Feeds

No investigation after malware is found on parliamentary PC

Hill to climb for new e-crime unit

Providing a secure and efficient Helpdesk

Police did not investigate when Alun Michael MP reported a PC in his office was attacked with malware, the former minister has revealed.

Michael, a tech-savvy parliamentarian, was able to detect and remove the malware himself, and described it as "a low level incident". He told The Register that he decided to report it to police as "an experiment", however.

"I though that with it being a computer within the Palace of Westminster there might be some feedback from the police," he said. "Or at least an acknowledgement it had been recorded - but no."

The security of parliamentary PCs is viewed as particularly sensitive given the confidentiality of MPs' correspondence with their constituents. When police recently seized computer equipment from the office of Tory immigration spokesman Damian Green without a warrant, it caused uproar among his fellow MPs.

Michael made the breach public during the same week it emerged the justice secretary Jack Straw's webmail account was hijacked by Nigerian advance fee fraudsters.

The government has been heavily criticised in recent years by the technology industry, academics and peers for its failure to address widespread fraud via the internet. The National Hi-Tech Crime Unit was effectively closed down when it was rolled into the Serious and Organised Crime Agency in 2006, leaving no organisation to monitor and investigate e-crime.

"It would be unrealistic to expect police to investigate every malware infection," Michael said. "My point was about the reporting system. If a car is broken into, whoever broke into it is long gone and you don't necessarily expect the police to investigate. You do however expect it to be recorded."

The Metropolitan police is currently setting up a successor to the National Hi-Tech Crime Unit, the Police Central e-crime Unit (PCeU), after ministers finally approved funding last year. Detective Superintendent Charlie McMurdie, who will head the unit, agreed that investigating every online fraud was unrealistic, but recording as much as possible was important.

"We have got 140,000 cops and most of them don't know one end of the computer from the other," she told delegates at a Westminster conference on e-crime last month. The PCeU, including a national online fraud reporting centre, will be operational later this year. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.