UK still not reporting cyber crime

A lack of confidence in the reporting and prosecution of cyber crime discourages UK businesses from going to the police after a security breach, according to industry experts.

But the government's National Hi-Tech Crime Unit (NHTCU) hit back at the suggestion, pointing out that police cannot deal with the crimes unless it knows about them.

Speaking at the Infosecurity conference in London this week, David Spinks, director of information assurance at outsourcer EDS, which manages some three and a half million desktops for customers, said that breaches are massively under reported by businesses.

"What we are seeing is an increase in the occurrence of attempted crimes using technology and particularly the internet," he explained. "The number of security breaches reported is only the tip of the iceberg. For every one admitted there might be 100 more held within companies."

Clifford May, principal consultant at security services firm Integralis, said that when his company investigates security breaches for clients and the perpetrator is traced to a foreign country, the client will not pursue it in over 90 per cent of cases.

The main issue raised by users is the need for a clear and confidential reporting system for security breaches which have a chance of a successful prosecution, according to the industry panel.

Tony Neate, tactical and technical industry liaison officer at the NHTCU, indicated that the unit is looking at a confidential online reporting system but still needs businesses to tell them what's really happening.

"Unless we know what the problems are out there we can't deal with the issue," he said.

In the meantime Neate urged users to report breaches to their local police force, as they would any other type of crime.

"There are 43 police forces in this country. If your house is broken into you phone your local police force. That's how we deal with it, that's how we have always dealt with it. It will be fed through to us if it is important enough for us to deal with," said Neate.

And only the most serious hi-tech crimes against business would be directly investigated by the unit.

"We are a national organisation, and we deal with serious organised crime on a national and trans-national basis," he explained. "We want confidential reporting, but we have to be realistic. There are 40 of us now, rising to 90 in the next year or two."