Will IT crooks finally meet their match?

Give somebody the opportunity to commit a crime and the chances are good that they will rob you blind.

So, if opportunity makes a crime, then removing the opportunity will, hopefully, remove the prospect for a crime. Protecting computer systems is therefore not merely an exercise in information security but an exercise in crime prevention – and often that is helped by thinking the way that a criminal might.

Crooks need to know that the potential reward for a crime exceeds the likely cost of committing the crime. They need to know, even if just at a subliminal level, whether they are likely to get caught; if caught, likely to be prosecuted, found guilty and punished. And they need to know whether they have a chance of getting sufficient “return on investment” to make the effort and the risk worthwhile.

In many ways, this leads to some of the problems in information security. The chances of a virus writer being caught are slim, but then the reward is low in financial terms. But equally, the chances of an extortionist being caught – if they are sensible in how they approach the exercise – are equally small.

The internet offers everything that an extortionist might want. It provides mechanisms for making demands, mechanisms for receiving and managing money and mechanisms whereby information can be stolen, fenced and distributed – all with low risk of detection and capture.

On top of all this, the law itself has proven less than effective in punishing those captured, because of the complexity of the technical evidence that must be presented and explained to juries.

One of the key tasks of the newly formed Serious and Organised Crime Agency, or “British FBI”, will be to redress this situation. But as ever, there are problems. The actual policing itself is reasonably well-understood. The crime prevention advice, the inter-agency co-operation, the international measures – in all of those fields, the officers involved have had a lot of experience.

But what is missing, and what will always continue to be a problem, is the whole exercise of explaining that technical evidence to non-expert juries – particularly in the sort of long-running and intensive trials that the cases will generate. And hence the need for a cadre of expert witnesses, working to an agreed standard.

The establishment of the British FBI is exciting; but the establishment of expert witness standards would be even more important – and that work is now underway.