Other related sites

Page last updated at 11:25 GMT, Thursday, 3 November 2011

Would police use malware to catch cyber-criminals?

By Alex Hudson
BBC News

A police officer (in high visibility yellow jacket) stands in front of crime scene tape in Nottingham
Without a crime scene, evidence is sometimes harder to trace online

Cyber criminals use Trojans to steal information, but are the same techniques of electronic surveillance being used by the agencies set up to protect us?

Internet crime "is no longer the elephant in the room. It is the room," Sir Ian Andrews, chairman of the Serious Organised Crime Agency (Soca), told this week's London Conference on Cyberspace.

The rapid increase in the cost of cyber-crime means police and governments are having to protect themselves from a threat that is often nearly impossible to trace.

But the web has also become a vital space to gather evidence on suspects for traditional crimes.

The internet is an "intelligence source," says Charlie McMurdie, Det Supt at the Police Central e-Crime Unit, Metropolitan Police Service.

"People now live, work, study, communicate online so even a traditional crime - a murder for example - we look at intelligence opportunities to investigate. That might be financial transactions, it might be CCTV, it might be phone call data, it might be their Facebook friends or what they've been doing online."

Barrel of a pistol
Just because there's no blood does not mean it's a victimless crime
Sir Ian Andrews, Soca

The internet has always been difficult to police because of the pace at which things can develop and the veil of anonymity it offers.

Global cyber-crime is estimated to cost $338bn a year in cash and lost time.

But just as with conventional threats, the police cannot create a plan to deal with a type of crime before it has been put into use by hackers - a threat cannot be policed before it has been programmed.

And so focus is shifting into more refined techniques to engage in surveillance on the web.

"It's the same as if you're going after an armed robber or a car thief," says Ms McMurdie.

"The cops investigating it need to know how that individual is stealing that car and what they are likely to do. We work on an intelligence-based response. We don't put someone who's just been on traffic duty to work on that cyber-crime."

Former hackers

For many security firms, this expertise often comes in the form of ex-hackers, who provide an insight from the other side of the digital battle-lines.

Computer forensic examiner Gil Moreno works on several hard drives association with a crime
Experts are becoming more clever to catch criminals working on the web

One example is Owen Thor Walker - known as Akill - who pleaded guilty to being the leader of a hacking group connected with cyber-attacks alleged to have caused $26 million (£16m) of damage.

New Zealand telecommunications company TelestraClear hired him to work with its security division.

Other former hackers have been hired by the US Homeland Security Advisory Council, Microsoft and numerous others.

"I've never hired computer hackers but that's not to say I would never do that," says Raj Samani, chief technical officer of McAfee Europe.

The old adage about setting a thief to catch a thief seems to be true here.

Fighting fire with wires

There was controversy earlier this month when the German state of Bavaria admitted using a Trojan - a malicious program sent to a digital device covertly to collect data - to gather intelligence on suspected criminals.

The R2D2 malware received criticism for it potentially allowing officials to launch software and capture images on the infected computer.

Trying to play down or trivialise the matter won't do. The citizen, in both the public and private spheres, must be protected from snooping through strict state control mechanisms
German Justice Minister Sabine Leutheusser-Schnarrenberger

Germany's justice minister has since called for a national and state level probe into the use of the controversial computer software.

Ironically, the Trojan is not believed to have been sophisticated enough to beat antivirus software so would only be able to infiltrate unprotected computers - something unlikely amongst experienced computer users.

But there seems to be an emerging trend of governments going on the offensive.

Software company DigiTask confirmed creating the program and also selling it to state and federal agencies in Switzerland, the Netherlands and Austria.

But how far should and do the authorities go in online surveillance?

In the UK, senior officials have not ruled out doing something similar.

"In terms of the sensitivities around particular Trojans, it wouldn't be something that we would particularly like to talk about," says Lee Miles, head of cyber at the UK serious crime agency, Soca.

British Foreign Secretary William Hague
Foreign Secretary William Hague wants a global response to deal with e-crime

"But if it's available to be deployed within a lawful framework... then we would use any tactics at our disposal to fight organised crime."

Cybercrime expert Professor Peter Sommer, of the London School of Economics, believes that adding software remotely to a suspect's computer would probably be illegal under current UK law.

And the introduction of new powers for the police is something that is often picked over with a fine-toothed comb before its introduction is even proposed.

"We do need to exercise care embarking down this path [of using new techniques] because of the unintended consequences - it's something that has to be considered very carefully," says UK Minister for Crime and Security James Brokenshire.

"But we're very clear on having a robust legal framework balancing privacy and the ability of law enforcement to ensure that we're all protected."

As one speaker said at the conference, it seems like police will always struggle to maintain the right to freedom while not letting it become a free-for-all.



Print Sponsor



FEATURES, VIEWS, ANALYSIS
Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit

BBC navigation

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.

Americas Africa Europe Middle East South Asia Asia Pacific