Cyber Crime: It's All About Data (Part 1)

By Wout de Natris
Wout de Natris

Cyber crime = crime. How do we make police forces understand this and how to get it prioritized? In this series of blogs I am looking into whether aggregating data can change the way cyber crime is approached and prioritized.

At a seminar at the IT Security trade fair in Utrecht detective super intendant Charlie McMurdie, head of the cyber crime unit of the London Metropolitan police, said that cyber crime was recently prioritized by the UK government. She also said the following and I'm allowed to quote this.

"We need to train all police to have a basic understanding of cyber crime. Only then will they recognize what the reporting citizen is telling him. Until that moment cyber crime isn't understood to be cyber crime nor will it get registered as such.

The issue is that the internet and technology is now an integral part of our daily life, at work or leisure, it is also now part of virtually every crime we investigate and therefore the ability to have a basic ability to understand and deal with the technology aspect of crime needs to be part of all officers training."

This is a statement with quite some implications and not only the magnitude of training. If police officers that have to report on cyber crime do not understand what is being reported to them, this does not only mean that it isn't categorized, it also means that it is not followed up adequately. A basic training could, probably should amend this.

Is it true that the term "cyber" crime sounds scary? That police officers are put of by the term cyber? That it is to alien, comes from abroad, "it's cyber, so we cannot do anything about it?", a sentence that I've heard too often around Europe in the past five years. If this is so, than we have a second reason why reporting and investigating lag behind other crimes. And what a basic training could fix.

So not reporting = not investigating. If reporting fails and aggregation doesn't take place then there will never be more priority for cyber crime. However, we've heard Mrs. McMurdie also say that it was. On the basis of what? Assumptions, fear or other data then from reporting?

Is training all police the way forward? Who should train the police forces? What basic subjects should a basic training have? I'm looking forward to your reactions again.

Read more on my blog

By Wout de Natris, Consultant international cooperation cyber crime + trainer spam enforcement. Visit the blog maintained by Wout de Natris here.

Related topics: Cybercrime, Cybersecurity, Spam


Well said, Wout Suresh Ramasubramanian  –  Nov 13, 2010 5:18 PM PST

I guess it is up to industry to train the police - or the CERTs, or whoever else has the time and capability to do so.

More pertinent question - how ready are the police to listen?  And how do we keep these focused on helping the police rather than serving as promotional / publicity vehicles for specific single vendors?  [which tends to hijack the process, a bit]?

Maybe they can explain too why British John Briscoe  –  Nov 16, 2010 9:18 AM PST

Maybe they can explain too why British police will not take reports of phishing scams and direct you to your bank instead? A big contradiction here for super intendant Charlie McMurdie.