Feeds

UK police lack e-crime savvy officers

No-one to slap on the e-cuffs

  • alert
  • submit to reddit

Application security programs and practises

A hi-tech skills crisis in law enforcement threatens to set back the wider fight against crime, a report out today warns.

e-crime is on the rise and digital evidence is playing a greater and greater role in mainstream criminal investigations. There are around 140,000 police officers in the UK. Barely 1,000 of them have been trained to handle digital evidence at the basic level and fewer than 250 are currently with Computer Crime Units or have higher level forensic skills. Add in the civilian staff of the Forensic Science Service and its contractors and the pool of full-time expertise is still under 400.

An e-crime study from lobby group EURIM and think tank IPPR out today warns of a mounting backlog of e-crimes awaiting investigation and a shortage of skilled personnel able to tackle them. Delays of six to 12 months have become common as police resources are tied up with major investigation such as Operation Ore - the prosecution of an estimated 7,000 UK users of a US child porn portal.

eVigilante risk

"Computer assisted extortion, fraud and impersonation, however great the damage, are on the back burner. Any attempt to change the situation requires change to both the skill levels available and the priorities for deployment," writes David Harrington, author of EURIM's report Supplying the Skills for Justice.

The mounting backlog has led to increased reluctance of by local forces to launch new investigations, which could in turn result in public disillusionment with the law enforcement system. The study warns that if nothing is done people might resort to vigilante tactics. “We face a very real risk of seeing the democratically accountable policing of computer-assisted crime replaced by a combination of vigilante action and the covert privatisation of legitimate investigation,” the study warns.

The launch of the EURIM/IPPR e-crime study in Westminster today brought together industry representatives, police and politicians to discuss ways of tackling the problem before it gets out of hand.

Trusted link

Making greater use of an estimated 8,000 security experts in the private sector is seen as crucial for progress.

Too few police officers have received the necessary training and there is a confusion of qualifications and standards among the civilians who might be called upon to assist. The report calls for the new Criminal Justice Sector Skills Council – Skills for Justice – to sort out the mess and become the lead agency in certifying training courses. This, together with a formal process for assessing and certifying skill levels and competencies of investigators, is seen as the best way to bring more people in to tackle the problem.

UK science and technology company QinetiQ agrees that the criminal justice system needs to exploit private sector expertise to defeat cyber criminals. It argues that because courts need to be sure of the integrity of evidence private sector private sector operatives need to become a "trusted link in the criminal justice chain", working to a robust set of standards. QinetiQ reckons the battle against cybercrime needs to be fought in the boardrooms as well as through the court and criminal justice system.

Neil Fisher, QinetiQ’s director of security solutions and vice chair of the UK’s Information Assurance Advisory Council, said: "The issue of forensic readiness is not one to be grasped solely by the criminal justice system. Companies have a duty of care to their shareholders and employees, just as public bodies have a duty to the taxpayer, to take the issue of cyber crime seriously, both in terms of protecting against the threat and also of being in a position to respond in a way that best guarantees a result in the courts once a crime has been committed." ®

Related stories

E-crime costs UK business billions
MPs urged to reform cybercrime laws
Small.biz told to swot up on Net security
My sysadmin is a special constable
UK.gov announces hi-tech elite police squad
The rise of the white collar hacker

HP ProLiant Gen8: Integrated lifecycle automation

More from The Register

next story
Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
'Greenhouse effect is real, but as for the rest of it ...'
Adam Afriyie MP: Smart meters are NOT so smart
Mega-costly gas 'n' 'leccy totting-up tech not worth it - Tory MP
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.