grandeduc - Fotolia

National crime survey figures show growing cyber crime

Cyber crime is on the up and is now included in official crime figures

There were 3.6 million fraud and 2 million computer misuse offences in the 12 months to September 2016, according to the latest Crime Survey for England and Wales.

This is the first time statistics for the full year were included in the report, but the figures are in line with the estimates of 3.8 million fraud and 2 million computer misuse offences included in a report covering the 12 months to March 2016.

The inclusion of these offences yields a new headline estimate of 11.8 million incidents of crime covered by the survey, but it will be another year before a year-on-year comparison can be made, according to the report by the by the Office for National Statistics (ONS).

However, the report said trend data on frauds referred to the police showed an annual rise of 3%, while other industry data on financial fraud, the vast bulk of which is unreported to the police, showed there were 1.9 million cases of frauds on UK-issued cards, representing an increase of 39% from year before.

“In the past, burglary and theft of vehicles were the high-volume crimes driving trends, but their numbers have fallen substantially since then,” said John Flatley, ONS statistician.

He said when the crime survey started 35 years ago, fraud was not considered a significant threat and the internet had yet to be invented.

“Today’s figures demonstrate how crime has changed, with fraud now the most commonly experienced offence,” he added.

Rob Cotton, CEO at security firm NCC Group, welcomed the fact that cyber crime will now be included in official crime figures.

“This type of activity poses a huge threat to both businesses and consumers alike, but without accurate data it’s difficult to grasp the real scale of the problem,” he said.

However, Cotton said there is still the need to guard against complacency, saying it is unrealistic to expect the police to provide complete protection.

“It’s up to the private sector to be proactive in prioritising cyber defences and consumers must educate themselves on the risks too. If this doesn’t happen then the figures will no doubt rise every year,” he said.

Read more about cyber crime

Emily Orton, director at security firm Darktrace, said the report shows that online fraud and cyber attacks are a huge and growing field of criminality. But reporting cyber crimes remains a challenge.

“When it comes to more sophisticated attacks, often the individuals or companies targeted are not aware that their data is being used, changed or corrupted,” she said.

“Many defenders are at a disadvantage when it comes to fighting against cyber attacks because it’s possible for attackers to use busy and complex networks to hide their activities, and can avoid traditional security ‘alarm systems’.”

Threat ‘greater than figures show’

Sean Martin, UK general manager of security firm Covata, said the ONS report shows that cyber crime is a serious and growing threat to consumers and business, but he believes the real extent of cyber crime is greater than official figures show.

“This figure will increase over time as more people recognise they have been targeted and the police get better at detecting cyber crime,” he said.

According to Martin, it is no longer possible to control where data travels or is held, as the numerous cyber breaches hitting the headlines demonstrate.

“To reduce the chances of becoming a statistic in next year’s UK crime report, it is paramount that companies deploy cyber protection at the data level, making use of robust encryption and stringent access controls tied to tight policies,” he said.

Cost of fraud

Martin Sweeney, CEO of UK-based fraud detection startup Ravelin, said the ONS report clearly highlights the changing nature in fraud.

“High volume crimes used to involve people breaking into houses or fraudsters stealing credit cards. Now, high volume crimes are fraudsters hacking systems to steal and sell card information, email addresses and passwords on the ‘dark web’,” said Sweeney.

“This type of crime is one of the most common – yet it gets the least amount of attention from law enforcement.

“As it stands, there is little to no punishment for these type of fraudsters, leaving it down to the merchant to reimburse consumers if hacks occur. This is bad news for all involved, especially the unassuming consumer, as those merchant costs ultimately get passed onto the consumers one way or another.

“We need to empower the police to do more. This coupled with companies leveraging new technology, such as machine learning, means we have a chance at stamping out this type of fraud to reduce the country’s crime rate,” he said.

Constant data vigilance

Nick Brown, group managing director of identity data intelligence company GBG, said both businesses and individuals need to be taking necessary action and using data more intelligently to help stop criminals.

“These figures illustrate just what a booming business fraud has become. It’s sadly got to a point where you have to assume your identity, at some point, will be compromised. Even the unassuming store card can be a target for fraudulent activity as they are linked to your name and address,” said Brown.

“While this information may seem of little value on the surface, fraudsters can use this data – your identity – to set up other accounts to do with as they please. In the first instance, fraudsters use the actual identity of an individual and, thereafter, they will create synthetic identities compiled from elements of the data stolen from an individual – and the consequences can be disastrous.

“For the individual, it’s about being more vigilant with data; making sure you know where your name, address, phone number or date of birth are stored online; and keeping track of where you put in your bank details.

“For businesses, it’s about using data more intelligently. The more transparent we can be with data, the more it can be used to gather insights and intelligence that will stop the bad guys in their tracks.

“Furthermore, by using more data, analytical insights and triangulation of multiple identity proofing techniques, the implications of identity theft can be minimised for both the citizen and the businesses who are serving them,” he said. 

Read more on Hackers and cybercrime prevention