Sophos Cloud Optix
A new report on e-crime put out by the UK’s Home Affairs Committee on Tuesday blames a “black hole” that’s letting thieves waltz off with big bucks filched from banks – all done often without law enforcement having been notified or having investigated.
Instead of getting off the couch to tell police to chase down the thieves, banks just reimburse customers, the report claims.
Individually, the frauds might well represent chump change, but high volume means they add up to tidy profits.
The report, the first of its kind from the committee, comes after a 10-month inquiry into e-crime.
Beyond bank fraud, the report also delved into the ready availability of child-abuse images, incitement to terrorism, and online crime how-tos.
The committee called for a host of overhauls necessary to start winning the war on e-crime – a battle that the country’s now losing, it said, and which the committee chair, Rt Hon Keith Vaz MP, said holds more danger than a nuclear attack:
"We are not winning the war on online criminal activity. We are being too complacent about these E-wars because the victims are hidden in cyberspace. The threat of a cyber attack to the UK is so serious it is marked as a higher threat than a nuclear attack."
Regarding bank fraud in particular, the committee wrote in the report that it’s seeing a “black hole” where e-crime is committed with impunity:
Online criminal activity which defrauds victims of money is often not reported to or investigated by law enforcement. Banks simply reimburse the victims with no pursuit of the perpetrators.
Criminals who commit a high volume of low-level fraud can still make “huge profits”, the committee said, which is why banks must be compelled to report all e-crime fraud to law enforcement.
Meanwhile, the country is forming the new National Cyber Crime Unit – a gambit to fix what TechWeekEurope describes as a “patchy” history of cyber policing across Britain.
TechWeekEurope points to experts who believe that the banks’ lax attitude toward low-level fraud stems from advice they received from the Association of Chief Police Officers (ACPO) in 2005.
At that time, the ACPO told victims of cyber fraud to report to their banks when defrauded, not to the police.
That’s made the UK the No. 1 target for online crime flowing from 25 countries, the committee says.
One of the report’s recommendations to fix the sorry situation is the establishment of a state-of-the-art espionage response centre:
At the moment the law enforcement response to e-criminals is fractured and half of it is not even being put into the new National Crime Agency.
Another problem is the country’s sentencing, which can be perversely light on e-criminals, the committee says:
We were surprised by the fact Anonymous hackers who cost PayPal over £3.5m were given sentences of 7 and 18 months and do not believe they would have received such sentences had they physically robbed a bank of £3.5 million.
The DPP [Director of Public Prosecutions] should review the sentencing guidance and ensure e-criminals receive the same sentences as if they had stolen that amount of money or data offline.
As far as child abuse and terrorism content goes, the committee praised Prime Minister David Cameron’s recent, tough take.
Last week, the Prime Minister gave a speech in which he announced new measures to protect children and challenged the internet’s tech giants to shape up and do their part.
The committee said hallelujah to that:
The tragic murders of April Jones and Tia Sharp have shown the terrible consequences of access to indecent images on the web.
Young people are increasingly radicalised online by the words of radical clerics such as Anwar al-Awlaki on YouTube or internet magazine Inspire. What starts on the web, ends up on the streets of Woolwich.
The Prime Minister was right this week to highlight the responsibility of the Internet Service Providers, search engines and social media sites.
They are far too laid back about what takes place on their watch and they need to do more to take inappropriate content down. If they do not act, the Government should legislate.
In a poll put up by Naked Security on just this issue, readers overwhelmingly said no, the government won't make the internet a warm, fuzzy place with its intended approaches to protecting children via network-level filtering of web content.
It sure seems like it can't make matters much worse, though, can it?
What do you think? Would a state-of-the-art espionage response centre do any good? How about mandatory reporting of bank fraud?
Let us know your thoughts in the comments section.
Image of online fraud and child online safety courtesy of Shutterstock.
Given governments normal lack of deep understanding of most issues, it is no real surprise that their response and suggestions scratch at the surface a little, but don't do much to address the route of the problem.
By this I primarily mean that the Government is right and something must be done, but the Police are already overstretched and can do little to track or prosecute these small value large volume fraudsters. What must be done as either the first or a very close secondary action is to start to deal with the cause of the issue, namely infected machines which steal data, send phishing emails or otherwise keep the dangers of the internet ever present. ISP's, Law Enforcement, Banks and users must all take much greater responsibility for and genuinely try to deal with the root cause, rather than the impact of fraud.
Banks current processes are not the cause, but they, with others, should be part of the solution.
ISPs are part of the problem, as are governments. As the article makes clear, laws already exist for dealing with fraud and other crimes offline. Why should the Internet be exempt from such laws? As Margaret Thatcher once said, "crime is crime is crime".
The Internet must not be an exception.
It is not true democracy to do or say what one wants online. It is not true freedom. It's anarchy. The sooner ISPs, governments and users realise and acknowledge this, the sooner the Internet and its users will mature, and the sooner we can all enjoy a more civilized experience online.
WELL SAID ! CPark I could not agree with you more.
If you know how "money" comes into existence you'd know the banks are always looking for ways to "erase" it, to prevent the inevitable inflation if they fail to erase "money" near as fast as they create it.
The banks won't like plugging this hole, it's too "honest" a method of laundering. Watch for resistance to any measures that would require the banks to do anything, even simple reporting.