E-envoy to wage war on hackers

Andrew Pinder, the newly appointed UK government E-envoy, is spearheading a security crackdown to stop the spate of website hacking that has so embarrassed Whitehall.

"We will press hard on standards for security," he said. "It is important that government sites conform to reasonable standards so that people feel that government is secure and cannot be brought down. We will define strong guidelines to prevent the sorts of attacks that we have seen recently."

Pinder's pledge comes just before the first meeting of the UK's National Crime Squad, which will announce how its newly formed National Hi-Tech Crime Unit (NHCU) will improve incident reporting procedures and evidence gathering on security breaches.

The European Commission is also proposing a network of similar units to enforce an international computer misuse law.

Users warn that the NHCU must keep the details of businesses who report crime confidential, or risk deterring other companies from reporting their breaches.

"Unless the [police] are very careful, they could alienate most online retailers and service providers, and no one would ever bring a prosecution to court," said Pete Marsden, chief technology officer at online bank Egg.

"Part of the problem is that online organisations don't want any publicity even in the event that somebody does get caught, whereas [the police] do want publicity, to show they are an effective organisation," he added.

A spokesman for parliamentary lobby group Eurim said: "There is a gulf of misunderstanding between law enforcement, the security staff in large organisations, and the suppliers. The high street banks have larger security departments than the law enforcement agencies."

According to Eurim, one financial institution recently spent three days negotiating with different police forces to report a massive fraud attempt, but had to give up because the police weren't prepared to act on the information.

Separately, a survey of Computing readers has revealed that 75 per cent believe virus infections and hacking will stay at current levels or get worse. Nine out of 10 respondents said their firms had suffered virus infections, and half had been hacked or subjected to a denial of service attack.

First published in Computing