Education and coordination required to combat cyber crime

By Andrew Charlesworth on Aug 13, 2007 2:05 PM
Filed under Security

Cyber crime can only be reduced by educating consumers and co-ordinating efforts by all parties involved in internet commerce, say security experts..

The view is somewhat at odds with a recently published report from the House of Lords science and technology select committee, which calls for government action on cyber crime.

The Lords report says that to expect consumers to be responsible for their own security is no longer viable, given the sophistication of modern organised cyber criminals, and calls on the government to found a new police cyber crime lab and appoint a government web regulator.

Security specialists agree that more can be done to protect consumers, but don't regard consumers as passive.

"If you have a house you are expected to take basic precautions to prevent burglary," said Neil Cook, head of technical services for security firm Cloudmark.

"If you don't educate consumers, you can't plug the hole."

But what if consumers don't know what a burglar looks like and have never used a lock before?

"Security needs to be end-to-end, encompassing consumer, retailer and ISP," says Cook. His company seeks to eliminate cyber threats such as spam and phishing at ISP level through message filtering.

Cook would like to see government guidelines on security for all e-commerce parties, backed by a programme of consumer education.

Paul Simms, chief executive of 3rd Man, which provides credit card checking facilities for retailers, described the House of Lords report as "bloody unhelpful", adding: "there is more good business [on the internet] than bad by far."

Simms wants retailers to take a more active role, to do more than just accepting card details and to run detailed automated checks on credit card numbers to see if they are stolen cards.

"When a consumer goes to a respectable retailer they should have confidence that the retailer will look after their data securely," he says.

Simon Stokes, European sales director of Cybersource, which provides similar services to retailers and banks as 3rd Man, says the problem lies in the number of agencies that play a part in e-commerce and have an interest in combating cyber crime – consumer, retailer, ISP, back-end service providers like Cybersource, banks, police and the government.

"The concern is that if you don't have a co-ordinated effort then you risk a disjointed approach," says Stokes, and calls for a high-profile education campaign for consumers.

"We would welcome the opportunity to participate in a joint campaign to make the internet safer by making consumers more aware of what they can do to protect themselves," he said.