by Katherine Hibbert
Okay, so nobody has actually said that e-crime is a victimless
crime, but recent changes in the way that online crimes are recorded and followed up seems to suggest just that. Before we go any further, consider the following question; if your car was stolen would
you be content to just report it to your local mechanic? Don't even dignify that question with an answer. It's an absurd suggestion to make, or is it?
After all, on the 1st of April this year the onus for recording and reporting online fraud fell on the private sector or, more specifically, the banks. On the face of it this was not such a bad idea as there was a lot of bureaucracy associated with the reporting of e-crime, particularly since the absorption of the NHTCU (National Hi Tech Crime Unit) with SOCA (Serious Organised Crime Agency). The fact that the business community, and public, need a single point of contact for reporting the real and growing menace of e-crime is indisputable, but are banks really the answer?
To be fair, it's too early to tell. But businesses, particularly SMEs (which account for over 99% of the companies in the UK), will be anxious to see that progress is being made. Organisations will want to know that, when reporting e-crime to their bank, it will be followed with relevant intelligence being fed back to raise awareness of how to maintain security in the future and, ideally, that any resulting investigations bear fruit. It is not enough that the banks act as a sounding wall, they must also make sure that all e-crimes are escalated to the police so they can be processed, recorded and pursued accordingly. As Mary Poppins so fittingly put it, "well begun is half done".
Putting control in the hands of a private sector organisation, whose ultimate responsibility is to its stakeholders, and taking the police largely out of the loop could be construed as downgrading e-crime to little more than an 'e-Nuisance'. There is also the risk that, without clear parameters, banks could make up their own minds as to what constitutes an e-crime, which could skew crime statistics and even result in many e-crimes going unnoticed. The negative effect of this is that it sends a message to criminals that there are no consequences to their actions, and places the reclamation of financial loss above that of prosecution and prevention.
The fact that fraud is conducted online does not make it any less of a crime and police still need to play a pivotal role in the recording and investigation of e-crime. Just as the police need to adjust to the evolving physical or 'real-world' crimes, they must also commit to skilling-up and becoming more tech savvy to stay on top of the crimes conducted online. The police, as a body accountable to the public, are then in control of monitoring the growing threat that is symptomatic of the increasing uptake of ICT, and can begin to take remedial action.
For Wales, where 96% of businesses are at the smaller end of the SME
spectrum (sub 10 employees), business adoption of ICT is crucial to drive growth, development and help remove the barriers associated with competing effectively and delivering the highest levels of
customer service. Therein lies the rub. A mixture of genuine threats and a generous sprinkling of e-crime myths are making the task of encouraging SMEs to leverage the significant benefits of ICT
particularly arduous.
The uncertainty surrounding the seriousness with which banks will handle e-crime and the assumption that the police have washed their hands of the actions of cyber criminals, understandably throws up seemingly legitimate reasons for Welsh businesses not 'getting connected'. The healing salve that needs to be administered takes the form of an independent, external agency that will provide the over-arching structure and support to tackle e-crime, and its ill effects, head on.
Such an agency needs to move away from the prescriptive approach of allocating responsibility for e-crime reporting to one sector or industry. This echoes the sentiments expressed in the recent report from the Lords Science and Technology Committee where it was suggested that tackling the threat of e-crime needed to be a concerted and combined effort between all stakeholders involved in the provisioning, selling or uptake of technology. This includes manufacturers, service providers, businesses, and the public sector.
Wales has been proactive in addressing these issues through the establishment of the e-Crime Wales Unit. Being hailed by the Metropolitan police as a blueprint for the rollout of a national scheme, the e-Crime Wales Unit is a unique partnership between the four Welsh police forces, the Welsh Assembly Government and private sector organisations such as BT, KPMG, HSBC and the Federation of Small Businesses (FSB).
The Unit has been set up to provide a single point of reference for Welsh businesses looking for impartial advice on the most prevalent and emerging cyber threats, how these can be pre-empted and who can help in achieving this. The Unit will be encouraging anyone that has or may have been a victim of e-crime to notify the Unit of such crimes via the website which will be launched in January 2008. The statistics that such a centralised notification system will provide can then be used to provide quantifiable evidence for any necessary lobbying that may be needed to raise the standards of IT security.
An integral facet of the Unit's work is to work with the police to place specialised e-crime officers within each of the four Welsh police forces, all of whom will report to a central senior e-crime officer. This step will ensure that there are specialists within each police force that can handle and pursue e-crimes in the most efficient manner.
As a country dependent on its thriving SME community for its invaluable contribution to the economy, Wales needs to have the support structure in place to facilitate ongoing development and avert anything that may purposefully seek to diminish this potential. All eyes are on Wales and the e-Crime Unit as it strives to make the country's online world a safer place. With a committed task force in place Wales is laying a sound foundation for businesses to realise the benefits of ICT without the innate dangers or confusion about what to do in the event of encountering e-crime.
Useful links:
e-Crime Wales: www.ecrimewales.com
Send a comment about this article to editor@itwales.com.
Home, Services, Events, Features, Interviews, Profiles, Reviews, News, Resources, Press