150 likes | 297 Views
Staffordshire Police Cyber Crime ACC Nick Baker. Background. The UK is one of the most internet engaged countries in the world , users spend more time online than in any other European country. Mobile and social computing are growing faster than anything before in the
E N D
Staffordshire Police Cyber Crime ACC Nick Baker
Background • The UK is one of the most internet engaged countries in the world, users • spend more time online than in any other European country. • Mobile and social computing are growing faster than anything before in the • history of technology and in conjunction with the internet have brought about the • biggest social shift since the industrial revolution. • 86% of UK population have used the internet. • 33 million UK users (over 50% of the population) accessed the internet daily in • 2012. • 64% of UK mobile phone users own a smartphone capable of full internet access • 87% of adults aged 16-24 years used social networking sites in 2012. • 34 million Twitter users in the UK. • 53% of the UK population have a facebook account.
Cyber crime is a global threat not constrained by boundaries. • Nationally recognised as a Tier 1 threat. • Threats exist not only for individuals and businesses, but to national security and infrastructure. • Estimated national cost of cyber crime to the UK is £27 billion per year. • Cyber crimeis one of the fastest growing areas of crime within the UK. • Criminals exploit the speed, anonymity and convenience that modern technologies offer in order to commit a range of criminal activities. • These include child sexual exploitation, hacking networks to access sensitive data, distribution of malware, viruses, trojans and email scams, identity theft, online fraud, disposal of stolen goods via auction sites. Threat
Definition • There are two definitions in use at present: • ACPO: The use of networked computers or internet technology to commit or facilitate the commission of crime. • Home Office and National Cyber Crime Unit (NCCU): • Cyber dependent crimes • Cyber enabled crimes
Cyber dependent crimes are offences that can only be committed using a computer, computer networks or other form of information communication technology. These acts include: • Malware • Hacking • Viruses • Distributed Denial of Service attacks (DDoS) Cyber dependent crimes are primarily acts directed against computers or network Resources. Cyber Dependent Crime
Cyber Enabled Crime • Cyber enabled crimes are traditional crimes that are increased in scale or reach by the use of computers, computer networks or other information communication technology. • Cyber enabled crimes include : • Sexual offending against children (grooming, possession, creation and/or • distribution of sexual imagery) • Theft • Fraud • Harassment • Hate crime • Cyber enabled crimes can be committed both on and offline.
National Structure • In response to the level of risk posed by cyber crime, the Home Office have set up the Cyber Crime Reduction Partnership and National Cyber Crime Unit (NCCU) within the National Crime Agency (NCA) to tackle it. • The National Crime Agency has overall responsibility for : • Leading, supporting and coordinating the response to the most serious incidents of • cyber dependent crime. • Working with partners to deliver this response. • Leading investigations of the most serious incidents of cyber-dependent crime. • Driving the up-skilling of cyber investigation in law enforcement. • Leading law enforcement relationships with key partners to tackle cyber crime, • including industry, intelligence agencies and international partners.
Capacity is being built into ROCU where a dedicated Regional Cyber Crime Unit (RCCU) will be established. • RCCU’s will support NCA led investigations. • RCCU’s will also lead their own investigations/coordinate or support local investigations. • Appropriately trained staff. • Appropriate hardware as per recommended specification. • Appropriate information communication technology systems. Regional Structure
Cyber Crime in Staffordshire • As the Force develops a Cyber Crime Strategy it is necessary to consider how the Organisation can understand the scale and scope of all cyber-enabled crime and its impact upon our resources alongside identifying any gaps in policing this type of threat. • Scoping exercise proposed to achieve this. • Initial trawl of crimes (CMS2) & incidents (STORM) for 12 month period using keyword search to identify cyber crimes. • A manual audit review of 300 crimes & incidents from those identified to validate the results of the initial key word search. • Verified cyber enabled crimes to be reviewed in terms of the appropriateness of Police response.
Internet Investigation Project Project initiated to develop Force cyber capability to harness the opportunities the internet offers law enforcement and counter the threats it also poses. The aim of the project is : • Develop coherent internet investigation strategy. • Introduction of robust policy and governance to eliminate bad practice. • Clear organisational ownership of internet investigation. • Develop comprehensive training programme – upskilling of staff. • IT refined to make it fit for purpose – Covert Web. • Put the Force at the forefront nationally in terms of exploiting the internet as a source of intelligence / evidence & method of combating cyber crime. • To provide a high level of service to victims of crime.
Internet Investigation Training Bespoke training to ensure Staffordshire Police have the capability to provide an outstanding service to victims of cyber enabled crime. Training is delivered as follows : Level 1 – Overt activity – research of publicly accessible information (open source) that requires no anonymity ie Google searches. Level 2/3 – Basic covert – anonymity is required to undertake more in depth research of open source material involving registering details/creating profiles ie Facebook. Level 4/5 – More intrusive & covert levels of activity ie defeating access control on online accounts/profiles & online interaction with subjects. This requires a minimum of a trained Covert Internet Investigator (CII).
Open Source Capability • Pro-active/Covert Capability
Maintaining / Developing Skills & Expertise Acknowledge lack of technical expertise : • Fill skills gap – Partnerships with Academia. • Student placements? • Cyber volunteers/Specials? • College of Policing - Accredited cyber training. • Programme to up-skill staff. • IPLDP (Initial Police Learning and development Program). • Communication Department (OCD). • ICIDP (Initial Crime Investigators Investigation Program). • Yearly refresher for trained staff. • Continuous monitoring of learning and development.
Media strategy internal/external Regular updates on current threats/risks Promotion of Action Fraud Think you know (CEOPS) promoted within schools Engagement with UPS Prevention/Awareness