Anyone who thinks ‘the cuts’ are only really worrying to scroungers, overpaid civil servant fat cats and suppliers who’ve become addicted to the public sector as a handy cash cow may need to think again.
For no less a figure than the head of the Met Police has weighed in and warned that slashing his specialist unit set up to fight cybercrime is going to have wider implications than maybe any of us want.
What’s going on here? In 2008 a group called the Police Central e-Crime Unit (PceU) was set up to co-ordinate work against cybercriminals. It had a 2009-10 budget of £3.5m, which was set to rise by £1m in this FY. But in June, as part of the first swathe of cuts (the £6bn in public sector waste identified by the Tory part of the current Coalition), that rise was taken away.
The problem is that the Police had argued that the original funding wasn’t really adequate and that the freeze in effect amounted to a cut, as the unit’s workload is already stretched. Now Sir Paul Stephenson – the Met’s Commissioner – has gone on record complaining about the cut.
Stephenson has penned quite an angry piece for a Sunday newspaper that claims that for every £1 spent by the PceU it prevented £21 in harm from potential theft – so it’s a false economy to pare it down in terms of crime impact.
He’s also arguing that cyber extortionists and online fraud costs the world £52bn in 2007 – and that in future, electronic crime could become the main cash source for "the modern Tony Soprano-style crime lord".
Content from our partners
Stephenson lists some quite scary cases to argue his point. These range from the criminals who stole the personal financial details of hundreds of people, allowing them to identify up to £8m they could steal, of which they nicked £750,000 from some 64 victims before being arrested, to the "distressed chief executive who came to police saying he feared having to lay off more than 8,000 workers because his £100m-a-year company was haemorrhaging losses to websites selling counterfeit versions of his company’s fashion jewellery".
He goes on: "All these cases indicate the scale of the challenge facing us. Yet my investigators tell me the expertise available to them is thin, compared to the skills at the disposal of cyber criminals… Of the 385 police officers in England and Wales dedicated to online work of all kinds, around 85% are tackling child exploitation and the Internet trade in child abuse images [not cyber thievery]."
Conventional criminals are getting more and more interested in online, he adds. "Traditionally, when a gang loses a drugs consignment to law enforcement, they commit robberies to pay their debts and finance another shipment. But robbing a bank or cash van is risky. How much easier to extort the price of a drugs consignment from a cyber attack on a company."
The argument is that not spending the money in this kind of specialist public sector function could be too short-term and cause more risk to UK business than not dealing with it. As he writes, "uniform officers alone will not keep the streets safe – specialist detectives are just as crucial to ensuring we are all better protected."
Stephenson’s views – perhaps unsurprisingly – have won the support of security specialists, like Sophos, which has issued a statement that argues, "As budget cuts for public sector organisations continue across the board, surely having sufficient funds to protect against the increasing threat of cybercrime is essential?"
Its senior technology consultant Graham Cluley also says, "If [as much] money was being stolen from high street banks the old fashioned way [as is being siphoned off in cyberspace], then you would certainly expect it to be investigated as a matter of priority rather than seeing budget cuts for the unit responsible for bringing down such criminals."
It’s a fascinating debate and one we are likely to see repeated in many forms in the four years the government says we need to slim down to pay off the national credit card debt; if we don’t spend the money on x, y may happen – and you won’t like it.
But what we can’t avoid is the fact that cybercrime is real, it’s a growing trend – and the man who would know says we aren’t doing enough to fight it through law enforcement.
