Broadband Britain – Crime & Punishment in a Digital Economy

August may be remembered by businesses both for the record-breaking temperatures, which made working difficult and an unprecedented series of computer virus attacks, which for many companies, made work impossible.

With names like evil cartoon characters, Blaster, Nachi and Sobig-F left a trial of destruction around the world. Among the high profile victims were Sky News and Air Canada, which was forced to shut down its electronic ticketing systems. At one point, PC World reported a 163% rise in the number of calls to its PC service support lines and some outlets were repairing up to 200 PCs a day in an effort to clear the backlog of infected machines. Within the space of less than two weeks and before the counting had finished, PA Consulting were estimating the cost of business interruption at £500 million. Perhaps one day, someone will calculate the true cost of the heat wave in combination with the wave of cyber-vandalism represented by the three small pieces of computer code that nearly brought the Internet to its knees.

The management of eCrime was a theme for The New Statesman roundtable on Internet Security in July and the government has subsequently announced that it will be publishing a long-awaited eCrime strategy in the spring of 2004. During the roundtable, e-Envoy, Andrew Pinder, remarked that there was a pressing need for “Data Protection Legislation to be updated for the 21st Century”. Since then, the Parliamentary group, EURIM has suggested that the outdated and technology neutral Computer Misuse Act, designed for a world without the Internet, may soon be changed to include denial of service attacks and unauthorized access, which are contributing to a new crime wave, the subject of next February’s eCrime Congress in London. This has lead NCIS (The National Criminal Intelligence Service) to write, “While the UK has some of the highest levels of internet e-commerce activity in Europe, the fear of hi-tech crime and the cost, in terms of time and money, of security measures may also be discouraging the further spread of e-commerce in the UK amongst smaller businesses”.

The scale of the problem facing society by an increasingly lawless Internet is staggering. Leading Internet security company, Symantec tracks more than six thousand vulnerabilities on more than eleven thousand versions of two thousand-seven hundred software products from thirteen hundred vendors. This summer, it told the parliamentary EURIM-IPPR study group; those same vulnerabilities were turned by hackers into one million malicious code submissions and Symantec’s monitoring of the networks of twenty thousand partners in one-hundred and eight-five countries has produced data on three billion separate security events.

If government’s ambition for Britain to become one of the leading ‘information economies’ of the 21st century is to realized, then it has a problem to solve first, one which NCIS has identified as being closely related to the ‘cyberchology’ of Internet crime, a phenomenon which includes the economic damage caused by a stream of computer viruses, among them, LoveBug, Code Red, Nimda, Blaster and Sobig.

Earlier this year, a survey commissioned by the National Hi-tech Crime Unit (NHTCU) and conducted by NOP, revealed that security incidents had cost UK business an estimated £143 million over the previous twelve months. In addition, the DTI Information Security Breaches Survey 2002 indicated that nearly half of all UK companies have suffered malicious information security incidents, but most of these relate to virus infection and web-site hacking attempts. Relatively few incidents to date have involved electronic theft or fraud, with surveys showing only 6% of UK businesses affected so far.”

Government has played an active role in encouraging the population to embrace the idea of ‘Broadband Britain’ and at last November’s eSummit, eMinister, Douglas Alexander, described “Universal access as crucially important to the take-up of public services”. Added to this was a second ministerial statement that “Governments aren’t here to deliver online services; they are here to deliver policy outcomes”.

With two million Broadband users and approximately half the UK population now online, the element of policy success deserves recognition but there has been a cost, measured in terms of security and where the responsibility for this lies was a subject of vigorous argument at the July round table. Government’s position in respect to the Internet appears to be that it acts as both facilitator and legislator and that security or its ownership, is a choice that rests with the individual and the service provider. Therefore, where the new dictionary of Internet crime is concerned, legislation acts as a sanction and not a solution to a problem that increasingly lies outside government control.

Others might argue that where matters of security and the Internet are in collision, government has been slow to react, having been prepared to ignore security concerns, in the race to achieve its principal policy ambition, the emergence of Broadband Britain. What is certain, is that the kind of criminal activity that created Blaster and Sobig is now increasingly targeted at the expanding Broadband network, replicating rapidly and potentially creating an army of clone computers capable of strangling the Internet we increasingly rely upon. With small businesses and home users among the most vulnerable in society, can government now find a comfortable balance between progress and security? Should it be doing more or is the widespread business interruption and computer chaos of August simply a regular fact-of-life in the 21st century.


Popular posts from this blog

The Nature of Nurture?

Civilisational Data Mining