New research sheds light on ‘grave threat’ of economic cybercrime
New approaches must be adopted to tackle the escalating problem of economic cybercrime, according to a new report co-authored by a University of Leeds expert, for the City of London Corporation, supported by the City of London Police.
The report highlights the scale of economic cybercrime in the UK, stating that 106,681 fraud-related incidents were reported by individuals and businesses to Action Fraud in the last three months of 2014, a third of which related to banking and credit industry fraud.
The report, ‘The Implications of Economic Cybercrime for Policing’, states that e-commerce fraud losses totalled £217.4m in 2014, with losses to the banking sector from online banking fraud reaching a new high in 2013/14 of £60.4m.
Data from business services firm PWC is also cited in the research, showing that 90% of large organisations reported a security breach in 2013/2014. Since then, there has been a spate of high profile data breaches in the US and the UK, showing the ease with which both personal data and corporate secrets can be stolen.
Against this backdrop, the report calls for renewed vigour from law enforcers in preventing and tackling this type of crime.
It outlines key challenges facing the ‘Four Ps’ Government strategy of policing economic cybercrime – ‘pursue, prevent, protect, prepare’ – including the complexity of cases; their cross-territorial scale; the rapidly changing tactics of offenders, the volume of incidents; victims being often unaware of the impact; a chronic underreporting of crimes; and a lack of information-sharing and intelligence-gathering on organised crime groups and activity.
A number of potential policing responses are recommended, including that:
- There should be a greater focus on the ‘Protect’ and ‘Prepare’ (prevention and resilience) components of the government’s strategy rather than ‘Pursue.’ This includes educating citizens, especially vulnerable people likely to be repeat victims, about the risks in cybercrime, and making it easier for them to be protected. Businesspeople with broad corporate IT access should carefully review their own range of access in case this is compromised by insiders or outsiders. Firms should review what they really need to have connected to the internet, if those assets are core to the company’s survival.
- There should be an emphasis on partnership working and greater coordination across police forces and other key bodies, nationally and internationally – including the National Crime Agency, Intellectual Property Office and Trading Standards – as part of the wider policing family, as well as international partners.
- Law enforcers should place greater focus on disruption tactics – such as identifying and shutting down fraudulent websites – over traditional reporting and investigating.
- Building on existing efforts of a joined-up approach to policing economic cybercrime and addressing those crimes – that by volume, value, harm and/or severity of threat, and identification of the organisation and location of perpetrators – appear to pose the biggest risk.
Report co-author David Wall, Professor of Criminology in the School of Law at the University of Leeds, said: “This report lays bare the scale and effect of economic cybercrime. It is imperative that the recommendations for policing responses are taken on board by law enforcement agencies, otherwise this issue will get even worse and hit businesses even harder in their pockets.
“The report’s findings are taken from my detailed analysis of national police data on economic crime. Now we know more about the scale of the problem, we must do all we can to tackle it.”
Dr Mike Levi, Professor of Criminology at Cardiff University and lead author of the report, said:“The introduction of sophisticated technology has brought about a step-change in the way economic crime is committed – enabling frauds to be perpetrated at scale, at great speed, and at a distance, with no physical contact necessary between criminal and victim.
“This type of crime challenges conventional policing models, which are focused on detection and investigation, because it represents a paradigm shift in the way such crimes can be committed. Policing – both in the UK and around the world – therefore faces many challenges in adapting and responding to these evolving patterns of crime.”
Policy Chairman at the City of London Corporation, Mark Boleat, said: “This report shows that economic cybercrime continues to pose a grave threat to our economic stability and its impact is felt across society, impacting on businesses and individuals alike.”
Adrian Leppard, QPM Commissioner of the City of London Police, said: “We should expect all police forces to be putting cybercrime as a priority and exploring ways in which they can use their existing resource coupled with volunteers and local businesses to help in the mission to protect. Cybercrime should not be a priority for police merely because adequate resources aren’t available.
“There needs to be renewed approach to the care and education of victims of cybercrime, to prevent further victimisation. We need to reach those at risk, particularly with the small-to-medium-sized business community and those individuals relatively new to the internet.”
- The City of London’s report The implications of economic cybercrime for policing.
University of Leeds
The University of Leeds is one of the largest higher education institutions in the UK, with more than 31,000 students from 147 different countries, and a member of the Russell Group research-intensive universities.
We are a top 10 university for research and impact power in the UK, according to the 2014 Research Excellence Framework, and positioned as one of the top 100 best universities in the world in the 2014 QS World University Rankings.
City of London Corporation
The City of London Police is responsible for policing the City’s business district, the ‘Square Mile’ in the historical centre of London. In addition, it holds national responsibility for Economic Crime and under this remit is host to Action Fraud (the national fraud reporting service), the National Fraud Intelligence Bureau, the Insurance Fraud Enforcement Department and the Police Intellectual Property Crime Unit.