Here are Computer Weekly’s top 10 cyber crime stories of 2016:

1. Ransomware emerges as a top cyber threat

to business
In May 2016, Security researchers at Kaspersky Lab and FireEye confirmed that
the upward trend of ransomware was continuing and had emerged as a top threat to
business.

This was confirmed by Eset data which showed that ransomware made up a quarter of
UK cyber attacks, and was continuing to rise, while in August Trend Micro reported
that the occurrence of ransomware families nearly doubled in the first half of
2016 compared with the whole of 2015 and PhishMe research concluded
that ransomware is a mature business model for cyber criminals.

The impact of ransomware was underlined by a study, also published in August, that
found that one in five businesses hit by ransomware are forced to close, but despite
this harsh reality, another study found that almost two-thirds of US office workers
were unaware of ransomware threat, emphasising the need for cyber security
awareness training.

2. UK second only to US in DDoS attacks

The UK is second only to the US in being targeted by distributed denial of service
(DDoS) attacks with the aim of vandalism, disrupting businesses or extorting money
from businesses, a report revealed in August.

CW+
Features
Enjoy the benefits of CW+ membership, learn more and join.
  E-Zine

CW ANZ: On cyber alert

 E-Zine

CW ASEAN: How managed security services help to reduce cyber risk

 E-Zine

CW Benelux: Young wayward hackers could help fill Dutch IT skills gap

Although DDoS mitigation technologies are fairly mature, security consultants report
that after ransomware attacks, DDoS attacks were the most common reason for
callouts from affected businesses in 2016. DDoS attacks are not new, but attackers
have been exploring new techniques for delivering more powerful attacks over longer
periods. DDoS attacks have also been driven by the release of the Mirai code for
establishing IoT botnetsand the availability of DDoS services for as little as $5 an
hour.

3. 412 million user accounts exposed in

FriendFinder Networks hack
In the biggest data breach of the year, user details of more than 412 million accounts
were exposed in a data breach at FriendFinder Networks, that once again confirmed
poor user data protection and poor password practices.

In addition to confirmation of a 2014 breach at Yahoo that exposed a record 500

million accounts, 2016 also saw a string of other breaches, including the Dailymotion
breach, which prompted calls for password alternatives, the US Navy breach, which
highlighted third-party cyber risk, the breach at mobile network operator Three, which
highlighed several security issues, the Dropbox breach, and the Australian Red Cross
Blood Service data breach, which showed security is still not a priority for many
organisations.
4. Tesco Bank halts online banking after
weekend hacker fraud
In November, Tesco Bank was forced to halt online banking after thousands of current
account customers were hit by fraudulent transactions by hackers, who managed to
steal £2.5m.

Cyber security commentators said the Tesco Bank theft shows need to take cyber
security more seriously. Interestingly, within weeks of the attack, academics from
Newcastle University said payment card vulnerability could be linked the heist, and
called for standardisation of online transaction checking.

5. Financial Conduct Authority concerned

about cyber security of banks
The Tesco Bank heist also led to the UK’s Financial Conduct Authority (FCA)
expressing concern about weaknesses in banks’ IT systems, which also emerged as a
theme in 2016.

In October, the US Treasury called on banks to provide more cyber attack

information after the attempted $1bn bank heist in which cyber criminals still
managed to get away with $81m, which Swift said highlighted the gap between
attacker and defenders. Swift also warns banks of fresh wave of cyber heists as
security researchers reported financial cyber attacks were increasing as malware
writers were join forces after cyber attacks on at least three Asian banks were found to
share malware links

6. Industrialised cyber crime disrupting

business, report reveals
Despite the evidence that much cyber criminal activity is carried out by professional
cyber crime organisations, many businesses are ill-equipped to deal with the threats
posed by profit-oriented and highly organised cyber criminal enterprises, a BT-KPMG
report revealed in July.

7. UK cyber crime growing exponentially

Underlining the trend toward industrialised cyber crime, a Symantec threat report
showed that the UK ranks highly in phishing, social media and ransomware attacks as
cyber criminals professionalise and take advantage of unpatched websites. The report
showed the UK ranks as the most targeted nation in the world for spear
phishing attacks. The UK is also the most targeted country in Europe for social media
scams, and ranks second only to Germany in Europe for ransomware attacks.

8. NCA dials up UK business engagement on

cyber crime
As cyber criminal organisations have professionalised, fortunately law enforcement
organisations have bee working to improve their ability to fight cyber crime, such as
the UK’s National Crime Agency (NCA), which is working to increase its
engagement with business, deputy director of the agency’s National Cyber Crime Unit
(NCCU) Sarah Goodall told Computer Weekly.

In line with this strategy, the NCA published a report in July that showed business has
critical role in fighting cyber crime, which was largely welcomed by the security
industry.

9. European law enforcement seeking smart

ways to fight cyber crime
Just as the NCA is pursuing new strategies in the UK, European law enforcement is
fighting back, using collaboration and industry partnerships to compensate for a lack
of resources. Insiders told Computer Weekly, that despite the challenges, law
enforcemet is far more structured than in the past and there is more collaboration at all
levels and even with national cyber incident response teams.

10. UK helps dismantle Avalanche global

cyber network
The UK was among 30 countries that contributed to the dismantling of a cloud-
computing network used by cyber fraudsters to target one million users every week
with malware-infected emails.

Other evidence that the tide may be turning is the number of arrests made of cyber
criminals in 2016, including the hackers arrested in the Three mobile upgrade scam,
the charging of more people with cyber crime offences, including the third member of
an international ATM hacking gangby London police, and the jailing of cyber
criminals including the Apple iCloud and Gmail hacker.

Cybercrime 2016 and 2017 | The Worst

Cases
Cybercrime is constantly on the rise, since more and more people are connected online,
and more and more interactions – private or business related – take place in this
cyberspace. Cybercrime encompasses every crime that is committed online, or a crime
that involves computers or cyber aspects. The most frequent types of cybercrime are
identity theft, hacker attacks and theft of personal data, phishing, or the relatively new
discipline of ransomware attacks. Find out what happened in 2016 in this post, or scroll
down for a free infographic about the biggest cybercrime incidents 2017.
Living it up in cyberspace is very convenient on the one hand, because you can easily
and conveniently organize your life from your smartphone or laptop. There is no need to
go to the bank to make a transaction, instead you use online banking. You can shop
online, communicate online, or work from home on your device. On the other hand, the
risk of cybercrime is higher the more connected we are.

Same goes for businesses, with the important difference that in business life you have
less of a choice. To remain competitive, you have to set up your workspace in the digital
realm, to improve workflows and to work more efficiently. This makes you more
vulnerable if you are not cautious.

This article gives an overview of some of the worst and most media effective cases of
cybercrime that happened in 2016. As a side effect, we introduce categories relevant in
cybercrime. Our infographic at the end of the text shows you what happened so far in
2017 – WannaCry, Wheeping Angel and Cloudbleed might sound familiar to you. Read
on to find out all about it and to get some crucial security tips.

2016: Bangladesh Bank Heist

In a big cyber robbery case last year, $81 million were stolen from a bank in
Bangladesh. The strategy of the attackers:

they obtained valid credentials the banks use to

conduct money transfers over SWIFT and then used
those credentials to initiate money transactions as if
they were legitimate bank employees.
SWIFT (Society for Worldwide Interbank Financial Telecommunication) operates a
closed and secure computer network that allows secure communication and
transactions for banks with other banks around the world. Only because of a spelling
mistake in the receiver – Shalika ‘Fandation’ instead of ‘Foundation’ – the hackers were
not able to steal the targeted $1 billion. How is this even possible, one would think? If a
transaction is suspicious, Banks normally – or they should – check back before they let
a transaction through. But, the Bangladesh Bank heist was an elaborate heist with good
timing that took advantage of the slow communication between Bangladesh and New
York due to the time difference and the weekend.

Even though SWIFT has not actually been compromised, it is still bad news according
to the Tech-Site Wired, because “the hackers undermine[d] a system that until now had
been viewed as stalwart.”

Phishing Attacks in 2016

There has been a number of phishing attacks last year, but most prominently on the
payroll department of Snapchat. The attackers posed as the CEO of the company and
requested sensitive payroll information about employees. In a statement on
their blog snapchat apologized to their employees and described what happened in the
incident:

Unfortunately, the phishing email wasn’t recognized for

what it was–a scam–and payroll information about
some current and former employees was disclosed
externally. To be perfectly clear though: None of our
internal systems were breached, and no user
information was accessed.
The lesson to be learned from this is to be extremely careful with emails that request
sensitive information. In phishing attacks the culprits exploit basic human instincts, such
as fear and curiosity. However, it is the smart move to always check back with the
person who supposedly requested sensitive data, especially if such a request comes
out of the blue. Be aware that phishing attacks do not only occur in the workplace, but
are also common in private matters.
Prominent Hacks of Social Media Accounts
in 2016
Apparently, social media accounts can be hacked easily if someone takes interest in an
account. The list of high profile CEOs whose accounts have been compromised last
year is long. Mark Zuckerberg’s Twitter and Pinterest accounts have been hacked,
apparently due to a LinkedIn password leak 5 years ago. Additionally, the Twitter
accounts of Google’s CEO Sundar Pichai and Brendan Iribe, co-founder of Oculus VR,
have been compromised. The latest addition to this list is Jack Dorsey, the CEO of
Twitter himself.

Most of those attacks were no straight forward brute force attacks, but were executed
indirectly. In Pichai’s case, tweets were sent via an old Quora account that apparently
had been linked to Twitter. It seems like in Dorsey’s case, tweets were sent via Vine.

TechTimes sums up the lesson to be learned here very nicely:

Even if it was done through roundabout methods, the

lesson here is as clear as day: if a high-profile tech CEO
can get hacked, then anyone is fair game. In other
words, be careful with your passwords.
Take a moment to think about your social media passwords. If they do not contain
special elements, or only consist of a word or an obvious number combination, you
should go ahead and change them right now. You will feel more secure and you will not
give anyone the chance to enter your account.

Ransomware in Hospitals
Ransomware has been around for some time, but in 2016 attacks grew stronger and
more frequent. The most prominent examples of 2016 ransomware attacks were those
targeting hospitals, for example the Union Memorial Hospital in Maryland. The
ransomware encrypts the data on hospital computers, and only in exchange with 45
bitcoins the attackers decrypt the data again. This is critical for hospitals that deal with
very sensitive patient data.

In another case, the IT of the Hollywood Presbyterian Medical Center in LA, has been
shut down for a whole week because of ransomware. More attacks targeted the
Methodist Hospital in Henderson, Kentucky, as well as a hospital in Neuss, Germany. In
the case of the German hospital there was not a lot of damage done, because the data
has only been stored in encrypted mode and backups have been made regularly.
However, the IT of the entire hospital has been shut down for several days, forcing staff
to work as in the pre-digital era.

What Does That Mean for You?

Cybercrime has many faces and the attackers become more and more elaborate. Many
attacks target institutions and businesses of all sizes, but private persons are just as
vulnerable to certain types of cybercrime. Awareness of the risk of cybercrime is key to
keeping your information and assets safe in the digital world. An attack can have very
different consequences depending on the form and goal of it. However, awareness does
not have to spoil all the fun and comfort that the digital world has to offer. Following
some simple rules will help you stay safe – no matter if in your personal life, or your job.

Have a look at our infographic and see what happened so far in 2017. You will find
some tips for secure behavior online as well.

The year saw a growing recognition that personal data is high-value data, that
no business or organisation is immune from attack, and that cyber crime is
professional and organised.

The most high-profile companies to be hit by data breaches in 2015 included

the US Office of Personnel Management; US health insurance firms Anthem
and Premera; cheating website Ashley Madison; hotel chains Mandarin
Oriental, Hilton and Trump Hotels; mobile and broadband firm TalkTalk and
Hong Kong-based toymaker VTech.
Sony Pictures admitted that it was unprepared for the cyber attack that hit the
company in November 2014 and counted the cost of losing company
executives, direct costs associated with the breach and the cost of related
privacy lawsuits.

On the positive side, 2015 saw continued and increased collaboration

between law enforcement organisations around the world to combat cyber
crime through disrupting cyber crime infrastructures.

There has also been a significant number of arrests by police forces in the UK
and around the world.

In the face of increased cyber criminal activities, security consultants are

advising companies and organisations to take a risk-based approach to cyber
defence.

Businesses have been advised to pay particular attention to defences

against ransomware and distributed denial of service (DDoS) attacks, which
proved popular with criminals in 2015.

2015 has also seen the emergence of several cyber criminal gangs, such as
the DD4BC gang that is using DDoS, or the threat of DDoS as a way of
extorting money from internet-dependent businesses.

Here are Computer Weekly's top 10 cyber crime stories:

1. No sensible business ignores cyber threats,

says Kemp Little
Cyber attacks are real and do hurt, attendees heard at a seminar on preventing and
recovering from cyber attacks at law firm Kemp Little in London.
 “The potential business impacts [of cyber attacks] combined with increasing levels of
awareness among consumers mean that no sensible business is still ignoring this
threat,” said Nicola Fulford, head of data protection and member of the cross-
departmental cyber security team at Kemp Little.

2. Cost of UK cyber breaches up to £3.14m

The average cost of the worst breaches at large UK organisations is between £1.4m
and £3.14m, according to the government’s 2015 information security breaches
survey conducted by PricewaterhouseCoopers (PwC).

CW+
Features
Enjoy the benefits of CW+ membership, learn more and join.
 E-Zine

CW ANZ: On cyber alert

 E-Zine

CW ASEAN: How managed security services help to reduce cyber risk

 E-Zine

CW Benelux: Young wayward hackers could help fill Dutch IT skills gap

This represents an increase of 233% to 273% from a year ago, while the cost of
breaches for small businesses is between £75,000 and £311,000, up by between 115%
and 270% from 2014.

3. Data breach will cost TalkTalk £35m

The costs of the TalkTalk data breach could reach between £30m and £35m, the firm's
chief executive, Dido Harding, has revealed.
Speaking to the BBC, she said the one-off costs, which have not yet hit the books, will
cover the initial response, the cost of calls into its call centres, additional IT costs, and
lost revenues.

Police have arrested five people in connection with the incident who have all been
released on bail until 2016.

4. Hackers publish another 13GB of Ashley

Madison data
The Impact Team hacking group targeting cheating site Ashley Madisonreleased two
sets of sensitive data, including emails of the CEO of the parent company Avid Life
Media (ALM).

On 19 August 2015, the group carried out its threat to publish user records if ALM did
not take down Ashley Madison and dating site Established Men, first publishing
9.7GB and then 13GB of data.

In the VTech breach, the personal details of five million parents and more than six
million children were exposed, Athem breach exposed up to 80 million records,
while 11 million records were exposed at Premera.

5. Mandarin Oriental hack highlights security

risk of legacy point of sale systems
The theft of credit card data from the Mandarin Oriental hotel group highlighted the
security risk of legacy point of sale (POS) systems, say security experts.

The hotel group confirmed credit card data was stolen from an “isolated number” of
payment card systems at hotels in Europe and the US, after the company’s network
was hacked.
The Hilton hotel group was hit by a similar attack, as was Starwood Hotels – which
owns Sheraton and Westin, the Trump Hotel Collection, Hard Rock’s Las Vegas
Hotel & Casino, the Las Vegas Sands casino, and FireKeepers Casino and Hotel.

6. Most DDoS attacks hiding something more

sinister, Neustar warns
Most distributed denial of service (DDoS) attacks now appear to be aimed at
distracting IT and security teams, a survey by communications and analysis
firm Neustar revealed in September 2015.

In March the company revealed that DDoS losses can cost as much as £100k an hour,
while Imperva warned in June that DDoS attacks were starting to resemble APTs.

7. DD4B cyber extortion gang ramps up

operations
A gang using distributed denial of service (DDoS) attacks to extort bitcoinssince July
2014 ramped up operations despite a bounty of $26,000, according to Arbor
Networks.

The gang, calling itself DD4BC (DDoS for Bitcoin), has been rapidly increasing the
frequency and scope of its DDoS extortion attempts, shifting from targeting Bitcoin
exchanges to online casinos and betting shops and, most recently, prominent financial
institutions in the US, Europe, Asia, Australia and New Zealand.

In February 2015, Kaspersky Lab said a cyber espionage group was targeting
thousands of high-profile organisations and individuals in the Middle East and around
the globe. In April, FireEye accused the Chinese government of running a decade-
long cyber espionage campaign aimed at stealing sensitive information belonging to
organisations in south-east Asia and India, and in July, Symantec uncovered a
corporate espionage group, dubbed Morpho, that has compromised a string of major
corporations in recent years.

In August 2015, US authorities arrested nine suspected insider traders who relied on
hackers to steal commercially sensitive corporate information from newswire services,
and according to the Systemic Risk Barometer Study, most financial institutions cite
cyber threats as a top five risk.

8. National Crime Agency leads partnership to

guard UK against cyber crime
UK law enforcement officers are working with public and private sector partners to
help businesses and UK consumers guard against cyber crime.

After a number of high-profile malware threats to the UK, the National Crime
Agency (NCA) is leading the initiative to help network administrators who manage
key parts of the UK internet infrastructure.

UK law enforcement has taken part in several international operations to tackle cyber
crime.

In December 2015, an international operation involving law enforcement

organisations, government cyber security teams and private organisations targeted the
Dorkbot botnet. In February, the National Crime Agency (NCA) and other European
crime agencies shut down servers used by a botnet targeting personal banking
information, while in June, police arrested 130 suspects in connection with cyber
fraud at 140 airports around the world in an international law enforcement operation,
and in December, EU police agency Europol announced it is to get new powers to step
up efforts to fight terrorism, cyber crime and other crime.
9. Ransomware costs business at least $18m,
says FBI
In June 2015, the FBI issued an alert to businesses about cryptographic ransomware –
a type of malware that encrypts company data and demands payment for the
decryption key.

In the first quarter of 2015, McAfee Labs saw a 165% increase from the previous
quarter in new ransomware, driven largely by the hard-to-detect CTB-
Locker ransomware family, a new ransomware family called Teslacryptand the
emergence of new versions of CryptoWall, TorrentLocker and BandarChor.

10. Risk reduction key to tackling cyber crime,

says Stroz Friedberg
Businesses should tackle cyber crime by seeking to reduce risk, according to global
digital risk and investigations firm Stroz Friedberg.

“While companies will never be able to make cyber crime go away, there is a lot they
can do to reduce the risk to the business,” said Seth Berman, executive managing
director at Stroz Friedberg.

Without a doubt, the most significant cyber crime related stories in 2017 were
about the first global cyber attacks from WannaCry and NotPetya, which for
many individuals and organisations, made the cyber threat real. The potential
effect of cyber attacks was graphically illustrated by the impact of WannaCry
on the NHS and NotPetya on Danish shipping giant Maersk.

DOWNLOAD THIS FREE GUIDE

 Cyber security in the Middle East

It is not just western countries such as the US and the UK that are being targeted by hackers, as
the rapidly developed and wealthy nations of the Middle East become targets of both politically
and financially driven attacks. Discover how cyber security expertise can help businesses in the
Middle East navigate digital transformations and keep cyber criminals at bay.
 Corporate E-mail Address:
Dow nload Now

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content,

products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and

agree to the Terms of Use and the Privacy Policy.

Although security researchers have argued WannaCry and NotPetya are not
true examples of ransomware, arguing they were primarily disruptive in
nature, true ransomware rapidly gained in popularity with cyber criminals
during 2017.
Ransomware as a service has enabled cyber criminals to tap into this
lucrative way of raising money easily without requiring any technical expertise.
Cyber criminals also continued to tap into opportunities afforded by new
technologies, targeting e-commerce, online banking and internet of things
(IoT) technologies.

In the face of these growing threats, European and UK law enforcement

authorities are stepping up their focus on engaging with industry around cyber
crime, and London is pioneering a programme of engaging with small
businesses to raise their awareness and capabilities around cyber crime.

1. UK National Crime Agency dubs WannaCry

a “signal moment”
Two months after the WannaCry attack, the UK’s National Crime Agency said it
represented a “signal moment” in terms of awareness of cyber attacks and their real-
world impact, and put cyber crime into the consciousness of most people.

Even though the NHS was not specifically targeted, the effects of WannaCry on
hospitals, surgeries and pharmacies showed how a cyber attack can have real-world
consequences, and the NCA has joined cyber security industry representatives in
expressing the hope that as a result, organisations will be more willing to report cyber-
related and cyber-enabled crime to law enforcement.

2. WannaCry identified as pseudo-

ransomware
Although there was a lot of commentary from the cyber security industry following
the WannaCry attack, one of the most interesting observations was that the malware
was not typical of most types of ransomware hitting organisations before May 2017.
 CW+
Features
Enjoy the benefits of CW+ membership, learn more and join.
 E-Zine

CW ANZ: On cyber alert

 E-Zine

CW ASEAN: How managed security services help to reduce cyber risk

 E-Zine

CW Benelux: Young wayward hackers could help fill Dutch IT skills gap

Although WannaCry’s inability to automatically decrypt once the ransom had been
paid initially appeared to be a mistake, researchers at McAfee believe it pointed to the
malware’s true purpose, which was disruption. McAfee researchers and others believe
that WannaCry is example of pseudo-ransomware, which means organisations need to
prepare for more disruptive and destructive attacks in future.

3. Global ransomware attack could be long-

awaited wake-up call
While law enforcement hoped WannCry would encourage more organisations to
report cyber attacks, cyber security commentators expressed that hope that more
organisations would take the cyber threat more seriously because of its global nature
and obvious impact on business operations.

The hope was that WannaCry was a sufficiently significant attack to force even the
most recalcitrant organisations to sit up, take notice and take cyber security seriously
at every level of the organisation, but a survey by AlienVault published in December
2017 indicates that little has changed.

The survey of over 200 cyber security professionals globally showed that just 16% of
IT security professionals believe their bosses and company boards have taken a
greater interest in their roles as a result of WannaCry, just 14% have had their budgets
for cyber security increased, and only a fifth (20%) have been able to implement
changes or projects that were previously put on hold.

4. NotPetya tops list of worst ransomware

attacks
NotPetya, like WannaCry, is not strictly speaking ransomware, and appears to have
had a more disruptive goal. Nevertheless, it topped the 2017 ransomware rankings as
the “nastiest” piece of malware to hit organisations, further underlining its dominance
of the threat landscape for the past year.

Unsurprisingly, it was followed closely by WannaCry and then Locky – a more

traditional type of ransomware – based on data collected from the Webroot
BrightCloud threat intelligence platform about all devices running Windows operating
systems that were infected with ransomware in 2017.

The researchers said NotPetya was ranked highest because it was engineered to
do damage to a country’s infrastructure, also further underlining this trend, which
many researchers believe will continue in 2018 and beyond.

5. NotPetya attack costs Maersk $300m

Just as the disruption to the NHS caused by WannaCry brought home the physical
impact that cyber attacks can have, the cost of the disruption caused by NotPetya to
shipping giant A.P. Moller-Maersk brought home the potentially devastating financial
aspect of such attacks.

Of all the big name companies hit by NotPetya, Maersk is believed to be one of the
hardest hit, with a number of IT systems, including email systems, forced to shut
down across multiple sites and selected businesses.
The most disruption was caused by the need to shut down the APM Terminals and
Damco freight forwarding and supply chain management systems, which resulted in
significant business interruption, including congestion at some of the 76 ports.
Businesses are encouraged to harden their cyber defences, like Maersk, in light of
NotPetya and increase their ability to isolate hacker incidents and rebuild systems
faster.

6. Ransomware up nearly 2,000% in two years

as “cyber mafia” hits business
While WannaCry and NotPetya signalled the emergence of destructive and disruptive
attacks, security researchers found that, in general, cyber attacks on businesses in
2017 grew in frequency, sophistication and malice.

A report on the new age of organised cyber crime by Malwarebytes claims that the
new generation of cyber criminals increasingly resembles traditional mafia
organisations, requiring a new approach to dealing with it.

7. Cyber crime identified as “significant risk” to

individuals and organisations
In addition to ransomware, a report on the state of cyber crime identified business
email compromise, and banking and mobile malware as the top threats representing a
“significant risk” to individuals and organisations.

Business email compromise (BEC) and business email spoofing, also known as CEO
fraud and whaling, accounted for $5bn in losses globally, between October 2013 and
December 2016, according to a September 2017 report by Secureworks.
8. Organised crime exploiting new technology
Cyber crime was highlighted as a key issue by the the Serious and organised crime
threat assessment (Socta) for 2017 by the European Police Commission (Europol).

As a result, European law enforcement is to focus on collaborating with industry

around cyber crime as organised crime groups increasingly exploit new technologies
and the increasing digital connectivity between organisations and between internet-
enabled devices, collectively known as the internet of things, which is a growing
security concern among governments and law enforcement organisations.

9. UK cyber cops call on business to help fight

cyber crime
Just as cooperation with industry is a goal by European law enforcement, UK cyber
cops are also keen to increase the level of reporting of cyber crime, as well as
information sharing about cyber attacks.

Although UK law enforcement has an established and effective coordination plan in

place that is resulting in arrests, the UK’s National Crime Agency (NCA), National
Police Chiefs’ Council (NPCC) and National Cyber Security Centre (NCSC) all
say under-reporting of cyber crime is a huge problem and business has a key role to
play.

10. London issues call to arms to cyber

security community
In an attempt to help small business address the threat of cyber crime, London is
calling on the cyber security community to help keep the city’s more than one million
small businesses safe from cyber crime, and its leaders hope other cities across the
UK will follow suit.

According to the Mayor’s Office for Policing and Crime (Mopac), cyber crime is a
huge area of crime, and one that policing alone cannot solve, which is why the city
has set up the London Digital Security Centre to help small businesses take effective,
but low-cost security measures. However, the initiative needs help and guidance from
the cyber security community and big business to improve its reach, capabilities,
services and processes, according to John Unsworth, the centre’s chief executive.