In-depth

Gov 'is not taking cybercrime seriously'

Home Office 'will miss out on top IT talent' with volunteer cybercop plan

IT security experts have trashed Home Office plans to recruit volunteers to tackle cybercrime, saying the government is not taking the issue seriously enough.

Home Secretary Theresa May plans to bolster the police's efforts to battle digital crime by empowering police forces to sign up IT workers as volunteers.

The proposal, aired again by the Home Office last week but first revealed in a consultation document last year, would allow room for volunteers to take on greater roles "as their experience grows".

But cybersecurity experts denounced the plans, saying the government should hire specialists instead of volunteers if police skills are not up to scratch.

Graham Cluley, an independent computer security analyst, told IT Pro: "[It] doesn't sound like they're taking the problem seriously to me. Cybercrime is on the rise, and clearly the authorities need proper investment and resources to tackle the growing problem. 

"My concern would be that the authorities would be unable or unwilling to pay the kind of salaries that would attract the top talent - and so many talented individuals won't be interested."

IT security workers command a wage of between 50,000 and 57,000 in London, according to recruitment firm Randstad Technologies.

But digital offences make up 44 per cent of total crime according to ONS data released last October, which showed that 3.8 million Britons were victims of a total 5.1 million incidents of online fraud, malware, or phishing attacks in the previous 12 months.

Cluley said it is worth paying the price for experts who can help.

"Until fighting cybercrime is seen as something which saves the country money rather than costs us cash, I don't see the situation getting any better," he said.

Security firm Digital Guardian pointed out that the plan overlooks a gap in expertise that already exists in cybersecurity, a problem which has been recognised by Chancellor George Osborne.

Thomas Fischer, principal threat researcher, said: "For many years the infosecurity industry has faced a recruitment drought. As a result, individuals that do meet the required training standards are highly sought after assets, likely to be in well-paid positions, with very little time to do volunteer work on the side."

However, the Home Office insisted it is committed to tackling cybercrime, highlighting measures such as an 860 million investment in the National Cyber Security Programme.

IT Pro understands that volunteers would look into minor offences that stop police focusing on more serious crimes, but security firm Malwarebytes said working alongside police is different from grass-roots action against hackers.

Malware intelligence analyst Chris Boyd told IT Pro: "Working with police in an official capacity is a whole new ballgame, and there's not just the technical aspect to consider - you could well be getting involved in cases where there could be significant risk to yourself or others.

"One hopes the police would make them sign an equivalent of an NDA before signing up."

It is not clear whether the Home Office would meet other costs, such as the price of equipment volunteers would need to work on.

Boyd said: "If this is to be successful the volunteers need to be supplied with standard-issue machines running the tools they need to get the job done. We can't have work like this done on someone's personal computer, especially if there's a chance it could have been compromised beforehand."

The government must also decide what security solutions run on these machines before signing up volunteers, he said. 

The consultation in which the proposal was contained has concluded, though the government has not given a timeline for when police can begin recruiting volunteers.

The Home Office declined to comment.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Marsh McLennan reveals its cyber risk analytics center
risk management

Marsh McLennan reveals its cyber risk analytics center

15 Oct 2021
Justice Department unveils civil cyber fraud initiative to battle online crime
cyber attacks

Justice Department unveils civil cyber fraud initiative to battle online crime

7 Oct 2021
Senator to introduce new bill to force ransomware payment disclosures
ransomware

Senator to introduce new bill to force ransomware payment disclosures

6 Oct 2021
The best defence against ransomware
Whitepaper

The best defence against ransomware

1 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021
What is cyber warfare?
Security

What is cyber warfare?

15 Oct 2021