Computer misuse crimes in UK surge to high not seen since 2017 even as prosecutions slump 20% Public reports of computer-linked crimes are soaring thanks to a huge rise in data breaches, even as prosecutions against Computer Misuse Act offenders slump. The Crime Survey for England and Wales said it recorded 1.8 million computer misuse offences in the 12 months ending June 2021, matching the number it recorded in 2017 …
Using a telephone survey to assess the level of criminal actions that may be used as a basis for legislation is iffy at best.
How was the survey phrased and the participants validated and what other parameters were applied?
For an organisation like the ONS a telephone survey is lazy research.
How would you do it?
Stopping people in the street is inherently biased as it only surveys people who will stop, and who the researchers feel able to ask.
Self-selected (online) surveys like El Reg, newspapers and the like runs are statistically useless for population, as you only survey people who feel strongly about the issue and know about the survey, so you can easily get the result you want by how you advertise it.
Which leaves phone surveys. These have other problems of course, as not everyone has a phone or would answer it.
The ONS are reasonably good at both selection and understanding - and publishing - the errors it creates.
There's also other places to cross-check whether the numbers are plausible, like phishing reporting systems and the like.
Eg they say it's probably an underestimate, presumably because someone who's suffered from a data breach is unlikely to talk to a survey.
We just monitor the daily attempts to log into the mail server administer account ... they have dropped recently to only one attempt every 30 seconds, 24 hours a day. But this is just a "feature" of the modern internet - it allows criminals free access to everything and there is virtually nothing being done to stop them - when they access your systems then you are blamed.
In 2019 we reported how crime reports to Action Fraud rarely do more than get added to a row in a spreadsheet.
Well, I suppose at least that's better than if they added a row to the spreadsheet instead.
QUOTE: "prosecutors fear foreign criminals getting a slap on the wrist"
In the other hand, legitimate and intelligent penetration test professionals need always to make their clients to sign a contract, where the client assumes any kind of liability - civil, administrative, criminal and others.
I like, in particular, a clause that says software cannot be used in any circustance against or in partnership with foreign entities - thus, limiting the jurisdiction only to your own country.
I have a few of those contracts signed myself, for some clients.
There are no mistakes, mister. Law-abiding security penetration testers, with signed contracts, the client assuming any kind of liability due to use and/or bad use of products, authorized to use the product only within the country's borders of where the contract was signed, are indeed immune to prosecution.
As the UK legislative bodies have been gutted over the past decade, courts closed, 21k police removed from the force, parliament full of international law breakers, reduction of international cooperation, a gullible population.. How unusual would you think any criminal who takes a quick look at the UK's dismal state of the rule of law and enforcement to think they can easily get away with anything they do in the UK. Chances are they can buy themselves a lordship with their ill gotten gains. Just bribe the PM.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
