Police set up regional hacking units

Police set up regional hacking units

Summary: Forces around the UK are jointly setting up regional units that will have the power to hack into suspect computers and deploy keylogging software and other malware

TOPICS: Security

Police forces around the UK are setting up regional surveillance units that will use technical methods, such as computer hacking, to monitor suspects.

Police car

Police forces around the UK are setting up regional surveillance units that will use methods such as computer hacking to monitor suspects. Photo credit: AndrewHa/Flickr

The police in Derbyshire, Leicestershire, Lincolnshire, Northamptonshire and Nottinghamshire jointly began setting up a unit on 1 July, according to documents released within the past few days by the Lincolnshire Police Authority. While the documents lay out the basis of the collaboration, not all of the measures have been signed off yet, the Lincolnshire police told ZDNet UK on Tuesday.

The aim of the East Midlands Technical Surveillance Unit (EMTSU) is to provide "technical surveillance, covert hi-tech, covert forensics and covert method entry", according to the documents.

Surveillance techniques

Surveillance techniques used by police include remote hacking and placing keylogging software on computers, according to Jonathan Krause, a former analyst and civilian employee in the Metropolitan Police's child protection unit. Covert forensics involves performing forensic analysis of a suspect's PC or device without that person's knowledge.

"The police use extremely advanced techniques and capabilities," Krause told ZDNet UK.

In some investigations, police units sit outside premises in unmarked vans and intercept Wi-Fi traffic, according to the information security expert. WPA2 and other Wi-Fi encryption protocols are "fairly straightforward to crack", he added.

Sometimes police can enter a property or break in — they need a court order to do that — to go into a house and place a keylogger.

– Jonathan Krause

"Sometimes police can enter a property or break in — they need a court order to do that — to go into a house and place a keylogger," said Krause, who is now managing director of UK technology company Forensic Control.

Once officers have a suspect IP address, they can go to ISPs or to web email providers such as Google or Microsoft and request access to account information. Then they can check whether the suspect is using a fake username.

In addition, the police get into systems remotely using techniques more commonly associated with hacker groups such as LulzSec, according to Krause. Investigators have used network penetration techniques and malware, he said. "[Police] usually use one of the easier ways, just as LulzSec got into websites via unpatched servers," he added.

Surveillance units also fool suspects into downloading Trojan horses or other malware so that the police can monitor their systems. "Social engineering always seems to be the easiest," Krause said.

Budget cuts

The regional technical units are a response to government budget cuts, the Association of Chief Police Officers (Acpo) told ZDNet UK on Tuesday. Previously, the police forces and authorities would have worked with the Serious Organised Crime Agency, which is being rolled into the National Crime Agency (NCA).

Read this

Metropolitan Police trials GeoTime tracking software

Campaigners have expressed concerns over tracking software being tested by the Met that correlates disparate pieces of digital information to track the whereabouts of suspects

Read more+

"Forces are forming these units as a response to the loss of funding," said an Acpo spokesman.

A similar project to the EMTSU, called the South East Covert Operations Unit, is being undertaken by Hampshire, Surrey, Sussex and Thames Valley police forces, said the Acpo spokesman, confirming a report in The Guardian.

The covert technical units are using surveillance techniques as part of the local police forces' investigations into serious crime, according to the Acpo spokesman. Those investigations are separate to those carried out by the Metropolitan Police Central eCrime Unit (PCeU), which focuses on looking into cybercrime and is currently carrying out an operation designed to track down members of LulzSec.

The PCeU has used covert techniques to monitor suspects and is participating in the East Midlands unit's forensics work, a source at the Met told ZDNet UK.

"All of our work involves covert [operations]," the PCeU source said. "Different parts of a national programme are going ahead."

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • So to catch law breakers the police now intend to commit the same crimes as the supposed "hi profile cyber criminals" such as lulzsec and anon? Some would call that hypocrisy, some corruption… I’d like to see a conviction for a crime that was discovered by committing the exact same crime.
  • This is not primarily aimed at "serious crime" as suggested, it is being used to identify anyone with any views that differ from the government's. In short what we have is a system exactly the same as in China were peoples email accounts are regularly hacked into to read their emails. Once identified people are taken away God knows were, they are proably tortured as well so desperate is this govenment to control what people think.
  • Perhaps the News of the World wasn't as guilty as we thought!!
  • WPA2 and other Wi-Fi encryption protocols are "fairly straightforward to crack"

    LOL it takes up to a month to crack that protocol, and even there, encrypting everything crucial makes things a lot more difficult for them. Changing WPA2 key every few weeks make it even more difficult to crack.

    And for keyloggers, any antivirus detects such paterns right away. Of course they COULD code it so that it is not detected but a serious user will be able to remove it pretty quick. Also making the firewall efficient by not letting most softwares access the internet make those keyloggers not able to upload itself to the police servers or by way of e-mails.

    Also a DSL connection's IP can be manually changed by unplugging the ISP modem for a few minutes then plug power back to get a new IP.

    I would like to see those "methods" the police use to crack WPA2 and log every keys ^^ I'm no poweruser but I can deactivate all that myself so I really think a poweruser would be much more difficult to hack. ^^
  • Nova Thunder you are spot on! The only thing this sort of operation or team is likely to be able to catch is the odd peer to peer person. The biggest floor in the plan straight away is what makes you think any serious computer criminal is going to have wireless........... most hackers target wireless etc so they arent going to run one themselves. Secondly.... keyloggers are years out of date whilst they might catch the odd person in the form of malware any serious computer criminal is going to check for them everytime and most likely have some form of recording device looking at their own machine to spot anyone tampering not to mention the countless other counter intrusion methods.

    "Social engineering always seems to be the easiest," Krause said. - Yep clearly not hackers like anon or lulz, or serious cyber criminals but probably joe public without a clue about coomputers and not capable of pulling off cyber crime.
  • Indeed it's gonna be people not knowing too much about computers that will get caugh downloading illegal porn or whatever, but after doing an investigation they will find that a hacker has downloaded all that from that not too protected WI-FI. They will punish that person not knowing about computers cause he did not protect it's WI-FI, and the hacker will be free in the jungle...
  • The serious hackers (the ones out to get your money) are located mostly in countries that have no such rules or police checking them. They operate illegal proxy servers on unsuspecting companies servers using illegal IP addresses and more. They are expert at covering their tracks. They tend to use proxys they have taken over that are located in Germany for instance, were the laws on data protection prevent even the police from tracking IP addresses and emails without obtaining a court order. I know, I was a victim of such hacking and I was an IT Analyst as well! Pity anyone who does not know what to expect. The culprits were never caught by the way but I did get my money back via Visa's refund policy. I had to get a new credit card and Paypal account. Police here really have no idea how clever and how bad these people are. For a start if you are hacked you have a job getting any Police to believe you. The German police were great, the local police were not.
  • The Creature. Signifies the usual people for breaking in and keylogger criminal punishment, but state all possible?