London police to beef up cybercrime unit

LONDON - To tackle the growing problem of cyber- attacks and Internet fraud, London is to ramp up the size of its specialist e-crime unit.

The official estimate of the cost of cybercrime to the British economy is around £27 billion (S$54 billion), and evidence before the Home Affairs Select Committee of the British Parliament some months back showed that organised gangs in at least 25 countries, mostly in Eastern Europe, were increasingly targeting their efforts on Britain.

Until recently, London's Metropolitan Police had primary responsibility for fighting cybercrime.

That task has been taken over last month by the National Crime Agency (NCA), a newly created specialist investigative body whose primary job is to target organised gangs or complex criminal activities.

But London's police force is now planning to replenish the rank of its specialists who were transferred to the NCA by recruiting as many as 500 additional computer experts to concentrate on fighting e-crime in the capital.

The severity of the challenge facing investigators is not in doubt: A pioneering, year-long investigation by the parliamentary Home Affairs Select Committee reported in June that "(Britain) is failing to win the war on e-crime".

"We are being too complacent about these e-wars because the victims are hidden in cyberspace. The threat of a cyber-attack to (Britain) is so serious it is marked as a higher threat than a nuclear attack," Mr Keith Vaz, the MP who chaired the committee, said at the time.

And while the committee estimated that online criminal activity may have inflicted a cumulative £27 billion worth of damage to the British economy, it also concluded that compiling such figures is well-nigh impossible.

"There appears to be a 'black hole' where e-crime is committed with impunity.

Online criminal activity which defrauds victims of money is often not reported to, or investigated by, law enforcement. Banks simply reimburse the victims with no pursuit of the perpetrators," the committee added.

In theory, the decision by the London police force to beef up its own cybercrime unit alongside an existing national one contradicts the recommendation of legislators who urged the British government against a "fractured response to e-criminals".

But with up to 20 per cent of the country's population either working or residing in the capital and given London's status as one of the world's biggest financial centres, some role-specialisation is inevitable.

Britain also operates a child exploitation and online protection unit.

Meanwhile, the country's security services claim to be tracking around 70 acts of cyber-espionage against big British corporations, allegedly at the behest of foreign governments.

And separate British police units are tasked with fighting overseas organised gangs.

Nevertheless, the authorities seem doomed to play catch-up against criminals, largely because government structures and legal systems take time to adjust.

Britain's NCA needs to recruit 236 new dedicated officers and plans to train a further 2,300 policemen as "digital investigators", tasks which may not be completed before 2015.

The NCA's cybercrime unit head Andy Archibald wants his people to write their own software in order to penetrate the computer systems of criminals; "we need to grow our capability to do that," Mr Archibald told Wired magazine.

But at least for the moment, many British law enforcement officers paradoxically end up relying on the same network intrusion hacking tools or de-anonymisation software the hackers themselves use to compromise systems and pilfer data.

And, as Mr Archibald admits, he does not know whether the courts would accept evidence collected in this way, or even whether British law is "fit for a digital age".

What is clear, however, is that statistically, criminals convicted of stealing money online tend to get lighter sentences than those physically caught stealing cash.

But the problem may stem from an older generation of judges who continue to view cybercrime as more "virtual" than "real".

Still, that may change by the sheer scale of the problem: A recent study by the University of Kent found nine million adults in Britain have had their online accounts hacked in the past year.

jonathan.eyal@gmail.com

Get a copy of The Straits Times or go to straitstimes.com for more stories.