The UK’s National Crime Agency (NCA) has called for stronger collaboration between government, law enforcement and business in the fight against cybercrime, which it says is costing the country billions each year.
The agency made the calls in its Cyber Crime Assessment 2016 report released today.
It claimed that DDoS and ransomware attacks increased “significantly” last year, and that cyber-enabled fraud is a rising cost for banks, retailers and others. However, data breaches are still the most common form of cybercrime, having affected “almost all” large firms and a “substantial majority” of smaller ones, the NCA claimed.
The report also claimed that under-reporting has made it harder for law enforcement to understand the true scale of cybercrime and how it operates.
It urged businesses not only to report such crime to the police but also to share more intelligence generally.
One thing that could help is the GDPR’s rules on mandatory breach notification, coming in May 2018. However, many firms are still reluctant to share intelligence with the authorities – a distrust that has only grown since the Edward Snowden revelations on state-sponsored snooping.
Nevertheless, if more firms treated cybersecurity as a board-level issue, it would help the UK as a whole fight back against online threats, the agency argued.
It added:
“Directors of businesses should challenge their business management teams to go beyond compliance with minimum cyber security standards to ensure that rapidly evolving cyber security and resilience challenges are addressed and the threat to the UK is reduced.”
The most advanced cybercrime can be traced back to just a few hundred international cyber-criminals who deliberately targeted high-value UK businesses, the NCA revealed.
It estimated that cybercrime has now claimed millions of individual and thousands of corporate victims, but that co-operation does produce results, as in the case of the Ramnit botnet takedown and Dridex arrests.
The latter case is also a cautionary tale of how quickly criminal groups can react to disruption – with the botnet used to spread this banking malware repurposed to spread Locky ransomware, the NCA added.
The government pledged £1.9bn to cybersecurity in its 2015 Strategic Defence and Security Review.
This will be spent on initiatives such as a National Cyber Security Centre, designed to provide a single point of contact with industry; closer partnerships with CNI firms; and building out the current Cybersecurity Information Sharing Partnership (CiSP).
Jonathan Martin, EMEA operations director at threat intelligence firm Anomali, claimed that having cybersecurity teams well briefed and standing by will always help firms reduce the impact of any future attack.
"We all know that the bad guys share intelligence on how to break into a network all the time. We need to start doing the same, to share intelligence between ourselves in real-time about who the attackers are, where they live and what techniques they typically use,” he added.
“Understanding the tactics and techniques used by the attackers and pulling in threat intelligence from as many sources as possible ensures that the vulnerability or exposure of a company can be reduced down from many months to just minutes and hours."