Feeds

No investigation after malware is found on parliamentary PC

Hill to climb for new e-crime unit

Securing Web Applications Made Simple and Scalable

Police did not investigate when Alun Michael MP reported a PC in his office was attacked with malware, the former minister has revealed.

Michael, a tech-savvy parliamentarian, was able to detect and remove the malware himself, and described it as "a low level incident". He told The Register that he decided to report it to police as "an experiment", however.

"I though that with it being a computer within the Palace of Westminster there might be some feedback from the police," he said. "Or at least an acknowledgement it had been recorded - but no."

The security of parliamentary PCs is viewed as particularly sensitive given the confidentiality of MPs' correspondence with their constituents. When police recently seized computer equipment from the office of Tory immigration spokesman Damian Green without a warrant, it caused uproar among his fellow MPs.

Michael made the breach public during the same week it emerged the justice secretary Jack Straw's webmail account was hijacked by Nigerian advance fee fraudsters.

The government has been heavily criticised in recent years by the technology industry, academics and peers for its failure to address widespread fraud via the internet. The National Hi-Tech Crime Unit was effectively closed down when it was rolled into the Serious and Organised Crime Agency in 2006, leaving no organisation to monitor and investigate e-crime.

"It would be unrealistic to expect police to investigate every malware infection," Michael said. "My point was about the reporting system. If a car is broken into, whoever broke into it is long gone and you don't necessarily expect the police to investigate. You do however expect it to be recorded."

The Metropolitan police is currently setting up a successor to the National Hi-Tech Crime Unit, the Police Central e-crime Unit (PCeU), after ministers finally approved funding last year. Detective Superintendent Charlie McMurdie, who will head the unit, agreed that investigating every online fraud was unrealistic, but recording as much as possible was important.

"We have got 140,000 cops and most of them don't know one end of the computer from the other," she told delegates at a Westminster conference on e-crime last month. The PCeU, including a national online fraud reporting centre, will be operational later this year. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.