UK prosecutions for cybercrime fell last year as under-resourced police struggle to get to grips with the growing threat, according to law firm RPC. It says that there were only 57 prosecutions under the Computer Misuse Act last year, down from 61 in 2015 — representing the first time prosecutions under the Act have fallen this decade. This fall comes despite the UK experiencing 1.9 million computer misuse crimes in 2016.
RPC says that the fall in prosecutions reflects the difficulty enforcement agencies face in tackling the growing threat of cyber crime, which is compounded by the relative lack of resources given to its investigation. The UK only has around 250 specialist cyber crime police officers.
Use of encryption and proxy servers now make it enormously challenging for the police to track the perpetrators of cyber crime, or to reliably locate where they are operating from.
With many cyber criminals active in the UK being based overseas – often in jurisdictions such as Russia or the Baltic states – it would be virtually impossible for police in the UK to secure prosecutions against these individuals, even if they were able to locate and identify them.
RPC says that this makes it vital that businesses have robust and comprehensive cyber insurance policies in place, to mitigate the potentially significant costs of a cyber attack, whether that results in the loss of critical data, customer details or other sensitive material.
The Government’s Cyber Security Breaches Survey 2017 recently found that nearly half of all UK businesses suffered a cyber breach or attack in 2016. In 2015, the Centre for Economics and Business Research put the cost to UK businesses of cyber attacks at £34bn a year.
With the General Data Protection Regulation (GDPR) coming into force in less than a year’s time, it is also important for businesses to ensure they are as protected as possible against the potential of significantly increased fines for data security incidents.
Partner at RPC, Richard Breavingtom says that under the present circumstances, the authorities cannot be expected to track down cyber criminals.
“Given the resources they have to work with, it’s unreasonable to expect the police in the UK to be able to track down cyber-criminals for whom covering their tracks electronically is often trivially easy,” he said,
“Businesses operating without insurance coverage against potential cyber risks are playing with fire – the consequences can be severe for those who fall victim to cyber criminals.”