Crooks are winning the 'cyber arms race', admit cops

Sophisticated international gangs are commiting "highly profitable" malware-powered frauds.
Written by Steve Ranger, Global News Director

The most advanced and serious cybercrime threat to the UK comes from a small group of sophisticated international crooks.

Image: iStockphoto

Police and businesses are losing the 'cyber arms race' with criminals who are getting increasingly sophisticated, the UK's National Crime Agency (NCA) has warned.

In its first Cyber Crime Assessment report, the agency warned: "The accelerating pace of technology and criminal cyber capability development currently outpaces the UK's collective response to cyber crime. This 'cyber arms race' is likely to be an enduring challenge."

The warning comes just days after another report, which said the idea of the lone-wolf hacker was outdated and preventing businesses from responding properly to online threats.

The most advanced and serious cybercrime threat to the UK comes from a small group of sophisticated international crooks, according to the NCA report.

It said a few hundred international cybercriminals -- operating in organized groups -- are targeting UK businesses to commit "highly profitable" malware-facilitated fraud. These cyberattacks include attacks directly targeting business systems, as well as attacks against individuals.

While the most serious threat comes from these international crime groups, the majority of cybercriminals have relatively low technical capability. However, their plots are made much easier by a growing online criminal marketplace, which provides easy access to sophisticated and bespoke tools and expertise, allowing these less-skilled cybercriminals to exploit a wide range of vulnerabilities.

Fighting back against the criminals would requires action from government, law enforcement, industry regulators, and most importantly, business leaders, it said.

The assessment shows that cybercrime activity is growing fast and evolving, with the threats from distributed denial of service (DDoS) and ransomware attacks increasing "significantly" in 2015, although data breaches are the most common cybercrimes committed against businesses.

The report warns that under-reporting of crime by businesses continues to obscure the full impact of cybercrime in the UK. "This shortfall in reporting hampers the ability of law enforcement to understand the operating methods of cyber criminals and most effectively respond to the threat," it warned.

Read more on cybersecurity

Editorial standards