Select committee demands new process for reporting cyber crime

A parliamentary select committee has called for a new process for citizens and businesses to report cyber crime to the authorities.

At the meeting, held on 9 November, the government's Science and Technology Committee suggested that a new process is needed to enable simpler reporting of cyber crime.

The call fallows remarks made by David Cameron at the London Conference on Cyber Space recently, where he informed delegates that cyber crime costs the UK economy in the region of £27bn per year.

However, there is presently no clear way of reporting cyber crime to the authorities, with many police forces ill equipped to understand let alone investigate the crimes.

Dr Michael Westmacott of the BCS, The Chartered Institute for IT, who was sitting on the committee, explained that better reporting of cyber crime would help law enforcement.

"We need to gather far more information on the prevalence of criminal activity and individual occurrences, and we need to provide the public with the ability to easily report information on malware and to say when specific crimes have occurred.

"Without that information, it will be difficult to move forward with law enforcement."

Another attendee, Dr Richard Clayton, a research assistant at the University of Cambridge, stated that ISPs should get more involved in preventing cyber attacks.

"People should pass information [on cyber crime] on to the ISPs. The best ISPs pass that information on to their users and tell them they have a problem.

"But, on many occasions, the ISPs throw those reports away. They certainly do not go out seeking more reports because it is very expensive for them to communicate with their users, particularly if it is quite a complicated message. They do not like being the bearer of bad news."

Responding to a parliamentary question earlier this month, security minister James Brokenshire explained that work is ongoing in this area, and that it is an area of government focus.

"Some £63m has been allocated by the National Cyber Security Programme to strengthen the UK's response to cyber crime, in addition to existing resources. The Action Fraud service currently takes crime and information reports of fraud from businesses and individuals, and passes them to the National Fraud Intelligence Bureau (NFIB) for action."

He added that more investment would be heading to the Action Fraud service, and also to the Police Central e-Crime Unit (PCeU) – a division with the Metropolitan Police that specialises in cyber crime.

"The Action Fraud service will shortly be expanded to include financially motivated cyber crime types. Action Fraud will provide a single means for enabling businesses and individuals to report financially motivated cyber crime.

"We will also build on the expertise of the PCeU and SOCA's [Serious Organised Crime Agency] e-crime unit to create a specialist cyber crime unit within the National Crime Agency, and to help mainstream capacity to tackle cyber issues across police forces."

He concluded by recommending that businesses visit Get Safe Online for advice on cyber security.

"Get Safe Online, a joint government and industry initiative to raise awareness of internet safety, provides advice and guidance to help individuals and businesses to protect themselves online. Its website is www.getsafeonline.org."