Met outfits cyber crime unit with real-time malware analysis tools

FALCON will deploy Bromium's virtualisation tools to trace malware attacks

The London Metropolitan Police Service is set to provide its cybercrime taskforce with new real-time forensic analysis tools, the force announced today.

The Met has tapped cyber security firm Bromium to provide the new capabilities, and its FALCON (Fraud And Linked Crime Online) cybercrime division will soon be using the company's micro-virtualisation technology to analyse malware samples in a fast, secure manner.

Advertisement - Article continues below

"The Met is committed to fighting cybercrime and works hard every day to catch and convict cybercriminals and support victims," said detective superintendent Neil Ballard. "Speed is an advantage when investigating these kinds of crime."

Bromium provides an advantage in this regard, the company's EMEA CTO Fraser Kyne told IT Pro, because running malware samples within Bromium generates forensic reports in near-real time.

"When you detonate malware inside a micro-VM, as soon as the micro-VM is closed, those forensics are instantly available," he said. "It really just takes away that triage thing and it jumps you straight from the point of the malware executing to giving you a visibility of what actually happened in the micro-VM."

Another touted benefit is that, because Bromium's virtualised environments are built with just the minimum amount of code needed to run malware samples, the signal-to-noise ratio is much better than with general purpose hypervisors. This allows officers and investigators to identify anomalies much more quickly.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"Like biological evidence, cyber evidence degrades over time," said the Met's Ballard. "Websites are taken down and the trail goes cold. Bromium can be used to instantly analyse and gather evidence. The victim can then be immediately advised how to mitigate the threat. Evidence collected can then be used to track down the criminal and secure convictions."

Kyne also pointed out that the virtualisation element of Bromium's product also means that the Met can safely run malware without the risk of infecting the rest of its network - which still includes thousands of Windows XP machines.

"When you're interacting with things that are of this nature, they are by their very nature unsafe to use, so we give them that protective bubble to be able to safely analyse the malware and to very quickly extract useful forensic information out of it," he said.

The news demonstrates the Met's attempts to get to grips with cyber crime, which has hit one in 10 Britons, according to ONS data. Including 5.8 million cyber offences in ONS figures for the first time last year led to England and Wales' crime rate doubling for 2016.

Advertisement - Article continues below

FALCON, launched in 2014, comprises 500 officers tasked with tackling cyber crimes that lead to financial loss - so malware, DDoS attacks and network intrusion crimes.

Think tank Reform recommended that police forces should be able to sack officers who don't have the skills to tackle cyber crime, in a report released in August.

Picture: Bigstock

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement

Recommended

Malware attacks using machine identities doubled in 2019
cyber security

Malware attacks using machine identities doubled in 2019

4 Aug 2020
Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020
British teenager charged over Twitter hack
hacking

British teenager charged over Twitter hack

3 Aug 2020
Mid-year report says vulnerabilities up 22% in 2020
hacking

Mid-year report says vulnerabilities up 22% in 2020

30 Jul 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How do you build a great customer experience?
Sponsored

How do you build a great customer experience?

20 Jul 2020