UK to Put Higher Emphasis on Cybercrime Prevention

December 3, 2012

The UK is to develop a new emergency response unit to help give individuals and companies instant advice when their computer systems and networks come under sustained attack, according to an article from The Guardian.

The proposal is one of several announced by the Cabinet Office, now when the government says threats from cyberspace should be given tier-one priority. The Ministry of Defence is also planning to develop a “cyber reserve” of specialists from the private sector to give the military some backup, the article says.

However, cyber experts say the government is spending too much on developing sophisticated “top-end” cyber knowhow instead of informing the public about how to make their computers less vulnerable.

The following is an excerpt from The Guardian’s article:

In 2010, the coalition pledged £650m to develop new cyber systems over four years, but less than £400,000 is to be spent on the Get Safe Online project, which offers basic advice about computer security.

Iain Lobban, the director of the eavesdropping and electronic spy centre GCHQ, in Cheltenham, has said 80% of attacks could be thwarted if individuals took more care.

"You could take £1m out of the budget of GCHQ and they wouldn't notice," said Professor Peter Sommer. "That kind of money would have a transforming effect. While much of the government's work is well thought out, they still underestimate the extent to which some breaches are the fault of humans and not the result of external cyber criminals and spies.

"They also underplay the need to educate consumers and small businesses, both to protect themselves and to stop their machines being taken over as part of botnets, which then attack others. Out of the total cybersecurity budget, less the £400,000 goes to the main public information service, GetSafeOnline. That is less than 0.1%."

The Cabinet Office minister, Francis Maude, set out some of the government's plans in a written ministerial statement to mark the first anniversary of the national cyber security strategy.

He said progress was being made but quoted from a survey that suggested more than 93% of large corporations, and 76% of small firms had suffered a cyber security breach in the last year.

A national reporting centre for fraud and internet crime called Action Fraud had received 46,000 reports from the public in the last 12 months, he said.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.