‘Actionable intelligence’ needed on cyber threat

More convictions of cyber criminals must be made to stem the rising tide of online crime and fraud. The Lord Mayor of London, Dr Andrew Parmley, says this is the only way to improve cyber resilience.

Speaking at a cybercrime forum he hosted at London’s Mansion House in partnership with Verizon Enterprise Solutions, the lord mayor said “boosting the cyber resilience of London – and indeed the whole of the UK – was of paramount importance”, highlighting that cybercrime had now overtaken ‘traditional crime’.

He noted that there were around five million reported cases of cybercrime and fraud last year, accounting for half of all UK crime and costing roughly £192 billion. The lord mayor stressed that “in order to stem this trend, more convictions of cybercriminals must be made”.

He said his goal was for “London to become the first cyber-secure city”. To achieve this, he suggested that the police needed help from businesses and individuals to increase convictions and improve cyber resilience.

He also championed, as did many of the speakers, the importance of sharing threat intelligence.

“Sharing [cyber security] information is still a relatively new concept, but there is significant and growing understanding of the critical value of collaboration if we are serious about combating the threat,” he said.

The lord mayor believes the capital was “uniquely placed to nurture cyber experts to combat the cyber threat”, adding that “this creation of cyber-skilled individuals will be of great importance in the fight against cybercrime”.

The event attracted leading figures from policing, who shared the latest techniques for fighting cybercrime and fraud, providing their insights from real-world data breach case studies and discussing how the private and public sectors can address the need for better information sharing.

Peter Goodman, chief constable of Derbyshire Constabulary and national lead for cybercrime, emphasised the importance of collaboration, not just between law enforcement departments, but businesses and individuals as well.

The increasing reliance on the cyber world, he said, represents “the changing face of criminality”.

He explained that traditional crime was high risk and low yield (eg, robbing a bank), but that cybercrime was low risk and high yield, which has “changed the nature of criminality and policing”. Mr Goodman said it is now a lot harder [to police] because this type of crime has never been seen before.

Also, with the returns from cybercrime so high, with relatively little risk, organised crime syndicates are deploying its use across their whole operations, said Mr Goodman.

The main enabler of cybercrime is the criminal marketplace, followed by poor cyber security practices, poor staff awareness and a lack of personal responsibility – “of which we are all guilty”, he explained.

A recent report by the National Crime Agency (NCA) into how and why some young people become involved in cybercrime highlighted how off-the-shelf tools such as DDoS (distributed denial of service)-for-hire services and remote-access Trojans were available with step-by-step tutorials at little to no cost to the user, making the skills barrier for entry into cybercrime lower than it has ever been.

Mr Goodman said the extent of cybercrime’s growth is highlighted by the Government’s view of the “new phenomenon” – it is ranked as a Tier 1 threat to national security, on the same level as terrorism: “Could the next terrorist attack, for example, be full cyber? An example being the targeting of a small hedge fund with little security in order to cause a global financial meltdown.”

Many experts predict that a cyber war targeting critical national infrastructure will erupt within the next five years.

One of the biggest challenges for law enforcement, Mr Goodman suggested, is the rapidly evolving state of malware. Two years ago, he said, it took a strain of malware 12 months before it was ready to return to exploit a server. Now it takes two days. The morphing and evolving nature of malware h