Thai police strapped with Hello Kitty armbands

The UK's police service is set to spend up to £50 million ($62.7 million) buying hardware and software for a legacy communication network that was planned to become obsolete in 2019.

The Home Office had planned to replace the Airwave secure emergency communication system, which launched in 2000, with a more advanced Emergency Services Network by the close of the decade. However, the legacy network has seen its life extended as its replacement was beset with delays. The ESN is expected to go live in 2026.

In a procurement notice, the Police Digital Service (PDS) said it was looking for up to three suppliers of Terrestrial Trunked Radio (TETRA) Encryption Algorithm 2 (TEA2) compatible radio devices – including handheld, desktop, and mobile terminals – as well as software, accessories, services, and maintenance for use on the UK Airwave system.

FluBot, the super-spreader Android malware that infected tens of thousands of phones globally, has been reportedly squashed by an international law enforcement operation.

In May, Dutch police disrupted the mobile malware's infrastructure, disconnecting thousands of victims' devices from the FluBot network and preventing more than 6.5 million spam text messages propagating the bot from reaching potential victims, according to Finland's National Bureau of Investigation on Wednesday.

The takedown followed a Europol-led investigation that involved law enforcement agencies from Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the US. 

The Home Office is looking to replace its ancient and creaky National Firearms Licensing Management System (NFLMS) in a £20m contract.

NFLMS is the central police database of every firearm owner and every individual firearm in England and Wales. Whoever wins the contract will have a relatively low profile but critically important system to deliver.

"NFLMS is used by forces teams across England and Wales and these teams conduct approximately 170,000 licence grants, renewals and variations per year," said a notice on procurement website Bidstats.uk.

UK police forces have no overarching rules for introducing controversial technologies like AI and facial recognition, the House of Lords has heard.

Baroness Shackleton of the Lords' Justice and Home Affairs Committee said the group had found 30 organisations with some role in determining how the police use new technologies, without any single body to guide and enforce the adoption of new technologies.

Under questioning from the Lords, Kit Malthouse, minister for crime and policing, said: "It is complicated at the moment albeit I think most [police] forces are quite clear about their own situation."

The Clop ransomware gang pwned a managed service provider with access to the UK's Police National Computer, dumping data on its dark web leaks site – but officials deny that police data was compromised.

Dacoll, a Scotland-based MSP, was attacked in October by the notorious criminal crew. Reports surfaced in the Mail on Sunday newspaper over the weekend that the criminals had published information from the Police National Computer on their leaks site.

The paper claimed that data was harvested through illicit access to Dacoll's systems when the company was subject to a ransomware attack back in October. A Dacoll subsidiary, NDI Technologies, advertises itself as "the leader for all things related to the Police National Computer."

Ukrainian police have arrested five people on suspicion of operating a ransomware gang, including a husband-and-wife team, following tipoffs from UK law enforcement.

"The organizer of the group, a 36-year-old resident of Kyiv, together with his wife and three acquaintances carried out cyberattacks on foreign companies," cops alleged in a characteristically blunt statement (in Ukrainian).

They claimed "more than 50" companies were targeted by the alleged gang, causing damage estimated at "more than one million US dollars."

The European Data Protection Supervisor (EDPS) has ordered European Union law enforcement agency Europol to delete any data it has on individuals that's over six months old, provided there's no link to criminal activity.

EDPS says it probed Europol's collection of large datasets for strategic and operational analysis from April 2019 until September 2020. The investigation concluded the law enforcement agency needed to up its game when it came to data minimisation and retention and encouraged Europol to make necessary changes and then let the EDPS know of its action plan.

According to regulations, "personal data should be adequate, relevant, and limited to what is necessary in relation to the purposes for which this data is processed," and "personal data processed by Europol shall be kept in a form which permits identification of data subjects for no longer than necessary for the purposes for which the personal data are processed."

A Canadian man is accused of masterminding ransomware attacks that caused "damage" to systems belonging to the US state of Alaska.

A federal indictment against Matthew Philbert, 31, of Ottawa, was unsealed yesterday, and he was also concurrently charged by the Canadian authorities with a number of other criminal offences at the same time. US prosecutors [PDF] claimed he carried out "cyber related offences" – including a specific 2018 attack on a computer in Alaska.

The Canadian Broadcasting Corporation reported that Philbert was charged after a 23 month investigation "that also involved the [Royal Canadian Mounted Police, federal enforcers], the FBI and Europol."

A critical report by the UK's public sector spending watchdog has blamed the Home Office for delays to a new crime-fighting IT platform designed to replace two systems on the verge of obsolescence.

The National Law Enforcement Data Service (NLEDS), which was supposed to be up and running last year, is designed to replace both the Police National Computer (PNC) and the intelligence-sharing Police National Database (PND).

But delays – including a failure to agree on exactly what the system should do – have cast further doubt on the project, with delivery pushed back to 2025 at the earliest.

Los Angeles police are instructed to collect social media details from people they stop and talk to, even if those civilians aren’t suspected of breaking the law, according to documents finally revealed after a lengthy legal battle.

The Brennan Center for Justice, a non-profit institute at New York University, last year submitted a request [PDF] under the California Public Records Act for information on LAPD's use of social media to monitor people and groups.

The center hauled the police department into the US state's superior court when its request was not fulfilled, and the cops relented.