Confidential reports to aid cybercrime crackdown

With companies failing to report IT attacks, no statistics exist to prove the extent of the cybercrime problem
Written by Wendy McAuliffe, Contributor

The head of Britain's National High-Tech Crime Unit (NHTCU) is calling for a confidential channel for UK businesses to report cybercrime attacks.

Speaking at a global law enforcement conference in Edinburgh on Wednesday, detective chief superintendent Len Hynds admitted that the true scale of Internet crime in Britain is unknown. The culture of secrecy surrounding cybercrime means that many attacks go unreported, with businesses being unwilling to risk publicity for commercial reasons.

"Understanding the level of the problem is crucial for developing polices and legal responses to cybercrime", said Yaman Akdeniz, director of Cyber-Rights & Cyber-Liberties. "We need reliable statistics to back up calls for greater powers and resources."

The NHTCU was launched in April to combat the rising levels of crime on the Internet. Its remit is centred around investigations of serious or organised crime using IT, such as hacking and fraud. In its first year, the Unit has pledged to actively investigate the scale of IT-based criminality in Britain, and assess the nature and extent of the problem and so gauge the impact of their strategy.

"No statistics currently exist, and we can't do this overnight," said a spokesperson at the National Crime Squad (NCS). "But we still want people to report cybercrime attacks with a view to prosecution."

The Computer Misuse Act 1990 made it possible for companies to file reports of traditional cybercrime attacks such as hacking and viruses, but few businesses have chosen to take advantage of this legal provision.

Thomas Raschke, programme manager for European Internet security at analyst firm IDC, believes that small and medium sized businesses are the main culprits for failing to report Internet crimes. "They don't have the IT resources to make these reports, and often don't even have security policies in place," he said. Akdeniz also pointed out that larger companies are often concerned about receiving bad publicity for their system being hacked into, or customer data being stolen.

Hynds told the conference that a confidential channel for reporting computer crimes would serve to establish "an environment where industry, government and law enforcement work together".

See also: ZDNet UK's Net Crime News Section.

Is your PC safe? Find out in ZDNet UK's Viruses and Hacking News Section.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.

Editorial standards