Thought for the day:The serious business of hi-tech crime

Too many companies are letting hi-tech criminals get away with it, says Simon Moores after meeting the head of Britain's war on...

Too many companies are letting hi-tech criminals get away with it, says Simon Moores after meeting the head of Britain's war on e-crime.

There's a good view of the Millennium Dome from the office of detective chief superintendent Len Hynds, the head of the National Hi-Tech Crime Unit (NHTCU).

Len is preparing for next month's first UK e-crime congress in London, and between the two of us, we were wondering what the future held for the enormous dirty white tent outside his window.

In a recent Thought for the Day entitled "Sense and security", I commented on how the NHTCU, through "Operation Sidewalk", had been instrumental in tracking down "Solo", one of our better hackers, who had been busily creating havoc on the other side of the Atlantic, safe he thought, from an early morning knock on the door from the boys in blue.

Len, however, pointed out that while his unit played an active role in the investigation and has also been attracting media attention around a successful effort to capture Internet-savvy paedophiles, the NHTCU's true remit is "to combat serious and organised hi-tech crime".

While you and I are distracted by the many stories involving hackers and perverts, there's a yet unknown level of corporate intimidation and coercion involving the Internet. This costs business millions of pounds.

Ninety-seven per cent of UK businesses have apparently suffered one kind of attack or another from the Internet, ranging from an aggressive scan to straightforward blackmail of the kind that says "Deposit $1m in a foreign bank account by tomorrow morning or both your network and your business reputation are toast."

While a quarter of his team might be concentrating on very nasty and organised paedophile groups, the remainder is focused on other areas of business risk such as fraud or extortion.

Len believes that the real work of his unit involves the challenge of business continuity, educating both the public and the private sector that there is "a cost to complacency" and that the technology that we depend on is far more vulnerable than we think it is. "People don't think clearly about the threat," he tells me. "They have no metric for their level of confidence and they rarely consider the costs of business interruption and the many risks and implications of hi-tech crime."

I sense that perhaps the greatest challenge facing the unit isn't catching criminals, but rather, encouraging the public to report crimes or concerns to the police.

In a commercial environment business is uniformly reluctant to involve the police, unless it really has no choice. The NHTCU, says Len, needs to convince the public that an investigation doesn't involve a police cordon around the building and all the equipment spirited away as evidence. It's rather more subtle than that.

When the NHTCU was launched over a year ago, I wondered how much impact it could have on such an enormous and, as yet, unscaled problem as Internet crime?

In fact, with quite modest resources it has achieved a remarkable amount of success in a relatively short time. But unless business starts taking the risk seriously and is prepared to report any attack swiftly and confidentially, then progress against a tidal wave of opportunistic computer-based crime won't be as rapid as people might wish.

So it's up to us in the end. We use technology with blind confidence. I see it every day on my motorcycle. Clutch a mobile phone to your ear in animated conversation and walk out into the rush-hour traffic.

Much the same happens every day on the Internet and the risks are as real on-line as they are offline. Business needs to treat the risks seriously and have a policy in place to deal with the possibility of a deliberate attack or compromise. If in doubt, call Tony Neate, the industry liaison officer at the NHTCU 0n 0870 241 0549 or e-mail [email protected]

Alternatively, keep a suitcase full of used £5 notes available and hope that this might persuade an enterprising e-criminal to leave you alone in future!

What is your view?
Do you have a plan in place in case your business is attacked? >> reserves the right to edit and publish answers on the Web site. Please state if your answer is not for publication.

Zentelligence Setting the world to rights with the collected thoughts and opinions of the futurist writer, broadcaster and Computer Weekly columnist Simon Moores.

Read more on IT risk management