Friday 22nd April 2016 DS Chris Greatorex SEROCU Fighting Cyber Crime Friday 22nd April 2016 DS Chris Greatorex SEROCU
Introduction Police Officer for 11 years Regional Cyber Protect Coordinator for SEROCU To engage with, and develop relationships with companies and organisations within the region to promote cyber security, the role of the SEROCU CCU.
The Regional Units NCA Local Forces Regional Organised Crime Units (SEROCU) Local Forces (Surrey, Sussex, Kent, Hampshire, Thames Valley)
The Four ‘P’ Strategy Funding via the National Cyber Security Programme 2011 – £650 million 2015 – £1.9 billion PURSUE – Criminal investigations and disruption activity targeting the top tier cyber threats PREVENT – Stopping individuals becoming involved in cyber crime PREPARE – Responding effectively to major cyber attacks and mitigating their impact PROTECT – Helping businesses and the public to avoid victims of cyber crime
Cyber Crime In Numbers 2.5 Million cyber crimes reported in 12 months (2015) 28% of businesses reported attacks to Police Cost to UK economy... £27 Billion in 2011 → £49 Billion in 2014 SME average cost of a security breach £65K to £115K 500 Million new viruses in 2015 3000 DDoS attacks per day 500K phishing attempts per day Maybe use IoD data?? More recent?
Peel’s First Principle “The basic mission for which the police exist is to prevent crime and disorder”
Moving Focus Report recommends “a greater focus on protect against and preparing for cyber crime” not just trying to pursue criminals There is a clear need for more help to protect, prepare and educate SMEs Constant requirement to review incidents, highlight lessons learned and share these experiences
It Is Preventable!! 80% ...of cybercrime is preventable (GCHQ)
The Risks Getting into your systems.. Insider (either innocent or malicious) Phishing (spam) Social engineering (spear phishing) Hackers
Ransomware Currently targeting individuals → Moving towards businesses Demands from £600+ No guarantees to get data back Supporting criminality Repeat victimisation Backup using an external HDD Do it regularly Store backup securely Cloud storage not immune
A Recent Investigation (Malicious Insider) Richard Neale sent a “Wipe Command” to 900+ Aviva employees devices – BYOD Further access and alterations made into companies systems Tried to hide his involvement by using VPN’s but forensic investigation identified incriminating artefacts on his devices Cost the company £500K Convicted and serving 18 months 40 year old with a family
€20M General Data Protection Regulations Possible fines of 4% of global Turnover or €20M
Tackling the UK Cyber Threat Partnering with Industry and Academia The Police cannot do this alone.. Law Enforcement Academia Tackling the UK Cyber Threat Industry & Business
Police Response COLLABORATION We work with the victims and Emergency Response teams to stop and repair damage and to ensure that evidence is captured. TRUST We understand that the reputational damage to a business is sometimes worse then the actual offence. We therefore operate confidentially. SUPPORT We are happy to investigate without taking a subject to court so that we can build the intelligence picture to protect UK PLC. ASSISTANCE We have access to international law enforcement and intelligence platforms and networks that could reduce repeat victimisation.
Cyber Essentials
10 Steps to Cyber Security
Action Fraud
Cyber-security Information Sharing Partnership Expand on notes here
CiSP – Regional Nodes Expand on notes here
Thank You DS Chris Greatorex @SouthEastROCU Serocucybercrimeunit@thamesvalley.pnn.police.uk