Met police: Government investment in cyber crime is 'sufficient', despite thieves making off with £1m on a given weekend

All going to plan, but we need to do something about Angler and Dridex

Chancellor George Osborne's five-year £1.9bn cyber security ring fence represents "sufficient investment" in cyber security, the Metropolitan Police Service's head of cyber crime has told Computing.

However, DI Jason Tunn also admitted that numerous ongoing threats can cost UK victims sums up to £1m total in one weekend.

Speaking at Think Charity, the annual conference of the Charities Security Forum in London today, Tunn told Computing that while he "can't comment on government funding" his belief is that "there has been significant investment in cyber in the last five years...to aid the growth the of the NCA [National Crime Agency]'s cyber project, and the network across the UK, as well as the regional side, and Interpol," said DI Tunn.

"Whether it's enough money - I'm not going to comment on that, but I will say there's been sufficient investment over the last five of years to take fairly major steps. The government is committed to that and they wouldn't be committing any sum of money to that if they didn't feel it was going to be of benefit."

DI Tunn also enthused about Osborne's proposed "National Cyber Centre", the Pentagon-like body that will be created, said Tunn, "for investigating national defences".

Nevertheless, he did admit that rampant cyber crime is still costing UK-based victims a good deal of money.

"There's a lot of threats out there, and I think the four main threats facing the UK are banking trojans, the Angler exploit Kit, network intrusions and ransomware," said DI Tunn.

Of the Angler exploit kit, which targets Java and Flash weaknesses in systems and can then redirect web browsers to malicious sites, DI Tunn said "there's an army" of offenders who are "cashing out" by engineering bogus financial exchanges. He said £976,000 was reportedly "cashed out" in one weekend due to the exploit.

Meanwhile, losses "in the region of £20m" have been suffered in the UK as a result of Dridex, which targets Microsoft Office to carry out banking fraud, DI Tunn added.

"DDoS is for hire now," he said, adding that proliferation of services is now so easy to obtain for technologically unskilled people that it's relatively simple to hire "contract killers" online.

"It's not just about us going out and arresting people, although we're the police and that's what we like to do," said DI Tunn.

"It's also about learning from that and talking out some elements of cyber crime and saying 'How do we actually protect that with best practices'?

"If we stand in isolation we're never going to solve this. We're not going to be able to arrest our way out of this," DI Tunn added, suggesting that users and organisations should also stay aware and share information, using systems such as the police force's FALCON service (designed to respond to fraud and linked crime online).