In-depth

Gov 'is not taking cybercrime seriously'

Home Office 'will miss out on top IT talent' with volunteer cybercop plan

IT security experts have trashed Home Office plans to recruit volunteers to tackle cybercrime, saying the government is not taking the issue seriously enough.

Home Secretary Theresa May plans to bolster the police's efforts to battle digital crime by empowering police forces to sign up IT workers as volunteers.

The proposal, aired again by the Home Office last week but first revealed in a consultation document last year, would allow room for volunteers to take on greater roles "as their experience grows".

Advertisement - Article continues below

But cybersecurity experts denounced the plans, saying the government should hire specialists instead of volunteers if police skills are not up to scratch.

Graham Cluley, an independent computer security analyst, told IT Pro: "[It] doesn't sound like they're taking the problem seriously to me. Cybercrime is on the rise, and clearly the authorities need proper investment and resources to tackle the growing problem. 

"My concern would be that the authorities would be unable or unwilling to pay the kind of salaries that would attract the top talent - and so many talented individuals won't be interested."

IT security workers command a wage of between 50,000 and 57,000 in London, according to recruitment firm Randstad Technologies.

But digital offences make up 44 per cent of total crime according to ONS data released last October, which showed that 3.8 million Britons were victims of a total 5.1 million incidents of online fraud, malware, or phishing attacks in the previous 12 months.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Cluley said it is worth paying the price for experts who can help.

"Until fighting cybercrime is seen as something which saves the country money rather than costs us cash, I don't see the situation getting any better," he said.

Security firm Digital Guardian pointed out that the plan overlooks a gap in expertise that already exists in cybersecurity, a problem which has been recognised by Chancellor George Osborne.

Thomas Fischer, principal threat researcher, said: "For many years the infosecurity industry has faced a recruitment drought. As a result, individuals that do meet the required training standards are highly sought after assets, likely to be in well-paid positions, with very little time to do volunteer work on the side."

However, the Home Office insisted it is committed to tackling cybercrime, highlighting measures such as an 860 million investment in the National Cyber Security Programme.

IT Pro understands that volunteers would look into minor offences that stop police focusing on more serious crimes, but security firm Malwarebytes said working alongside police is different from grass-roots action against hackers.

Advertisement - Article continues below

Malware intelligence analyst Chris Boyd told IT Pro: "Working with police in an official capacity is a whole new ballgame, and there's not just the technical aspect to consider - you could well be getting involved in cases where there could be significant risk to yourself or others.

"One hopes the police would make them sign an equivalent of an NDA before signing up."

It is not clear whether the Home Office would meet other costs, such as the price of equipment volunteers would need to work on.

Boyd said: "If this is to be successful the volunteers need to be supplied with standard-issue machines running the tools they need to get the job done. We can't have work like this done on someone's personal computer, especially if there's a chance it could have been compromised beforehand."

The government must also decide what security solutions run on these machines before signing up volunteers, he said. 

The consultation in which the proposal was contained has concluded, though the government has not given a timeline for when police can begin recruiting volunteers.

The Home Office declined to comment.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement
Advertisement

Recommended

Visit/security/phishing/355120/hackers-pose-as-three-to-exploit-high-data-demand
phishing

Hackers target Three customers with "sophisticated" phishing scam

26 Mar 2020
Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Most Popular

Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/mobile/mobile-phones/355088/apple-lifts-iphone-purchase-restrictions
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020