Combating The Cyber Criminals

Hi-Tech Crime, or perhaps we should refer to it as invisible crime, because of course it is unseen at the moment it is practised – at least to the naked eye.

And the fact that it possesses such indiscernible qualities means that it is harder to describe, and in particular it is harder to convince the uninitiated of the very real risks.

But a threat, which is “out of sight”, is still a threat nonetheless. And the potential for harm may even be exacerbated by the hidden nature of the phenomenon. I for one would rather be facing a danger than have it emerge from the shadows at a time when I am ill prepared.

Organised Crime will not telegraph its tactics to its intended victims out of choice – and where it can operate against a complacent adversary it will give no quarter.

In fact Organised Crime is reliant upon apathy, upon human error, upon an assumption that it is someone else’s problem. The digital terrain can support each of these facets, providing career criminals with favourable conditions for expansion and diversification.

Growing stronger with every attack, creating illicit wealth to bankroll other areas of criminality – and gathering experience and expertise with which to corrupt legitimate business – Organised Crime is both a threat and a competitor, and industry cannot address the problem any longer by ignoring it.

Harnessing the voice of industry has been crucial in the quest of the NHTCU, thus tailoring its response with greater understanding and victim focus.

Our survey conducted by NOP World into the impact of hi-tech crime on business showed that 167 companies suffered losses of over Â?195 million. Of course, costing cybercrime has a number of facets built into it, and subjectivity inevitably plays a part in the assessment but the findings are none the less significant in my view.

Indeed, assuming that the survey sample is representative of UK business as a whole, one is able to extrapolate out the overall cost of cyber-crime to UK business in terms of billions rather than millions of pounds each year. But perhaps just as worrying is the impact assessment from within industry itself.

Companies were asked in the survey to rate financial impact across a range of hi-tech criminality on a seven-point scale – with seven being the highest impact and one being the lowest. Theft of information, fraud and denial of service all featured prominently – but no category of crime was considered by respondents to cause a “high” financial impact and most rated the overall impact as low to moderate.

Arguably this demonstrates a pragmatic approach on the part of industry, which can factor in cyber crime as an unwelcome but manageable overhead.

For me though, the real test is not so much whether the financial impact of hi-tech crime is manageable, but whether the harm caused by hi-tech crime is relevant to the long-term well being of all businesses operating on-line.

According to the survey the chances are that you have been a victim in the last 12 months. In fact 83 per cent stated that they had fallen prey to cyber criminals.

Three-quarters experienced virus attacks on average 255 times during the year.

More than one in 10 had suffered at the hands of criminals who stole and misrepresented the companies website. And even more fell victim to theft of data.

There is, however, encouraging evidence – indicating a higher level of awareness amongst senior decision makers in companies – but still more needs to be done.

Regular security audits were missing from the business plans of 23 per cent of respondents and over one-third did not comply with any security standards at all.

Most now acknowledge the benefit of working with police in neutralising the threat posed by hi-tech criminality – with some 84 per cent of companies stating that working with the NHTCU was relevant to their organisation.

This is a positive indicator I know, but I will not be entirely satisfied until we have won over the remaining 16 per cent. In cyberspace as we have seen now on many occasions you are only as strong as the weakest link.

Over the past year the NHTCU has emerged through a phase that has seen refinement, sophistication and reinforcement across a broad range of initiatives.

The shifting dynamics of the digital terrain do not naturally lend themselves to this consolidation process, so in many respects the scale and diversity of the challenge has grown.

Yet it is an absolute truth that the cutting edge technology, which shapes the theatre of operations today, will become commonplace tomorrow, and may even be heading for obsolescence the day there after; and as science alters the dimensions of the medium that is our workplace, so we will have to adapt time and time again. The secret is of course to develop a mindset to match the flexibility and multiplicity of the landscape.