September 8, 2016
Law enforcement bodies in the UK “need to up their game” when taking leads on cybercrime from internet service providers (ISPs), according to the Internet Service Providers Association (ISPA), which published a report this week.
The report comes as the country’s National Crime Agency (NCA) is trying to get more intelligence from ISPs, and as the controversial Investigatory Powers Bill, which will force ISPs to store all citizens’ browsing data, heads toward becoming law.
The report surveyed ISPA members, including Aol, Gigaclear, and BSkyB. Out of the 83 percent of ISPA members who said they had reported a cyberattack to the authorities, 50 percent said the reports were occasionally followed up on, while 30 percent claimed that there was no interest or follow up. Twenty percent said that their complaints are “usually followed up and investigated.”
James Blessing, chair of the ISPA, thinks there is one main reason why law enforcement aren’t reliably following up on leads.
“Resources. Pure and simple,” he told Motherboard in a phone call.
ISPs face all sorts of attacks, such as DDoS attacks or hacks of individual customers, Blessing explained. Some of these might be daily, others might occur even more frequently.
An ISP typically might not report every attack, and instead only complain about more serious things, such as a compromised server on its network. When that happens, it is the ISP that has the information that law enforcement needs.
“The next step in the investigation would be somebody in the [law enforcement] technical team turning up and saying, ‘What log files have you got, what information have you got for me, what information do you have available that can help me investigate this crime?’ And, silence,” Blessing said.