UK retail takes on cyber crime

Cyber security is one of the government’s top priorities for 2014, but online safety is an ongoing battle between hackers, businesses, and the government.

As science and universities minister David Willets announces a new £8 million initiative to bring technological innovation to the high street after its recent financial difficulties, businesses have been invited to enter a funding competition run by The Technology Strategy Board.

The scheme will encourage businesses to trial innovative solutions to bring a boost to the high street by exploring new approaches to retail, services, logistics, and travel and traffic.

But as high street businesses look for new ways to develop, a substantial threat is emerging from its increasingly complex employment of technology.

According to the Retail Crime Survey, carried out by the British Retail Consortium, an increasing number of stores are becoming victims of fraud, much of which takes place in the digital world as a result of the ongoing growth of the e-commerce.

Last year alone there was a 15% rise in fraud cases, with more than 120,000 registered incidents, and 80% of retailers reported an increase in attack rates during the past year, with fraud accounting for 41% of the total cost of crime in that period.

???????????????????????????????????????????????????????????????

The further retail expands into online, the more details there are to keep safe.

The crime report also says that many retailers consider cyber attacks to pose a critical threat to their businesses. 63% have been hit by hacking, and 50% by denial of service attacks.

Four in five retailers reported falling victim to computer viruses and malware, and at least one in three businesses don’t report these crimes because of a lack of confidence in police response.

But what measures are retailers and the government putting in place to support businesses in the struggle for cyber security?

Businesses themselves are continuing to invest heavily in loss prevention. Last year’s expenditure was around £520 million, with a median of £2 million per retailer.

In February 2013 the Office of Cyber Security and Information Assurance launched a policy entitled Keeping the UK safe in cyber space, which allocated a total of £760 million towards a series of measures aimed at counteracting cyber attacks against retailers.

Paula Edwards, responsible for cyber security communications at the Department for Business Innovation and Skills, said: “On January 13th the Government launched Cyber Streetwise, aiming at increasing cyber confidence and measurably improving the online safety of consumers and small and medium enterprises.

“The campaign will be delivered in partnership with the private sector, with sponsors including Facebook, RBS Group, Sophos, Trend Micro and Financial Fraud Action UK.”

Cyber Streetwise – which compares real-life security practices to online protection – is one of the latest initiatives to keep the UK safe in cyberspace.

The policy also includes other measures, including the introduction of a National Cyber Crime Unit, a single system  to report  financial cyber crime through Action Fraud, and the creation of a  Cyber Security Information Sharing Partnership with businesses to allow the government and industry to exchange information on cyber threats.

The set of measures has had a positive effect on a fraction of the UK businesses, increasing their awareness on the possible threats that can arise from the cyber space.

In a statement, Home Retail Group, which includes high street favourite Argos, said: “Cyber crime is an important issue and we support any initiative that helps to raise awareness of it and combats criminal activity.

“We take cyber security extremely seriously and employ robust and active control measures to protect our business.”

But although a lot has been done on the front of cyber security, the department for Business Innovation and Skills warned in November last year that only 14% of the UK companies are  regularly considering cyber threats, with a significant number not receiving any intelligence about cyber criminals.

For this reason, the government is still working towards rendering the digital world a more secure place.

Ms Edwards said: “The 2010 National Security Strategy designated cyber attacks as one of the top four threats to UK national security alongside international terrorism. This is still the case today. Cyber attacks cost UK businesses billions each year.”

“Tackling the threat requires a joint effort and Government is focusing its efforts on partnership with industry, academia and international partners.”

A Home Office spokesperson added: “We are taking the fight to the fraudsters, with the new National Crime Agency spearheading the crackdown.”

“The NCA’s Economic Crime Command will bring a single national focus to tackling fraud, working closely with other law enforcement bodies and the public, private and voluntary sectors.”

On the international front, CERT-UK – a new organisation to improve co-ordination of national cyber incidents and share technical information between countries – will be established in early 2014.

But at a more local level, many common cyber incidents could be prevented by basic ‘cyber hygiene’.

GCHQ estimates that 80% or more of currently successful attacks could be defeated by following best practices like updating anti-virus software regularly.

In the meantime, businesses that become victims of fraud are advised to report to Action Fraud, which analyses cases along with the National Fraud Intelligence Bureau to recognise patterns and provide information to police forces to aid the fight against cyber crime.