A talking shop on e-crime
An all-party parliamentary committee of eleven MPs has concluded, after ten months of hearings involving police officers, academics, banks, big businesses and ISPs, that the UK is a number one target for cybercriminals and that we are losing the war on E-crime.
Does the turgid report produced by this committee come up with anything new, or is it a typical political mix of posturing and propaganda? I'm afraid I'm veering towards the latter. Whilst the report makes some good points, it is a rambling collection of notes, written and presented in a way that makes it inaccessible to all but the most determined reader. However, the summary and recommendations is just about digestible:
A good point it makes is that distinctions between regular crime and e-crime are sometimes puzzling, and that cyber criminals, when successfully prosecuted, often receive very much lighter sentences that they would had they robbed a bank of the same amount of money by safecracking. It calls on the DPP to review its sentencing guidelines.
An equally good point is that "the majority of cyber crime could be prevented by better awareness by the user". If you want to protect yourself, your family and your business from cybercrime, the most cost effective way of doing so is ongoing education. As children we are taught by parents to lock doors when we leave the house and to be suspicious of strangers asking questions, but along came the internet and many people have jumped in with childlike naivety.
We owe it to ourselves to be better informed about the risks of going online, but that is only one half of the equation. Each day I receive dozens of emails which blatantly try to scam me out of money and steal my bank account details, and I'm sure most of you do too. Each day we block hundreds of attempts from far-flung corners of the globe to access your website's admin areas, and block probes looking for unpatched flaws in the operating system. Those are attempted crimes against us. If we suffered that many attempted crimes in the real world each day we would be clamouring for police to make the streets safe.
Far too much of the report seems to focus on the need for people to protect themselves. For instance, the report suggests that service providers should issue new users with a short explanation of how to keep data secure as part of the sign-up process but that just sounds like bureaucratic buck passing. I can imagine that as well as having to tick the box which says "I've read and agree to the 38 pages of Terms and Conditions small print", people will also have to tick a box which says they've read and understood an equally incomprehensible presentation about security, and absolve the service providers of any liability. Nothing will change for the end user.
However, another of the report's conclusions which may ultimately address this issue is that "Improving the way in which e-crime is reported and recorded is key to improving Parliament's and the public's understanding of it" and goes on to say "We recommend that the Government commission a working group of experts, drawing on existing good practice already developed by academia and industry, to produce annual figures which show the incidence of e-crime and any observable trends." In the short term that is proposing yet another political talking shop, but in the long term, provided it connects with the e-crime directed at the man in the street and not just the high-profile attacks against big business, it could help us with better policing and more expectation of defence at a national community level, instead of putting the onus on every individual.
28th August 2013
This article comes from the SKILLZONE email newsletter, published monthly since January 2008, and covering topics related to technology and the internet. All articles and artwork in the SKILLZONE newsletter are orignal content.