Interview with National Cyber Crime Unit, Deputy Director, Andy Archibald in 2014
Andy Archibald, Deputy Director of the National Cyber Crime Unit (NCCU) at the National Crime Agency (NCA) [at time of writing in 2014], provided some key insights into the approach that UK law enforcement is taking in response to cyber crime and the resulting implications for business.
The NCA, operational for nearly a year, brought together existing units from SOCA (Serious Organised Crime Agency) and other key law enforcement units. It leads work across five main streams, covering not only cyber crime, but including economic crime and child sexual exploitation.
Role of the NCCU
Taking the national lead for cyber crime, the NCCU was formed from the Met Police Central e-Crime Unit and SOCA Cyber. It has both an investigative role for the most serious incidents of cyber crime and prioritises the prevention of cyber enabled crime.
Andy told us, “Where criminals are arrestable, we will take action. But arrests alone can’t solve the problem. We have at our disposal a whole range of methods and tools to disrupt, displace and dismantle organised criminal groups and individuals.” He continued, “Helping the public to protect themselves and preventing individuals from becoming involved in crime are also critical to cutting cyber crime.”
In June, action was taken by the NCA to combat the threat from two forms of malware known as GOZeuS and CryptoLocker. In a well-publicised campaign, they asked the public and businesses to make a concerted effort over a 2-week period to ensure security software was installed and updated, by running scans and checking that computer operating systems and applications were up to date. Andy says, “We are pleased with the increased public awareness of the GoZeuS and CryptoLocker malware, and we will continue working with partners to tackle their threat.”
Partnerships with industry are seen as crucial to combating cyber crime; “industry partners have access to data, knowledge, capabilities and to customers, which are all important for stopping cyber criminals and protecting the public. We also greatly value our relationships across government and with academia, where there is critical access to skills and research.”
Cyber crimes are inevitably international, as the internet cuts across state boundaries, so international partnerships are essential. Andy told us, “by working with international law enforcement partners more closely than ever before, we are able to deliver a more effective response to cyber crime impacting on the UK”.
Recently the internationally-coordinated response to ‘Blackshades’ showed the effectiveness of working together. This pernicious software enabled users to remotely seize control of another computer, turn on web cam, steal passwords and personal information. “The coordinated activity by law enforcement agencies in the UK, Europe, Asia, the US and Australia resulted in the arrest of over 100 people.”
Key threats of cyber crime
It has been widely accepted that organised crime is taking advantage of the opportunities offered by the Internet with cyber-enabled crime of up to £292 million annually. No one is immune, with criminal groups targetting individuals, small businesses and large corporate networks.
Andy highlighted the five key threats to business. “Malware distribution and development; network intrusion; disruption of access to systems (including Denial of Service attacks); cyber crime ‘as a service’; and the enablers of cyber crime, such as hosting services and virtual currencies”.
What these mean to business is that criminals are practising and developing methods to either cause you or your business financial loss, reputational damage, significant distress and, in some cases, risk to life or security.
To gain a better understanding of the technicalities, you can check out the sites Get Safe Online and Cyber Streetwise, “these provide excellent advice, guidance and tools to help internet users understand more about malware, security threats, and how to protect themselves”.
Priorities for protecting yourself
For those of us who are less computer savvy, we asked Andy to sum up the three priorities for businesses to protect themselves from cyber crime:
“Firstly, basic cyber security hygiene – follow Get Safe Online / CyberStreetwise advice, for example installing and updating operating systems and software, anti-virus and firewall and avoiding unfamiliar links. “Secondly, raise awareness amongst staff – training and policies must be in place for all staff. Your systems are only as strong as the people who use them.
“Thirdly, prepare for worst-case scenarios – back up data, encrypt sensitive information and have contingency plans in place.”
We finished by asking Andy what the future holds for NCCU. “We will undoubtedly be forging ever closer relationships with partners. We will seek to put partnerships – such as with international law enforcement agencies and with industry – at the heart of the response, such as through developing international coalitions which work together day to day to target major global threats.
“We are also keen to continuously develop our technical skills to ensure we can exploit opportunities and recognise the risks of new technologies, and continue to keep pace, and ideally out-pace, cyber criminals. To those ends, we will shortly be advertising for a small number of individuals to join us and carry out vital technical roles at the heart of the NCCU.”