The National Crime Agency (NCA) has published its Cyber Crime Assessment 2016, with the 16-page report outlining the immediate threat to UK businesses from cyber crime. This is the first cyber crime assessment produced jointly by the NCA and industry partners.
The NCA reports that the accelerating pace of technology and criminal cyber capability currently outpaces the UK’s collective response to cyber crime, and calls for stronger collaborative working between Government, law enforcement and, crucially, business to reduce vulnerabilities and prevent crime.
The assessment shows that cyber crime activity is growing fast and evolving, with the threats from Distributed Denial of Service (DDoS) and ransomware attacks increasing significantly in 2015.
The NCA assesses that the most advanced and serious cyber crime threat to the UK is the direct or indirect result of a few hundred international cyber criminals who target UK businesses to commit highly profitable, malware-facilitated fraud.
Data breaches are the most common cyber crimes committed against businesses, with the NCA estimating that cyber crime costs the UK economy billions of pounds every year.
Under-reporting continues to obscure the full impact of cyber crime in the UK. This shortfall in reporting hampers the ability of law enforcement to understand the operating methods of cyber criminals and respond most effectively to the threat.
The NCA is urging businesses to view cyber crime not only as a technical issue, but as a Board-level responsibility, and to make use of the reporting paths available to them, sharing intelligence with law enforcement and each other.
The NCA’s National Cyber Crime Unit leads the UK’s response to cyber crime, working in partnership with police forces, Regional Organised Crime Units and international law enforcement partners to share intelligence and identify and disrupt the most significant cyber criminals worldwide.
Jamie Saunders, director of the NCA’s National Cyber Crime Unit, commented: “This is the first time the NCA has released a joint assessment with industry on cyber crime. It’s a good example of the collaborative approach between business, law enforcement and Government that we need to cultivate and strengthen if we are to succeed.”
Saunders added: “I hope that senior members of UK business, and not only those involved in the protection of their IT systems, take note of this assessment’s contents and think seriously about ways in which they can improve their defences and help law enforcement in the fight against cyber crime.”
The Government will soon be publishing its new National Cyber Security Strategy, setting out plans to invest £1.9 billion in cyber security over the next five years to protect the UK in cyber space. There will be significant detail around the strategic approach towards tackling cyber crime.
Financial crime is becoming cyber crime
Paul Taylor, partner and UK head of KPMG’s cyber security practice, has commented on the NCA’s Cyber Crime Assessment 2016.
“The NCA assessment makes it clear that, as our digital economy grows, financial crime is increasingly becoming cyber crime,” asserted Taylor. “Official reporting and statistics are often only the tip of a cyber iceberg of unreported fraud and extortion.”
He added: “Collectively, we all need to be more open and transparent in the reporting of cyber crime, recognising that all of us face similar threats from ruthless, innovative and transnational criminal entrepreneurs.”
According to Taylor, a new partnership is needed between Government and industry to disrupt the business models used by criminals. “Both BT and KPMG are committed to playing our part in helping the National Cyber Security Centre and the NCA succeed in this shared goal.”
Findings from the recent joint BT-KPMG report include the fact that 89% of IT decision-makers expressed concern about an assault by organised crime consortia, while 22% stated they were fully prepared to combat security breaches perpetuated by cyber crime.