Thursday 7 July 2016

National Crime Agency scope out the issues re Cybercrime and Internet enabled fraud

In today's assessment of cybercrime in 2016 from the NCA some very good points are made which can assist with the management of a difficult issue.

There is always enthusiasm for a magic "piece of kit" which solves the problem - especially from the command and control boffins in the IT dept - but this is an illusion

"Perfect security is almost impossible. Almost all organisations, no matter how much money and effort they put in, are vulnerable to determined attacks by high-end crime groups which have developed tools and techniques that can penetrate all but the very best defences."

In addition

"Although the most serious threat comes, directly or indirectly, from international crime groups, the majority of cyber criminals have relatively low technical capability. Their attacks are increasingly enabled by the growing online criminal marketplace, which provides easy access to sophisticated and bespoke tools and expertise, allowing these less skilled cyber criminals to exploit a wide range of vulnerabilities."

A quite bleak assessment but it points to the importance of recognising the challenge as not purely technical and having a disaster recovery plan in place.