Pauline Neville-Jones: Beware the constant threat of cyber crime

WE all – and I do mean all of us in our private and public capacities – have a role to play in increasing our levels of security when we go online.
By The Newsroom
Published 7th Mar 2014, 06:00 GMT

But before the risk, what is the advantage? The growth of the internet, which is expanding by about 60 per cent a year, is transforming the economy and our daily lives.

The internet-related market is estimated currently to be worth £82bn a year while British businesses now earn £1 in every £5 via the internet. This is big business and getting bigger. It has to be secure for company to company transactions and company to customer dealings. And we are not going to go backwards and step off line, greatly increasing costs, in order to remain secure. So security has to come in ways that are compatible with efficiency and ease of operation.

Hide Ad
Hide Ad

So, what’s the risk? Ours is increasingly a knowledge economy. We can get back some of our manufacturing from places like China, but increasingly we depend on our services and on intellectual inventiveness and innovation.

In protecting that, much of which is going to be stored and communicated online, we are, in a very literal way, protecting the nation’s livelihood, wealth creation capability and future prosperity.

According to the director of GCHQ, the theft of intellectual assets is occurring on a scale he calls massive.

He describes cyberspace as contested day by day, hour by hour and minute by minute – indeed every second, attacks by thieves and spies designed to penetrate electronic networks are taking place to steal the money records or the intellectual property stored there.

Hide Ad
Hide Ad

Our information is not good enough to have precise figures for losses to the UK – one figure calculated was £27bn per annum which has been disputed as containing double counting. It may well not be right but we can be sure 
that the figure is big and makes a significant hole in current and future profits.

Hackers like Anonymous are in the game of disruption and denial of service by your provider so that your business or personal communications or transactions come to a full stop, data are lost or fall into unauthorised hands where they can be put to uses designed to damage the legitimate owner’s business. Data can remain on the network but be corrupted by hackers potentially destroying of the integrity of operations. Awareness on the part of the owner of what is happening is often low: straight theft, especially money theft, normally becomes apparent because a hole shows up in the P and L account. Eventually. But loss of intellectual property, which may comprise many years of costly research and development work and in which an organisation’s future business plans and profits often reside, can be lost by the simple device of copying.

So, unlike the stolen car, the loss of which is evident by its absence, the data are still there, but unbeknown to the legitimate owner, they are also being exploited by the rival who has the copy, who is then able to put the product on to the market sooner and at a lower price than the real owner because the costs and effort of development have been avoided. Some organisations never realise what has happened; others do so but far too late.

This crime is, of course, borderless and can be, and is, conducted from distant points many thousands of miles away from the target of penetration. Or in the building next door to you. Geography is irrelevant. It is sometimes directly run by governments. But much of it is run by individuals who make their living selling stolen data, often operating in syndicates and exchanging technique.

Hide Ad
Hide Ad

There is an underworld market where the latest bit of penetration software can be purchased by criminals. Upgrading the capability of the police to pursue such crime from what they would willingly admit was a low base is at last happening – the Government has invested some of the £860m in crime detection and prevention – enabling the police to track and uncover the links between crimes committed in the UK and syndicates operating abroad.

A single place for organisations and individuals to report such crimes, ActionFraud, also now exists. Interpol has a new facility in Singapore devoted to pursuing cyber crime which should in due course become an important agency in the cross border pursuit of cyber crime. But as things stand, the advantage politically and technologically undoubtedly lies with the attacker.

This is likely to remain the case for 
the foreseeable future, so the name of the game, has to be good defence. There is no such thing as perfect security but, just as physical crime has been reduced in the home and in relation to our vehicles through a combination of technology and greater care on the part of owners, so the same process of technological advance and attention to the detail of security needs to be applied by business in the online world.

Related topics:HackersChinaGovernmentInterpolAnonymous