Security threats Toolkit

Experts: 'British FBI' won't stop e-crime

Tags:
Cybercrime,
Jurisdiction,
Soca

Tom Espiner ZDNet.co.uk

Published: 03 Apr 2006 15:35 BST

The formation of the Serious and Organised Crime Agency (SOCA) will do little to combat the rising threat of cybercrime and could actually make the problem worse, experts have warned.

SOCA, which was launched on 1 April, has been formed from several existing police bodies including the National Crime Squad and the National Hi-Tech Crime Unit.

The government hopes that SOCA will combat gangsters, drug barons and people-traffickers, but computer security experts fear that it will mean cybercrime gets less attention.

Cambridge University security expert Richard Clayton told ZDNet UK on Monday that while SOCA will be concerned with serious organised crime, local police forces will concentrate on local crime. This means, he fears, that mid-range offences — including national cybercrime committed by individuals — will not be a priority for either local officers or SOCA.

"Basically the effect of creating SOCA is that they are concerned with top-level crime, and your local desk sergeant will be more concerned with crime in your town or county," said Clayton. "The problem with e-crime is that a lot of it doesn't fit into either group.

"The National Hi-Tech Crime Unit had some success in taking down fake auction and escrow sites, where people would pretend to be eBay and then just take the money and run. SOCA won't be interested in that, because it's not organised, and although your desk sergeant would be sympathetic, their enthusiasm will wane rapidly when they realise the crime is cross border or international," Clayton added.

Security expert Ross Anderson agreed with Clayton that there is a danger that e-crime could get "lost in the mix" following the creation of SOCA.

"Déjà vu!" said Anderson in a comment on Clayton's blog posting on the subject. "I can recall trying to report a bank fraud about 15 years ago, and being told by the Detective Constable that it was too complicated for their local force — but as the sum that had been pinched was less than £100m, the Serious Fraud Office would not be interested in it either."

"It's not a good idea to let villains know that while nicking a million or a 100 million will get you arrested, nicking ten million is OK," Anderson added.

Other security experts have also expressed concerns about the impact that SOCA will have. Microsoft's UK security chief Ed Gibson said in February that the creation of SOCA would actually make it harder for businesses to work out to whom they should report an electronic crime.

SOCA was unavailable for comment at the time of writing.