National Crime Agency steps up efforts to map cyber crime landscape

  • Published
NCA capsImage source, NCA
Image caption,

The intelligence provided by the security firms will feed into day-to-day monitoring and large scale operations.

The UK's National Crime Agency has signed up two security firms to provide up-to-the minute intelligence about hi-tech crime.

The deal will help it step up efforts to map cyber crime in Britain and the rest of the world.

Intel Security and Trend Micro will be part of "virtual threat teams" who help take down hi-tech thieves.

The firms will help expose attacks and the gangs and computer infrastructure they use and abuse.

Global view

Andy Archibald, head of the NCA's Cyber Crime Unit, said the closer relationship had grown out of collaboration between the law enforcement agency and security firms over the last 10 months.

That collaboration had led the NCA to arrest people in the UK involved in manufacturing malware, running money mules who laundered cash or running hosting services that catered to cyber thieves.

"Security firms have a far greater understanding of the threats in terms of what they see on a day-to-day basis," he told the BBC. "They have a massively important part to play in terms of understanding and identifying who and where the threat comes from.

"Traditional law enforcement in response to crime has a victim who reports, an investigation and there's a criminal justice outcome," he said. "But the response to cyber crime has to be more sophisticated than that."

The NCA needed a global view of the threats and attacks hitting people and organisations in the UK and that was data the security firms were able to provide, Archibald explained.

In addition, he said, the intelligence would help in cases when it was not possible to identify individuals behind particular attacks - prompting the NCA to target servers or other resources used to carry them out.

The detailed data provided by Intel and Trend would be invaluable in helping reveal where attacks were coming from and which machines were being used, he said.

Raj Samani, chief technical officer in Europe for Intel Security, said: "As an industry we get visibility of the most prominent, the most prevalent types of attacks, the countries where the majority of attacks seem to originate."

Mr Samani added that the last 10 months of collaboration between the NCA and security firms on many different operations against cyber thieves and gangs had produced "remarkable" results.

"We started off with Gameoverzeus and Cryptolocker, we had Blackshades, we had Shylock, we had Ramnit, we had Simda and we just concluded with Beebone," he said. "There's more to come."

Related internet links

The BBC is not responsible for the content of external sites.