Feeds

Computer crime sentences are ‘not good enough’

Get Tough, Police urge

  • alert
  • submit to reddit

SANS - Survey on application security programs

A senior policeman has called for higher sentences to combat hi-tech crime.

Detective Superintendent Mick Deats, second in command of Britain's National High Tech Crime Unit, said that computer crime sentences are "not good enough".

"What we're dealing with is hi-tech burglary - and sentences don't reflect that or the full impact on business of cybercrime."

Det Supt Deats made his comments during a panel discussion on cybercrime at this week's Infosecurity show in London. During the session the Hi-Tech Crime Unit outlined its progress to date in investigating hi-tech crimes. These include investigations concerning: denial of service attacks, hacking, hi-tech fraud, extortion intellectual property theft and the use of the Internet by paedophiles and drug dealers.

Since its foundation in 2001 the NHTCU has dealt with 2,000 crime reports, conducted 41 operations and made 101 arrests, 25 per cent of which relate to paedophilia charges. Det Supt Deats said 85 per cent of these arrests result in prosecutions, the majority of which are waiting to go to trial.

Of those who have gone to trial, Det Supt Deats is far from satisfied with the outcome.

So is additional legislation needed?

Not according to Detective Chief Superintendent Les Hynds, head of the National Hi-Tech Crime Unit, who said existing laws - such as the Computer Misuse Act and the Regulation of Investigatory Powers Act - are adequate. However he added a rider that neither piece of legislation has been fully tested in court.

And there is now "incontrovertible evidence" that organised criminals are becoming involved in hi-tech crime, Hynds says.

A recent NOP survey on cyber-crime revealed that even excluding the most common offences of lap-top theft and viral attacks three in four of 150 business surveyed had suffered from some type of hi-tech crime. Financial fraud and sabotage by insiders are the biggest problems.

According to Deats, 56 per cent of organisations hit by hi-tech crime do report offences to police. However there remains a lack of openness about reporting cybercrime in particular sectors of the economy.

Banks less than Frank

Banks, for example, are not sharing information about serious fraud among themselves and this makes it easier for criminals to operate, Det Supt Deats believes.

Ged Edgcumbe, security risk control manager, at investment bank UBS Warburg, conceded this point.

"Bank don't talk about cybercrime, even internally. And if they do talk it is not necessarily open and frank," he said.

Jeremy Beale, head of e-business at the Confederation of British Industry (CBI), said business concerns about cybercrime differ markedly from those of the police.

Business are principally concerned that the rising problem of cybercrime might discredit ecommerce, which many firms are successfully adopting to improve their competitive advantage. For individual companies, damage to brand reputation caused by cybercrime incidents is the principal concern.

The police want to catch criminals involved in cybercrime and prosecute them as a deterrent whereas firms hit by e-crime are principally interested in making sure it has a minimal impact on the businesses.

"Police and business perspectives on cybercrime are world's apart," said Beale. ®

Related Stories

Hi-tech crime threatens UK plc - survey
Web pedos crack into corporate servers
Organised Net crime rising sharply - top UK cop
UK plc reamed online
Cybercops are go!

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.