Other Other publications
The future of netcrime now
These reports together outline the threats that computers and the internet pose, and what can be done to reduce them. The first part identifies emerging criminal and malicious behaviour relating to the misuse of computers and the internet. The second part offers recommendations to counter these threats - for law enforcement officers, for organisations, and for individuals.
Title: The future of netcrime now: Part 1 - Threats and challenges & Part 2 - Responses
Author: Sheridan Morris
Series: Home Office Online Report 62/04 & 63/04
Number of pages: 53 (part 1) & 51 (part 2)
Date published: December 2004
Availability: Download Part 1 - Threats & Challenges 
PDF 540Kb, Download Part 2 - Responses PDF 438Kb
Part 1 - Threats & challenges
Criminal threats
The criminal threats identified were diverse, varying from high profile, current concerns such as hacking and fraud to lesser known problems regarding espionage, money laundering and the emergence of grey and illegal online markets of restricted goods. The top three concerns were
online paedophile activity (e.g. online grooming, pay-per-view websites of illegal images, sharing of images by offenders using peer-to-peer applications),
fraud (e.g. theft of personal organisers containing sensitive personal information to execute fraudulent online transactions, identity theft against e-government services)
espionage (corporate, criminal and political spies, using techniques as diverse as social engineering and complex software).
Technology challenges
Technology challenges were as wide-ranging as criminal threats. The free availability of secure communications (like encrypted email) was seen as the greatest threat to law enforcement. Peer-to-peer or file sharing applications was considered the technology most widely used to facilitate crime. Applications vary from those commonly used for the illegal downloading of music and video (e.g. Kazaa), to more specialised applications built for security and anonymity, which can facilitate secure criminal communications. They also represent a security threat to law-abiding users, as do wireless networks that are currently being used in both public and private environments. One of the biggest concerns reflected the use, or abuse, of the World Wide Web via individual websites. Websites themselves can represent a direct threat to users if they are designed to falsely capture sensitive personal information for fraudulent purposes. For example, using spoofed on-line bank facilities to capture user's passwords, known as phishing.
Conclusions
This report describes new forms of old crimes (such as fraud) as well as an increasing threat from new crimes such as viruses and computer hacking. Common themes are
information and communication technology can be misused in ways that were not foreseen by the providers.
the convergence of technologies has compounded the opportunities for criminal and malicious behaviour in unforeseeable ways, and will continue to do so. For example would the use of peer-to-peer based music piracy have become so common without the use of broadband connections in homes?
The report concludes that there is no single solution to such threats, but proposes a number of measures in the accompanying publication, "The future of netcrime now: Part 2 – responses".
Getting a copy
Download The Future of Netcrime Now: Part 1 - Threats & Challenges PDF 540Kb
Part 2 - Responses
Tackling much netcrime involves established concepts: build it secure, educate users to operate it secure, and where appropriate, encourage high risk users to invest in matching preventive measures. This simple message, aimed largely at manufacturers and service providers, has been applied to many offline crimes with good effect (e.g. vehicle crime).
Moving from the target to the offender, measures to remove or restrict the resources at their disposal can be taken, again an established practice. Both sets of intervention will help increase the effort required by the criminals in going about much of their offending.
Moving to law-enforcement techniques - Informed investigation management, coupled with improved forensic capability, will require offenders to:
increase the sophistication of their offending (hacking a network is one thing, covering your tracks so no one knows it has been hacked, or how, is a lot more difficult)
increase their forensic awareness to avoid investigation detection (hackers or holders of illegal content will have to be more sophisticated in how they 'clean' their computers to remove incriminating evidence).
National, and international, cross-sector forums can make it easier to share information to assist all parties to harden systems, detect incidents and track offenders. Similarly, private sector law enforcement can help by providing specialist knowledge, and technical and human resources.
A number of recommendations focus on the continual need for adequate training and resourcing of officers in this area. At the local level these need to be provided in a strategic framework to ensure good and consistent operations between forces and other agencies. Policing may warrant the use of techniques deployed in serious crime cases, as netcrime investigation moves into a more mainstream role. Resources for the development, delivery and uptake of training and staffing is an issue for the Home Office, NSLEC, and ultimately, local forces.
Other non-law enforcement-oriented measures to increase the risk to offenders include the detailed and long term holding of online transaction records for e-government services (so as to maintain evidence), natural surveillance and incident reporting by users of various online services such as chat rooms. The former will assist post-offence investigations, whilst the latter measure will increase the chances of immediate intervention if criminal or malicious behaviour is occurring.
Incidents will continue to succeed and should be planned for. Where defensive network hardening measures are overcome, then continuity plans are essential to re-establish online service provision, whatever its role. As well as minimising the impact on service users, the display of such resilience will help reduce the pay-off for offenders, and may serve to deter further attacks once their reduced impact has been demonstrated. Finally, the report proposes a number of broad impact measures to assist a number of those already cited. Users need to change their behaviour in a number of ways - adopt secure, but also legal, practice. Many security features are not used due to lack of user awareness, and perhaps the complexity of these features. The government may directly contribute to hardening the outer perimeter of its own e-government services through the distribution of basic security measures to registered users. Organisations need also to increase their efforts to secure themselves against netcrime in all its forms. The government may contribute to this by promoting the BS7799 (now also known as ISO 17799) standard to appropriate categories of IT users.
The overlap and interaction between these recommendations should not be missed. For example, to increase the security of its e-government online services (increasing the effort through target hardening), government agencies may demand that registered users have minimum safeguards such as up-to-date anti-virus protection and an active firewall (removing excuses through rule setting). However, to ensure such requirements do not become a barrier to the use of online government services, agencies may provide such defensive measures (removing excuses through facilitating compliance). Similarly an increased priority to security measures by an organisation (increasing the effort through target hardening) will require the establishment and implementation of a security policy (removing excuses through rule setting), which should lead to increased organisational user security awareness (increasing the effort through target hardening). Such plans should normally also include a consideration of continuity planning (reducing the reward through denying benefits).
Getting a copy
Download The Future of Netcrime Now: Part 2 - Responses PDF 438Kb
Last update: Friday, September 05, 2008