Professor Hamid Jahankhani, PhD, FHEA, FRSA, is the Programme Leader for our MSc Cyber Security. Here Hamid discusses the evolving cyber-crime environment and how law enforcement can rise to the challenge of increasingly sophisticated attacks.
It is evident that cyber-crime is no longer in its infancy. It can be ‘big business’ for the criminal entrepreneur with the potential to profit with minimal risks. The former Commissioner of Metropolitan Police, Sir Bernard Hogan-Howe, in his commentary published in the Evening Standard in November 2013, highlighted “Criminals have realised there are huge rewards to be reaped from online fraud, while the risk of getting arrested falls way below that of armed robbers, for instance” (Hogan-Howe, 2013).
Due to the scale and international nature of these crimes, UK law enforcement cannot investigate all alleged offences, which then raises the questions as to how to decide which cases are investigated.
From a law enforcement point of view, the task of fighting cyber-crime is a difficult one. Although a crime is a crime, irrespective of scale, a decision has to be made on the merits of each case as to whether investigating and prosecuting is in the public’s interest. It is no longer adequate to depend on individual governments to own and control vast databases of sensitive personal and/or company information, as well as information relevant to national security in general.
It is evident that in order to investigate and prosecute these cases, it is important to establish proper education and training for individuals to be able to handle, manage and investigate evidence. The formation of accreditation to validate experience, skills and qualifications will also further support investigations.
Computer forensics is no longer a new field and a lot needs to be done to train and encourage new entrants, as well as unifying the existing skills and experience acquired of those already in the field. The need to train not just technical skills, but also the legal aspects of computer forensics has been fully recognised by government, training companies and universities. Yet training is only embarked upon by most in law enforcement as a backup plan for post-retirement.
Those joining the profession will have to understand the importance of an academic qualification, especially if they have no previous experience in the field. Many other professions require one to have a degree before progressing to train in their vocation i.e. teachers, lawyers, forensic scientists and doctors etc. The same should be said with computer forensics. A relevant degree is now a prerequisite in the private sector, as well as experience, as it is becoming a lot more difficult for one to claim to be an expert in the field of computer forensics, and an expert witness in a court of law. Gone are the days where do-it-yourself forensics will be accepted.
Most agree that a board should be set up, but what cannot be agreed upon is who should lead it. Some have suggested that it should be led by universities, by government, by their peers, or jointly by universities, government and businesses. One thing is for sure, having a form of accreditation would force government, academics, researchers and those working in the field of computer forensics to set more appropriate standards and controls for those who handle, analyse and investigate computer evidence.