NCA cybercrime report estimates 2.11 million in UK victims of cybercrime

The National Crime Agency (NCA) has published a report that highlights the looming threat of cyberattacks on the country's economy and infrastructure. The cybercrime assessment calls for stronger defence responses against attacks and urges UK businesses to work with law enforcement to fight against escalating attacks.

The NCA also warned that businesses are lagging behind in "cyber arms race", with cybercriminals' technical evolution outpacing security defence tactics. In 2015, the NCA said that around 2.46 million "cyber incidents" were recorded, while 2.11 million people had fallen prey to cybercriminals.

The report highlighted that cybercriminals of all kind, from "international serious organised crime groups" to hacktivists have been targeting both UK businesses and individuals. The report also noted that hackers were enhancing their technical abilities, thanks to "the growing online criminal marketplace, which provides easy access to sophisticated and bespoke tools and expertise, allowing these less skilled cyber criminals to exploit a wide range of vulnerabilities".

"There are numerous forms of cybercrime making up those 2.64 million incidents. Research we carried out at RiskIQ revealed that malvertising, as just one of those, jumped up over 300% year-on-year between 2014 and 2015 following a string of major publishing sites such as Forbes.com, Huffington Post and The Daily Mail being exploited by malvertising campaigns. We live our online lives 'in the moment' and although most people know better than to click on a link from an unknown source, malvertising attacks are disguised as trusted brands on trusted websites and so by their nature are much more difficult for a consumer to spot," vice president at RiskIQ (EMEA) Ben Harknett told IBTimes UK.

One of the major shortcomings highlighted in the report was the "a lack of understanding of cybercrime". The report also said that under reporting of cybertattacks was a serious issue, which interfered with the "disruption and prosecution" of cybercrime.

Speaking about the importance of stronger user authentication systems – as well as the need for users to implement better password practices – James Romer, EMEA vice president at SecureAuth said: "Customers of LinkedIn, Twitter and even Mark Zuckerberg, have all been recent victims of stolen credential cybercrime.

"It's estimated that around 60% of fraudulent cybercrimes are committed using stolen credentials*, and we say time and again, having a simple password and username login process is not enough with the advances in cybercrime and the increasing value of personal data.

"As consumers lead increasingly online lifestyles, managing everything from the weekly shop, to holidays, to personal finances, businesses need to invest in new technologies to beat the innovation of the cyber criminals. Authentication models, such as behavioural biometrics and advanced threat sensors enable organisations to look beyond the credentials and understand attack vectors associated with an IP address, providing better security without layering on complicated processes for the user."

Calling for a more cooperative approach in battling cybercrime, the report stated that the UK government has made cyber defence a priority and allocated £1.9bn ($2.4bn) to develop the nation's cyber defence response and strategies over the next five years. The government is slated to soon publish a new National Cyber Security Strategy, which will outline the use of invested funds and detail the country's strategic approach to combating cybercrime.