Escaping the “black hole”: how to measure cybercrime

How big a threat is cybercrime to UK industry, and how do we deal with it?

The vast majority of parliamentary committee reports do not prompt headlines containing phrases like “losing the war”, “falling into a black hole”, and “a bigger threat than nuclear attack”. Last week’s Home Affairs Select Committee report on e-crime was a notable exception. For those who make a living fighting cyber-crime, however, the report held very little that would shock. Indeed, my colleague Art Coviello spoke at length to the Committee, and whilst he agreed with their assessment that we weren't winning the battle, he had considerable praise for the way both British business and government were coming together around the challenge.

Now the dust has settled somewhat, it’s worth separating reality from hyperbole, and perhaps considering what might actually be done about the problem. To do so, we should begin on a positive note. The headlines came about because the UK features so high on the list of targets for cyber criminals but, in some ways, this is as reassuring as it is a point of concern. The reason we're such a persistent target of attack is because we have so much worth stealing – financial assets, intellectual property and the type of vibrant dynamic business that generates both. We shouldn’t worry if criminals wish to steal from us, but we must work to limit their chances of success. So, what can we do to thwart the criminals? And how well are we doing currently?

The second question is easy to answer, and the answer is: not too badly. We may not be winning the war, but we’re not losing either – the "black hole" of the report is really a sort of jurisdictive black hole, and it’s unlikely to swallow the nation’s finances any time soon. That’s not, however, to deny the scale of the problem, and the question of how we solve it is undeniably complicated. The issue is a truly global one, and criminals have more weapons at their disposal than ever before.

Cyber-security professionals refer to the "attack surface" to describe how cyber-criminals access their victims and, in the space of the last ten years, this has changed beyond all recognition. When the internet was primarily a means of accessing information, the avenues through which cyber criminals could reach their victims were limited, and so was the extent of their potential gains. Now, with almost any product or service available online, with a plethora of different social networks, and with smartphones and many different devices connected to the internet, there are few limits to the means criminals can employ to steal from organisations and individuals.

No individual or organisation can hope to stand alone against this threat. Companies that wish to defend themselves have little alternative but to collaborate on their response to cyber-crime. The criminals themselves see the value of such a strategy, and their information-sharing networks are extraordinarily effective. At our subsidiary RSA, we maintain cyber-security watch posts around the world, and from these we see criminals exchanging data on the vulnerabilities that allow them to steal money and intellectual property from organisations and individuals.

This is a sophisticated and agile underground economy which feeds parasitically on legitimate commerce, and which lawful businesses cannot hope to curb without concerted action. However, even recent discourse on the issue has not sufficiently stressed the importance of collaboration. For example, the CBI’s otherwise very sensible response to the Committee’s report struck a false note in its suggestion we should be "fighting crime in private". That would be a lonely and unsuccessful fight, and it’s crucial that British businesses are aware of how numerous, how skilled, and how efficiently collaborative cyber-criminals are. No organisation could hope to combat them alone.

However, with a coherent framework for businesses to share information on cyber threats, businesses are well-placed to beat the cyber threat. Many business leaders may shy away from the idea of engaging with their competitors and peers in industry, but strong precedents have already been set in sectors at high risk of cybercrime. Financial services is one of these and, while companies in the industry are more protective of proprietary information than those in almost any other, the scale of the threat is such that a formal means of sharing intelligence is a necessity. In financial services, the eFraudNetwork cybercrime watch service allows companies worldwide to securely share information about cyber-crime, so that once one attempted theft is thwarted, the perpetrators cannot simply move on to try the same methods at another organisation.

Such a network is very effective in curbing fraud and theft, and the good news is that this kind of information sharing is not complex or expensive, and need not negatively impact on the competitive advantages or information privacy of the organisations involved. It is a model that could easily be replicated in other industries. Much work is already being done to achieve this; indeed, RSA will shortly release a cyber-threat intelligence model, which will propose a global industry standard framework for business-to-business information sharing. Last week’s Committee report implied that a political intervention is possible so, however it chooses to do so, the business community should act while it is still able to shape a response according to its own priorities. After all, if there’s one thing that we know about cyber criminals, it’s that they never stop working to improve the methods they use. As the lawless learn to attack more effectively, so the lawful must learn to defend better – and no one organisation can succeed in doing this alone.

James Petter is vice president and managing director of EMC UK&I

Photograph: Getty Images

James Petter is vice president and managing director of  internet services company EMC UK&I.

Getty
Show Hide image

Labour's establishment suspects a Momentum conspiracy - they're right

Bernie Sanders-style organisers are determined to rewire the party's machine.  

If you wanted to understand the basic dynamics of this year’s Labour leadership contest, Brighton and Hove District Labour Party is a good microcosm. On Saturday 9 July, a day before Angela Eagle was to announce her leadership bid, hundreds of members flooded into its AGM. Despite the room having a capacity of over 250, the meeting had to be held in three batches, with members forming an orderly queue. The result of the massive turnout was clear in political terms – pro-Corbyn candidates won every position on the local executive committee. 

Many in the room hailed the turnout and the result. But others claimed that some in the crowd had engaged in abuse and harassment.The national party decided that, rather than first investigate individuals, it would suspend Brighton and Hove. Add this to the national ban on local meetings and events during the leadership election, and it is easy to see why Labour seems to have an uneasy relationship with mass politics. To put it a less neutral way, the party machine is in a state of open warfare against Corbyn and his supporters.

Brighton and Hove illustrates how local activists have continued to organise – in an even more innovative and effective way than before. On Thursday 21 July, the week following the CLP’s suspension, the local Momentum group organised a mass meeting. More than 200 people showed up, with the mood defiant and pumped up.  Rather than listen to speeches, the room then became a road test for a new "campaign meetup", a more modestly titled version of the "barnstorms" used by the Bernie Sanders campaign. Activists broke up into small groups to discuss the strategy of the campaign and then even smaller groups to organise action on a very local level. By the end of the night, 20 phonebanking sessions had been planned at a branch level over the following week. 

In the past, organising inside the Labour Party was seen as a slightly cloak and dagger affair. When the Labour Party bureaucracy expelled leftwing activists in past decades, many on went further underground, organising in semi-secrecy. Now, Momentum is doing the exact opposite. 

The emphasis of the Corbyn campaign is on making its strategy, volunteer hubs and events listings as open and accessible as possible. Interactive maps will allow local activists to advertise hundreds of events, and then contact people in their area. When they gather to phonebank in they will be using a custom-built web app which will enable tens of thousands of callers to ring hundreds of thousands of numbers, from wherever they are.

As Momentum has learned to its cost, there is a trade-off between a campaign’s openness and its ability to stage manage events. But in the new politics of the Labour party, in which both the numbers of interested people and the capacity to connect with them directly are increasing exponentially, there is simply no contest. In order to win the next general election, Labour will have to master these tactics on a much bigger scale. The leadership election is the road test. 

Even many moderates seem to accept that the days of simply triangulating towards the centre and getting cozy with the Murdoch press are over. Labour needs to reach people and communities directly with an ambitious digital strategy and an army of self-organising activists. It is this kind of mass politics that delivered a "no" vote in Greece’s referendum on the terms of the Eurozone bailout last summer – defying pretty much the whole of the media, business and political establishment. 

The problem for Corbyn's challenger, Owen Smith, is that many of his backers have an open problem with this type of mass politics. Rather than investigate allegations of abuse, they have supported the suspension of CLPs. Rather than seeing the heightened emotions that come with mass mobilisations as side-effects which needs to be controlled, they have sought to joins unconnected acts of harassment, in order to smear Jeremy Corbyn. The MP Ben Bradshaw has even seemed to accuse Momentum of organising a conspiracy to physically attack Labour MPs.

The real conspiracy is much bigger than that. Hundreds of thousands of people are arriving, enthusiastic and determined, into the Labour party. These people, and their ability to convince the communities of which they are a part, threaten Britain’s political equilibrium, both the Conservatives and the Labour establishment. When the greatest hope for Labour becomes your greatest nightmare, you have good call to feel alarmed.