Max Clarke

The Federation Against Software Theft (FAST) has welcomed the government’s proposal to set up a central hub for British firms to report cyber fraud. The recommendation from the Office of Cyber Security (OCS) follows the first government-backed study, which reports that cyber crime costs the UK economy approximately £27 billion a year.

FAST’s chief executive, John Lovelock, warned that while a truly accurate figure for cyber crime losses could only come from a centralised reporting hub, the OCS figures are an alarm call for government and businesses to focus on tackling a problem that costs the UK economy billions each year.

Lovelock said: “We recognise that the OCS’ assessments are based on assumption rather than solid research, however, we cannot ignore their estimations and we certainly welcome the creation of an unbiased, central hub for reporting fraud. Considering the cost of intellectual property theft by industry sector which runs at some 1.6bn for software and computer services, the hub should be managed so that industry can engage and readily deal with the issue.”

Intellectual Property (IP) theft has the greatest economic impact of any type of cyber crime, about £9.2 billion a year, with the report highlighting the hardest hit industries as pharmaceutical, biotechnology, electronic, chemical and IT sectors.

“There needs to be a number of ongoing debates to examine and secure a handle on these issues and if necessary improve legal as well as technological tools to reduce these figures over the short, medium and long term. We welcome OCS’ recommendation in taking a stance towards creating a safer environment for UK businesses, which could be hugely valuable to the UK economy both for businesses and its employees.”

“In working side by side with companies, this initiative has the potential to really drill down in to the issues of IP theft and achieve a greater insight in to the true state of UK cyber crime.”

The report from the Office of Cyber Security (OCS) and Detica stated that the average UK business is losing £10,000 a year thanks to cyber espionage, extortion and other forms of online fraud. In total the UK economy is losing £27bn a year and British businesses account for £21bn of this loss. With 2.1 million UK firms registered for VAT this gives a loss per firm of £10,000.

In a bid to tackle these numbers head on, the OCS is recommending the creation of a website to publicise the issue and to act as a central, anonymous, reporting hub for UK firms to report fraud. It suggests approaching selected companies to ask if they are victims of cyber crime in order to build awareness of the issues and to get some solid data on the problem.

The OCS estimates that the UK government loses £2.2bn due to cyber crime.

This number is based on total tax and benefit fraud in the UK combined with an estimate of how many of these are due to "criminal attacks". The OCS treated all these attacks as cyber crimes "due in the main to the volume of transactions now conducted online".

Lovelock continued: “If the true extent of cyber crime in the UK public sector is anywhere near this number then as a country, we have a lot of work to do. With severe cuts being made across the public sector and our services, tackling cyber crime must remain a crucial strategy for the UK government.”

“Building awareness of the issues surrounding cyber crime is vital in reducing cyber crime and the damaging effects it is having on the UK economy. All stakeholders need to come together whether they are rights holders, anti-piracy bodies, government agencies or businesses themselves. FAST believes that all interested parties have a duty to educate the wider public, not only on the individual issues they work with but the wider problem of cyber crime and fraud. This is why we all need to come together to support this new hub and start taking control over the escalating levels of cybercrime that we are seeing here.”

The OCS warned: "Our assessments are, necessarily, based on assumptions and informed judgements rather than specific examples of cyber crime, or from data of a classified or commercially-sensitive origin."