UK biz fails to report two thirds of cyber attacks, says survey Just one-third of cyber attacks are being reported to the police, according to a wide-ranging survey from the Institute of Directors. According to the survey of nearly 1,000 IoD members, one quarter said they had experienced a cyber attack in the last twelve months. However, of those 250 directors, only 28 per cent reported …
Well, from personal experience, we tried to report an attack on one of our sites to the police, and were met with total disinterest, they wouldn't even give us a crime number, and after passing us from pillar to post over the phone we gave up trying.
So maybe the headline would be more accurate if it said "UK Biz tries and fails to report two thirds of cyber attacks"
Oh, and who the hell are Action Fraud Aware? I've just asked round the office, and nobody has ever heard of them.
I've just looked at their site, and apparently they are the National Fraud and Cyber Crime Reporting Centre.
It's a shame nobody knows about it.
If it's not on CCTV or caught with a speed camera, the police aren't interested (unless it's a celebrity perv).
If someone broke into my garage, I wouldn't bother reporting it. Police won't catch anyone, my home insurance would go up in price, the value of my house would drop.
I'd just buy bigger locks - probably the best advice you could give with cyber crime too.
I'd say you're about right. From my experience within the MET their officers aren't technical at all, and their CRIS (Crime Reporting Information System), which is what you type your "crime" into, which eventually gives you a "crime number", is categorized by specific crimes, and last time I checked, It didn't have a category of "cyber-crime". Even to fill out a single crime it takes about 45 minutes... and is so laborious I can understand why most officers aren't really enthusiastic about it... another case of bureaucracy killing efficiency...
Businesses who do report these types of issues are beaten viciously and at length with a stick by our fine selves for being "incompetent", "careless", "insane", etc. etc., which puts a rather large reputational bar in the way of reporting "increasingly sophisticated" cyber crimes (whether true or hugely inflated remains to be seen).
So, you know, we must look to ourselves as a cause for concern if under-reporting of cyber crimes, data loss etc. becomes distasteful and review our own reactions and intentions. Just a thought.
"Businesses who do report these types of issues are beaten viciously and at length with a stick by our fine selves"
And rightly so if they have their customer database popped by teenager skiddies via an exploit older then themselves. If they get DDOSed that's a different matter.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
