Feeds

My sysadmin is a special constable

Stop, Hacker!

  • alert
  • submit to reddit

SANS - Survey on application security programs


Parliamentary lobby group EURIM is working with MPs and industry groups to draw a blueprint for the fight against cyber-crime.

EURIM and think tank The Institute for Public Policy Research (IPPR) today published a discussion paper which aims to set the agenda for debate on e-crime. This outlines a number of easily-introduced fairly cheap measures that can be taken to stem cybercrime, along with a number of longer-term plans.

The thinking is that most cyber-criminals are opportunists who can be deterred by simple precautions. Unfortunately very few people are taking care, so easily preventable Internet crimes are on the rise.

Criminals are becoming interested in the Internet because it provides greater opportunities for crooks to automate their search for victims, achieve economies of scale and cover their traces.

Brian White, MP for North East Milton Keynes, and chair of EURIM, said Net crimes are becoming a significant source of revenue for organised criminals. Protection rackets, for example, have been reinvented for the Internet with recent attempts to extort protection money from online bookies by threatening DDoS attacks.

More such problems can be expected in the future, but e-crime is not high up the political agenda, according to White.

He said the introduction of legislation to combat e-crimes needs to come alongside education and technical solutions: "Laws on their own won't solve e-crime."

According to the EURIM - IPPR discussion paper, fighting cyber-crime depends on action in three key areas:

  • The development of a shared National E-Crime Strategy.
  • Government and industry support for educational and prevention programs designed to address e-crime risks and fears.
  • Developing the ability of law enforcement to identify and deal with threats as they emerge - rather than reacting when they are already out of control.

One of paper's main ideas is already close to reality. The paper calls for a “Green Cross Code” on safe use of computers and the Net in homes, schools and in small businesses. A draft text for such a code has been published by Britain's

National High Tech Crime Unit

.



EURIM - IPPR is also calling on steps to streamline the reporting of e-crime to the police.

My BOFH is a special constable

More ambitiously the EURIM - IPPR paper calls for frameworks for co-operation between industry and law enforcement in areas where the skills for policing and investigation are in short supply. This would involve the use of special constables, civilian volunteers and multi-disciplinary units to handling Internet crime.

In effect, sysadmins will be asked to give over their time to help the Internet community by assisting police in investigating cyber-crime. The idea is still at a preliminary stage but the thinking is that such special constables would not have arrest powers nor would they be financially rewarded for their work with the police.

The topic will be addressed in greater detail in the next phase of the EURIM - IPPR E-Crime study, which his timed to take place in the run up to a Home Office strategy document on e-crime, due next spring.

More than 40 organisations are involved in the study. These include telcos, banks and other financial services, security services, law enforcement agencies, trade associations and professional bodies as well as hardware and software suppliers such as Microsoft and Symantec (which are sponsoring the study).

The full text of the first discussion paper can be found here. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.