Bern toughens laws against cyber crime

Switzerland will be a better partner in fighting cyber crime worldwide as of next year.

The Federal Council says modifications in the law will come into force in 2012.

Among the changes are faster exchange of information with other countries, sanctions for putting online any program or information facilitating hacking, and a 24/7 hotline run by the Federal Police.

These changes in the law will make it possible for Switzerland to apply the European Council’s convention on cyber crime.

It is the first international treaty aimed at fighting cyber crime.

Solutions : www.xcyss.in  

Hackers Are the New Mob: White House Gets Serious on Cybercrime

Potential teenage Matthew Brodericks, beware: In this era of LulzSec, DDoS attacks on BART and hacktivst group Anonymous telling NATO that the world doesn't belong to them anymore, the White House has decided that it's time to take hacking seriously, asking for tougher sentencing for those found guilty of cybercrime.

Speaking before the Senate Judiciary Committee, Associate Deputy Attorney General James Baker and Secret Service Deputy Special Agent in Charge Pablo Martinez explained that sentencing has failed to keep up with the growing seriousness of hacking, and that the administration is calling for the Computer Fraud and Abuse Act to be folded into the Racketeering Influenced and Corrupt Organizations Act.

The key to understanding the proposed changes is the new presumption that modern hackers are not acting alone. Martinez told the Committee that "Secret Service investigations have shown that complex and sophisticated electronic crimes are rarely perpetrated by a lone individual," adding that online criminals "organize in networks, often with defined roles for participants, in order to manage and perpetuate ongoing criminal enterprises dedicated to stealing commercial data and selling it for profit" (or, you know, just to cause chaos and show that they can hack into that place someone said they couldn't, but whatever). It's a narrative picked up by Baker, who went even further, saying that "[a]s computer technology has evolved, it has become a key tool of organized crime. Many of these criminal organizations are similarly tied to traditional Asian and Eastern European organized crime organizations."

In addition to reclassifying hacking as an organized crime activity, the White House's proposal seeks the creation of a national data breach standard, replacing whatever various state laws may be in place.

Source : http://techland.time.com/2011/09/08/hackers-are-the-new-mob-white-house-gets-serious-on-cybercrime/#ixzz1XSH09UWF

Solutions:  http://www.xcyss.in/   

UK’s cyber crime defences come under fire

In October last year the government pledged an extra £650m of funding for the UK’s cyber security efforts, describing the risk of cyber attacks on the UK as a “tier one threat”. Then in March this year, Neil Thompson, director of the Office of Cyber Security and Information Assurance (OCSIA), said the UK’s aim is to lead international efforts to combat cyber threats. However, despite such talk of leading the way in tackling digital dangers, doubts persist over whether the country’s cyber security apparatus is fit for purpose.

Informed estimates suggest there are between 20 and 30 UK public sector bodies that exist either wholly or in part to fight cyber crime, hacktivists and the cyber threat from foreign agencies and governments. When asked for an exact figure, the Cabinet Office said it was unable to come up with a number.

In July this year, the Information Security Council released its annual report stating that the government has shown “confusion and duplication of effort” in its approach to cyber security, strongly suggesting that the UK’s digital defences are riddled with overlapping responsibilities and inefficiencies.

In the same report, former security minister Baroness Neville-Jones is quoted as describing the organisational structure of the UK’s cyber crime effort as “not ideal”.

More damning still was the following statement from the chief of the Secret Intelligence Service: “I’m not sure the Cabinet Office processes for determining what is a coherent cyber programme [are] as sophisticated as [they] should be.”

Charlie McMurdie, head of the Police Central e-Crime Unit (PCeU), believes that the organisational cohesion between the various cyber crime fighting agencies is improving.

“We’ve now reached a stage where we have a semblance of order and a structure around what we’re doing and how we’re co-ordinating our efforts with other departments and bodies.”

However, she acknowledges that the situation could be better.

“There’s been enormous progress, but there’s still far more to be done. We need far more integration with industry and the other external bodies who work closely with us.”

So according to McMurdie the situation is not as bad as it seems, and is improving. But how did the UK’s cyber defences get in such a fragmented state in the first place?

McMurdie pins the blame on organic growth. “In the UK it’s been a very organic growth, cyber demands have dictated different organisations appearing with different responses.”

But Ross Anderson, professor of security engineering at the University of Cambridge, believes that this lack of strategy has resulted in an ineffective response.

“[The UK’s cyber security strategy is] fragmented, messy, inefficient and hopelessly under resourced,” he says.

He explains that part of the problem is lack of longevity: cyber security agencies in the UK tend to have a short shelf life.

“The UK never manages to sustain a cyber crime effort beyond a year or two. The government set up the National Criminal Intelligence Service [itself formed from the National Drugs Intelligence Unit], which didn’t work. Then they set up the National Hi-Tech Crime Agency. That couldn’t get enough money from the Treasury to work properly, so instead they narrowed their remit and investigated child pornography [on the internet].

“All these agencies basically got shuffled off into SOCA [Serious Organised Crime Agency]. They put lots of the useless bits of other agencies in there, which meant that people in the Met [Metropolitan Police] could get on with their work.”

In July, the government announced plans to abolish SOCA, and replace it with the National Crime Agency (NCA).

But Anderson has concerns around the longevity of this organisation too: “Is the NCA going to be useful or will it last only a couple of years, go off on a wild goose chase and be abolished?” asks Anderson.

The Cabinet Office, the department in charge of cyber security, claims all the disparate bodies it employs in its cyber efforts are necessary.

“Cyber security is an issue that cannot be effectively tackled by one large department. The threat is such that a multi-agency, holistic approach is required, drawing on the expertise of the intelligence agencies, law enforcement, wider domestic policy departments and the private sector,” said a Cabinet Office spokesperson.

However, Anderson warns that the system cannot cope with the modern cyber criminal. “Our mechanisms for international police co-operation were basically designed for the likes of Dr Crippen - one high profile individual villain.

“But if you’ve got a bunch of anonymous people just making a few hundred pounds at a time, and if they’re doing it across international boundaries using technology that most policemen don’t understand, then the current system can’t cope with that.”

Anderson predicts that the problem will worsen if the system is not fixed.

“There’s going to be a rising tide of fraud and scams that will undermine public confidence in electronic commerce. This will make it harder for governments to deliver services online, and they can forget about the Silicon Roundabout if the UK becomes a bad place for online business.”

The government will release its new cyber security strategy later this month.

Source: http://www.computing.co.uk/ctg/analysis/2106832/uk-s-cyber-crime-defences

 For solutions related to cyber security visit us at http://www.xcyss.in/

19 Million victims of cybercrime a minute in the UK

Over 19 million people are falling victim to cybercrime per minute reveals the Norton Cybercrime report released today (7 September 2011).

The report claims that 51% of people in the UK have experienced some form of cybercrime during their lifetime. In addition, three times as many people have experienced crime online in the past year than have experienced offline crime.

'It's important for people to think about how they are protected online, otherwise they risk losing their hard-earned cash,' said Adam Palmer, lead security advisor at Norton.

The report claims that on average £474 million a year is lost to cybercrime in the UK with an additional £619 million lost in terms of the value victims place on their lost time. Globally, Norton estimates cybercrime costs around £71 billion last year.

Cybercrime can be prevented

Computer viruses and other malware are the most common form of preventable cybercrime, according to the Norton Cybercrime report, with 38% saying they'd encountered a virus.

Of those who have suffered viruses, 10% with then hit with by credit card fraud, while 6% had their social network hacked.

Sarah Kidner, editor of Which? Computing said: 'The figures in Norton's report are alarming. However, we wouldn't want them to stop people enjoying a rich online experience. Security software, notably our Best Buys, provide an excellent defence.

'However, it is essential that people keep their software up-to-date and ensure that they download updates for their operating system,' Kidner continued.

Source: http://www.which.co.uk/news/2011/09/19-million-victims-of-cybercrime-a-minute-in-the-uk-264954/

 For solutions related to cyber security visit us at http://www.xcyss.in/