National High Tech Crime Unit Computer Crime Report
In every company in the UK there is likely to be a PC, and therefore an IT security
breach is almost inevitable. These are the findings of the 2005 National High Tech Crime
Unit report into the effect of computer crime on businesses. With incidents ranging from
misuse of company email to theft of intellectual data, IT departments can no longer sit
back and rely on a firewall to protect their organisations.
The survey was carried out amongst senior decision makers within companies,
responsible for implementing IT security strategies and the response to breaches should
they occur. A staggering 89% of interviewees had experienced an incident of computer
related crime in the past year, with the majority of these being committed internally by
disgruntled or dishonest staff. The main concern for said decision makers after a breach
had occurred was how to maintain business continuity. However if half of IT staff
employed within companies have no formal IT security qualifications, what exactly must
you do to stop your business grinding to a halt?
Firstly don’t step in guns blazing CSI style – the Channel 5 TV show that is. Although
the glossy crime series has brought Computer Forensics to the forefront of public
awareness, it does little to reflect the correct and essential procedures that must be put in
place once there is suspicion of criminal activity. In a recent episode Sanders walks on to
a crime scene, turns on a nearby computer and begins accessing the email. Joel Tobias,
Managing Director of Computer Forensic Company CY4OR comments on why this is
exactly what you must not do;
‘Not only could this potentially damage evidence, any incriminating data that was
uncovered would undoubtedly be thrown out of a court of law as the proper evidential
procedures would not have been put in place. The evidential continuity would have been
compromised and a criminal case could collapse.’
According the NHCTU survey however, where it states that less than 24% of companies
have a crisis management procedure for this type of situation, it may be a common
scenario. The temptation for IT Departments to become digital detectives and deal with a
breach of security in house is understandable, as companies worry about investor
confidence, company reputation and business in general. However with cyber crime
costing the UK billions every year, it is more important than ever that crimes are reported
and criminals brought to justice.
There a few basic steps to follow, to minimise exposure and resolve the situation as
quickly as possible; firstly treat the matter seriously, tell your legal team not your
colleagues about your suspicions. Secondly don’t inform your IT department - employ
the skills of computer forensic experts. Professional analysts from reputable companies
adhere to ACPO (Association of Chief Police Officer) guidelines, can identify digital
evidence quickly and ensure that it will stand up in court by following the correct
procedures. (They can even image your computers after hours, to avoid inevitable
discussions by the water cooler).
The principal of forensics which says that ‘every contact leaves a trace’ cannot be
emphasised enough. There is a time and a place to leave it to the experts, and this is it.
|
Press Releases
