UK 'losing fight' against internet crime, warn MPs...Performanta Response
Following the news this week that the UK is losing the fight against internet crime, the Home Affairs Select Committee has said the UK must do more to stop online fraud and deter state-sponsored cyber-espionage or risk losing the fight against e-crime. The UK's eavesdropping centre GCHQ added that this year 80% of cyber-attacks could be prevented by better management of information online.
Comment By Lior Arbel, CTO of Performanta Limited, a specialist information security firm:
“Despite modern firewalls, and what was believed to be adequate protection, the stories of espionage and data loss are mounting. The important question of how we monitor, manage and control outgoing as well as incoming data has become all the more relevant. Whilst we welcome many of the Home Affairs Select Committee recommendations on deterring state-sponsored cyber-espionage and the protection of critical data, everyone today - employees, partners and users – must realise we are all in the data protection business and take responsibility for our actions.
Businesses in particular must be proactive and deal with the threat of critical data loss right now at a technological level in order to protect themselves and their employees. With the government proposing that up to a quarter of the UK's 800 specialist internet crime officers could be lost due to budget cuts and 78% of large organisations in the UK attacked by an unauthorised outsider in the past year, every business needs to step up in the battle against cyber espionage.”
MP's report on e-crime: Adapt's take on how UK companies can beat low level crime on their own:
This this MPs have warned that the UK must do more to stop online fraud and deter cyber-espionage or risk losing the fight against e-crime. Much low-level internet based financial crime has been falling into a 'black hole' and not reported to the police. If fraudsters can get away with activity like this, how can UK companies act against them?
Below is a comment by James Carnie, head of solutions architecture, Adapt:
James Carnie at Adapt explained, "With security concerns high on the agenda of any customer making transactions online or giving out personal information, the protection of this data has become a key part of every UK company's customer service offering. The report highlights something that these companies have been concerned about for some time: that customer data is potentially at risk from low level, unpenalised crimes. It's therefore up to the UK companies themselves to act fast and combat potential threats on their own. However, MSPs can help protect UK businesses from low-level crime, with access to high quality, highly secure, controlled and accredited data centres to host their data. This helps to prevent form the opportunistic low level crime where the data is physically stolen (server, disk, etc) or electronically stolen (USB stick). Turning to a service provider that has strong security credentials can significantly reduce risk, giving the company monitoring tools and a dedicated team of experts to monitor any new threats to customer data.”
Expert comment on MP warning that the UK is losing the fight against internet crime:
The groups behind cyber attacks are continually finding new and more inventive ways to attack businesses. MPs have warned that the UK is ‘losing the fight’ against Internet crime and that it must do more to keep up with the pace of cyber criminals to stop online fraud and deter state-sponsored cyber-espionage.
Commenting on the fight against e-crime, Klaus Gheri, IT security pioneer and VP of product management Europe, Barracuda Networks said:
“The growing threat of Internet crime is not specific to the UK. It is the same everywhere. Law agencies are ill equipped to protect against cyber warfare. Social media sites have become a regular hunting ground for cyber-espionage attacks and an easy way for cyber criminals to launch targeted attacks against businesses.
“The government has the biggest responsibility here. It needs to pass legislation for all businesses to have a prescribed minimal amount of cyber security. There should also be an obligation for businesses to report any hacks and data loss.
“In the meantime, businesses need to wake up and recognise that they are at risk of an attack. It is imperative that they set dedicated budget aside to address the organisation’s cyber security.
“The right technology such as Next Generation Firewalls (NG Firewalls) and Web Application Firewalls (WAFs) are there for businesses to control what enters their network and applications. This, combined with staff awareness training should be a no-brainer for all organisations.”