Even though the UK witnessed an estimated 1.7 million cyber crimes last year, the total number of cyber crime prosecutions last year was only 48, down from 57 prosecutions in 2016 and 61 in 2015, according to figures released by London-based law firm Reynolds Porter Chamberlain LLP.
Cyber crime rising in scale & complexity
Last year, in a report on serious and organised crime in the UK, the National Crime Agency (NCA) noted that cyber crime rose both in terms of scale and complexity in 2017 compared to previous years and that there was a significant expansion in the visibility of cyber crime.
The NCA lamented that the cyber criminals were not effectively thwarted from carrying out fresh attacks not only because a lot of cyber crimes went unreported, but also because convictions of criminals were not sufficient to deter them.
It noted that 62 percent of Brits did not have confidence in the law enforcement response to cyber-dependant crime and the level of sentences awarded by the courts did not necessarily reflect the seriousness required to fight cyber crime. "As many convictions are under the Fraud Act rather than the CMA (Computer Misuse Act), this compounds the problem and furthers the perception of ‘cyber crime without consequence’," it said.
Fall in cyber crime prosecutions
According to figures released by London-based law firm Reynolds Porter Chamberlain LLP, cyber crime prosecutions in 2017 were even less compared to those in the previous years, with the number of prosecutions stopping at 48. The firm said that the low number of cyber crime prosecutions was a result of "police not having the resource to tackle the full extent of the problem as cybercrime has become increasingly widespread and complex".
According to the government's criminal justice statistics, the total number of people sentenced for offenses under the Computer Misuse Act rose from 39 in 2015 to 57 in 2016 but came down to 47 in 2017. However, the number of offenders against whom cautions were issued rose from 47 in 2016 to 52 in 2017, and the number of people proceeded against under the Act rose from 57 in 2016 to 63 in 2017.
In all, only 269 persons were sentenced for offenses under the Computer Misuse Act between 2007 and 2017 and less than 500 were cautioned in the ten-year period. Such sentences could only be termed as a drop in the ocean and are not sufficient to stop teenagers or adults from engaging in cyber crime.
According to Reynolds Porter Chamberlain, as most of the hackers targeting the UK are based overseas, many of them in countries like China and Russia, it becomes difficult for police forces to prosecute them. At the same time, many cyber criminals employ proxy-routing to mask their identities and location so one can never be sure if the IP address behind a cyber crime is the true one.
"Police forces are doing their best with the resources they have but the scale of the problem means businesses cannot necessarily rely on the police to really help them when there is a cybercrime.”
“There will have to be some radical changes before businesses can start depending on the law enforcement agencies rather than private industry, including insurance, to help them if they have suffered from a cybercrime," said Richard Breavington, Partner at RPC.
Police initiatives to tackle cyber crime
Of late, police forces across the UK have started training officers in cyber crime detection and response and have launched various initiatives to push back against the cyber crime industry. In May, the City of London Police launched an initiative dubbed Cyber Griffin to help firms based in London's Square Mile become more resilient against cyber-attacks.
The force said that the initiative, which includes specially-trained officers leading a series of community focused exercises, threat briefings, and incident response training, will help those firms the most that have very little knowledge of cyber threats and will also help IT security staff at many companies improve their incident response capabilities.
"As criminals working in the cyberspace become more sophisticated, it’s important we all have at least basic skills to combat those that seek to do us harm. Through this initiative the police and industry can work together to share skills and knowledge to protect ourselves from this evolving crime," said Ian Dyson, City of London Police Commissioner and National Policing Lead for Economic Crime.
In April last year, soon after taking over as Commissioner of the Metropolitan Police from Sir Bernard Hogan-Howe, Commissioner Cressida Dick announced that she would launch new training programmes for officers to enable them to tackle cyber crime.
"I would like to see data and the digital world more of an advantage to us than it is to the criminal, and I’m not sure that’s entirely true at present," she said while talking to reporters at Lewisham police station.
"We’ll be introducing a range of new technology. From cutting-edge mobile technology for officers, to flexible online services so the people of London can interact with us more easily more quickly and more immediately. From new back-office policing systems and applications to information management and infrastructure platforms. All designed to enable the Met to serve London more effectively and efficiently," the Met Police’ website read after she took over.