pixel_dreams - Fotolia

End complacency and help address cyber crime threat, NCA tells business

The NCA is calling on UK businesses to take the threat of cyber crime seriously and work with law enforcement and government to help turn the tables on cyber criminals

Cyber-dependent crime is on the rise and businesses are more likely to be a victim of this type of crime than any other, according to cyber crime unit of the National Crime Agency (NCA).

“If organisations and businesses don’t think cyber crime is an issue for them, it probably will become an issue fairly soon,” said Mike Hulett, head of operations for the National Cyber Crime Unit (NCCU), which is responsible for leading the UK’s law enforcement response to cyber crime.

Hulett leads the highest-level and most complex investigations into cyber crime in the UK, utilising support from across UK and international law enforcement agencies, other UK government departments and a range of industry partners.

“Cyber crime is something that should be on everybody’s radar in any organisation, and all businesses need to understand the massive scale of cyber crime, which was included for the first time in the latest Crime Survey for England and Wales,” he told Computer Weekly.

There were 3.6 million cyber-enabled fraud incidents and two million incidents of cyber-dependent crime in the 12 months to September 2016, making up nearly half of all crime incidents covered by the report by the Office for National Statistics (ONS). However, commentators said the real number of online fraud incidents is unknown, and is likely to be much higher than official figures because many go undetected and unreported.

No room for cyber crime complacency

Despite these statistics and media reports of breaches of well-known UK brands, Hulett said there is still some level of complacency about cyber crime, particularly among smaller businesses.

“Most businesses will have insurance against things like fire and burglary, which are statistically much less likely to happen than a cyber attack, and yet relatively few have well-developed incident response plans and effective backup and business continuity mechanisms in place,” he said.

“Businesses also need to understand that cyber crime can take place anywhere, so while they may be in a location that has a relatively low crime rate, that does not mean they are any less likely to be targeted by cyber crime, because cyber crime is not confined by regional or national borders,” said Hulett.

“Cyber crime can take place anywhere, so while a business may be in a location that has a relatively low crime rate, that does not mean it is any less likely to be targeted by cyber crime”
Mike Hulett, NCCR

“A phishing or spam campaign, for example, will typically be targeted at a .co.uk address, which could be anywhere in the UK, even in areas that have very low levels of traditional crime, because all data, wherever it is held, is valuable and will be targeted by criminals,” he said.

Similarly, the criminals targeting UK businesses can be anywhere in the world, said Hulett, which creates challenges to businesses’ perceptions of how much risk they face, and it creates challenges to law enforcement in terms of investigating cross-border crimes and bringing the criminals to justice.

“The criminals, victims, enabling infrastructure and cashing out mechanisms may all be located in different countries or even different continents, so dealing with that is a big challenge for law enforcement,” he said, adding that the UK has its “fair share” of cyber criminals.

The criminal value of stolen data

Most businesses, said Hulett, are not aware of how the data they hold can be traded and exploited by cyber criminals. “Businesses may think they do not have any data worth stealing, but that does not mean they will not be targeted because all kinds of data is valuable in different ways.

“Some data may not be valuable on its own, but criminals are often able to marry it up with data sourced elsewhere to make connections and fill in the details they need for their criminal activities,” he said.

In the light of this growing threat that affects all businesses in the UK, Hulett said the NCA is engaged in numerous activities to target the top end of cyber criminal operations that ultimately enables lower-level crimes as tools and techniques trickle down and become available to less tech-savvy criminals.

Hulett is to discuss the role of law enforcement in helping businesses prevent and deal with cyber crime in more detail at Cybercon on 23 February 2017 in Plymouth, which requires an invitation from event organisers. Any senior information technology and security professionals interested in attending Cybercon can apply for an invitation through the event website.

“Businesses are as much likely to be a victim of cyber crime in the south-west as they are in the north-east, and I think it is important for the national perspective to be heard at events held in the regions,” he said.

Where to find help after a cyber attack

Hulett will also discuss who businesses can turn to for help if they are targeted by cyber crime, what they can expect from law enforcement, what they can expect from government, and how they can work with law enforcement and government to address the cyber threat.

ActionFraud, he said, remains the national reporting centre for cyber crime incidents, but in recent months there has been an upgrade in ActionFraud’s systems, which means it now has an improved capability to deal with cyber crime reports, that is now available around-the-clock.

“While we can’t pretend there will be an immediate law enforcement response to every cyber crime that is reported, if it is a particularly significant incident or if there is a large amount of money at risk due to a crime in action, the NCA will triage that immediately.

“When a cyber crime is committed, we want people to have more confidence in the fact that they will get help from law enforcement”
Mike Hulett, NCCU

“Either the NCA will deal with it or task a regional organised crime unit to deal with it without the delays we have encountered in the past because we have enough checks and balances in the system to ensure we tackle cases that need an immediate response before the evidential trail goes cold,” said Hulett.  

“At a government level, the UK is trying to join up the response to cyber crime much more, so the NCA works closely with the National Cyber Security Centre (NCSC) and other government departments, and the NCA is working to co-ordinate the law enforcement response.

“At the same time, we hope businesses will do more to recognise the threat they are facing and try to protect themselves better, but we recognise that that protection is not always going to work, and so when a cyber crime is committed, we want people to have more confidence in the fact that they will get help from law enforcement,” he said.  

Read more about cyber crime

Read more on Hackers and cybercrime prevention