Cyber crime prosecutions fall as under-resourced police struggle with increasingly complex threat
Only 57 prosecutions under Computer Misuse Act last year despite 1.9 million crimes. Cyber insurance ‘critical’ for businesses.
UK prosecutions for cyber crime fell last year as under-resourced police struggle to get to rips with the growing threat from cyber-criminals, says City-headquartered law firm, RPC.
RPC says that there were only 57 prosecutions under the Computer Misuse Act last year, down from 61 in 2015, the first time prosecutions under the Act have fallen this decade (see graph below). This fall comes despite the UK experiencing 1.9 million computer misuse crimes in 2016*.
RPC says that the fall in prosecutions reflects the difficulty enforcement agencies face in tackling the growing threat of cyber crime, which is compounded by the relative lack of resources given to cyber crime investigation. The UK only has around 250 specialist cyber crime police officers.
Use of encryption and proxy servers now make it enormously challenging for the police to track the perpetrators of cyber crime, or to reliably locate where in the UK – or even overseas – they are operating from.
With many cyber-criminals active in the UK being based overseas – often in jurisdictions such as Russia or the Baltic states – it would be virtually impossible for police in the UK to secure prosecutions against these individuals, even if they were able to locate and identify them.
RPC says that this makes it vital that businesses have robust and comprehensive cyber insurance policies in place, to mitigate the potentially significant costs of a cyber attack, whether that results in the loss of critical data, customer details or other sensitive material.
The Government’s Cyber Security Breaches Survey 2017 recently found that nearly half of all UK businesses suffered a cyber breach or attack in 2016. In 2015, the Centre for Economics and Business Research put the cost to UK businesses of cyber attacks at £34 billion per year.
With the General Data Protection Regulation (GDPR) coming into force in less than a year’s time, it is also important for businesses to ensure they are as protected as possible against the potential of significantly increased fines for data security incidents.
Richard Breavington, Partner at RPC, comments: “Given the resources they have to work with, it’s unreasonable to expect the police in the UK to be able to track down cyber-criminals for whom covering their tracks electronically is often trivially easy.”
“Businesses operating without insurance coverage against potential cyber risks are playing with fire – the consequences can be severe for those who fall victim to cyber-criminals.”
Neil Hare-Brown, CEO of STORM Guidance, the specialist cyber risk and cyber incident advisor, says: “The reality is that enforcement agencies are unable to reach a lot of the cyber-criminals who are active in the UK, either because they are difficult and therefore costly to identify, or because they are in overseas jurisdictions which UK law enforcement cannot effectively access. That means they are able to target UK victims with relative impunity.”
“The chances of the police in the UK being able to trace, identify, apprehend and prosecute a cyber-criminal in Russia for a cyber crime in the UK are currently remote. International law enforcement needs significantly greater capability and until then every business needs to be on top of its cyber risks, and be insured should the worst happen.”
RPC says that insurance against these types of breaches is one of the fastest growing segments of the insurance industry. Data breach services such as ReSecure, provided through RPC, can help to protect the data and reputation of companies, if they become the victim of a hack.
ReSecure provides companies with access to data breach management, technical forensic investigation, legal advice, notification, web and credit monitoring and public relations services.
* Source: Office for National Statistics, Crime Survey for England and Wales, April 2017
UK cyber crime prosecutions dip as police struggle with cyber-criminals
