A new report on e-crime put out by the UK’s Home Affairs Committee on Tuesday blames a “black hole” that’s letting thieves waltz off with big bucks filched from banks – all done often without law enforcement having been notified or having investigated.
Instead of getting off the couch to tell police to chase down the thieves, banks just reimburse customers, the report claims.
Individually, the frauds might well represent chump change, but high volume means they add up to tidy profits.
The report, the first of its kind from the committee, comes after a 10-month inquiry into e-crime.
Beyond bank fraud, the report also delved into the ready availability of child-abuse images, incitement to terrorism, and online crime how-tos.
The committee called for a host of overhauls necessary to start winning the war on e-crime – a battle that the country’s now losing, it said, and which the committee chair, Rt Hon Keith Vaz MP, said holds more danger than a nuclear attack:
"We are not winning the war on online criminal activity. We are being too complacent about these E-wars because the victims are hidden in cyberspace. The threat of a cyber attack to the UK is so serious it is marked as a higher threat than a nuclear attack."
Regarding bank fraud in particular, the committee wrote in the report that it’s seeing a “black hole” where e-crime is committed with impunity:
Online criminal activity which defrauds victims of money is often not reported to or investigated by law enforcement. Banks simply reimburse the victims with no pursuit of the perpetrators.
Criminals who commit a high volume of low-level fraud can still make “huge profits”, the committee said, which is why banks must be compelled to report all e-crime fraud to law enforcement.
TechWeekEurope points to experts who believe that the banks’ lax attitude toward low-level fraud stems from advice they received from the Association of Chief Police Officers (ACPO) in 2005.
At that time, the ACPO told victims of cyber fraud to report to their banks when defrauded, not to the police.
That’s made the UK the No. 1 target for online crime flowing from 25 countries, the committee says.
One of the report’s recommendations to fix the sorry situation is the establishment of a state-of-the-art espionage response centre:
At the moment the law enforcement response to e-criminals is fractured and half of it is not even being put into the new National Crime Agency.
Another problem is the country’s sentencing, which can be perversely light on e-criminals, the committee says:
We were surprised by the fact Anonymous hackers who cost PayPal over £3.5m were given sentences of 7 and 18 months and do not believe they would have received such sentences had they physically robbed a bank of £3.5 million.
The DPP [Director of Public Prosecutions] should review the sentencing guidance and ensure e-criminals receive the same sentences as if they had stolen that amount of money or data offline.
As far as child abuse and terrorism content goes, the committee praised Prime Minister David Cameron’s recent, tough take.
Last week, the Prime Minister gave a speech in which he announced new measures to protect children and challenged the internet’s tech giants to shape up and do their part.
The committee said hallelujah to that:
The tragic murders of April Jones and Tia Sharp have shown the terrible consequences of access to indecent images on the web.
Young people are increasingly radicalised online by the words of radical clerics such as Anwar al-Awlaki on YouTube or internet magazine Inspire. What starts on the web, ends up on the streets of Woolwich.
The Prime Minister was right this week to highlight the responsibility of the Internet Service Providers, search engines and social media sites.
They are far too laid back about what takes place on their watch and they need to do more to take inappropriate content down. If they do not act, the Government should legislate.
In a poll put up by Naked Security on just this issue, readers overwhelmingly said no, the government won't make the internet a warm, fuzzy place with its intended approaches to protecting children via network-level filtering of web content.
It sure seems like it can't make matters much worse, though, can it?
What do you think? Would a state-of-the-art espionage response centre do any good? How about mandatory reporting of bank fraud?
Let us know your thoughts in the comments section.Follow @NakedSecurity