“Cyber Crime is NOT a Crime”
At Digital Law, it is important for us to be ahead of the curve in terms of being up to date with cyber matters. Last month Digital Law joined TecSec and the North East Business Resilience Centre (“NEBRC”) at their event in Sheffield – highlighting the risks that we face from cyber threats.
One of the things that stood out most was NEBRC Head of Cyber and Innovation Steve Leach’s analysis of cyber-crime.
“Cyber-crime is not a crime”
At first look the knee jerk reaction is confusion, surely cybercrime is a crime? But if you break it down further, cybercrime realistically is the modernisation of one or more of the following ‘old fashioned’ crimes:
- Theft
- Robbery
- Damage
- Fraud
These crimes existed and continue to exist into the digital era and there is the same motivation behind them. However, while they are ‘cyber-crimes’ they not treated with the same level of concern or respect when they are essentially the modernisation of existing crimes. While there is the Computer Misuse Act, it is rarely utilised when prosecuting the majority of cyber-crimes. Theft, fraud and robbery legislation from the 18th and 19th Century will be utilised by law enforcement when prosecuting cyber criminals in the majority of instances rather than using newer legislation based on specific discrete cyber offences.
Think of cyber security like a house for example, you protect your house using a fence, a locked front door/back door, locked windows etc. you understand that there is a level or protection. You know that you are protecting what is inside the house as it is valuable, both to yourself and someone else. Comparatively, not only do you physically protect your property but you also likely have both house and contents insurance.
So why is the same principle not applied to your tech? The information stored inside it or on the cloud is just as valuable however, we are complacent when it comes to protecting it.
We need to protect our tech in the same way we would protect our houses for example, using firewalls, secure passwords, protecting vulnerabilities and updating software. Alongside this, you can protect your tech by taking out the necessary cyber liability insurance.
In 2021-2022 alone 1500 cyber-crimes were reported. Once again, at first glance this number appears fairly large but realistically this figure is more likely to be closer to the million mark. Cybercrimes are massively under reported, in a similar way to which they are underfunded when it comes to investigation and prosecution.
39% of businesses have suffered a cyber-attack in the last 12 months, 83% of these have been as a result of phishing. Another way that you should be protecting your ‘house’ (tech) is through training members of staff there is no silver bullet catch all that will prevent a cyber-attack. Instead we need to be focusing on creating environments where people are safe to report cyber-attacks or potential threats as well as training staff to recognise potential threats which could easily prevent a future attack.