“It always happens on a Friday afternoon,” says Chris Lewis-Evans, Infrastructure Investigations Manager at the National Crime Agency (NCA), of the major cyber incidents that require his attention. “It’s usually around 3pm so there is no chance you have gone home!”
He smiles as he says it, admitting that he is fortunate to not suffer from the stress and intensity of crisis management. “It’s pressurised, of course, but not stressful. I am quite a calm person by nature. I just know that it will pass eventually, and that the work we are doing is worthwhile; we are protecting people.”
Chris is downplaying such critical endeavour; his work protects a nation from increasingly sophisticated and damaging cyber attacks that threaten national stability and security. His specific role sees him managing three different teams within the cyber crime unit at the NCA, covering legislation and policy reviews, victim mitigation, and investigations into misuse of the internet.
It is the ideal job for a man who has “always been interested in the interaction between technology and the world,” as he explains. “I was the child that took things apart, and my Dad was a technical engineer in the RAF, so I guess it was in the family.” There was also evidently a genetic disposition to serve the nation; his sisters serve the police force and within the NHS.
He studied Engineering, Science and Technology at Brunel University and initially worked within the manufacturing industry until a downturn persuaded him to try something new. He joined the civil service in 2002, taking up a technical job with the Home Office, where he stayed for 12 years. Chris moved into the cyber crime unit at the NCA four years ago and continues to love his varied work.
“It’s massively different every day,” he says, “and technically very challenging, because the complexity of cyber crime is increasing all the time. But that’s why I like it. I’m in a management role but thankfully I am never too far from the technical details that I have always enjoyed.”
He makes light of what is clearly a passion; he is a certified ethical hacker and incident handler who spends his evenings reading about innovative new technology or building his own kit. “I’ve never bought a desktop computer, I just make them,” he says. “I made my first one while at university, and now I create a new one every few years. It means I can build the machine how I want it, without unnecessary apps and software.”
Such expert understanding of technology is proving extremely useful to the NCA whilst also supporting regional and local police forces, enhancing their understanding of the digital world in which they must now hunt criminals. “It is very complicated to understand internet infrastructure,” admits Chris, “and things are changing so fast. In the four years I have worked in the unit, the complexity, scale, amount and severity of cyber attacks have all increased. But we have concurrently got better at protecting systems and people. That’s where the messaging is really important, and people like the National Cyber Security Centre (NCSC) are doing a great job at raising awareness of the risks and how to stay safe.”
The hard work is paying off. The UK is known globally as an exemplar of best practice in cybersecurity law enforcement and policy, but there is always more to learn. Chris’ role with the NCA requires him to be part of the ICANN Public Service Working Group (PSWG), alongside leaders of other national police forces, which provides a welcome opportunity to collaborate.
“ICANN is a great community and a great place to learn about all different aspects of the internet business,” says Chris. “For my work especially, being in contact with people working in other parts of the world is critical because cyber crime is international. We need cooperation across borders if we want to have any hope of catching the criminals.”
This close contact and intelligence sharing has already proven fruitful, and Chris points to the recent prosecution of Daniel Kaye as a good example of their work. “It does happen,” he says of arrests, “despite how difficult it can be, and it’s incredibly satisfying when it does. But I don’t believe we will ever stop cyber crime completely.”
Chris is conscious of the additional security challenges that will be presented by new innovations like 5G and an increasing use of IoT, or infrastructure changes such as DNS over HTTPS. “I fear people are adopting new technology too early, before all the issues are properly understood,” he says. “Such rapid change is hard to manage safely and securely.”
His caution should be heeded; this is a man working at the heart of cyber crime and law enforcement, who knows only too well the risks of our digital world.
What would his own advice be to the general public keen to stay secure online? “Don’t turn the computer on,” he says quickly, only half joking. “If you are online, it’s important to double check yourself, and what you are doing. We are used to everything being immediate, but there is no harm in waiting and being sure what you are doing is safe.”