The Register® — Biting the hand that feeds IT

Feeds

Cybercrime fears over hi-tech cop job cull

SOCA ruled offside

By John Leyden, 5th December 2007
  • print
  • alert

Customer Success Testimonial: Recovery is Everything

Rumoured cuts at the UK's Serious Organised Crime Agency (SOCA) will hurt the fight against cybercrime, security experts warn.

Speculation that 400 jobs may go at SOCA (the UK's answer to the FBI) has raised concerns that UK businesses will be placed at greater risk of attack from international cyber-criminals. Encryption experts Safeboot note that coming so soon after the HMRC data loss debacle and days after MI5 warned of heightened industrial espionage against UK businesses from China, any cuts would send all the wrong signals.

SOCA was established in 1 April 2006 following a merger of the National Crime Squad, the National Criminal Intelligence Service, the National Hi-Tech Crime Unit (NHTCU), the investigative arm of HM Revenue & Customs on serious drug trafficking, and the Immigration Service's unit dealing with people trafficking.

Home Office decisions on policing budgets out this week are expected to force the agency to lose between 200 and 400 of its 4,400 staff, The Times reports. Politicians reportedly want the agency to concentrate more on human-trafficking alongside its existing top priorities of fraud and drugs. That leaves the growing problem of cybercrime way down the political agenda.

A spokesman for SOCA said that while a reduction in headcount had been part of the current year's plan, there had been no announcement of any further cuts. He added that the organisation had been increasing headcount in cybercrime.

Nevertheless, the prospect of streamlining has provoked a backlash from sections of the information security community already critical of the decision to merge the National Hi-Tech Crime Unit (NHTCU), which specialised in combating cybercrime, within an agency with a much larger remit.

Tom de Jongh, product manager at encryption specialist SafeBoot, fears for the future of the UK’s online defences and reckons that unless businesses start to take proactive measures to protect themselves from attack, SOCA’s reduced resources will lead to greater problems.

"In the last few days we have seen reports that personal data can be downloaded for a small fee and that the Information Commissioner has had his personal information accessed. In today’s environment, cyber-crime is rife. Without proper policing, UK businesses would be oblivious to many of the threats facing them," de Jongh said.

"SOCA’s role is critical in securing UK business. Over half of IT managers admit that workers ignore IT security policies and this should terrify business leaders across the nation. If their internal policies are being ignored, and workers are potentially leaving ‘doors’ wide open for cyber-criminals to exploit, what chance have businesses of staying secure?"

"If businesses cannot get the basics right, then SOCA is their last-line of defence," he added. ®

Ensure Ease of Recovery with Asigra’s Agentless Software

COMMENTS

House Rules Send Corrections
All Reader Comments (3)
Latest Comments
RW

@ Brian Miller

"any cuts would send all the wrong signals."

How about "would demonstrate for the Nth time that Those In Charge haven't got a clue."

This business of "sending signals" (or "sending a message") is traceable to American Southern culture, which teaches that you can never say anything negative about or to anyone, hence when they fuck up, you "send them a message" via actions instead of speaking in plain English.

Given the advent of hyperPC, this attitude has become very widespread: you can't offend anybody at any time for any reason, truth and justice notwithstanding.

The most egregious example I personally know of was a woman who wasn't satisfied with repair work on her car. She drove back and forth in front of the mechanic's establishment "to send him the message" that she wasn't satisfied. Gee, honey, what's wrong with picking up the telephone and saying "This is Jane Doe speaking. I'm not satisfied with the work you did on my car and want it re-done right"???

But plentiful other examples are easy to spot. When George Bush says "we are doing X to send a message to Y," for any of a variety of values of X and Y, one has to wonder why he doesn't just have the State Department draft a diplomatic note.

The difficulty with "sending a message" via actions instead of words is that the semiotic significance may be overlooked or misconstrued. Perhaps cutting 400 jobs from SOCA is really sending the message "we think you are useless twits and are justifiably dumping you." Or maybe it's saying "we want British business to get fucked by hackers, teach 'em a lesson for not fully supporting the NuLabour agenda." Who knows? (For that matter, who cares?)

Moral (and to bring in the IT angle), if you have a problem, put it in writing and be plain about it, even if you end up in hot water for not being fully PC. As an example, I'm sure that when our Paris was nailed for driving sans license, the coppers put it in writing. (See how deftly I dragged in the Paris angle?)

0
0
Brian Miller

"I'm from the government; I'm here to help you rewrite your firewall rules."

"If businesses cannot get the basics right, then SOCA is their last-line of defence."

Yeah, right, that's gonna really secure a business. You want someone to believe that one? Guess again. The cops come in *after* the crime has been committed and there is a victim.

You want something to keep users in check? Show them where they surf on the web. It takes snoop and 24 lines of Perl to capture and categorize all internet traffic. Another 24 lines of Perl produces the report. Send that to a user, and they'll clean up their act immediately!

0
0
John A Blackley

Without El Reg, would I have noticed?

I know, I know, being in the security biz means that so long as there's no news then you're doing a bang-up job (to a point) but...................

Try as I might, I'm having a hard time coming up with an instance of broadband banditos quivering at the mere mention of SOCA and vowing to steer clear of Britain's electronic shores for fear of having their cyber collars felt.

Then there's the attempt at justifying 'PC' Plod's existence by the FUD factor, "Ooooh! If we do away with SOCA, who's going to look after the wee ones - the poor British businesses who can't work out half-decent security programs for themselves?"

Darwin, mate. That's who.

0
0

More from The Register

breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17
breaking news
'BadNews is malware' says outfit that found it
Google says code harmless but Lookout says code base is evolving
15
Panda-peddlers cuffed for chess gambling gambit
More porridge on the menu for Chinese coders after second offence
13
breaking news
Yes, maybe we should keep hackers in the clink for YEARS, mulls EU
Watch out black hats, they just might throw away the key
39
Microsoft borks botnet takedown in Citadel snafu
Stupid Redmond kicked over our honeypots, wail white hats
19