Forces around the UK are jointly setting up regional units that will have the power to hack into suspect computers and deploy keylogging software and other malware
Police forces around the UK are setting up regional surveillance units that will use technical methods, such as computer hacking, to monitor suspects.
Police forces around the UK are setting up regional surveillance units that will use methods such as computer hacking to monitor suspects.Photo credit: AndrewHa/Flickr
The police in Derbyshire, Leicestershire, Lincolnshire, Northamptonshire and Nottinghamshire jointly began setting up a unit on 1 July, according to documents released within the past few days by the Lincolnshire Police Authority. While the documents lay out the basis of the collaboration, not all of the measures have been signed off yet, the Lincolnshire police told ZDNet UK on Tuesday.
The aim of the East Midlands Technical Surveillance Unit (EMTSU) is to provide "technical surveillance, covert hi-tech, covert forensics and covert method entry", according to the documents.
Surveillance techniques
Surveillance techniques used by police include remote hacking and placing keylogging software on computers, according to Jonathan Krause, a former analyst and civilian employee in the Metropolitan Police's child protection unit. Covert forensics involves performing forensic analysis of a suspect's PC or device without that person's knowledge.
"The police use extremely advanced techniques and capabilities," Krause told ZDNet UK.
In some investigations, police units sit outside premises in unmarked vans and intercept Wi-Fi traffic, according to the information security expert. WPA2 and other Wi-Fi encryption protocols are "fairly straightforward to crack", he added.
Sometimes police can enter a property or break in — they need a court order to do that — to go into a house and place a keylogger.
– Jonathan Krause
"Sometimes police can enter a property or break in — they need a court order to do that — to go into a house and place a keylogger," said Krause, who is now managing director of UK technology company Forensic Control.
Once officers have a suspect IP address, they can go to ISPs or to web email providers such as Google or Microsoft and request access to account information. Then they can check whether the suspect is using a fake username.
In addition, the police get into systems remotely using techniques more commonly associated with hacker groups such as LulzSec, according to Krause. Investigators have used network penetration techniques and malware, he said. "[Police] usually use one of the easier ways, just as LulzSec got into websites via unpatched servers," he added.
Surveillance units also fool suspects into downloading Trojan horses or other malware so that the police can monitor their systems. "Social engineering always seems to be the easiest," Krause said.
"Forces are forming these units as a response to the loss of funding," said an Acpo spokesman.
A similar project to the EMTSU, called the South East Covert Operations Unit, is being undertaken by Hampshire, Surrey, Sussex and Thames Valley police forces, said the Acpo spokesman, confirming a report in The Guardian.
The covert technical units are using surveillance techniques as part of the local police forces' investigations into serious crime, according to the Acpo spokesman. Those investigations are separate to those carried out by the Metropolitan Police Central eCrime Unit (PCeU), which focuses on looking into cybercrime and is currently carrying out an operation designed to track down members of LulzSec.
The PCeU has used covert techniques to monitor suspects and is participating in the East Midlands unit's forensics work, a source at the Met told ZDNet UK.
"All of our work involves covert [operations]," the PCeU source said. "Different parts of a national programme are going ahead."
Get the latest technology news and analysis, blogs and reviews
delivered directly to your inbox with ZDNet UK's
newsletters.
US
agencies
NSA,
FBI
and
CISA,
along
with
the
UK's
NCSC,
accuse
'Cozy
Bear'
Russian
APT
group
of
campaigns
against
SolarWinds.
Organisations
are
urged
to
patch
the
five
VPN
and
cloud
...
Want
to
avoid
having
your
online
accounts
hacked?
Enable
two-factor
authentication,
a
crucial
security
measure
that
requires
an
extra
step
when
signing
in
to
high-value
services.
...
The
government
has
responded
to
a
three
year-old
report
on
cyberbullying,
saying
many
of
the
requests
the
committee
made
were
included
in
the
country's
controversial
Online
Safety
...
If
you
want
an
easy-to-use
VPN
with
middle-of-the-road
everything,
ExpressVPN
might
be
for
you.
We
did
notice
one
concerning
issue,
but
otherwise,
it's
a
fine
VPN
service.
Just
fine.
...
From
remote
work
and
social
media
to
ergonomics
and
encryption,
TechRepublic
Premium,
ZDNet's
sibling
site,
has
dozens
of
ready-made,
downloadable
IT
policy
templates.
...
Join Discussion