Making the UK a hostile place for online crime

1st August 2016

David Abrahams

Recently, the Office for National Statistics published the latest Crime Survey of England and Wales and for the first time included cases of recorded crime committed online.

After years of declining crime figures, last month’s numbers showed a near doubling of crime thanks to the inclusion of 3.8 million cases of online fraud and 2 million cases of cybercrime.

These figures gave an authoritative illustration of something that law enforcement and the internet industry have known for many years – that a lot of criminal activity has moved online. Given business, government, public services and our social lives have all moved on to the web it is unsurprising that criminals have followed. As with business, the internet has offered criminals – and organised crime in particular – the same economies of scale, lower barriers to entry and chance to target a global market that has powered the digital economy.

The task for law enforcement agencies has undoubtedly increased in terms of both scale and complexity as a result of online crime. Relatively ‘straightforward’ cases of fraud are now committed on an industrial scale while cases of hacking and IP theft can be incredibly difficult to detect, let alone investigate and prosecute.

Of course the first line of defence for any individual against online crimes is their own level of knowledge and diligence. We have seen many public and private initiatives that aim to raise awareness of online crime from the Government’s Cyber Streetwise campaign to the current Barclays’ adverts highlighting phone scammers who try to get your login details. There is little evidence that such campaigns are actually effective in changing user behaviour especially amongst the millions of UK small businesses who are increasingly the target of such attacks.

It is clearly unrealistic to expect all small businesses and consumers to be sufficiently skilled to spot the myriad of different types of online crime when technology is developing so rapidly and criminals are quick to exploit new vulnerabilities. It is therefore important that those of us in the internet industry take action to address online crime at the network level rather than simply expecting all users to look after themselves.

At Nominet we believe that the internet and wider technology industry has a responsibility to help law enforcement, businesses and consumers respond to the challenges of online crime to protect the digital economy. We cannot police the whole internet, but through our actions we can make it more difficult for criminals to operate. This responsibility is similar to that of other industries such as car manufacturers who have worked to make their products more difficult to break into, steal and trade on the black market.

There are many practical ways for industry players to address online crime, but these will differ according to the role the company plays in the realm of online transactions. At Nominet we have sought to play our part by having strong rules enforced in a transparent manner, providing additional security for those that need it most, and analysing traffic to identify criminal activity and networks.

Strong rules, robustly enforced

For Nominet this starts by having strong rules about the use of .UK domain names. Our terms and conditions make clear that a .UK domain name being used in connection with criminal activity will be suspended and we work closely with a number of law enforcement agencies to enforce this provision. In our last 12 month reporting period we suspended over 3,800 .UK domain names following notifications from law enforcement agencies. That is a big number and represents a significant amount of effort by a small number of UK law enforcement officers, one of whom was recently recognised for his particular contribution. However, it is important to keep a sense of proportion regarding the level of criminal activity in .UK as the suspensions represent only 0.037% of the 10 million .UK domain names which Nominet manage.

Extra security for high profile domains

There are some companies and organisations which are so widely used and high profile that their domain names can become particular targets for hijack or exploitation for criminal or propaganda purposes. For these domain names we have a special high security Domain Lock service which provides additional layers of security and authentication before any changes can be made to the settings for the domain name. These measures can help foil hacking, social engineering and phishing attacks that aim to take over high profile websites.

Using traffic analysis to identify criminal activity

A third way in which Nominet is seeking to make the internet a more hostile place for criminal activity is through analysing the traffic patterns amongst the three to four billion daily queries that our .UK servers handle. Our turing data visualisation and analysis tool has helped us identify botnets and tackle malware that were making use of .UK domain names. By providing turing as a service to network operators we are enabling them to identify malicious activity on their networks so they can better protect their customers.

Practical action to ensure a vibrant digital future

Nominet will never eradicate online criminal activity from the parts of the internet that we manage, but neither will we rest on our laurels. We believe we have forged a path of responsible management in .UK and we are actively encouraging and supporting other domain name registries to take similar steps. All of us in the internet industry have a role to play in detecting threats, mitigating risks and supporting enforcement action and Nominet will continue to do so as part of our commitment to the creation of a vibrant digital future.