Cyber crime fight is under resourced

Internet crimes should be recorded along with other national crime statistics, according to the chairman of the All Party Internet Group

The government is being told to include cybercrime figures in its national crime statistics so the impact of viruses, hacking and phishing can be measured alongside that of more traditional crimes, such as burglary and vandalism.

Last Thursday, APIG, which attempts to bridge the gap between the technology industry and MPs, held the first of three hearings at the House of Commons to discuss how well the 14-year-old Computer Misuse Act (CMA) has stood the test of time.

The group will be publishing a report of its findings in June but is expected to recommend minor changes to the law rather than a major overhaul.

Derek Wyatt, MP and APIG chairman, said that while APIG has yet to reach final conclusions, it appears the law will require only an amendment, rather than major reworking. He said that the real issue was actually a serious lack of police resources to fight high-tech crime.

"In evidence, the Metropolitan Police said it only has around 250 people for this, which is not enough," Wyatt said.

Nick Ray, chief executive of software security firm Prevx, and a participant in the hearing agrees that the CMA has stood the test of time very well, especially as it was written in the pre-internet era. He also said the real problem lies in the lack of funds dedicated to fighting cybercrime - as well as in the government's inability to measure its impact.

"The problem is not with the law; it is with resources to catch the criminals and prosecute them. The scale of damage caused by these threats is massive and we want to make sure cybercrime figures are properly measured. You get front page headlines that violent crimes have risen, because violent crime is measured. Cybercrime is just not on the government's radar. It's about time it was," said Ray.

Wyatt agreed that the Home Office should include cybercrime incidents in its national crime statistics.

"All cybercrime should be audited by the national audit office. I expect it isn't already part of the stats because much of it originates overseas. We need to extradite those people but we do not have the resources yet," said Wyatt.

Munir Kotadia writes for ZDNet UK