"Traditional law enforcement techniques are incapable of tackling the rise of cybercrime, according to a panel of experts gathered to discuss the issue at the Chartered Institute of IT."
Lauri Love would disagree.
Traditional law enforcement techniques are incapable of tackling the rise of cybercrime, according to a panel of experts gathered to discuss the issue at the Chartered Institute of IT. Last night more than a hundred IT professionals and academics, including representatives of the National Crime Agency and Sir David Omand, the …
Lets also examine those 5 points....
>Increase the effort criminals need to apply to commit the crime successfully;
Yes, seems as sensible, a bit like locking your front door to stop you being burgled. But that doesn't require a law change now does it?
>increase the risks criminals need to take;
Given they have decided to break the law I don't think this is valid. Remember, they don't think they are going to get caught or they wouldn't do it so surely setting the punishment from say 2 years inside to 10 years will have no effect. Also, people still murder people despite their being a pretty harsh punishment for it (usually anyway!)
>reduce the rewards of criminal activity;
Isn't that what the proceeds of crime act was for?
>remove the excuses for it;
They are young males, what are you going to do? And isn't the reward probably the excuse.
>and reduce provocation.
What does that even mean!
Basically, they want to do away with the bit where they have to catch and prosecute the criminals and prove they are guilty. The damn law, it just gets in the way for the police now doesn't it.
What happens when you give the police guns? The criminals get bigger guns.
And the evidence for this is..?
Also innocent people get caught in the cross fire.
And the evidence for this is..? I am not saying that innocent people don't ever get shot, but I cannot recall any instance where they have been caught in "crossfire". Perhaps you can remind me.
I can only imagine that letting the police "disrupt" criminals will have massive amounts of collateral damage. I suspect your imagination might be running away out of control.
For reasons I do actually understand many people (not least on this distinguished forum!) are extremely wary of the "forces of law and order" having increased powers on the fighting cybercrime front, however one might wish to define it. Knee - jerk reactions are all too easy; I would be very interested to hear how commentards would deal with crime carried out, or facilitated, by the use of "IT". Unless I have misread things the general view seems to be "you can't have any more IT - based powers".
So how do you suggest that such crime and its perpetrators are dealt with?
For reasons I do actually understand many people (not least on this distinguished forum!) are extremely wary of the "forces of law and order" having increased powers
Probably reasons of the seemingly constant whining about encryption, the increase in mass data gathering by governmental agencies, the use of orders on people found guilty of a crime to treat them as if they had been.
The justifications for these powers throughout history has always been couched as legitimate, at least if one just looks at the surface, and often assured to be temporary (until the crisis is passed)
It's all another brick in the wall. A wall we could very well wake up one morning and find totally surrounds us. Anyone who values the freedoms of western civilisation should be wary of any warning signs, 'it could never happen here' is a platitude for the self satisfied.
"It's all another brick in the wall. A wall we could very well wake up one morning and find totally surrounds us." - The problem is not (cyber)crime or how to deal with it but that the local Stasi are using the fear of crime to demand powers that dictators like Stalin, Mao, Hitler would love to have had. Given that powers will not be used to actually fight crime but to keep the various undesirables (according to your local elite) in place one should be very wary of these demands.
"Given that powers will not be used to actually fight crime"
Do you have any evidence for that statement at all?
Yes, we have about 100 officers to investigate thousands of offences a day but some will get looked at.
"various undesirables (according to your local elite"
That's pretty much the definition of criminal, and if that's your complaint then look towards Parliament, the judiciary and the prosecutors not the Police.
does this not mean that these police officers will have broken the laws of a foreign country and as such be subject to their criminal justice system.
So an attack comes from the USA and we hijack their system, that is a crime in the US so Mr Plod can be extradited for computer hacking?? yes/no?
Maybe they just need powers to go round to the Foreign Office and give the people running it a good kicking.
When a "hard-to-reach jurisdiction" refuses to hand over a suspect, isn't it usually because the Foreign Office prefers to see Britons being crime victims than do anything that might slightly irritate that jurisdiction even a teeny-weeny bit.
isn't it usually because the Foreign Office prefers to see Britons being crime victims than do anything that might slightly irritate that jurisdiction even a teeny-weeny bit.
There's not much the FO can do. The crap-hole countries that are mainly in the frame aren't usually big beneficiaries of foreign aid (and even then, that job of wholesale waste of billions rests with DFID), and the FO don't have anything much in the way of weaponry to back threats. The whole point of the FO is that they do tea and biscuit diplomacy, and they do that very well within its limits. But do you think Putin is going to respond to tea and biscuits?
You might think you'd be quite happy to see, for example, Russia completely isolated from international telecoms and financial networks whilst it permits its citizens to do this sort of stuff, but Western governments can't and won't do that because that stops all trade. With most of Western Europe dependent upon Russian gas that'd be a tad inconvenient. And the whole developed world might find something of a problem over oil, as Russia is the second largest exporter. Stopping Russian oil exports would remove 11% of world oil exports, and probably immediately push prices to $200 a barrel, trigger an instant depression in all trade economies. It'd also make Russia insolvent, and I'd suggest bankrupting a thug with nuclear weapons and a large army has additional downsides. More targeted sanctions (eg over Ukraine, noting that as another criminal crap hole host to all manner of cyber crooks) appear to have made their government more, not less belligerent.
So, I agree it would be nice to do something about foreign cybercrooks, but that something isn't going to involve their governments extraditing them.
There's not much the FO can do.
Taking the approach that "we can't bankrupt them so we can't do anything" ignores the enormous range of different sanctions that are available.
For example, banning a large proportion of Russian athletes from the Olympics has certainly caused them to reconsider their approach to facilitating drug use by their athletes, and is a long way from severing all ties.
For example unrestricted travel, telecommunications connections and automated financial transactions aren't essential for trade, they are just a convenience, especially as foreign trade predates the Internet by thousands of years.
For crimes where the perpetrators are on UK soil there is a well-established route for getting such powers. Go to a magistrate & ask for a warrant. If there are reasons why this doesn't work for what they need then there's a case for updating. But with all the RIPA stuff I'd have thought that there was over-provision for this.
For international crime there probably are problems. Put simply, a nation's police powers stop at its borders. Any warrant issued in one country doesn't give the police of that country the right to attack a computer in another (the US might have a little difficulty comprehending this). If a police force were to hack a computer in another country without clearance from that country then it would be as much of an offence there as if it were done by anyone else.
OTOH because crime can be so easily committed across national boundaries there needs to be a means of investigating it and bringing cases to trial in an appropriate jurisdiction. To do so within law requires provision in international law. Some such framework needs to be put in place but that need can't be met simply by telling local police to just go ahead as they see fit.
“you cannot control crime through the criminal justice system.”
This is a self-defeating attitude to take. Looking again at that quote "for every 100 crimes committed only 50 are reported to police, even fewer of those reports are recorded and a mere two per cent of crimes are successfully prosecuted."
A serial offender may only be successfully prosecuted for those crimes where he leaves sufficient evidence to support a prosecution. In practical terms the police are justified in concentrating effort on those crimes so a 2% successful prosecution rate may, in effect, be clearing up rather more than 2% of crimes. However to ensure that potentially prosecutable crimes get the attention they deserve there needs to be some form of triage for all reports. The fact that not all reports are recorded is a worry and there probably needs to be a serious review to remove as much administrative burden on reporting as possible so that resources are freed up to triage and then investigate.
For physical crime extending triage would probably require more SOCO resources. For cyber-crime possibly this could be automated which I presume the new national unit is doing but I'd guess there are a lot of police counters who don't know what to do if someone does report such a crime. That needs to be attended to with 100% forwarding of reports.
As to prevention perhaps the biggest step would be re-engineering of email. At one level ransomware is delivered by email and at higher levels social engineering via email seems to be a way in for bigger frauds. Sender authentication needs to be baked into the system so that faked email doesn't get moved through the system. However, given that the PGP underpinnings for digital signing also provide a basis for universal encryption, I can't see TPTB encouraging the uptake of this any time soon.
F**k right off.
I don't want the police behaving like GCHQ.
In truth I'd prefer a large part of GCHQ did not behave like GCHQ.
BB, rather than my usual data fetishist icon for the elimination of warrants and due process, not the wholesale data slurping.
When an exploit has been found from say the Russian hackers or another country attacking the severs in this country, identify the exploit and where it is from, purchase the exploit and use it against as many of the companies and government of that country.
The government in question would soon learn where the exploit was made and if it's Putin would probably chop their hands off.
Isolate ourselves and our allies Internet feeds to and from from the country targeted, sit back and laugh.
CCTV supposedly used to cut violent crime is already used to police parking violations. Councils and DWP little hitlers already do this too to cu down on dog poo, school admissions, rubbish bin abuses.
I was recently charged (wrongly) with a Breach of the Peace, over twenty months and with three days in jail, about fifteen court appearances, and several police raids/visits to my parents house. I realised fairly early on the police were going to their address soon after I'd arrived out of convenience, and must have been tracking my phone to save themselves a fifteen mile drive to my home. Later one of the officers interrogating me confirmed that inadvertently.
My case is utterly petty and minor but Police Scotland have also been doing the same stuff to journalists and other police officers. I got to talk candidly to a senior police officer about this sort of quasi-legal behaviour once and he was perfectly frank and unembarrassed, "What we can do, we will do". Meaning they will do anything they think they personally will not be prosecuted for.
And that is fair enough if they'd focus on serious criminals and terrorists, but they don't and they don't intend to.
Hope you got it all sorted in the end. My tribulations weren't as bad as yours; but still had some degree of injustice involved (lying their tits off in court so they got a conviction, for one).
What these fuckers don't seem to realise is that they're turning law-abiding supporters into enemies. I'm not quite at the stage where I wouldn't piss on a copper if he was on fire; but I'd definitely check to see who it was before making a decision.
"CCTV supposedly used to cut violent crime is already used to police parking violations"
In the end they showed CCTV did not cut crime, no matter how many times they say it. They just managed to catch the criminal more often after the act.
When councils started using RIPA to spy on parents trying to get in a certain school or who was putting their bins out early and the BBC using RIPA for TV licence enforcement, you learn to say NO to any increase in capabilities or laws to spy on us all.
The fact the police will get access to all our internet history without a warrant in the form or Internet Connection Records is something we need to take to the streets to oppose. Like many others, I use a VPN but under potential new laws the police will be able to hack me on the hunch the VPN is hiding some cyber crime.
If I'm reading this correctly... the local cops want the power to go after international crims. Really? Here in the States it's damn near impossible to get extradition from one state to another that's even if the locals take an interest in it. The usual response is "not our problem".
OTOH, the slippery slope applies. Once they have these powers, where are the checks and balances to prevent misuse? Will there be redress as part of the system? Who watches the freakin' watchers?
It boils down to "NO", just "NO". These things have a way of spreading from the UK to the US, et al, and vice versa but those promoting it either haven't studied history or don't give a crap about "what happens next?".
“you cannot control crime through the criminal justice system.”
I was under the impression that people who control crime have names like Al Capone or Ronny Kray, the Criminal Justice System or in this case the British Police are there to either prevent crime (trying not to laugh here) or to apprehend and punish those who have committed crimes, not control it or the individuals involved in crime.
If the fuzz want abilities similar to GCHQ why not have them make an application to GCHQ to act on particular cases where the police would have used those abilities if they had them?
After all GCHQ are getting bigger and bigger budgets, are undoubtedly scrutinising as much of the worls as they possibly can and, compared to a plod with and IT Studies degree, they are experts.
Why stop at mass surveillance.
They should ask for AI neural networks to be developed to predict crimes BEFORE they happen.
Better yet, take samples of our DNA, analyse it to see if our children has bad blood and eradicate them when they're born.
No. Wait. Crime would be eradicated if there was nobody left but me and all I need to run this world is a giant army of robots.
Many companies have crime predicting software products that they want to sell to police forces. Some are fairly advanced already and a lot are in development. Big money is being spent here and it's likely this pre-crime software will be heavily used.
Tests have already been done in some police districts with beta software to predict hot spots for trouble.
The Minority Report pre-crime policing is closer than you thought.
on that 5-point lark:
increase the effort criminals need to apply to commit the crime successfully;
No back doors to encryption technology? An excellent response to the bleatings of certain cretins. Wary of anyone trading security for freedom. Just fuck off NSA. Keep up educating public. Should public forums be encouraged to use HTTPS?
increase the risks criminals need to take
struggling with ideas here that don't involve logging everything everywhere. fuck off.
; reduce the rewards of criminal activity
OK, good idea, educate public in good IT security would be a start. Wouldn't like to see things taken much further. Anyone have some other suggestions? feels like could erode presumption if innocence if not careful.
; remove the excuses for it
Does anyone have any good excuses for cyber crime? Crap wars in foreign lands?
; and reduce provocation.
Ban people from commenting on youtube? how to reduce provocation in a world of free speech?
>> increase the risks criminals need to take
> struggling with ideas here that don't involve logging everything everywhere. fuck off.
Perhaps reduce the time wasted on fighting for things that harm us all and focus on doing some actual police work? More coppers doing what they're supposed to be doing should increase the risk of getting caught
>> ; remove the excuses for it
> Does anyone have any good excuses for cyber crime? Crap wars in foreign lands?
I've got a sinking feeling that in the future we may all have a good excuse - they've clamped down so hard on things that "normal" stuff like using https is now potentially a cybercrime.
If the Police want to have GCHQ style hacking and spying powers then considering their importance in the fight against terrorism and cybercrime (does that include dissent against the UK?), they should have a new name to reflect their importance. How about "The Ministry of State Security" (or as East Germany (GDR) used to call them - "Stasi").
Biting the hand that feeds IT © 1998–2022