Thought for the day:The serious business of hi-tech crime

Too many companies are letting hi-tech criminals get away with it, says Simon Moores after meeting the head of Britain's war on...

Too many companies are letting hi-tech criminals get away with it, says Simon Moores after meeting the head of Britain's war on e-crime.

There's a good view of the Millennium Dome from the office of detective chief superintendent Len Hynds, the head of the National Hi-Tech Crime Unit (NHTCU).

Len is preparing for next month's first UK e-crime congress in London, and between the two of us, we were wondering what the future held for the enormous dirty white tent outside his window.

In a recent Thought for the Day entitled "Sense and security", I commented on how the NHTCU, through "Operation Sidewalk", had been instrumental in tracking down "Solo", one of our better hackers, who had been busily creating havoc on the other side of the Atlantic, safe he thought, from an early morning knock on the door from the boys in blue.

Len, however, pointed out that while his unit played an active role in the investigation and has also been attracting media attention around a successful effort to capture Internet-savvy paedophiles, the NHTCU's true remit is "to combat serious and organised hi-tech crime".

While you and I are distracted by the many stories involving hackers and perverts, there's a yet unknown level of corporate intimidation and coercion involving the Internet. This costs business millions of pounds.

Ninety-seven per cent of UK businesses have apparently suffered one kind of attack or another from the Internet, ranging from an aggressive scan to straightforward blackmail of the kind that says "Deposit $1m in a foreign bank account by tomorrow morning or both your network and your business reputation are toast."

While a quarter of his team might be concentrating on very nasty and organised paedophile groups, the remainder is focused on other areas of business risk such as fraud or extortion.

Len believes that the real work of his unit involves the challenge of business continuity, educating both the public and the private sector that there is "a cost to complacency" and that the technology that we depend on is far more vulnerable than we think it is. "People don't think clearly about the threat," he tells me. "They have no metric for their level of confidence and they rarely consider the costs of business interruption and the many risks and implications of hi-tech crime."

I sense that perhaps the greatest challenge facing the unit isn't catching criminals, but rather, encouraging the public to report crimes or concerns to the police.

In a commercial environment business is uniformly reluctant to involve the police, unless it really has no choice. The NHTCU, says Len, needs to convince the public that an investigation doesn't involve a police cordon around the building and all the equipment spirited away as evidence. It's rather more subtle than that.

When the NHTCU was launched over a year ago, I wondered how much impact it could have on such an enormous and, as yet, unscaled problem as Internet crime?

In fact, with quite modest resources it has achieved a remarkable amount of success in a relatively short time. But unless business starts taking the risk seriously and is prepared to report any attack swiftly and confidentially, then progress against a tidal wave of opportunistic computer-based crime won't be as rapid as people might wish.

So it's up to us in the end. We use technology with blind confidence. I see it every day on my motorcycle. Clutch a mobile phone to your ear in animated conversation and walk out into the rush-hour traffic.

Much the same happens every day on the Internet and the risks are as real on-line as they are offline. Business needs to treat the risks seriously and have a policy in place to deal with the possibility of a deliberate attack or compromise. If in doubt, call Tony Neate, the industry liaison officer at the NHTCU 0n 0870 241 0549 or e-mail admin@nhtcu.org.

Alternatively, keep a suitcase full of used £5 notes available and hope that this might persuade an enterprising e-criminal to leave you alone in future!

What is your view?
Do you have a plan in place in case your business is attacked? >> CW360.com reserves the right to edit and publish answers on the Web site. Please state if your answer is not for publication.

Zentelligence Setting the world to rights with the collected thoughts and opinions of the futurist writer, broadcaster and Computer Weekly columnist Simon Moores.
This was last published in November 2002

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close