Published: 03 December 2015
By Andy Harris
This conference was held on the 2nd December 2015 at Salford University
Don't expect any UK legislation to help with international attacks! Furthermore don't expect law enforcement from the country of origin to take any action.
Always remember that the location of data can affect the jurisdiction that applies to any misuse of that data.
It is felt that legislation generally lags behind technology, but currently we're still using the 1990 Computer Misuse act as amended in Part 5 of the Police and Justice Act 2006 Reference
We learnt that the UK police have some advanced capabilities, but that these fall far short on the capacity needed to deal with the level of digital crimes being committed. This means that they are giving priority to those crimes that affect us as a nation. If you are in banking you're expected to build your own cyber defenses and to provide all the requisite evidence for prosecutions.
Juries have a great deal of difficulty understanding digital evidence and that defense lawyers are finding it easy to call the provenance of such evidence into question.
We're now seeing quite a growth in private sector companies that will collect, analyse and store this evidence as well as providing experienced expert witnesses to present it.
In some fraud cases, its often difficult to present absolute evidence of the identity of the perpetrator. In the case of administrator and root accounts, a typical defense will be 'Everyone in the department knows that password'. Therefore layers of evidence such as shift times and IP addresses are needed to build a case.
Digital crimes are expensive to prosecute, therefore companies are often expected to bear the cost of this.
We heard about the considerable differential in punishments of digital crime versus physical crime, with examples of custodial sentences and large fines for shoplifting of less that £100 of goods. Whereas digital crime at the same level is seen as uneconomic to process.
Of interest was the observation that the more digital services a prisoner has access to, the less likely they are to be involved in any prison violence. Prisoners interacting with digital services is defined as one of the 'purposeful activities' and is generally thought to improve the overall outcome for the offender.