[ISN] UK needs cyber-crime reporting body

From: InfoSec News (alerts@private)
Date: Fri Jul 20 2007 - 01:07:40 PDT


By Gemma Simpson
19 July 2007

The UK needs a reporting body to deal with e-crime occurrences, 
according to a group of senior IT chiefs.

Companies which have fallen foul of e-crime attacks must report any 
incidents to the local police, who may not always understand what - for 
example - a DDoS or phishing attack is.

David Roberts, chief executive of Tif, the Corporate IT Forum, told 
silicon.com there is a need for an organisation that businesses can talk 
to: "At the moment, there isn't anywhere a large or small corporate can 
go to find somebody who can understand the [e-crime] issue and has the 
authority to do something about it."

Roberts said there is not even a body that can bring together 
organisations that are under threat or experiencing regular threats and 
coordinate efforts to identify and resolve e-crime incidents.

Without an e-crime body matters will just get worse, according to 
Roberts, who said: "The large corporates will just have to continue to 
put in ever stronger defences and be subjected to more frequent 
electronic attacks."

The UK did previously have such an e-crime body, the National Hi-Tech 
Crime Unit (NHCTU). But last year the NHCTU was rolled into the Serious 
and Organised Crime Agency (SOCA).

Roberts added the UK needs the return of the NHTCU, or a similar 
organisation that understands e-crime, has an international remit and 
has the authority to do something about electronic crimes.

SOCA said the NHTCU has become the core of the e-crime unit of SOCA, 
with an expanded remit and greater resources. A SOCA spokesman told 
silicon.com: "The reporting structure has not changed. In exactly the 
same way as happened under the NHTCU, a business that has fallen victim 
to an e-crime should report the matter to the police."

The SOCA spokesman added: "SOCA e-crime has taken the private sector 
relations built by the NHTCU and developed them into a core part of its 
strategy. We liaise closely with business communities on a sector by 
sector basis, and will be seeking to increase both the extent and depth 
of this relationship, as well as joining up the work of key contacts 
from the world of law enforcement, both nationally and internationally."

Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com

This archive was generated by hypermail 2.1.3 : Fri Jul 20 2007 - 01:24:21 PDT