National Cyber Crime Unit

Transcription

1 National Cyber Crime Unit Kevin Williams Partnership Engagement & National Cyber Capabilities Programme Official

2 Problem or opportunity

3 Office for National Statistics In 2013, 36 million adults (73%) in Great Britain accessed the Internet every day, 20 million more than in 2006, when directly comparable records began. Access to the Internet using a mobile phone more than doubled between 2010 and 2013, from 24% to 53%. In 2013, 72% of all adults bought goods or services online, up from 53% in In Great Britain, 21 million households (83%) had Internet access in Broadband Internet connections using fibre optic or cable were used by 42% of households, up from 30% in 2012 Release Date: 08 August 2013

4 National Security Strategy 2010 Tier One Threats The National Security Council judges that currently and for the next five years the four highest priority risks are those arising from: international terrorism, including through the use of chemical, biological, radiological or nuclear (CBRN) materials; and of terrorism related to Northern Ireland cyber attack, including by other states, and by organised crime and terrorists international military crises, and major accidents or natural hazards. Tier Two Threat - A significant increase in the level of organised crime affecting the UK

5 Slide 5 UK National Cyber Security Strategy

6

7 Challenges Understanding the language and the threat Legislation & regulation Multi-jurisdictional The speed of the internet Skills gap in policing The cost of training & kit Competing priorities The Snowdon effect

8 What is cyber crime? Serious and Organised Crime Strategy Cyber crime describes two distinct, but closely related, criminal activities: Cyber-dependent crimes can only be committed using computers, computer networks or other forms of information communication technology (ICT). They include the creation and spread of malware for financial gain, hacking to steal important personal or industry data and denial of service attacks to cause reputational damage. Cyber-enabled crimes (such as fraud, the purchasing of illegal drugs & child sexual exploitation) can be conducted on or offline, but online may take place at unprecedented scale and speed. Published 7 th October 2013

9 Action Fraud

10 NCA Vision Message from Keith Bristow Protecting the public: leading our fight against serious and organised crime Working with our partners will be critical to the success of the agency and it will be our combined efforts, working to protect the public, that will have a real impact. Lead, Support, Co-ordinate

11 2013 NORTON REPORT CYBERCRIME EXPERIENCES Protecting the Stuff that matters. Adults who have experienced cybercrime in their lifetime 58% 61% Adults who experienced cybercrime in the past 12 months 39% 41% Adults who have been victim of cybercrime and risky behaviors 45% 50% Number of victims in the past 12 months 12 m 378 m Percentage of males who have been victim of cybercrime in their lifetime 57% 64% Percentage millennials who have been victim of cybercrime in their lifetime 63% 66% 2013 NORTON REPORT CYBERCRIME EXPERIENCES UK GLOBALLY (24 countries) Protecting the Stuff that matters. CYBERCRIME COSTS Total cost of cybercrime in the past 12 months US$1 bn US$113 bn Average direct cost per cybercrime victim in the past 12 months US$101 US$298 CYBERCRIME GOES MOBILE BUT SECURITY IS LEFT BEHIND Smartphone users who have experienced mobile cybercrime in the past 12 months 25% 38% Smartphone users who have a basic free security software 22% 33% Tablet users who have a basic free security software 32% 42% Adults who have lost their mobile device or had it stolen 18% 27% Mobile device users who aren t aware that security solutions for mobile devices exist 54% 57% LINES BLURRED BETWEEN WORK AND PLAY Working adults who use their personal device for both work and play 32% 49% Working adults who access or send personal s through their 31% 49% Working adults who store personal info on their work device ** 14% 27% Working adults who access their social network through their work device ** 18% 34% Working adults who say their company has no policy on the use of personal devices for work * 32% 36% Parents who let their kids play, download and shop on work devices ** 26% 30% Adults who share work information with friends through online storage sites 8% 18% Adults who share work information with family through online storage sites 9% 21% Online file storage users who use the same online file storage account for both work and personal documents 19% 24% Adults who have experienced cybercrime in their lifetime 58% Adults who experienced cybercrime in the past 12 months 39% Adults who have been victim of cybercrime and risky behaviors 45% Number of victims in the past 12 months 12 m Percentage of males who have been victim of cybercrime in their lifetime 57% Percentage millennials who have been victim of cybercrime in their lifetime 63% CYBERCRIME COSTS Total cost of cybercrime in the past 12 months US$1 bn LOW MOBILE SECURITY IQ Smartphone users who delete suspicious s from people they don t know 44% 56% Smartphone users who avoid storing sensitive files online 35% 48% Average direct cost per cybercrime victim in the past 12 months US$101 RISKY BEHAVIOR ON SOCIAL MEDIA Social network users who do not log out after each session 48% 39% Social network users who share their social media passwords with others 32% 25% Social network users who connect with people they do not know 38% 31% CYBERCRIME GOES MOBILE BUT SECURITY IS LEFT BEHIND Smartphone users who have RISKY INFORMATION experienced SHARING HABITS mobile cybercrime in the past Online file storage users who think that online file storage is safe 65% 50% 12 months 25% Adults who use public or unsecured Wi-Fi 49% 59% Wi-Fi users who access or send personal s on public or unsecure Wi-Fi 41% 54% Wi-Fi users who use public or unsecure WI-FI to access their social networks 46% 56% Smartphone users who have Wi-Fi users a basic who use public free or unsecure security Wi-Fi to shop online software 28% 29% 22% Wi-Fi users who access their bank account on public or unsecure Wi-Fi 23% 29% Tablet users who have a basic free security software 32% *Among those who use the same device for work and play **Among those who use devices provided by their employer UK

12

13 POS

14

15 NCA Structure DG Keith Bristow DDG Phil Gormley CEOP Organised Crime Command Economic Crime Command Borders NCCU Intelligence Hub

16 NCCU National Lead for Cyber Crime NCCU Operations - Lead the law enforcement response to the highest level cyber crime threats: Malware Network intrusion hacking Operational Support - Support NCA Operations and law enforcement partners in their response to cyber-enabled crime. Technical experts Covert capabilities Problem solvers Strategy & Partnerships - Coordinate national and international efforts to tackle cyber crime: ROCU & local capabilities International investigations

17 National Cyber Crime Unit Capability to respond in fast time to rapidly changing threats and collaborates with partners to reduce cyber and cyber-enabled crime by: providing a powerful and highly visible investigative response to the most serious incidents of cyber crime: pursuing cyber criminals at a national and international level working proactively to target criminal vulnerabilities and prevent criminal opportunities assisting the NCA and wider law enforcement to prevent cyber-enabled crime and pursue those who utilise the internet or ICT for criminal means driving a step-change in the UK s overall capability to tackle cyber and cyber enabled crime, supporting partners in industry and law enforcement to better protect themselves against the threat from cyber crime Using the NCA's single intelligence picture, the NCCU works with partners to identify and understand the growing use of cyber as an enabler across all crime types. It can then determine the most effective ways of tackling the threat. It encourages the mainstreaming of cyber investigative capability across Law Enforcement for cyber and cyber-enabled crime.

18 Key threats to the UK The large scale harvesting of personal and business data to commit fraud (malicious software) The targeted compromise of UK networked systems to modify, delete or steal (i.e. ransomware) The targeted disruption of access to UK networked systems and services (Denial of Service) The increasing volume of cyber-dependent criminality, due to traditional crime groups utilising the as-aservice nature of the cyber crime marketplace (hacking as a service) The growing number of support services (cyber enablers) critical to cyber-dependent crime, which are facilitating the successful commission of other traditional crime types (money mules, bullet proof hosting, ToR)

19 CONTEST strategy 4 P s The NCA delivers this national response through the four pillars of: Pursue - prosecute and disrupt people engaged in serious and organised crime Prevent - prevent people from becoming involved in serious and organised crime Protect - increase protection against serious and organised crime Prepare - reduce the impact of serious and organised crime where it takes place

20 Government response

21 Small and Medium Enterprises

22 Get Safe Online

23 How to protect your business Multi Layer security systems invest in good security - defence in depth Have a cyber security strategy that is owned by the board and discussed regularly Awareness campaigns to inform and educate staff and customers free anti virus, phishing advice, two factor authentication, zoning Penetration testing - use controlled self generated attacks to reinforce learning Identify an individual to liaise with law enforcement and industry partners trust groups Protect your brand invest in intelligence, be allive to typo squatting and new/emerging threats Exercise business resilience plans regularly