Thought for the Day:No hiding place

Hard-hitting IT commentator Dr Simons Moores gives his personal take on the hot issue of the day.According to this week's...

Hard-hitting IT commentator Dr Simons Moores gives his personal take on the hot issue of the day.According to this week's forthcoming report by the DTI, computer crime and bad software is costing the country as much as £10bn each year. That's almost as much as the unofficial figure given by The Sunday Times for benefit fraud.

Incidences of computer-based attacks against companies are rising steadily and the DTI have found that four out of five companies have become victims of viruses, hackers, fraud or all three in the past 12 months.

This is hardly a surprise. We know it's getting worse. Indeed, only a year ago, the government's antidote to the threat of cyber crime, The National High-Tech Crime Unit (NHTCU) was launched in a blaze of publicity, surrounded by a special "hacking exhibit" at the Science Museum in London.

At the time, I was asked to offer comment on the launch and the role of the NHTCU for both the BBC and Sky News and speculated whether such a relatively small team would have any measurable impact on one of the world's fastest growing criminal opportunities.

So, a year later and, this time, not at The Science Museum, but next door at the Natural History Museum, I invited Tony Neate, the NHTCU's industry liaison officer, to a meeting of Security First ( ), an industry forum, to offer an update on the unit's progress.

We should remember that when the home secretary Jack Straw launched the NHTCU last April, it was with £25m of funding. This was split two ways, with £15m going to establish a national unit with 60 specialist officers within three years and £10m to bring local police forces up to a benchmark standard for dealing with computer crime.

With cybercrime going through the ceiling, are our prisons now being filled with "scrip-kiddies" and cyber criminals, you might wonder? It's never quite as simple as that, as Neate is quick to remind me.

The cyber crime unit only really became operational in October and, since then, it's been busy developing the necessary international relationships with other police forces, working closely with the National Infrastructure Security Co-ordination Centre (NISCC) and chasing cyber criminals and paedophiles around the Web at every given opportunity.

Already, the unit claims it has "taken down" two or three "virtual banks" and a number of the popular West African bank fraud scams, which many of us find in our mailbox at least once a month, from allegedly distressed members of the Abacha family or their friends and which, surprisingly, people still fall for.

Neate is proud that in what is really six months of operational existence, the unit has already conducted ten operations, is working with 22 countries, has made 27 arrests and collected three terabytes of evidence.

With 11,000 new users and 20,000 new Websites appearing every day, it's hardly surprising, Neate points out, that the villains are chasing the money, and some of the international gangs, in places such as the Ukraine or Russia, are becoming extraordinarily sophisticated, challenging the NHTCU to stay at the very leading edge of the technology.

This is, of course, just the beginning, and with one in five companies experiencing a security breach of one form or another, Neate argues that the unit's role has an educational element to its work, reminding businesses that computer crime can be even more damaging than a physical crime and offering the guidance that the judiciary needs in assessing the seriousness of cyber crime in its wildly different forms.

Unlike the US perhaps, there is a reluctance to report cyber crime activity in this country, as companies worry over the potential damage to their reputation that might accompany an approach to the police. This is one reason why the DTI decided it was time to undertake its own survey. Neate offers an example of one international car giant which refused to accept that its Web site had been hacked, even though he had a mirror image of the defaced site.

Businesses should be as prepared to report cyber crime to the police as they would any other crime. Moving forward then, Neate believes that the NHTCU needs to build trust among business and develop a partnership with industry, with the objective of establishing a confidential, national cyber crime reporting system and a code of good practise.

In all fairness, the NHTCU hasn't really had the time to make its presence felt within the industry. None the less, it's encouraging to believe that, in support of the Prime Minister's dream of making the UK "the best possible place for eCommerce", we have the "Men from U.N.C.L.E", the NHTCU, steadily developing the skills, relationships and procedures to protect us from the unwanted attentions of the "World Wide Weasels".

The big "if" of course, is whether any agency can, successfully, direct the methodical and relatively slow pace of police work against a global criminal epidemic of a speed and scale that we have yet to measure with any real accuracy. I for one hope they find the answer before companies start to wonder whether being on the Internet is worth the risk.

I wonder, how do you handcuff a cyber criminal?

Is the government still too soft on cyber crime? >> reserves the right to edit and publish answers on the Web site. Please state if your response is not for publication.

Zentelligence: Setting the world to rights with the collected thoughts and ramblings of the futurist writer, broadcaster and Computer Weekly columnist Simon Moores.

Read more on IT risk management