News archive

Published 19 August 2009

The deepening recession is fueling a boom in cybercrime and criminals in poor countries are now turning their hands to scams as they become more computer literate.

These were some of the findings of a new study which recommends urgent action to prevent massive cyber fraud in the run-up to the 2012 London Olympics and what researchers termed would be a 'national embarrassment'.

The University of Brighton team, led by Howard Rush (pictured right), Professor of Innovation Management and Head of the Centre for Research in Innovation Management, said the growth in credit card fraud and identity theft was due to communications technology reaching regions of the world where many underemployed people with information technology skills lived.

Professor Rush said: "Criminals there can take advantage of cybercrime opportunities – and the current global recession will likely increase this trend still further."

There were now thousands of attempts being made regularly to scam victims using just one method alone - phishing or scam emails. And one report from the USA suggested businesses risked losses running into billions of dollars from data theft.

Cybercriminals were finding ways of taking over personal bank accounts and between 2007 and 2008 this form of fraud increased by 159 per cent, according to the UK's Fraud Prevention Service.

Detection and prevention have moved forward but, said Professor Rush, continuous data breaches, mainly due to human error, were exposing personal information on a large scale.

The study, funded by the National Endowment for Science, Technology and the Arts, said the proliferation of social networking websites was providing cybercriminals with new areas to exploit as well as new areas for recruitment.

"Law enforcement agencies are struggling to respond, especially in places where legislative frameworks are weak or non-existent. The growth of cybercrime in Russia, India, China and Brazil is of particular concern."

The researchers issued a stark warning that the organisational and technological capabilities of cybercriminals, "especially in the absence of a global counter-strategy", will likely deepen and widen into the foreseeable future.

"As cyberspace develops further, so new opportunities will open up for organised crime groups. Crimes such as electronic theft and fraud will occur more rapidly, reducing the likelihood of offenders being caught in the act."

"Information about how to compromise a system will be available more quickly and to more people, which means that opportunistic criminals linked into networks of organised criminals will come to dominate and define the world of cybercrime. The ability of criminals to use new technology will also have a major impact on the sort of crime we see. In cyberspace, we can expect this to be further magnified."

Professor Rush's team urged a plan of action: "In the UK, a national initiative is urgently required to tackle cybercrime. It needs to be applied across the UK regions and nations, and it needs to be part of a genuinely transnational effort. European Union member states need to make this a common cause."

"Given that so many cybercrime operations take place in developing countries, aid agencies need to be persuaded to build on their policy reform work to help address cybercrime."

"We as individuals need to learn how to make our personal IT systems more secure. Banks should help to incentivise such greater personal security, recognising that they have a vested interest in doing so as well as compensating their customers who become victims."

"The private sector responses should be reviewed and analysed in search of best practice. New legislation could regulate the security firms to provide better information and encourage them to work together to find common solutions."

"The security forces should work together in areas currently defined by insularity so that they pool their knowledge and resources in the battle against cybercrime. A similar pooling needs to take place at an international level. Cybercriminals operating in weak states need to be tackled through a major effort from multilateral agencies and the more capable law enforcement bodies."

"In higher education, research initiatives should also be genuinely multidisciplinary, to include, for example, criminology, development studies, economics (finance, micro-, macro-), IT studies, innovation studies and, even, strategic studies."

"In the UK, the prevailing financial crisis has required a virtual takeover by the government of key banks. The government should use its new powers to compel the financial sector to become more transparent over the scale and nature of the threats from cybercrime – there is a concern that banks are telling the outside world less than they actually know, not just about threat but also about potentially inconvenient counter-measures."

The report added: "Our research indicates that there is no technical fix available. And no external agency can prevent all individual lapses in personal security. Instead, responses are required at all the levels identified above to minimise the risks."

"National priorities in relation to cybercrime are now becoming urgent, not least because of the 2012 London Olympics. Data from the Beijing, Athens and Sydney Olympics graphically indicate how the Olympic hosts have become more vulnerable to cybercrime attacks."

"The UK needs to act quickly to avert a massive international cybercrime embarrassment during the run-up to London 2012."

www.nesta.org.uk
NESTA is the largest independent endowment in the UK. Its mission is to support innovation to drive economic recovery and solve some of the UK's major social challenges.

NESTA is a world leader in its field and is in a unique position to support and promote innovation through a blend of practical programmes, policy and research and investment in early-stage companies.