The Internet is still similar to the wild west in many ways. There’s a lot more law enforcement than there used to be, but it’s still mostly about prevention, rather than justice.
With that in mind, here’s a bunch of resources you wouldn’t have seen 20 years ago. Provided by various Police organisations operating within the UK, they provide great starter points to help educate individuals and businesses about the basics of cybersecurity.
Probably the most well known, this service started out by helping report fraud and other financial\identity related crimes, but it quickly moved into handling cyber crime as well. They even have a 24/7 phone number where you can reach the team if you have an ongoing cyber attack (don’t expect full incident response advice however).
Note that Action Fraud doesn’t actually investigate crimes, they are a reporting service only. You’ll get a Police crime number, and they’ll pass your report onto the National Fraud Intelligence Bureau, who will investigate serious\common cases - but you certainly won’t get an officer assigned to the case if you received a suspicious text message.
National Cyber Resilience Centre
You might not have heard of this one, but it’s a fairly large not-for-profit company founded by the Home Office. They provide support and services for businesses, both free and paid-for premium services such as pentesting, training, consultancy and access to various NCSC tools to determine reputation status or brand damage.
Be sure to check out the regional centres they operate around the UK, which can be useful to put you in touch with Cyber Essentials partners and localised training.
This is a pretty bold endeavour, led by the National Police Chief’s Council (NPCC). It acts like an Open Source SIEM, such as AlienVault or Security Onion. Members deploy a ‘collector which is basically a virtual machine, that sends meta-data back to CyberAlarm for analysis. Naturally we had a lot of technical questions about this; so I’ll give you the highlights:
- It relies on syslog data from your internal infrastructure, firewalls, routers, proxies, servers etc
- CyberAlarm’s virtual collector then sends all this syslog data via encrypted channel to CyberAlarm servers
You’re notified about potential threats or attacks based on the data you provided. It’s not actively able to block attempts, just passively monitoring. It’s also enriched with some pretty cool geo-location tech to determine the sources of attacks.
Additionally, it can do vulnerability assessments on members’ infrastructure (from what we can tell, you provide a list of domains\IP’s - although we’re not sure how they check for ownership!).
Services like these all depend on how many members are using it, so it may be a while before the threat intel it provides is good enough to warrant more users.
This is a cool one, and if we had this when I was 15, I’d probably have been a friendlier kid, rather than a cyber warrior kicking in virtual sockets where ever possible.
It’s ran by the National Crime Agency, and is aimed at kids, parents and teachers. The goal is to educate them about technology and the law, by pointing out the most common crimes that people tend to think aren’t even within UK law, and how the Computer Misuse Act has been extended over the years to cover more modern definitions.
It’s especially cool how it now covers the act of obtaining tools online for illegal purposes, regardless of if they’ve been used or not. This has been a hot topic for years (e.g. if I make a tool to guess your password, is that bad? “Making, supplying or obtaining articles for use in offence” says yes!)
Virgin Media Cybercrime Test
I hadn’t heard of this one until Virgin Media contacted me to let me know of its existence. it’s styled as a quiz to give you an idea of how much you may or may not know about the threats of cyber-crime already (we did OK, in case you’re wondering!). Covering malware, ID theft, phishing and other topics, it does a good job of educating the public about very real and relevant threats that exist today.
Of course, expect a small piece about how Virgin Media can also help you, but before that - the usual methods of reporting cyber-crime are listed.