1

West Midlands Regional Cyber Crime Unit

Detective Inspector Rob Harris

Detective Sergeant Gary Sirrell

Twitter @WMROCU

UK Policing Structures

• 43 Separate Forces

• Mainly Operating

Independently

• Range from 973 in

Warwickshire up to

33,367 in London

(Met Police)

UK Policing Structures

• 10 Regional

Organised Crime

Units (ROCU’s)

Policing the Digital World

"There is no reason anyone would want a computer in their home." Ken Olsen, founder of Digital Equipment Corporation, 1977

• Began with Fraud Squads late 1980’s

• Hi-Tech Crime Units grew through 1990’s

• National Cyber Security Program 2008/09

• Expansion of roles (eForensic Officers, Digital Media Advisors, Data Recovery Officers, Mobile Phone Technicians)

• Specialist Roles - Cyber Crime Units Investigation Technical Intelligence Protect

* PROTECT – Ensure adequate protection

against the threat.

* PREPARE – Reduce the impact where it does

take place.

* PREVENT – Stop people from engaging in

criminal activity.

* PURSUE – Identify, disrupt, and take action

against those engaged in criminal activity.

Cyber Crime Strategy – The Four P’s

My role as Cyber Crime ‘Protect’

Officer for the West Midlands Region

is predicated on the premise that 80%

of all Cyber Crime is easily

preventable by adopting basic

measures. This applies equally to

businesses and the public.

Basic measures – 10 top tips

1. Password Hygiene

2. Anti-Virus

3. Firewall

4. Update Patches and Migrate to latest software and OS

5. Backups

6. Staff Awareness – staff are key

7. Secure your website

8. Data Encryption

9. Managing User accounts and privileges

10. Cyber Liability Insurance

What support is out there to

the public and for business?

Resources –

Get Safe Online

Resources –

Cyber Street Wise

Resources –

CESG – 10 Steps

Resources –

Cyber Essentials

CiSP Cyber Information Sharing Partnership

What is the Cyber-security Information Sharing Partnership (CiSP)?

• CiSP is a joint industry and government scheme based in CERT-UK.

CiSP is an online social networking tool and enables its members to

exchange information on threats and vulnerabilities as they occur in

real time.

• Do you know the value of your data. What are your ‘crown jewels’?

• Reputational damage / Intell prop / Trust.. What if these were affected?

• Do you know where your data is stored?

• Who has access to your data?

• Do you have backups? How often do you back up?

• Do you really know your employees?

• Do you have suitable business continuity and disaster recovery in place?

• What would you do if you lost all your data tonight?

• Do you know what your responsibilities are if you have a data breach?

Some basic advice…

• Number of offences ranging from specific

computer crimes under the Computer

Misuse Act, to traditional crimes like Fraud

and Harassment

What is Cyber Crime?

• Cyber Dependant – ‘New’ crimes that

could only be committed with a computer

• Cyber Enabled – traditional crime now

being committed over the internet, or

Key Threats

• Large scale harvesting of personal and business data

• Targeted compromise of UK networked

• Targeted disruption of access to UK networked systems

• Increasing volume of cyber dependent criminality

• Support services (cyber enablers)

Motivations…

• Hacktervism

• Fame / Kudos (Experimenters & Gamers)

• Financial (Theft, Fraud, Blackmail – DDOS )

• Business – IP, Competitive Advantage (+insider threat)

• State

Policing the Internet…

Current Work

• DDOS

• Botnets

• Hactavists

• Enablers

• National support – NCA & International

• Local Forces Support – Joint Visits

• Prepare & Protect – SME Engagement

• CTU Collaboration

Case Studies

Questions

Thank you…Questions?

Detective Inspector Rob Harris

Detective Sergeant Gary Sirrell

Twitter @WMROCU

Email rccu@west-midlands.pnn.police.uk