Hacking prosecutions fall for a further year despite the threat of cyber crime

The number of computer hacking prosecutions fell for the second successive year in 2017, despite the ever-increasing threat to businesses and individuals

The number of prosecutions under the UK’s Computer Misuse Act in 2017, which covers unauthorised access to computer material, fell to 47 in 2017, down 18% from 57 in 2016. There were an estimated 1.7 million* cyber-related crimes in the UK last year.

RPC explains that the low levels of prosecutions in this area is partly a result of police not having the resource to tackle the full extent of the problem as cybercrime has become increasingly widespread and complex.

Many of the hackers targeting the UK are based overseas, in areas like the Baltic states or even outside the EU, such as Russia and China, which makes it far harder for the UK police to prosecute them.

More generally encryption and routing through proxies can be used to mask hackers' identity and location.

Given the low chances that cyber offenders will be prosecuted, RPC believes that it is vital businesses have wide-ranging precautions in place to minimise the significant costs of a cyber-attack, potentially including cyber insurance.

Cyberattacks can cause the loss of sensitive material such as critical data, personal information, and transaction details, all of which can result in serious financial, reputational, or regulatory consequences for businesses.

Richard Breavington, Partner at RPC says that the Government announcement that it would be investing £1.9bn in cybersecurity over the following five years is a welcome step forward and it is hoped that a large percentage of this investment would be used to protect UK businesses from cybercrime.

Richard comments: “Police forces are doing their best with the resources they have but the scale of the problem means businesses cannot necessarily rely on the police to really help them when there is a cybercrime.”

“There will have to be some radical changes before businesses can start depending on the law enforcement agencies rather than private industry, including insurance, to help them if they have suffered from a cybercrime.”

Insurance against data breaches is one of the fastest growing areas of the insurance industry. Data breach services such as RPC’s ReSecure can help to protect the data and reputation of companies, if they become the victim of a hack.

ReSecure provides companies with access to data breach management, technical forensic investigation, legal advice, notification, web and credit monitoring and public relations services.

Not all cyber related crimes would necessarily be prosecuted under the Computer Misuse Act. For example, Regulation of Investigatory Powers Act 2000, covers unlawful interception of communications over a public or private telecoms system. However the Computer Misuse Act is used for prosecutions relating to distributed denial of service attacks (DDoS), malware, intent to impair the operation of a computer, unauthorised access to computer material etc.

The number of UK prosecutions under the Computer Misuse Act fell to 47 last year, down 18%

*Source: Office for National Statistics, Crime Survey for England and Wales, March 2018