DDoS moves up the police agenda

To date, police have generally considered distributed denial-of-service (DDoS) attacks to be a low-level crime. However, they are now starting to take them much more seriously, according to Mike Hulett, head of operations at the National Crime Agency’s National Cyber Crime Unit (NCCU).

He said DDoS attacks – an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources – have now “risen up” law enforcement’s agenda. Speaking at last month’s Security and Counter Terror Expo in London, Mr Hulett explained: “This is something that I wouldn’t say law enforcement has ignored over the years, but it’s been seen as relatively low level. It’s a bit like swatting a fly; it’s an annoyance thing.

However, this approach has now changed because “something different is happening with DDoS”, Mr Hulett said, describing how previously, organisations could fend off DDoS attacks with relative ease, but now they were becoming more difficult to fight against.

Only last week, the websites of Surrey Police and Sussex Police were taken offline by a DDoS attack.

Alex Cruz Farmer, vice-president of cloud at network security specialist NSFOCUS International Business, said: “Having dealt with the [former] National High Tech Crime Unit in the past, it was clear that the Government was trying its best with limited resources to get the skills and knowledge to begin the cyber fight.

“Like Mr Hulett commented, the problem is very real, has to be taken seriously and it has not come soon enough. In my years of experience in carrier and service provider markets, where margins are low, and customer demands are high, DDoS attacks have significant affects on not just them but, in most cases, their entire customer base, creating a domino affect.

“What is often overlooked is the real cost of DDoS mitigation. To the Government, the cost may seem an insignificant amount, but to a small £2-£5 million revenue business it’s huge.”

The 2016 Trustwave Global Security Report says cybercrime is now more profitable than the drugs trade.

A cyber gang, known as Armada Collective, made more than $100,000 in less than two months simply by threatening to launch DDoS attack on websites, but never actually launched a single one.

Talal Rajab, head of programme for cyber and national security at the industry body techUK, said the key to work the NCCU has been doing to counter cybercrime in the UK will be “understanding how that will trickle down to the local level”.

Although local police knowledge around cybercrime has come under fire in recent times, Mr Rajab told Computer Weekly that a lot of coordination was being done at a national level by the National Police Chiefs’ Council.

“In terms of improving skills at a local level, the College of Policing is gradually introducing courses on cybercrime, with a big uptake, particularly in the past year,” he said.

Mr Rajab said police regional organised crime units (ROCUs) were also working with the NCCU, academia and industry to “get their house in order”.

Among a new list of Cabinet committees released last month, the Government has announced that a new National Security Council cyber sub-committee will be created, “to consider matters relating to cyber programmes and policy development”.

It will be chaired by the Chancellor and will also have the Home Secretary, the Foreign Secretary and the Secretaries of State for Defence and Health among its membership.

Henry Rex, programme manager for justice and emergency services at techUK, said the cyber sub-committee was welcome and “highlights the growing importance that the Government places on cyber issues, as demonstrated by last year’s announcement of increased funding for cyber security, the creation of a new National Cyber Security Centre, the publication of the National Cyber Security Strategy (expected later this year), and the decision to include cybercrime statistics in crime figures”.