Under-reporting of cybercrime attacks gives hackers a green light

Organisations which don't report that they've been the victim of cyber crime are putting others at risk of further attacks and are hampering the authorities' ability to fight against hackers, the UK's serious and organised crime unit has warned.

The National Crime Agency has issued the warning to businesses as part of its National Strategic Assessment of Serious and Organised Crime 2018.

"Under-reporting of data breaches continues to erode our ability to make robust assessment of the scale and cost of network intrusions," said the report, adding "many companies are not disclosing data breaches, putting victims at risk".

According to figures cited by the NCA, only 38 percent of people have confidence that law enforcement can properly respondent to 'cyber-dependent' crime, with the implication that this is partly why victims fail to report they've been hit.

Even when cybercrime is reported, the police may find themselves unable to convict the perpetrators, because "those that do report may on occasion not be prepared to support prosecution, hampering the ability of law enforcement to act".

The National Strategic Assessment of Serious and Organised crime suggests that the lack of successful cyber crime reporting means that cyber attackers believe that there's no consequences of their actions.

This perception is also driven along by the courts often handing out lenient sentences to those convicted of hacking, the NCA suggests - although no specific examples of this are provided.

"Whilst courts acknowledge the seriousness of the crimes committed, the level of sentence passed does not necessarily reflect this seriousness, and can appear low," said the report.

According to the report, cyber criminal schemes at all levels continue to pose a threat to the UK, and while many of these groups are operating outside of UK borders, home-grown cyber criminals must not be underestimated.

"The threat from UK domestic cyber criminals continues to mature, and these domestic actors are capable of damaging attacks," the report warns.


Source: ZDnet