The threat from cyber crime
We have seen a significant growth in cyber criminality in the form of high-profile ransomware campaigns over the last year. Breaches leaked personal data on a massive scale leaving victims vulnerable to fraud, while lives were put at risk and services damaged by the WannaCry ransomware campaign that affected the NHS and many other organisations worldwide. Tactics are currently shifting as businesses are targeted over individuals and although phishing attacks on individuals are increasing, fewer are falling victim as people have become more alert.
Because the distinction between nation states and criminal groups is increasingly blurred, cyber crime attribution is sometimes difficult. Russian-language criminals operating ransomware as a service continue to
be responsible for most high profile cyber crime attacks against the UK. Although young criminals are often driven by peer kudos rather than financial reward, organised UK cyber crime groups are motivated by profit.
Cyber criminals seek to exploit human or security vulnerabilities in order to steal passwords, data or money directly. The most common cyber threats include:
- Hacking - including of social media and email passwords
- Phishing - bogus emails asking for security information and personal details
- Malicious software – including ransomware through which criminals hijack files and hold them to ransom
- Distributed denial of service (DDOS) attacks against websites – often accompanied by extortion
The scale and complexity of cyber attacks is wide ranging. 'Off the shelf' tools mean that less technically proficient criminals are now able to commit cyber crime, and do so as awareness of the potential profits becomes more widespread. The evolving technical capabilities of malware means evolving harm as well as facilitating new crimes, such as the cryptomining malware which attacks digital currencies like Bitcoin.
Cyber attacks are financially devastating and disrupting and upsetting to people and businesses. They undermine the economic stability of the UK and cost the UK economy millions of pounds each year.
The NCA is committed to improving the UK’s resilience to cyber-attacks and improving the law enforcement response to the cyber-crime threat, by taking action against those responsible, wherever they may be located.
Our response
Cyber crime is a global threat. Criminals and the technical infrastructure they use are often based overseas, making international collaboration essential.
We focus on critical cyber incidents as well as longer-term activity against the criminals and the services on which they depend. We work closely with UK police, regional organised crime units, and partners in international law enforcement such as Europol, the FBI and the US Secret Service to share intelligence and coordinate action. We have also developed close and effective partnerships with private industry to share information and technical expertise.
As well as disrupting the current generation of cyber criminals we also want to prevent young people from slipping into cyber crime. Our #CyberChoices campaign encouraged parents of young people with cyber skills to talk to them about their ambitions and the opportunities to use their skills positively.
We also work with partners such as the National Cyber Security Centre, Get Safe Online and Cyber Aware to promote ways for the public and businesses to protect themselves online.
How you can help
Most cyber attacks could be prevented by taking these basic security steps:
- Choose strong passwords and don’t reuse them for multiple logins
- Install security software such as anti-virus and two-factor authentication. This kind of software is often available for free.
- Keep all security software and operating systems updated (this can be set to update automatically)
For further advice on how to stay safe online please visit Cyber Aware, Get Safe Online or the National Cyber Security Centre.
If you are a victim of cyber crime please report it to Action Fraud, the UK's fraud and cyber crime reporting centre.
