You can’t have missed the cyber crime theme dominating the news headlines in the past few weeks. Triggered by the TalkTalk scandal, in which an estimated 150,000 customers accounts were compromised, it feels like an influx of stories surrounding some of the biggest names in the consumer realm have come to the surface. Not only that, but cyber crime in its many different guises is at the fore of both businesses and consumers alike. But is it as ‘recent’ as we might think? eConnect secured some time with Mark Godsland, Force Safer Cyber Advisor of Gloucestershire Constabulary. Mark has previously spoken to great acclaim at the Total Security Summit, engaging audiences with his in depth knowledge and sharing his expertise in what is very much the ‘modern day crime’.
What are your thoughts on the recent influx of high profile incidents and how has this affected the work you do in your department?
“The TalkTalk incident of the 22nd of October 2015, despite so many past national and international data breaches, such as Target, Sony, JP Morgan and latterly Carphone Warehouse, has really focused the mind of both the wider public and of course the media. The issue of data breaches and other cyber related criminal activity is nothing new – the UK Government back in November 2011 published ‘The UK Cyber Security Strategy Protecting and promoting the UK in a digital world’ and since then there have been various iterations and additions.
“What has probably grasped people’s attention was that TalkTalk is a leading media provider in the UK, with a customer base of 4.2 million and as such there were for some time a lot of worried customers perceiving that their personal information and account details had been leaked and consequently compromised. Everyone needs to take urgent stock of this latest event and whilst it won’t be the last – we all as individuals and those who store personal data must take individual responsibility for our own security. Business must do the same – this message must come from the top down and not fall as a designated IT responsibility.
“In Gloucestershire, we are continuing on the strong foundations laid in 2014 in further building and developing our capability to proactively investigate and pursue offenders. Nevertheless we started early to investigate this type of crime in conjunction with our Regional Cyber Crime unit colleagues.
“The TalkTalk incident did not affect us per se; however we did pass on the given advice to all of our distribution groups and contacts to ensure as many people could receive the advice and required remedial action.”
Define the term cybercrime with regards specifically to business. What sort of width and breadth of incidents can it entail?
“The Home Office, NCA Strategic Governance Group and the Serious Organised Crime Strategy and now ACPO use a three-fold categorisation dividing cyber-crime into:
- Pure online crimes where a digital system is the target as well as the means of attack. These include attacks on computer systems to disrupt IT infrastructure, exfiltration of data, compromise the integrity of data or make data unavailable.
- Existing crime that have been transformed in scale or form by their use of the internet. The growth of the internet has allowed these crimes to be carried out on an industrial scale; and
3.Use of the internet to facilitate drug dealing, people smuggling and other traditional crime types.”
What would be your main message to business owners- what sort of measures should they consider putting in place to protect their business?
“The size of the business will determine the requirement for action verses risk and mitigation, whilst developing a ‘credible’ plan in place to work off if a given cyber incident, or indeed a disaster of any type occurs.
“In Gloucestershire, we would say that for the small and medium business should be looking at applying processes regarding the process of ‘policy’, ‘patching’, ‘personal’ and ‘passwords’. Larger businesses should be looking towards Cyber Essentials, or Essentials +, or ISO 27001.
“In any event – all businesses are vulnerable, so do something. Test it, fix it, monitor it and train your staff and finally don’t become complacent or believe it won’t happen to you, because it will and may well have already occurred.”
The natural assumption is that those in the security industry may be a bit more ‘savvy’ when it comes to this sort of crime. What is the reality in terms of who can be a prime suspect for criminals?
“Cyber crime can be committed by the single ‘script kiddie’ sat in a room wishing to prove a point, to an ‘opportunist individual with limited technical ability with a disruptive aim. From there we move to the ‘hacktivist’ wishing to bring down a company/web site, to the ‘serious organised crime group’, operating from anywhere in the world to make money. At the top end we have a ‘state sponsored’ attack and finally the ‘insider threat’ aspect, possibly from a disgruntled current or former employee.
“But let’s not forget that the human condition is a key player in all of any educative and policy drive to reduce the opportunity for cyber related incidents from occurring. ‘Not thinking and clicking’ will inevitably result in a chain of events that could have been prevented.”
How can ‘physical’ crime compare to the theft of data or information? Do you find this type of attack is more targeted or opportunistic?
“We only have to look as far back as the 15th of October 2015, when the most recent crime figures based on the British Crime Survey were released.
Commissioner Adrian Leppard Commissioner of the City of London Police noted that fraud and cyber-crime are the ‘most prevalent’ committed against victims in England and Wales. Fraud and cyber-crime affects every community in the country and does not discriminate by social status or geographical location.
Developing police response, but also educating the public is crucially important.
It is vital that we work closely with industry to help protect society. A large proportion of cyber attacks can be prevented by changing our behaviour online and taking simple steps to keep computers and indeed all digital media devices secure.”
How ‘new’ or ‘now’ is the issue of cybercrime or is it part of a wider context?
“Despite the comments above, not new at all. The first instances of cyber crime occurred decades ago – small in number initially but like bacteria, unchecked and ignored, has grown. Technological developments means offenders have become savvy to its inherent weaknesses.”
Explain your day-to-day operations and wider force objective – how has your focus changed over recent years in the field of cyber crimes and online security?
“The Constabulary has been following our strategic plan since the end of 2014 to increase our capability to proactively prepare, prevent, protect and pursue the variety of incidents and scenarios that are now made possible by the rapid development of digital technologies, which have enabled the levels of cyber crime that are now being highlighted almost as a daily occurrence.
“Our digital capability unit is continually evolving, and so will active investigations, the pursuance of the offender whilst utilising all legal and appropriate means at our disposal. The aim is to ensure that all of our staff and systems are set to deal with cyber related offences as part of daily business. Daily we collaborate with colleagues on a regional and national level to share information. We host as well as attend events which regularly engage us with the local community to help share the message and remain accessible as a point of information and assistance.”
Your team at Gloucestershire Constabulary are dedicated entirely to cyber security and leading the way in cyber safety. How is the national picture police-wise following suit?
“In the short term other Forces will continue in a similar way as to ourselves training all front line staff and teams of investigators and will continue to apply regular up skilling to ensure we approach these incidents as best we can.
“Their respective digital capabilities will continue to accelerate and grow to further investigate more serious offences. There is a clear structure here of Constabularies engaging with the Regional Cyber Crime Units, who in turn work in partnership with the UK National Crime Agency and they in turn with their respective European and Global law enforcement colleagues via Euro Pol and Inter Pol.
“Cyber crime is an issue we all have to face up to. It is a key priority within the UK’s Strategic Policing Requirement (SPR) which means every police force, large or small, has to make a contribution. The Constabulary has now launched an unique and first of its kind ‘Safer Cyber Forum’ (https://www.safercybergloucestershire.uk/) and we will welcome the ongoing and growing engagement and support of the business community to help protect each other as we go forward.”
What top tips would you give to anyone in business regarding their online safety and security?
“When prompted, or set up systems to run any operating system updates – missing once can be fatal they can fix many commonly used opportunistic attacks. This applies to desktop computers as well as tablets and mobile devices. Consider too having a policy in place that states the course of action in the event of a data breach. Insurance is invaluable. Invest time in not only training your staff for best practice in the workplace but in their personal lives too, especially when you consider the amount of company emails accessed by a mobile device.
“Change all default passwords as a rule and make them as secure as you can, and make sure it is changed regularly. This applies to routers, computers, phones – all internet enabled devices.”
Interested in finding out more?
Use the following resources for further information:
Gloucestershire Constabulary: https://www.gloucestershire.police.uk/staying-safe
Gloucestershire Safer Cyber Forum: https://www.safercybergloucestershire.uk
National Cyber Skills Centre: http://www.cyberskillscentre.com
Get Safe Online: https://www.getsafeonline.org/business
Action Fraud: http://www.actionfraud.police.uk/