Tackling e-crime

Detective Sergeant Paul Wright, City of London Police, has spent the last ten of his 25 years’ service specialising in Internet, network and forensic investigations, at a local, national and international level and was previously seconded to the former National Hi-Tech Crime Unit as an operational team leader. He spoke to Henry Tucker of the British Computer Society, which has just set up a Cybercrime Forensics Specialist Group to offer expertise to the police and others fighting increasingly sophisticated online fraud.

Since January 2004, DS Paul Wright has been in charge of the Hi-Tech Crime Team in the City of London. In this role he is responsible for the day-to-day running of the team and for the implementation of the force’s outreach programme to the financial sector.

This e-crime strategy involves giving presentations to a wide range of business organisations and at the same time actively encourages the flow of information between the private sector and law enforcement regarding hi-tech and e-crime. Along with a number of IT and computer forensic qualifications, he holds a Master of Science in Professional Computing, is an associate of the Institute of Information Security Professionals, and is also a regular lecturer on computer forensics, hi-tech and e-crime at a number of universities and colleges.

What is your workload like? And what is your role in managing that workload?

All over the globe more and more instances of hi-tech and e-crime are being investigated by law enforcement agencies and other investigative bodies.

Along with this increase in workload has come the realisation that crimes involving computers – either as the target of offending, or as one of a range of tools, or the principal tool used in the commission of offences – are technically difficult to investigate and raise many practical problems. One of my main roles is to solve those problems and anticipate as many of them as I possibly can.

What challenges are there now? And where strategically can we respond to these in the future?

There are major challenges facing the world of information security, incident response and computer forensics in how best to understand and deal with the complex and dynamic developments in the ever-evolving world of the Internet and digital information. If we do not invest in the skills necessary to police this ever-changing environment, we will have to contend with playing catch-up in understanding how new technologies are associated with traditional and new crimes.

As a forensic science we need to continually seek cost-effective ways in which to deal with digital and electronic investigations involving IT abuse and hi-tech crimes.

To achieve this we need to commit to training that allows for regular updates, commit to adequate funding and combine it with a commitment to quality. There is also a need to acknowledge the importance of the work, while at the same time trying to get others to understand the issues and difficulties associated with it.

In your experience, are criminals becoming better informed about computer forensics procedures?

Organised crime and criminals do not stand still and the history of crime trends shows how they have transcended different crimes.

Now we have offences like counterfeit pharma­ceuticals and e-fraud being committed via the Internet: one kilo of active ingredient at $70, for example, makes 14,000 tablets. These are then sold for $10 a tablet which will make $140,000. In addition they [organised criminals] are becoming aware that cyber-criminals, more than any other global crime gangs, are becoming faster and more flexibility in dealing with data compromise challenges and avoiding existing rules, regulations and legislation. It [e-crime] can, and is, perpetrated from anywhere in the world against any computer.

Therefore criminals do attempt to camouflage their methodology but not necessarily because they h