases a year, but added that due to under-reporting, the actual number of cyber enabled crimes is likely to be much higher than this.
The number of high-profile cases is much lower, at around 130 in the past year, including the TalkTalk breach.
“But it should be noted that even though the TalkTalk breach had a huge impact and was extremely costly to the company, the attack itself was relatively simple. This should be a wake-up call to all businesses,” said Hulett.
The focus of the NCA’s attention, however, is on the top tier of what he termed “elite cyber criminals” who are located mostly overseas, but with some being in the UK.
“In the past year, the NCA was involved in around 16 major operations aimed at disrupting these elite cyber criminals who work according to professional business models, are highly organised and are responsible for the most sophisticated malware used to carry out financial fraud and theft,” said Hulett.
Disrupting the cyber crime market
Underpinning all three groups, he said, is a cyber crime market place, which law enforcement is seeking to disrupt because, while it supports and enables elite cyber criminals, it also lowers the barriers to entry for everyone else, making it easier than ever for relatively unskilled criminals to carry out extremely effective cyber attack campaigns.
The strategy of the NCA, which leads the fight against serious organised crime in the UK, is to tackle all elements of the cyber criminal enterprise, from developers and distributors of malware to cyber criminal support infrastructure.
“There needs to be an integrated approach, but the challenge is to be able to change and adapt at the same rate, if not faster, than the cyber criminals,” said Hulett.
The current level of cyber crime is unacceptable, he said, and to address that, law enforcement is working to increase the cost and risk of undertaking cyber crime and is working with partners to tap into the experience and expertise in the business sector.
“With only around 300 officers in the NCCU and around 100 investigators in the 10 regional organised crime units, we need to continue harnessing the capability in industry,” said Hulett.
The NCA plans to facilitate greater information-sharing between law enforcement and business, and is working to improve its capacity to consume and analyse that data.
“We are planning to have more joint intelligence and more proactive communication with business, but there is still work to be done in understanding our capabilities and how we can improve,” he said.