The articles on this page are either produced by the operator of the website, from national publishers or Government departments. Where the information is from an external source all information on the origins of the article will appear under the title.

Links annotated [Option 1] will direct you to a website that will possibly download a 3rd party cookie to your computer. Your Browser or security software may be set up to prevent this download from taking place.

NEWS 2015 can now be found within the ARCHIVE menu.




HAPPY NEW YEAR - SOME SUGGESTED RESOLUTIONS - FOR YOUR SAFETY

- Always be aware of where you are, be familiar with your surroundings (exits etc).
- Be aware of alternative ways to get home from work if using either public transport or your own means (car).
- Be aware of how you can walk home from your place of work, the shops or an excursion
- Test your smoke alarm and replace old batteries - replace unit if necessary, they are only £5 !
- Always ensure that uPVC doors are locked correctly
- Keep computer security software up to date on your computer.
- Regularly check bank and credit card statements for fraudulent transactions.
- Shred unwanted bank, credit card and utility statements. Don't just place them in the bin.
- Reduce liklihood of skidding - check that the tread on your car tyres meet the legal depth.
- Always ensure that you home looks occupied, even when you are out. Use a timeswitch on a tablelamp so it lights up when dark.
- Before withdrawing cash from an ATM check the machine and surround for suspicious items. Ideally withdraw cash from ATM's sited at banks or ask for "cashback" when instore (supermarket etc).
- Don't give any personal details to anyone requesting them, even if they say they are the Police
- Don't give any time to unsolicited phone calls, regardless of who they say they are. Hang-up
- Don't give your bank details to anyone requesting them, even if they say they are the Police
- Don't allow anyone into your home unless there is a pre-arranged appointment and the caller has a valid passcard. Also take the passcard and call the helpdesk telephone number, bonafide employee's will not mind.

(1st January 2017)


DECEMBER 2016


ABLE-BODIED MOTORISTS "GETTING AWAY" WITH DISABLED PARKING FRAUD
(The Telegraph, dated 31st December 2016 author Patrick Sawer)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/12/31/able-bodied-motorists-getting-away-disabled-parking-fraud/

Hundreds of able bodied motorists are getting away with illegally using disabled parking permits because local authorities are failing to take action against them.

An investigation has revealed that dozens of English councils fail to prosecute motorists for fraudulently using disabled parking permits.

Some 61 out of 152 local authorities told the Department for Transport (DfT) they do not have a policy for prosecuting drivers who abuse the blue badge scheme.

Disability campaigners have described the figure as reflecting a "staggering" failure by councils to exercise their "duty" to defend the interests of both disabled people and taxpayers.

James Taylor, head of policy at disability charity Scope, said: "Many disabled people rely heavily on their blue badges to live independently and we need to crack down on misuse of the system wherever possible.

"It appears that some councils take their work to weed out those who are not disabled more seriously than others."

Blue badges allow disabled people to park free of charge in pay and display bays and for up to three hours on yellow lines. Furthermore holders in London are exempt from having to pay the congestion charge.

Campaigners point out that it is a criminal offence to commit blue badge fraud.

The Road Traffic Regulation Act 1984 means that councils can fine up to £1,000 for misuse, while the Disabled Persons Parking Badge Act 2013 gives more power to authorities to cancel badges and for parking enforcers to issue fines for badges that are misused, out of date, fake or cancelled.

Councils in England took legal action against 896 motorists for blue badge misuse in the 12 months to the end of March, according to the DfT.

Almost all (98 per cent) cases involved drivers using someone else's blue badge,an analysis of official figures by the Press Association revealed.

But the total number of prosecutions was down 9 per cent on the previous year's figure of 985.

Steve Gooding, director of motoring research charity RAC Foundation, said: "The penalties for blue badge abuse are stiff - fines of up to £1,000 - but that is no deterrent if councils have no policies for prosecutions.

"This isn't the biggest crime wave the country faces, but abuse of the system creates huge levels of ill feeling and risks bringing into disrepute the whole scheme, which is invaluable for those who really need it."

A spokesman for the Local Government Association, representing local authorities in England and Wales, disputed the accuracy of the DfT figures, saying some councils listed as not having a policy for prosecuting abuse of the scheme do have reporting mechanisms for such incidents.

He said: "Councils take blue badge fraud seriously and are working hard to combat it.

"Gathering evidence and mounting a prosecution can be time-consuming and expensive, but councils know their areas and are best placed to decide the most effective way to tackle it."

A spokesman for the National Police Chiefs' Council said responsibility for prosecuting blue badge misuse rests with local authorities and police do not engage in penalising offenders.

(1st January 2017)


TINDR AND GRINDR LINKED TO MORE THAN 500 CRIMES
(The Telegraph, dated 31st December 2016 author Lisa Kjellsson)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/12/31/tinder-grindr-linked-500-crimes-figures-show/

Dating apps have been linked to more than 500 crimes in England and Wales - and almost a third are sex offences, figures show.

More than 500 people have been the alleged victims of crimes ranging from murder and rape to child abuse as a result of using popular dating apps, data reveals.

The figure come after serial killer Stephen Port was last month convicted of murdering four men he met on gay dating websites and apps, such as Grindr.

Data compiled by almost three-quarters of police forces across England and Wales listed 523 crimes from the past five years where official logs included the words Tinder or Grindr.

Among the highest incidences of crime linked to them, 98 were recorded in London, 58 in Greater Manchester and 49 in Merseyside, the Daily Mirror reported using information from Freedom of Information requests.

Across the country, officers reported at least 162 sex offences connected to the two apps, including 63 rapes. In 2016, Greater Manchester Police recorded 12 rapes. Only two were logged a year earlier.

Forces reported several sex attacks on children plus cases of grooming, child prostitution and child abuse images. Thefts, assaults, harassment and malicious messages were commonplace. Drug trafficking, blackmail and criminal damage were also reported.

Tony Neate, chief executive of the organisation Get Safe Online, said: "Dating, and the way we meet potential partners, has seen a huge change as a result of the internet, social media and mobile phone apps.

"While online platforms such as Tinder and Grinder are making it easier for busy people to meet others, the risk of meeting someone who is abusive or physically violent also increases.

"It is concerning to see this rise in the number of crimes involving dating apps, and particularly worrying to hear of the number of young people falling victim to sexual offences."

He added: "There are, however, a number of ways to vet a potential date before you decide to meet them face to face, which could protect you from a risky situation. Firstly, pick a username that doesn't reveal who you are. Also take things slowly when it comes to sharing personal information or content with someone new online, remember that they are still a stranger who you know little about.

"Similarly, it doesn't hurt to do some investigation of your own before you decide to meet up - see if the person you're interested in is on sites like Facebook or Twitter.

"If you do organise to meet someone face-to-face for the first time, make sure you arrange your date for a public place and ensure a friend or family member knows where you are and is at the end of the phone if things go badly.

"Finally, trust your instincts - if it doesn't feel quite right don't be afraid to block or report the person, or leave the date before the end."

Grindr and Tinder did not reply to requests for comment.

(1st January 2017)


ANDROID TROJAN TRIADA - STEALS MONEY (Extract)
(TechTarget, dated 2nd December 2016 author Michael Cobb)

Full article [Option 1]:

http://searchsecurity.techtarget.com/answer/How-does-the-Android-Trojan-Triada-infect-a-devices-core-processes

An Android Trojan was discovered by Kaspersky Lab researchers, which they claim is capable of infecting and modifying Android's Zygote core processes. The Android Trojan, dubbed Triada, is also harder to detect.

Zygote is the parent process for all Android applications and is used as a template for every application. Triada modifies the Android Zygote process, becomes a part of every app that is run on the device and can modify how they work.

The Android Zygote process has only previously been exploited in proof-of-concept demonstrations, but researchers at Kaspersky Lab who discovered Triada say it's the most advanced mobile malware they've seen.

Once installed, Triada tries to collect information about the system, like the device model, the OS version, the free space on the SD card and a list of the installed applications. It then tries to steal money by subverting in-app purchases made using SMS, but this will surely change as attackers extend and alter its functionality.

This information is sent to a command-and-control server, which then sends back a configuration file and a list of modules to be installed.

Devices running Android 4.4.4 KitKat and earlier versions of the Android OS are at the greatest risk.
Some form of mobile management or antivirus solution should be used to help keep users' devices malware free.

Sadly, if a device is infected with the Triada Android Trojan, the only reliable way to remove it is to completely wipe and reimage it.

(1st January 2017)


A POSTMAN WROTE A ROUTE 66 TRAVEL GUIDE FOR BLACK PEOPLE
(BBC News, dated 23rd December 2016 author Regan Morris)

Full article : www.bbc.co.uk/news/world-us-canada-38370631

America's Route 66 is the ultimate symbol of freedom and mobility, but before the 1960s the motorway could be fraught with danger for black travellers. A unique travel guide helped keep them safe.

Travelling already has its stresses, but for black families and businesspeople in the 20th Century, trying to navigate through the many "sundown towns", where African Americans were forbidden after dark, added an extra threat.

But they had some help. From 1936-66, an entrepreneurial postman from Harlem published and sold The Negro Motorist Green Book, an annual guide to safe places along Route 66 and across the country.

"It was so much more than a black travel guide," says Candacy Taylor, who has been documenting Green Book sites along Route 66.

"It was more than hotels and restaurants. It listed different stores and churches, barber shops and beauty salons and mechanics."

Victor Green, the postman who created the guidebook, knew that a flat tyre in a "sundown town" for a travelling black family could become much more than an inconvenience.

Violent racist attacks were real possibilities for black travellers. Humiliation and intimidation were almost guaranteed.

Ms Taylor stumbled upon the Green Book while writing about Route 66.

She was surprised the guidebook wasn't well known or that the businesses that helped black travellers weren't being valued as culturally significant sites.

For African Americans who travelled during segregation, many of the sites will never be forgotten.

Actor Lamont Easter remembers family road trips fondly and marvels that his dad shielded him and his siblings from discrimination.

The children never realised until they were much older that some places were off-limits to them.

His father, James Easter, was in the Navy and the family often stayed at military bases when they travelled or they would go camping.

But Mr Easter had a Green Guide "as a security blanket".

"I was always concerned but not worried," he said of driving across the country.

"I was a mechanic and an engineer. If I broke down I could fix things."

Mr Easter knew what it was like to sit on the back of the bus and be forced to wait outside a restaurant while his white colleagues ate inside - and he didn't want his children to experience the same.

"I had a wife and kids going with me across the country and I didn't want to subject them to any unpleasant things," says Mr Easter, who is now 81.

He said black families typically packed picnic lunches so they wouldn't be caught hungry near a row of restaurants unwilling to serve them.

The guidebooks were sold in Ebony Magazine and at Esso Standard Oil stations along highways.

In rural areas, the book listed private homes where people could spend the night safely in towns where hotels wouldn't accommodate black customers.

The books were modelled on similar guidebooks for Jewish travellers.

"It's an incredible archive of black entrepreneurs - look at the people who were opening their businesses up," Ms Taylor says.

"There was a great variety of black business and exclusive prestigious properties, like the Biltmore Hotel" in Los Angeles and The Dunbar Hotel, which was the heart of Los Angeles' African-American culture in the 1930s and 1940s.

Despite their fame, stars like musician Louis Armstrong, boxer Joe Louis and jazz singer Billie Holiday couldn't stay anywhere they wanted during segregation and The Dunbar, built by a black dentist, was "the Waldorf Astoria for black people", Ms Taylor says.

Forty-four of the 89 counties along Route 66 had sundown towns, she says, adding that the West Coast was in many ways more dangerous than the segregated South, because in the South people knew where they stood.

Racist businesses were clearly marked: No Blacks.

Stefan Bradley, a professor of history and African-American Studies at Saint Louis University, says the book helped people avoid the humiliation of being refused access to a restroom or simply buying coffee and a pie in a restaurant, while also keeping them safe.

"It was small but it was powerful because it spoke to the idea that black people would find a way to get around the kind of racism and oppression that existed in the country at the time," Mr Bradley says.

"The idea that one man - not a superhero but rather a postman - would figure out a way to help African Americans feel human when they were travelling - that makes it a powerful little book."

Ms Taylor says she is working with city officials in Los Angeles to help protect and preserve some of the historic sites.

"We should at least put a plaque up so somebody knows - at least before they are all torn down," Ms Taylor says.

She has catalogued more than 2,700 locations over the last few years and is pushing for more preservation, adding that there is a lot of misinformation on the internet about Green Book sites.

"There is so much we don't know," Ms Taylor says. "People had no idea how many sites there were - it's very exciting for historians."

(1st January 2017)


HEATHROW BAGGAGE HANDLERS SMUGGLED COCAINE
(London Evening Standard, dated 14th December 2016 author Martin Bentham)

Full article [Option 1]:

www.standard.co.uk/news/crime/police-smash-drugs-gang-using-heathrow-airport-baggage-handlers-to-smuggle-cocaine-a3420116.html

A major drugs gang which has used corrupt baggage handlers to smuggle millions of pounds worth of cocaine through Heathrow airport was busted today in a wave of arrests.

A total of 11 people, including one woman, were held as 125 officers from the National Crime Agency and police carried out early-morning raids across London and the South-East. They included three baggage handlers from Heathrow.

Others detained included people allegedly linked to drugs barons in South America, from where cocaine and cannabis were being flown in, and alleged British "wholesalers" responsible for selling the drugs to street dealers.

Four were arrested at an address in Stoke Newington. Others were held in Tooting, Thornton Heath, Hayes, Chigwell and Banstead.

An inmate at London's Wandsworth prison was also arrested. His alleged involvement in the drugs operation is understood to have taken place before he was jailed.

Today's action follows the seizure of about 100 kilos of cocaine, with a street value of at least £10 million, and 50 kilos of cannabis at Heathrow over the past 15 months.

Most of the drugs were flown in from Brazil to be smuggled through Customs by corrupt baggage handlers and given to a London-based organised crime gang.

The criminal operation will raise concerns about security at Heathrow and the vetting system that is employed to check baggage as well as other staff who are cleared to work in the airport with access to planes and their cargo.

All the suspects held today were arrested on suspicion of conspiring to import class A drugs and are now being questioned at police stations around London. The ages of those held range from 24 to 60.

The National Crime Agency's senior investigating officer David Reynders said as he announced the arrests today: "Large-scale drug smuggling through UK airports is high risk for organised criminals.

"This operation was coordinated to strike simultaneously at as many parts of the suspected drugs ring as possible.

"The NCA is grateful for the support and co-operation it has received from the airport authorities and Border Force, all of whom have a vested interest in protecting the security of our borders."

Officials indicated that there was no evidence of other items, such as firearms, being smuggled through Heathrow by the baggage handlers who were arrested today over the drugs allegations. The security breach is, however, certain to lead to questions about the ability of those with criminal intent to obtain clearance to work at the airport - particularly given the continuing terrorist threat to flights.

In the case of today's drug arrests, it is understood that most of the seizures were the result of intelligence that enabled the NCA to identify the flights on which the cocaine and cannabis were being smuggled in.

The coordinated raids were intended to ensure that as many as possible of those involved in the gang, including those masterminding the operation, were arrested.

###uaware comment

It is not a case of what baggage handlers can smuggle off of a plane, but what they could smuggle on. It may not just be an extra toilet roll !

(1st January 2017)


START OF THE YEAR BUSINESS PREDICTION, DID THEY GET IT RIGHT ?

Bearing in mind the referendum was well advertise for 2016 it is no surprise that lack of skills was classed as a threat, especially as employers don't want to foot the cost of training people. This lack of enthusiasm ranges from curry houses "needing" to hire chefs from Bangladesh to multi-national IT companies bringing staff over from India to work on projects in the UK ! Couple this with two decades of Governments failing to encourage colleges to provide vocational courses at reasonable cost has discouraged people from signing up and improving "their lot". For example, an electicians course under 20 years ago was around £150, its now approaching £2000 if you are already employed; if you are a labourer with a family, how can you afford that ?

Acts of terrorism is again not much of a surprise considering the disasters that have occured in Syria, Iraq and Libya. The UK and Germany have declared that over 500 of their citizens have gone to these country to fight; and currently have the right to return.

As for cyberattacks and data breaches, companies are oblidged to inform the ICO (Information Commissioners Office) in the event of data breaches of customer data, but do they really ? Unless hundreds of customers realise they have a problem with the data held by a company you can bet that nothing will be formally reported. Then again IT managers do talk to each other if not the authorities and it was probably they who saw a "Tidal Wave" of trouble coming in 2015. Then again, what if your supplier is a multi-national not based in the UK outside the ICO jurisdiction.

------------------

CYBERATTACKS VOTED THE TOP BUSINESS THREAT FOR A SECOND YEAR RUNNING - Extract
(The Telegraph, dated 25th February 2016 author BSI)

Full article [Option 1]:

http://www.telegraph.co.uk/business/british-standards-institution/cyberattacks-voted-top-business-threat

A lack of talent and key skills enter the top 10 business threats with failure to analyse trends creating a dangerous blind spot for organisations.

Businesses perceive cyberattacks as the top threat in 2016, according to the fifth annual Horizon Scan report published this month by the Business Continuity Institute (BCI), in association with BSI. The threat of a data breach rises to second in the list, up one place from 2015.

The annual BCI Horizon Scan assessed the business preparedness of 568 organisations worldwide and shows that 85pc of Business Continuity managers fear the possibility of a cyberattack, with 80pc worried about the possibility of a data breach similar to the ones suffered by Carphone Warehouse and Sony.

A recent industry report[1] highlights the annual cost of cybercrime per UK company, which now stands at £4.1m, a 14pc increase in mean value since last year.

This year's global top 10 threats to business continuity are:

1. Cyberattack - static
2. Data breach - up one place
3. Unplanned IT & telecom outages - down one place
4. Act of terrorism - up five places
5. Security Incident - up one place
6. Interruption to utility supply - down two places
7. Supply chain disruption - down two places
8. Adverse weather - down one place
9. Availability of key skills - new entry
10. Health and safety incident - new entry

(1st January 2017)


ALMOST 500 PEOPLE ARRESTED SINCE LEGAL HIGH BAN INTRODUCED
(The Telegraph, dated 28th December 2016 author Nicola Harley)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/12/28/almost-500-people-arrested-since-legal-high-ban-introduced/

Nearly 500 people have been arrested since a ban on so-called legal highs came into force six months ago, the Home Office has said.

Just four people have been jailed since psychoactive substances were outlawed at the end of May, but the Government said more are progressing through the courts.

The designer drugs, which produce highs similar to cocaine, cannabis and ecstasy, have been linked to hundreds of deaths and fuel anti-social behaviour.

They have increasingly become the drugs of choice for prisoners, and have been blamed for contributing to rising levels of violence in Britain's troubled jails.

Some 492 people were arrested in the six months after the legislation came into force on May 26.

Four people have been jailed including William Cook, 29, of Milton Keynes, who was handed three and a half years after being caught with hundreds of canisters of nitrous oxide - dubbed hippy crack - at the Electric Daisy Carnival, the Home Office said.

Some 332 shops across the UK have stopped selling the drugs while 31 head shops - which sell drugs paraphernalia - have closed down.

Under the Psychoactive Substances Act, offenders can face up to seven years in prison, while orders can be issued to shut down head shops and online dealers.

Home Office minister Sarah Newton said: "We banned new psychoactive substances because they are not safe, they can devastate lives and we will not tolerate them in this country.

"I am pleased to see the police making full use of the new powers, arresting dealers and ensuring they are punished with prison sentences which reflect the seriousness of this crime.

"At the same time as supporting law enforcement in tackling the supply of illegal drugs, we are also taking action to prevent the harms caused by their use - from educating young people about the risks to helping dependent individuals through treatment."

In 2015, new psychoactive substances were involved in 204 deaths in the UK - up 25% from 163 deaths in 2014, the Home Office said.

Commander Simon Bray, the National Police Chiefs' Council's lead on new psychoactive substances (NPS), said: "The Psychoactive Substances Act fundamentally changed the way the police tackle the supply and distribution of these dangerous drugs.

"Across the country officers are using the full range of powers to enforce the law, and the figures released today highlight their commitment to reducing the availability of these harmful substances.

"I am confident that together with education, local authorities and other enforcement agencies, we can continue to disrupt the supply and accessibility of these drugs and prevent the damage they can cause."

(1st January 2017)


97 NAIL BAR WORKERS ARRESTED IN CRACKDOWN ON "BARBARIC" MODERN SLAVERY
(The Telegraph, dated 28th December 2016 author Telegraph Reporters)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/12/28/97-nail-bar-workers-arrested-incrackdown-barbaric-modern-slavery/

Scores of people were arrested on suspicion of immigration offences in a crackdown on alleged illegal working in nail bars.

A total of 97 people were held during the week-long operation launched at the end of last month.

It also saw dozens of businesses warned they could face fines and 14 people identified as potentially being at risk of modern slavery.

The activity was part of Operation Magnify, a cross-government drive to clamp down on illegal working by targeting specific "risk" industries.

Immigration Minister Robert Goodwill said: "This operation sends a strong message to those employers who ruthlessly seek to exploit vulnerable people and wilfully abuse our immigration laws.

"Modern slavery is a barbaric crime which destroys the lives of some of the most vulnerable in our society.

"This Government has taken world-leading action to tackle it by introducing the Modern Slavery Act, giving law enforcement agencies the tools they need and increasing support and protection for victims.

"At the same time, we have also introduced strong measures through the Immigration Act to tackle illegal working, including making it easier to prosecute employers who repeatedly break the rules and creating the power to temporarily close businesses that do not comply with the law."

The operation, led by Immigration Enforcement, took place from November 27 to December 3 and saw officers visit more than 280 businesses across the UK.

The majority of the 97 people arrested were Vietnamese nationals, but the number also included suspected immigration offenders from Mongolia, Ghana, China, Nigeria, Pakistan and India.

Those who are potential victims of trafficking will be offered support, while those who have no right to be in the UK will be removed, the Home Office said.

Officers also issued notices to 68 businesses warning them they may be liable for financial penalties of up to £20,000 per illegal worker found if they cannot provide evidence that appropriate right to work document checks were carried out.

Fourteen people were referred to the National Referral Mechanism hub, which supports those identified as possible victims of slavery and human trafficking.

Operation Magnify is an initiative aiming to tackle exploitative employers who provide low-paid jobs to illegal migrants.

It focused on the construction, care, cleaning, catering, taxi and car wash industries during 2016, with further activity in similar sectors planned for 2017.

(1st January 2017)


US TOURIST SLAMS DELHI POLICE OVER RAPE INQUIRY
(The Times, dated 27th December 2016 author Atish Patel)
www.thetimes.co.uk [Option 1]

An American teacher who says that she was gang-raped in a five-star hotel while on holiday in India has returned to the country and criticised the police investigation.

The unidentified woman, 25, alleges that she was drugged and repeatedly raped over a two-day period in the hotel room where she was staying. She claims that three men working for the tour operator and two employees of the hotel in central Delhi were involved.

The alleged attack happened in April when the teacher travelled to India on a package tour. However, an investigation was not opened by police until early this month after a US-based charity, Americans Overseas Domestic Violence Crisis Center, reported to them that a woman had been attacked.

Yesterday Indian police said that they had arrested four men. Rakesh Kumar, a police officer, said that the suspects were a tour guide and his associate, a driver and a hotel worker.

The women aid that the assault had caused her to lose her memory and tha she only rgained it three months later once she was back in the United States.

Returning to India to undergo a medical examination and record a statement in court, she has also conducted a series of media interviews and told the Hindustan Times that she had been left emotionally scarred and was seeking justice as a "sense of healing".

She claimed that the police investigation had been slow and shoddy and named three of the alleged attackers. "I don't think they are doing everything that they can....I am definitely worried that I may not get justice," she told the newspaper. "I think there were mistakes made by the police".

In one television interview, in which her voice was not disguised but her face was blurred, she appeared composed as she criticised the investigation.

The women said that the five men had gained entry to her room on the pretext of talking to her about travel details. She said that she felt drowsy after drinking water that they offered her.

Sexual assaults on women, including tourists, are widespread in India. Last year more than 34,000 rapes were reported across the country.

The woman said that she had alwasy wanted to visit India despite bing advised by friends and family not to go. "I feel there should be a stronger law for protecting tourists from rape in India," she told India Today.

uaware - Further Information

FOUR MEN ARRESTED IN NEW DELHI ON CHARGES OF RAPING AN AMERICAN TOURIST (Extracts)
(International Business Times, dated 27th December 2016 author Pavitra Dwibhashyam)

Full article [Option 1]:

www.ibtimes.co.uk/four-men-arrested-new-delhi-charges-raping-american-tourist-1598207

- Last month, a Japanese tourist was assaulted in south India.
- Five men were jailed for life in June for gang-raping a 52-year-old Danish woman in 2014 in Delhi.
- In the wake of the fatal gang rape of Jyoti Singh in December 2012 in Delhi, tough laws were introduced against sex offenders.

(1st January 2017)


GUILTY BY EMAIL LEADS TO FEARS OVER OPEN JUSTICE
(The Telegraph, dated 26th December 2016 author Martin Evans)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/12/26/guilty-email-leads-fears-open-justice/

Proposals allowing people to plead guilty to minor offences online could erode the principle of open justice, campaigners have warned.

Changes to the Prisons and Court Reform Bill could see up to 900,000 people who are charged with offences such as fare dodging and traffic violations, circumvent the courts system by pleading guilty remotely.

They would also be able to accept the conviction and pay the fine, all at the touch of a button.

The idea is to save money, streamline the system and free up magistrates courts to deal with more serious offences.

But critics fear the proposals could be the thin end of the wedge and could seriously erode the principle of justice needing to be seen to be done.

The Magistrates' Association has warned that a shift away from legal hearing taking place in open court in from of the judiciary may be "unpalatable for many people" and could "lower confidence in the criminal justice system".

Malcolm Richardson, who chairs the association said: "We are concerned about the principle of handling entire criminal cases without the involvement of independent judicial decision makers.

"A core principle of our system is that justice is seen to be done and we don't see how clicking a button and staring at a computer screen with no judicial involvement represents that."

The proposals would initially only cover minor motoring offences, fare dodging and fishing without a licence, but if successful the system could be rolled out to also include TV licence evasion and fly-tipping.

(1st January 2017)


FOOD CRIME UNIT SET UP OVER HORSE MEAT SCANDAL HAS STILL NOT RESULTED IN ANY PROSECUTIONS
(The Telegraph, dated 25th December 2016 author Nichola Harley)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/12/25/4m-food-crime-unit-set-horse-meat-scandal-has-still-not-resulted/

Britain's food-policing unit which was created following the horse meat scandal has still not resulted in any prosecutions despite costing the taxpayer £4m.

The National Food Crime Unit (NFCU) was created two years ago but as yet its work in deadly diet pills, horse meat or wine fraud has not led to any criminal charges being bought against anyone.

It comes as the unit, which costs £2m a year to run, receives at least five phone calls a day from whistleblowers reporting crimes within the food industry.

Its new whistleblower helpline, set up three months ago, has so far received more than 300 calls.

The unit was formed following an inquiry by food safety expert Professor Chris Elliott into horse meat in the food chain in 2013 after it was revealed that horse meat had found its way into products sold as beef and lamb.

He warned that government cuts had dismantled much of the local-government apparatus, such as trading standards departments, and recommended a dedicated unit was created.

But yet three years on, despite the creation of the NFCU, the Food Standard's Agency (FSA) is set to allow "trusted" retailers to be given special permission to police themselves to save money.

Tesco has been selected to pilot the scheme despite being at the centre of the horse meat scandal just four years ago, in which burgers being sold as "beef " actually contained mince made from horses.

Last month an independent steering group looking into its future has recommended the NFCU should be given more teeth to make it an arms-length body of the FSA with investigatory powers.

It is present form the NFCU has no investigatory powers and instead works with partners including local authorities and the police to tackle food crime.

John O'Connell, chief executive of the TaxPayers' Alliance, said: "Politicians are far too quick to set up quangos in response to events, just to be seen to be taking action - but all too often it is little more than an expensive gesture paid for by taxpayers.

"If it is found that there is much less for this organisation to do than originally anticipated then it should be scaled down to a more appropriate size, which has the added benefit of saving taxpayers' money. The infamous bonfire of the quangos never really got going and there is still enormous scope to roll back the state."

The FSA says the unit has only been fully operational for the last nine months and is working on a number of criminal investigations.

"In that time it has focused on building links with sources of information in order to better understand the nature and scale of the food crime threat," it said.

"In March the unit published the world's first strategic threat assessment of food crime which set out that understanding. Since the launch of its operational capability this Spring, the unit is supporting local authority enforcement partners in respect of a number of criminal investigations.

"As these are on-going it would not be appropriate to go into greater detail at this point."

###Further information - uaware

For background to this article see "Sweeney Todd" webpage in the Archive section.

(1st January 2017)


DUBAI POLICE LAUNCH AI THAT CAN SPOT CRIMES BEFORE THEY HAPPEN
(Daily Mail, dated 23rd December 2016 authors Cheyenne MacDonald and Shivali Best)

Full article [Option 1]:

www.dailymail.co.uk/sciencetech/article-4062936/Dubai-police-launch-AI-spot-crimes-happen-Crime-Prediction-software-identifies-patterns-human-miss.html

- Crime Prediction software analyzes existing patterns from police databases
- It uses the data to predict when and where an event is likely to occur next
- It's hoped this can alert patrol teams to which districts may need more attention

Minority Report-style crime prediction has edged closer to reality with a new AI software launched in Dubai.

Space Imaging Middle East announced that the Dubai Police force has deployed its Crime Prediction software, which analyzes patterns from police databases and attempts to spot when and where an event is likely to occur next.

The software uses 'sophisticated algorithms' to make its predictions, and according to the firm, the data it generates is 'highly accurate.'

According to SIME, the technology can alert patrol teams to which districts may need more police attention in order to prevent a crime.

'This software is uniquely intelligent in its capability to accurately discern intricate patterns of criminal behaviour in seemingly unconnected events and then predict the probability of reoccurrence,' said Spandan Kar, Head of SIME's GIS Division.

'We are confident that these precise analytics, when combined with the knowledge and instincts of experienced police officers, will create a formidable force to deter crime.'

The idea of using artificial intelligence has sparked controversy in recent months, as some have claimed it may come with unintended consequences, or even operate with racial biases.

In September, researchers published a report arguing that the technique will have a positive impact on crime prevention. But, they warned it could also put millions of jobs at risk.

The prediction comes from a major piece of research called 'Artificial Intelligence and Life in 2030' by researchers at Stanford University.

They say that 'predictive policing' will be heavily relied upon by 2030.

The report points out that machine learning, which allows computers to learn for themselves, is already being used, and could have major implications for fighting crime.

While police could use this method for catching criminals, it could also lead to an 'overbearing or pervasive' presence, the researchers warn.

AI could also lead to the loss of millions of jobs, although the researchers say that it will create new kinds of jobs.

In their paper, they wrote: 'But the new jobs that will emerge are harder to imagine in advance than the existing jobs that will likely be lost.'

AI is already being used to combat financially motivated crimes, such as fraud and to scan social media to 'prevent those at risk from being radicalised by ISIS or other violent groups.'

But as AI technology develops and becomes more advanced, the range of applications is set to grow.

The researchers said: 'Law enforcement agencies are increasingly interested in trying to detect plans for disruptive events from social media, and also to monitor activity at large gatherings of people to analyse security.

'There is significant work on crowd simulations to determine how crowds can be controlled.

'At the same time, legitimate concerns have been raised about the potential for law enforcement agencies to overreach and use such tools to violate people's privacy.'

In the 2002 film, Minority Report, police use a psychic technology to arrest and convict murderers before they commit their crime.

But the researchers say that the AI prediction tools will not be human biased, and instead will work by identifying trends in pre-existing crimes.

For example, surveillance cameras could send alerts to police when they see a person lingering down a dark alley, which suggests they may be about to perform a crime.

The team said: 'Machine learning significantly enhances the ability to predict where and when crimes are more likely to happen and who may commit them.'

But society's acceptance or resistance of AI technologies is what will determine their success, according to the researchers.

They added: 'If society approaches these technologies primarily with fear and suspicion, missteps that slow AI's development or drive it underground will result, impeding important work on ensuring the safety and reliability of AI technologies.

'On the other hand, if society approaches AI with a more open mind, the technologies emerging from the field could profoundly transform society for the better in the coming decades.'

(1st January 2017)


HUGE COUNTERFEIT GOODS HAULS BEING INTERCEPTED AT UK BORDERS
(The Guardian, dated 23rd December 2016 author Press Association)

Full article [Option 1]:

www.theguardian.com/uk-news/2016/dec/23/counterfeit-uk-borders-christmas

Festive shoppers are being warned to be on the alert for fake goods after it emerged massive hauls are being intercepted at Britain's borders.

Aftershave, cuddly toys, trainers, scarves and Harry Potter wands are among items seized by the Border Force in the weeks before Christmas.

More than 83,000 items were confiscated at airports in a single operation across six days earlier this month.

Other recent seizures at UK ports and hubs, with an estimated value of more than £1m, include: 900 fake Burberry scarves; 100 Harry Potter wands and 3,000 counterfeit Pokémon, Nintendo and Minecraft cuddly toys; 137 fake Louis Vuitton handbags; 300 fake Sony PlayStation PS3 controllers; and 941 pairs of fake Nike Air Max trainers.

The details were released by the government as authorities warned festive shoppers against buying counterfeit items as last-minute presents.

Immigration minister Robert Goodwill said: "The international trade in counterfeit goods undercuts honest traders and is linked to serious and organised crime, sweatshop working practices, child labour and even the funding of terrorism.

"Unsuspecting customers are also left out of pocket with inferior and potentially dangerous goods.

"We are determined to crack down on this criminality and Border Force officers help protect consumers by working around the clock at ports, airports and mail sorting centres identifying and seizing counterfeit goods."

Once items are seized, Border Force's specialist international trade teams work with the owners of big brands to establish whether or not goods are genuine.

If they are fake, the items are destroyed and the rights holders can then decide whether to privately prosecute the importers.

Matthew Cope, of the Intellectual Property Office, said: "We have worked with Border Force and rights holders at borders across the UK to intensify our efforts in targeted pre-Christmas activity.

"We have detained goods destined for shops and markets, proving the worth of the co-ordinated approach. It is important that we have a united response and that people are protected from this type of crime.

"Anyone looking for a bargain this Christmas should be wary of prices which look too good to be true, from cut-price alcohol to heavily discounted electronics, and report anything suspicious."

(1st Janaury 2017)


GROUPON FRAUDS BLAMED ON THIRD-PARTY PASSWORD BREACHES
(The Register, dated 22nd December 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/12/22/groupon_fraud/

Groupon has blamed fraudulent purchases from some UK customers' accounts on password leaks from other sites.

UK consumer website MoneySavingExpert reports that "a number of Groupon users have seen £100s siphoned from their banks in recent weeks after fraudsters commandeered their accounts to make unauthorised purchases." The first sign of fraud cropped up earlier this month, with Groupon account-holders receiving confirmation emails for products they hadn't purchased. Groupon's customer service has been criticised as taking up to 10 days to respond to subsequent complaints of fraud.

In a statement, Groupon played down the scale of the fraud and blamed problems of password reuse by its customers rather than any hack on its systems.

There has been no security breach or 'hack'. What we are seeing however is a very small number of customers who have had their account taken over by fraudsters. Nothing out of the ordinary for an e-commerce site.
Typically, we see this kind of activity when customers use the same password across multiple online sites. When one of the other sites is compromised, fraudsters attempt to use those credentials in other places.

If customers believe they've been the victim of fraud, they need only to contact us, and we'll lock the account so no other pernicious activity can take place and refund any unauthorised purchases
.

Fraudsters appear to have gained access to Groupon accounts after accessing log-in and password information leaked followed the compromise of third-party websites. Password reuse by victims has enabled cybercrooks to mount successful credential stuffing attacks. Attacks of this type have affected the UK National Lottery and online takeaway firm Deliveroo over recent weeks.

Ilia Kolochenko, CEO of web security firm High-Tech Bridge, commented: "Chained attacks, using compromised passwords and personal data from previous breaches, will continue growing in the future. Many people use the same password or secret question on all their accounts, and once a single account is hacked, others can be easily compromised in a domino effect.

"Moreover, even if users have different passwords, they frequently use similar ones, making them easily guessable," he added.

(1st January 2017)


ANTI TERROR POLICE REMOVE 250,000 PIECES OF EXTREMIST PROPAGANDA FROM INTERNET
(London Evening Standard, dated 23rd December 2016 author Justin Davenport)

Full article [Option 1]:

www.standard.co.uk/news/crime/antiterror-police-remove-250000-piece-of-extremist-propaganda-from-internet-a3427336.html

A specialist anti-terror police unit has removed around 250,000 pieces of extremist propaganda from the internet since its launch six years ago.

The Counter Terrorism Internet Referral Unit has contacted around 300 companies around the world to remove material that includes beheadings, speeches urging violence and bombmaking instructions.

It trawls the web searching for extremist content as well as investigating reports from the public. This year, officers removed more than 121,151 pieces of extremist material, more than double the 55,556 last year.

The initiative aims to fight back against Islamic State's use of the internet to gain recruits and incite acts of terror.

In recent years an increasing number of "lone wolf" fanatics convicted of terrorism are believed to have been radicalised online.

Detective Chief Superintendent Clarke Jarrett of the Counter Terrorism Command said: "Removing this material is crucial work.

"One post or video has the power to influence vulnerable people and inspire extremists and terrorists, so every removal really counts.

"This landmark [250,000] figure is a result of our productive relationship with service providers, partners and counterparts nationally and globally.

"The public has played a key part in helping us to identify and seek the removal of so much damaging material, so I thank everyone who has reported material to us and urge the public to continue doing so."

Anyone who sees content that they suspect is extremist or terrorist is urged to report it by filling in a short and anonymous form at gov.uk/report-terrorism, where they will be asked to enter the address of the webpage on which they saw it.

(1st January 2017)


DECEMBER 2016 - PART ONE




HAVE A MERRY CHRISTMAS AND A


PROSPEROUS NEW YEAR




AUSTRALIAN TOURISTS "WALK OF SHAME"
(International Business Times, dated 21st December 2016 author Josh Robbins)

Full article [Option 1]:

www.ibtimes.co.uk/australian-tourists-walk-shame-see-exclusive-photos-more-criminals-being-humiliated-1597557

The Australian tourists whose walk of shame on an Indonesian island has gone viral are not the first people to be publicly humiliated by local authorities this year. IBTimes UK has uncovered photos of more alleged criminals being marched through the island of Gili Trawangan by security forces and village chiefs.

In one image, posted on the island's Facebook page on 9 August, a man is seen being marched through the streets wearing a sign reading, "I am from France. I am a thief. Do Not trust me!"

It does not appear that the draconian punishment is reserved purely for foreigners though. A Twitter post from travel agency Bali Arrangements shows two Indonesian men wearing signs written in Bahassa also reading, "I am a thief. Don't do what I did".

The tweet says: "Another walk of shame for stealing on Gili Trawangan, Lombok on April 27 2016." But a travel manager from Gili Trawangan, who declined to be named, told IBTimes UK this particular walk of shame took place five years ago.

He explained the punishment had been introduced to the remote island shortly after the tourist industry began booming in the 2000s. "There is no police office on the island, only security [office] and when they catch someone who stole they ask you for money and put you in 'jail' [a holding cell] for the night. The day after you walk down the Main Street around all the island (7km) with the board 'I'm a thief don't do what I did,'" he added. He said that the walk of shame is reserved for alleged offenders who can afford to bribe their way out of jail on the mainland.

The manager estimated that there were walks of shame every four or five months and that the majority were local criminals. He said: "With the drugs problem there are many local people who steal from western people... but it's the same punishment for them if they don't have any family in the police."

He said that the island had been blighted by 'Sapu Sapu' - a slang term for methamphetamine - which "makes people become bad". The walk of shame is reserved for minor offences such as stealing. If anyone is found in possession of drugs then they are taken away to prison unless they can pay a much larger fine of around $15,000 (£12,000).

He explained that there were police officers on the island but no station. That is why a policeman can be seen escorting the Australian couple on their march. This man, along with a security guard, appear to feature in the new images discovered by IBTimes UK.

Public humiliation has been employed by many cultures throughout history. In Europe, the stocks and the pillory were imported from medieval Europe to colonial America. In pre-World War Japan, adulterers were publicly exposed purely to shame them. However, public shaming has largely been abandoned as a form of punishment in the West. It is not even clear if there is a legal basis for it in Indonesia but the travel manager pointed out that it was a preferable punishment to prison.

(22nd December 2016)


GANG WHO MADE £1 MILLION FROM "CRASH FOR CASH" INSURANCE SCAMS JAILED
(London Evening Standard, dated 20th December 2016 author Tristan Kirk)

Full article [Option 1]:

www.standard.co.uk/news/crime/jailed-criminal-gang-who-made-1-million-out-of-crash-for-cash-insurance-scams-a3424526.html

A criminal gang who made more than £1 million by staging car crashes for insurance payouts have been jailed for a total of nearly 30 years.

The 19-strong "crash-for-cash" group put innocent motorists in peril with a string of pre-planned collisions stretching across five years between 2009 and 2014.

In the scam, one car would deliberately brake hard so his accomplice would run into the back of his vehicle, while ensuring an innocent motorist witnessed the crash and could confirm details to the insurance companies.

The gang then claimed money for car repairs, hire vehicles, and substantial compensation for injuries they said were sustained by drivers and passengers.

The scam unravelled when ringleader Mohammed Zubair Jamil, 35, was involved in a crash in December 2012, braking sharply to cause a three car pile-up before driving away.

Detectives probed Jamil's businesses, SAS Accident Management and Watford-based SAS Car Hire, and found records linking him and his associates to £1.1 million of crash-for-cash claims.

Jailed: (From left) Mikolaj Parczewski, Maria Aftewicz, Rafal Parczewski, Anna Olenczuk, Emrah Yildiz and Jadwiga Pawloska (Metropolitan Police)

The gang were convicted after three fraud trials at Harrow crown court, with the last five defendants being sentenced on Thursday December 15.

Detective Inspector David Hindmarsh, of the Met's Roads and Transport Policing Command, said: "This was an audacious, criminal act, carried out by unscrupulous people whose sole aim was to line their pockets at the expense of their victims.

"They did not care whatsoever that their reckless acts endangered the lives of innocent people."

Mohammed Zubair Jamil, 35, of Gimaldi Avenue, Luton, was sentenced to five years in prison.

Ali Malik, 22, of no fixed address and is on the run, was jailed for four-and-a-half years in his absence.

Rafal Parczewski, 41, and Daniel Zakrzewski, 31, both of Owen Way, Neasden, were sentenced to 22 months in prison, while Nazema Nawaz, 28, of Broad Mead, Luton, was jailed for 20 months.

Raheel Akhtar, 37, of Park Street, St Albans, Mohammad Ashan, 32, of Highbury Road, Luton, Mazher Iqbal, 44, of Hollings Road, Bradford, Mohammed Nisar, 49, of Trent Road, Luton, Gulraiz Fazal, 36, of Highfield Road, Luton, Mikolaj Parczewski, 25, of Owen Way, Neasden, Mirosla Lewandowski, 60, and Jadwiga Pawloska, 63, both of Harrold Road, Rowley Regis, in the West Midlands, Barbara Aftewicz, 48, of Villiers Road, Willesden Green, Suat Mazi, 40, of High Street, Enfield, and Emrah Yildiz, 28, of Fellowes Court, Weymouth Terrace, E2 were all sentenced to 16 months in prison.

Maria Aftewicz, 27, of Fortune Gate, Harlesden, and Anna Olenczuk, 47, of Quainton Street, Neasden, were both given 16 month suspended jail sentences and 150 hours of community service.

Shuel Miah, 25, of Park Street, St Albans, was handed an eight month suspended prison sentence, with 200 hours of community service and ordered to pay £2,320 in compensation.

(22nd December 2016)


WOMEN CREATED "FAKE FAMILY" WITH STOLEN FACEBOOK PHOTOS
(International Business Times, dated 17th December 2016 author Jen Offord)

Full article [Option 1]:

www.ibtimes.co.uk/woman-created-fake-family-stolen-facebook-photos-1597031

Issues around privacy on social media sites and internet security have been highlighted again in a bizarre case of a woman using pictures of someone else's children in an attempt to pass them off as her own. Zara Warhurst and her sister Claire Durrant were unaware that the photos of their children were being copied from their Facebook posts.

Warhurst, who lives in Barnsley, is the mother to twin girls, Nancy and Ruby. She told the Gazette Live that a woman, thought to be from the Liverpool area, had been using pictures of one of her twins along with those of Claire's two-year-old son, Romeo, and pretending they were twins called Jack and Bonnie.

"It's just so weird. I have been trying to make sense of it but can't," Warhurst told the Gazette Live, adding ""It has been going on for months but we have only just found out."

According to Warhurst, they were alerted about the photo use by a woman in Manchester who told them someone was using pictures of her children, pretending they were her own to create a "fake life".

Warhurst said: "She was uploading pictures with statuses like 'my world' and 'mummy's little sugar plum'."

The woman had posted a number of pictures on her Instagram account, which have since been removed, according to the Gazette Live. In screen grabs posted by the local paper, the woman appears to have concocted an elaborate web of lies. In one picture of Durrant's son pushing his cousins in a pushchair, the caption reads: "Off out for the day with grandad and Leighton time to clean up and sort this house out."

Following the revelation, a relative of the women contacted their copycat to demand answers, but she claimed to have no knowledge of the situation. However, the pictures were subsequently removed.

Warhurst reported the incident to police, however, she was told no crime had been committed. Because the photos had posted the pictures publicly, there was no legal reason why they could not be used.

Despite this, she said she remained worried. She said: "What worried me is what if this person gets it into her head that they are really her kids and she wants them back?" she said.

"What if she came up here and tries to get them?

"I just can't forget about it.

"It's scary. This is someone who we don't know doing this for a reason we don't know and probably never will."

(20th December 2016)


POLICE "MUST BE GIVEN MORE POWER TO SHUT WEBSITES IN CHILD ABUSE AND REVENGE PORN FIGHT"
(London Evening Standard, dated 16th December 2016 author Martin Bentham)

Full article [Option 1]:

www.standard.co.uk/news/crime/police-must-be-given-power-to-shut-websites-in-child-abuse-and-revenge-porn-fight-a3422131.html

Police need new powers to shut websites and curb access to social media to fight the threat of child abuse and revenge porn attacks, a chief constable said today.

Stephen Kavanagh, the National Police Chiefs' Council lead on digital crime, said officers should also be ready to "push the boundaries" of the law and sometimes "go beyond what the regulations or courts accept" to protect the public from internet offending.

The Essex Chief Constable - among those tipped to be the next Met Commissioner - said major changes were needed because existing legislation was not keeping up as crime shifted online. He believed this was hindering forces' efforts to stop offen- ces including child abuse, harassment, stalking and fraud, which were increasingly carried out over the internet.

Gaps in the law were also making it harder to protect women who have "their facial image Photoshopped onto awful pornographic or illegal images" or have intimate photos posted online without their consent. The comments by Mr Kavanagh in an interview with the Standard will heighten concern about the threat posed by child abuse and other offences online.

The NSPCC recently warned that internet child abuse is now a "national emergency", with as many as half a million men having viewed illegal paedophile images on the internet.

Mr Kavanagh, pictured, said he was deeply concerned at the scale of the problem and felt the "privacy lobby" had been allowed to "dominate discussions" for too long at the expense of public safety. He insisted that a tougher law enforcement response, including updated legislation, was needed.

"For us to be weak in this area will lead to children being abused, child abuse imagery being streamed, drugs being sold on the internet and various other forms of harassment and appalling crimes taking place," he said.

"Crime has shifted significantly. If we knew that a building was peddling child abuse imagery or drugs I would get a warrant and raid it. There is the ability to identify where drugs are dealt online, child abuse imagery is being peddled, harassment is taking place - yet there is not the enforcement opportunity to shut those sites down.

"I'd like the digital element of crimes brought together - as the Offences Against the Person Act brought together different types of assault - whether that's harassment, stalking, bullying, the digital use for selling drugs.

"Interpretation of existing legislation and how it is used by local officers is horribly inconsistent. There is some good legislation around revenge porn and cyber-stalking but ad hoc additions to existing areas don't give confidence to victims or officers. We need clarity."

His call for reform follows the publication of Office for National Statistics figures showing that nearly six million fraud and cyber crimes were committed in the year to the end of March.

The figures also revealed a 95 per cent rise in harassment cases, most online. Female campaigners have complained about the increasing use of the internet to intimidate, threaten and smear.

Mr Kavanagh emphasised that officers did not want to become involved in "policing the distasteful or people being inappropriate" but insisted that enhanced powers were needed to allow intervention when crimes were committed. "We have to look for where clear crimes have taken place and that should be managed through the equivalent of police warrants which we ob- tain through the judiciary," he said.

"The internet is a hugely witty broad set of opinions but that should not be blurred with the ability to buy drugs or guns, harass, share imagery without consent or, worse, engage in the industrialising of child abuse imagery.

"We need to do everything we can to remove that from the internet age, particularly for the younger generation. Hijacking their site, presenting tweets or images that they would never have allowed - sometimes it's targeted abuse. It can't be right to allow that to continue."

On powers to access internet communications, Mr Kavanagh said critics were wrong to label the legislation a "Snoopers' Charter" and insisted existing rules contained some of the "best regulation of police intrusive powers in the world".

He said, however, that officers should be prepared to risk occasionally stepping beyond the limits of the law and added: "Police tend to be too cautious about how they can use those powers to protect the public.

"What we forget sometimes is the need for us to support victims feeling let down and isolated. If on occasions it goes beyond the boundaries of what the regulations or codes or the courts accept, then the police pull back.

"I have spoken to the regulatory bodies - surveillance, information, biometric commissioners - and it's about working with those bodies to say that you can't keep up - that your regulations and codes of practice cannot keep up with the nature and scale of crime that is taking place."

(20th December 2016)


SWORD AND BODY ARMOUR AMONG 400 ITEMS STOLEN FROM MINISTRY OF DEFENCE IN TWO YEARS
(London Evening Standard, dated 16th December 2016 author Kate Proctor)

Full article [Option 1]:

www.standard.co.uk/news/crime/sword-and-body-armour-among-400-items-stolen-from-ministry-of-defence-a3422066.html

Night vision goggles, body armour and a replica sniper rifle have all been plundered from Ministry of Defence supplies over the past two years.

A summer house, a full steel industrial kitchen, a minibus and sights for weapons were also swiped from Army bases, according to defence minister Mark Lancaster.

The Ministry of Defence said today that it has "robust processes" in place to tackle theft, despite 400 items being reported stolen since 2014.

"Some of these items stolen are related to weapons systems and ministers need to address this issue with the seriousness it deserves," said Mr Lancaster.

Former shadow defence minister Kevan Jones raised concerns about the impact of cuts to security.

He said: "The Government's reductions to regular military police since 2010 was always going to put additional pressures on those who remained in service, and the Government needs to look again at whether service police have the resources needed to detect and deter thefts."

The list of items also includes three chainsaws, two Land Rovers, and a kayak, as well as 68 armour plates for a tank.

Aircraft containers were also hauled away by criminals, and were the largest MoD assets on their new theft list.

In a further sign of security issues, separate figures released by the Ministry of Defence Police in response to a freedom of information request show the force has seized 14 illegal firearms this year - more than in the past four years combined.

The stolen items figures were obtained by Labour MP Luciana Berger (Liverpool Wavertree) via a written parliamentary question.

In response to the former shadow minister, Mr Lancaster said: "The MoD works hard to detect and deter theft and there are robust processes in place to raise awareness of the need for vigilance in all aspects of security.

"Just as theft occurs in wider society, the MoD is not immune and we actively encourage individuals to report any evidence of loss or suspicion of theft.

"It is important to note that in some cases of reported theft, the property is later recovered."

(20th December 2016)


BANK SCAM VICTIMS LEFT HIGH AND DRY BY REGULATOR, SAYS WHICH?
(The Guardian, dated 16th December 2016 author Jill Treanor)

Full article [Option 1]:

www.theguardian.com/money/2016/dec/16/banks-must-do-more-to-improve-response-to-scams-says-watchdog

Bank customers will be left vulnerable to fraudsters who trick them into transferring their money, the consumer body Which? has claimed, as it accused the payments regulator of letting banks off the hook.

Which? said the Payment Systems Regulator had not done enough to make banks responsible for reimbursing the tens of thousands of customers who have suffered losses as a result of fraudulent money transfers.

The consumer group was reacting to the work conducted by the PSR after a "super-complaint" the consumer group had made in September about the rise of fraud over the phone, internet and on mobile devices.

The PSR said banks could do more to identify potentially fraudulent payments but that it did not intend to make banks' liable for losses from what are known as authorised push payments (APP). It intends to do further analysis on whether banks should be held responsible and shift the burden away from consumers.

Alex Neill, managing director of Which? home & legal services, said: "The regulator has finally acknowledged the considerable consumer harm caused by bank transfer scams. However, while recognising that the industry is not doing enough, it has failed to adequately address the issue of liability and has let the banks off the hook, giving them little incentive to do more to protect their customers.

"The outcome for people is unfortunately that they will continue to be scammed out of millions of pounds. We need to see swift action and not see this kicked into the long grass in the second half of 2017," said Neill.


Which? made the super-complaint in September when it raised concerns that the sums consumers were being tricked into transferring were "often large and can be life-changing". The consumer body had argued that placing more liability on banks for the losses from such scams would create efficient incentives for banks to develop systems to better manage risks.

The Guardian has highlighted a case of a couple losing £25,000 from fraudster who posed as their builder and set up a copycat email address.

The consumer body described how the scam worked in two ways, either by fraudulent access to a consumer account or where the customer is deceived into authorising payment to the scammer's account. The payment is almost instant and can take place over the phone, via online banking, or in person.

In response, the PSR set out three possible ways to clamp down. These require banks to work on how they can share customer data to help money be reclaimed. There would also be a common approach to dealing with scams and collection of data to establish the extent of the fraud.

Hannah Nixon, managing director of the new regulatory body, acknowledged scamming was a growing problem. "Tens of thousands of people have, combined, lost hundreds of millions of pounds to these scams, but the data we have seen so far is incomplete. We need a concerted and coordinated industry-wide approach to better protect consumers, and we need it to start today," she said.

While the PSR will not make banks liable for losses immediately, it said it would keep monitoring the situation. "As work progresses and additional evidence comes to light, we will consider whether it is appropriate to propose changes to the obligations or incentives that banks have for these types of scams," the PSR said.


Nixon said that while Which? had called for banks to be made liable it was not that simple. Changes are already underway to the way payments are made with a "confirmation of payee" system being introduced so that a sort code and account number is typed in to transfer some money, an instant message appears to check that the recipient is the one intended.

"There is no silver bullet, but more can be done to prevent these scams in the first instance, and to respond faster when it does happen, in order to give consumers more support and help in recovering their money," said Nixon.

The Financial Conduct Authority, which also looks after the interests of consumers, said it would work with firms to tackle concerns about the banks sending the payments and the banks which receive them. Christopher Woolard, executive director of strategy and competition, said: "Financial crime is a priority for the FCA and we will work to eliminate fraud by whatever means."

uaware - further information

The Telegraph article on same subject :

www.telegraph.co.uk/news/2016/12/16/banks-told-do-protect-customers-money-transfer-scams/

Fraud Advisory Panel :

www.fraudadvisorypanel.org/

(20th December 2016)


UK FAILING TO KEEP UP WITH ONLINE CONSUMER FRAUD
(The Guardian, dated 15th December 2016 author Press Association)
Full article [Option 1]:

www.theguardian.com/money/2016/dec/15/uk-failing-to-keep-up-with-online-consumer-nao-warns

The UK is failing to keep up with online fraud, and systems to protect shoppers from scams do not yet provide value for money, the National Audit Office has warned.

The NAO estimated that consumers lost at least £14.8bn last year, of which £4.2bn is thought to be hidden and unreported losses from crime such as mass marketing fraud and counterfeit goods.

Consumer protection cost around £165m during the year, with local Trading Standards services receiving about £124m and Citizens Advice £18m, the NAO calculated.

But it said the system as a whole "has not yet demonstrated that it provides value for money in protecting consumers from modern scams, unfair trading, and unsafe goods".

National Trading Standards, which was set up in 2012 following a previous NAO report, had made an impact on consumer protection, preventing £345m worth of losses since April 2014.

But the NAO said funding for this remained small compared with the size of the problem.

It warned that the system was not keeping pace with the growth in online consumer fraud within the UK's e-commerce market - now the third largest globally.

Local Trading Standards teams have lost 56% of full-time equivalent staff since 2009, with 20 services in England suffering funding cuts of more than 60% since 2011 and some offices left with just one qualified officer.

But despite this, the teams were expected to enforce 263 different pieces of legislation "with little direction from government on the priority of these".

The NAO found that although changes to commerce meant more consumer issues were happening at national and international levels, just 7% of local Trading Standards teams based their priorities nationally.

It noted that the Competition and Markets Authority was also having a good impact, generating at least £74m of direct financial benefits to consumers each year at a cost of £6m.

The head of the NAO, Amyas Morse, said: "Progress has been made since our 2011 report and consumer protection bodies have shown they can make good impacts with limited resources.

"As the threats consumers face become increasingly wide-ranging, however, the system has not kept pace with the changes, leaving consumers inadequately protected in a number of areas.

"While the improvements are welcome, the system as a whole has not yet shown it provides value for money."

Leon Livermore, chief executive of the Chartered Trading Standards Institute, said: "The amount spent on trading standards has fallen from £213m in 2011 to £125m today, so it's not surprising the system is struggling to cope.

"It has left consumers inadequately protected and has helped to set the conditions for issues like the horsemeat and hoverboards scandals and the ongoing problems with Whirlpool and VW.

"However, the report does recognise the benefits of enhanced coordination and in particular the work of the Consumer Protection Partnership and National Trading Standards, which has shown that trading standards can have a significant impact on a regional and national scale. We stand ready to support the government and work with our partners to implement the recommendations in the report."

Which? director of campaigns and communications, Vickie Sheriff, said: "The NAO paints a worrying picture of a system struggling to deal with the scale of problems that consumers now face.

"With consumer losses of around £14.8bn annually, it cannot be right that some Trading Standards services have suffered dramatic cuts leaving people so poorly protected against scams and other threats.

"The government must take action urgently to ensure that a sustainable and robust system is in place to protect consumers."

A government spokeswoman said: "This NAO report recognises the significant progress made since 2011 but highlights where more needs to be done.

"We will carefully consider the NAO's findings as part of our ongoing work to examine the consumer protection regime and will publish a green paper in spring 2017."

(20th December 2016)


NETGEAR ROUTER USERS WARNED
(International Business Times, dated 13th December 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/netgear-users-warned-switch-off-your-home-internet-router-risk-being-hacked-1596334

If you own a router made by Netgear, a US government-backed security group is warning it may be vulnerable to hackers. The firm, which has confirmed the problems exist, is now working to rush out urgent fixes after the critical flaws were discovered to impact a slew of its products.

The US Computer Emergency Readiness Team (US-CERT) at Carnegie Mellon University says users should consider disabling their routers completely until a proper fix is rolled out. In an advisory, it explained how the easily-exploitable flaw could be used to allow complete control over the router.

"Exploiting this vulnerability is trivial," the researchers warned. "By convincing a user to visit a specially crafted web site, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers."

It said users should use a different device or consider "discontinuing use" altogether.

After conducted tests on its product range, Netgear said the vulnerability impacts the following routers: R6250, R6400, R6700, R7000, R7100LG, R7300, R7900, and R8000. According to security blog CSO, there are nearly 10,000 devices at immediate risk.

Routers that can be exploited are currently being hijacked by cybercriminals to be used in massive botnets which can utilise the computing power of infected machines for malicious purposes. One major botnet, called Mirai, was recently used to take down multiple major websites in the US including Twitter, Netflix and Reddit.

The Netgear flaw was first discovered by Andrew Rollins, a security researcher who uses the Twitter handle @Acew0rm. He claimed to have first notified the company about the gaping security gaps way back on 25 August. The firm, Rollins said, never responded.

Eventually, after disclosing the flaw to US-CERT, Netgear was forced to acknowledge the problems. In a blog post, the firm said it is aware of the security issue and said urgent fixes are now being released to impacted users. Three beta versions are now available.

A statement posted to its own advisory, updated on 13 December, noted the beta version of the firmware updates have "not been fully tested and might not work for all users." It said the fixes are "a temporary solution" but stressed users should update their devices as soon as a fix is released.

"We appreciate and value having security concerns brought to our attention," it said. "Netgear constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support.

"Netgear is continuing to review our entire portfolio for other routers that might be affected by this vulnerability. If any other routers are affected by the same security vulnerability, we plan to release firmware to fix those as well."

As a last resort, again designed as a temporary fix, Netgear has directed users to Bas' Blog, a security-focused website managed by a London-based data scientist. It is highly advised that impacted users should only try this if an official fix is yet to be released.

uaware - further information


Netgear twitter : https://twitter.com/NETGEAR?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor

(20th December 2016)


GLOBAL POLICE CRACKDOWN ON DDoS SERVICES NETS SUSPECTED TEENAGE CYBERCRIMINALS
(International Business Times, dated 13th December 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/global-police-crackdown-ddos-services-nets-suspected-teenage-cybercriminals-1596273

An international law enforcement crackdown on users of cheap, widely-accessible cybercrime tools that can knock websites offline with ease has resulted in 34 arrests and 101 cautions around the world, with many of the suspects "young adults under the age of 20."

The operation, which had different titles in various jurisdictions, ran from 5-9 December and targeted individuals suspected of paying for distributed-denial-of-service (DDoS) services which can be purchased for as little as £4 on the Dark Web.

Europol, the police force of the European Union (EU), which co-ordinated the joint operation with agents from the FBI and the UK's National Crime Agency (NCA), said police aimed to deter youth into wading into the world of cybercrime by using arrests, warnings and fines.

In the UK, 12 people were arrested as part of the NCA operation - codenamed Operation Vulcanalia.

The agency focused on a type of DDoS tool known as Netspoof which offered wannabe cybercriminals "subscription packages" priced from £4 to £8,000.

This sort of service comes as part of a burgeoning "DDoS-for-hire" industry.

The NCA said that Netspoof victims included gaming providers, government departments, internet hosting companies, schools and colleges but not provide names.

Arrests included a 27-year-old male from Scotland, a 23 year-old-male from Barry, Wales, an 18 year-old male from Lancashire, a 22 year-old male from North Wales, a 30 year-old male from Peterborough, a 20 year-old male from Wokingham, a 20 year-old male from Portsmouth and a 22 year-old male from Milton Keynes.

The scale of this problem is 'truly global'

Operation Vulcanalia was based on intelligence from the West Midlands Regional Cyber Crime Unit. In total, it saw 12 arrests, 30 cease and desist notices, the seizure of computers from 11 suspects, one protective visit and the issuing of two cautions.

Jo Goodall, a senior investigating officer with the NCA's cybercrime unit, said: "These attacks pose a huge cost to the economy.

"It is not a victimless crime. It can cost very little to buy this illegal software so these attacks can now be launched by the relatively unskilled and almost anyone with a grievance. The scale of the problem is truly global. It requires worldwide co-operation which we have seen on this job with the focus on arresting those who won't change their ways, and trying to prevent those who will from future offending."

The complex operation was supported by Europol's European Cybercrime Centre (EC3) and included police forces in Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the UK and the US.

"Today's generation is closer to technology than ever before, Operation Vulcanalia was based on intelligence from the West Midlands Regional Cyber Crime Unit. In total, it saw 12 arrests, 30 cease and desist notices, the seizure of computers from 11 suspects, one protective visit and the issuing of two cautions.

Jo Goodall, a senior investigating officer with the NCA's cybercrime unit, said: "These attacks pose a huge cost to the economy.

"It is not a victimless crime. It can cost very little to buy this illegal software so these attacks can now be launched by the relatively unskilled and almost anyone with a grievance. The scale of the problem is truly global. It requires worldwide co-operation which we have seen on this job with the focus on arresting those who won't change their ways, and trying to prevent those who will from future offending."

The complex operation was supported by Europol's European Cybercrime Centre (EC3) and included police forces in Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the UK and the US.

"Today's generation is closer to technology than ever before, with the potential of exacerbating the threat of cybercrime," said Steven Wilson, head of the EC3.

"One of the key priorities of law enforcement should be to engage with these young people to prevent them from pursuing a criminal path, helping them understand how they can use their skills for a more constructive purpose."

In the US, the FBI issued a statement detailing the case of 26-year-old student from California called Sean Sharma, who was among the suspected detained in the sweep. He was arrested on 9 December and now faces up to 10 years in prison.

"DDoS tools are among the many specialised cybercrime services available for hire that may be used by professional criminals and novices alike," said Steve Kelly, an FBI unit chief.

"While the FBI is working with our international partners to apprehend and prosecute sophisticated cyber criminals, we also want to deter the young from starting down this path."

(20th December 2016)


UK ADOPTS ANTISEMITISM DEFINITIONS TO COMBAT HATE CRIME AGAINST JEWS
(The Guardian, dated 12th December 2016 author Peter Walker)

Full article [Option 1]:

www.theguardian.com/society/2016/dec/12/antisemitism-definition-government-combat-hate-crime-jews-israel

The government is to formally adopt a definition of what constitutes antisemitism, which includes over-sweeping condemnation of Israel, with Theresa May saying the measure will help efforts to combat hate crime against Jews.

Britain will become one of the first countries to use this definition of antisemitism, as agreed last May at a conference of the Berlin-based International Holocaust Remembrance Alliance (IHRA), the prime minister will say in London.

A Downing Street statement said the intention of such a definition was to "ensure that culprits will not be able to get away with being antisemitic because the term is ill-defined, or because different organisations or bodies have different interpretations of it".

The IHRA's definition reads: "Antisemitism is a certain perception of Jews, which may be expressed as hatred toward Jews. Rhetorical and physical manifestations of antisemitism are directed toward Jewish or non-Jewish individuals and/or their property, toward Jewish community institutions and religious facilities."

More detailed guidance on this, released by the IHRA in May, said this could include criticisms which target Israel, if this was "conceived as a Jewish collectivity". It added: "However, criticism of Israel similar to that levelled against any other country cannot be regarded as antisemitic."

The guidance says it could be considered antisemitic to accuse Jews of being more loyal to Israel or their religion than to their own nations, or to say the existence of Israel is intrinsically racist.

Concerns about criticism of Israel as a state potentially crossing into overt antisemitism has had particular recent resonance in British politics over recent months, with the Labour leader, Jeremy Corbyn, commissioning a report into the issue in his party.

In October, the vice-chair of the Corbyn-supporting group Momentum, Jackie Walker, was removed from her post in the wake of remarks questioning the need for security at Jewish schools, and about Holocaust Memorial Day.

A series of Jewish MPs have also faced online abuse. In October, a man was jailed for sending antisemitic messages to the Labour MP Luciana Berger. In December, a man was convicted of harassing the same MP with antisemitic rants.

A spokeswoman for Corbyn said he and Labour agreed with the IHRA's definition. She said: "Jeremy Corbyn and the Labour party share the view that language or behaviour that displays hatred towards Jews is antisemitism, and is as repugnant and unacceptable as any other form of racism."

According to excerpts of her speech released in advance, May will say: "It is unacceptable that there is antisemitism in this country. It is even worse that incidents are reportedly on the rise. As a government we are making a real difference and adopting this measure is a groundbreaking step.

"It means there will be one definition of antisemitism - in essence, language or behaviour that displays hatred towards Jews because they are Jews - and anyone guilty of that will be called out on it."

Police forces already use a version of the IHRA definition to help officers decide what could be considered antisemitism.

In a speech last month, the home secretary, Amber Rudd, recommitted the government to providing extra security for Jewish schools, synagogues and other community buildings.

Referring to the threat both from Islamist militancy and from a renewed surge in rightwing extremism, she said: "We take the security of the Jewish community seriously, and we will continue to put in place the strongest possible measures to ensure the safety of this community and all other communities, too."

Link to the IHRA definition :

https://www.holocaustremembrance.com/sites/default/files/press_release_document_antisemitism.pdf

(20th December 2016)


HACKERS BEHIND A NEW RANSOMWARE GIVING AWAY FREE DECRYPTION KEY TO VICTIMS WHO INFECT OTHERS
(International Business Times, dated 10th December 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/hackers-behind-new-ransomware-giving-away-free-decryption-key-victims-who-infect-others-1595838

A new strain of ransomware has been uncovered by security researchers that not only demands ransom from victims, but also offers the option of obtaining a free decryption key for their locked files. Dubbed Popcorn Time, the ransomware offers victims to either pay ransom or opt to infect two others using a referral link.

According to screenshots obtained by the MalwareHunterTeam, victims are given a week to either pay ransom or find two new victims. In the event that the two other victims pay up the ransom demanded, the original victim is given the decryption key for free.

According to a report by Bleeping Computer (an online computing journal), the ransomware appears to be under development, which hints to the possibility that if a victim enters the wrong decryption key more than four times, the ransomware starts deleting files automatically.

Whodunnit

A note by the authors of the ransomware reads, "We are sorry to say that your computer and your files have been encrypted, but wait, don't worry. There is a way you can restore your computer and all of your files... Send the link below to other people, if two or more people will install the file and pay, we will decrypt your files for free."

They claim to be a "group of computer science students from Syria". The ransomware developers also said that the funds will be used to help get "food, medicine and shelter" for those affected by the Syrian war. The cybercriminals behind Popcorn Time are reportedly demanding 1 bitcoin (£632; $800) as ransom.

It is still unclear as to how many victims have already been infected by malicious software. Security researchers believe that the ransomware is not related to the popular movie streaming application Popcorn Time.

(20th December 2016)


UK GOVERNMENT STATE OF THE NATION - INFORMATION SECURITY VERY IMPORTANT !
(The Register, dated 9th December 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/12/09/uk_gov_cybersecurity_sitrep/

The UK government's first annual report on the implementation of the 2015 National Security Strategy has reaffirmed that cyber-security remains a key priority.

The 39 page report lists cyber-security alongside Russia's actions in Syria and Ukraine and terrorism as among the greatest threats Britain faces.

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/575378/national_security_strategy_strategic_defence_security_review_annual_report_2016.pdf

Highlighted comments from report :

- The range of cyber threats and cyber actors threatening the UK has grown significantly - both from state and non-state actors. The UK increasingly relies on networked technology in all areas of society, business and government. This means that we could be vulnerable to attacks on parts of networks that are essential for the day-to-day running of the country and the economy.

- We continue to invest in cyber detection and response, as attacks against the UK continue to rise. Over the last year, we have developed new technical capabilities to improve our ability to detect and analyse sophisticated cyber threats. Law enforcement continues to work with industry partners to increase specialist capability and expertise, as well as providing additional training in digital forensics. We are also continuing to progress our Active Cyber Defence measures against high-level threats, by strengthening UK networks against high volume/ low sophistication malware.

- A new Cyber Security Skills Strategy is now under development, which will set out how we will work with industry and academic providers to secure a pipeline of competent cyber security professionals.
GCHQ's CyberFirst scheme was established to identify, support and nurture the young cyber talent the UK will need in the digital age. In 2016, we announced a major expansion to the scheme, including a programme in secondary schools, with the aim of having up to a thousand students involved by 2020. The first cohort of 14-17 year olds will begin training under this programme in 2017.

- We are working with industry to establish specific cyber apprenticeships for three critical national infrastructure sectors: energy, finance and transport. Acknowledging the key role universities play in skills development, we are also working to identify and support quality cyber graduate and postgraduate education, building on the certification programme for cyber security Masters courses, established by GCHQ. We are working to establish an active body to provide visible leadership and direction to the cyber security profession, and to advise, shape and inform national policy.

Other information

Moving towards tackling cyber crime, the National Crime Agency (NCA) and the police have increased their numbers of 'cyber specials' working alongside law enforcement officers on cyber crime, and are "making good progress towards a target of 80 cyber specials in post by the end of March 2018". To tackle criminal use of the 'dark web', a new Dark Web Intelligence Unit has been established within the NCA, the report states.

"The upgrade of its capability will continue throughout the 2016-17 financial year and beyond leading to significantly greater technical capability. This will enable the use of multiple data sources, offer new and different types of analysis, and coordinate with multiple agencies to deal with issues at scale."

Back to more mundane matters, the UK government is also investing in regional cyber crime prevention coordinators, who "engage with SMEs and the public to provide bespoke cyber security advice".

On a related theme, UK.gov promised to promote its Cyber Essentials scheme to help businesses protect against common cyber threats.

Although GCHQ and policing agencies are most vested in developing cyber security policies, the cyber arena also enters into the work of other government departments. For example, the FCO's £3.5m Cyber Security Capacity Building Programme is delivering a portfolio of 35 projects benefiting 70 countries to support the "openness and security of networks that extend beyond our own borders".

To help promote commercial endeavours in security the government is introducing two new cyber innovation centres based in Cheltenham and London; academic start-ups; a £10m Innovation Fund; a proving ground; and an SME boot camp.

"GCHQ has reached out to industry and encouraged firms to invest in cyber security research through the CyberInvest programme which now has 25 industry members committed to investing millions of pounds in cyber security research at UK universities over the next five years," the government report added.

(20th December 2016)


BOBBIES ON THE BEAT A RARE SIGHT IN PARTS OF THE COUNTRY
(The Telegraph, dated 9th December 2016 author Sophie Jamieson)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/12/09/bobbies-beat-rare-sight-parts-country/

More than half of people in some parts of the country have not seen a single "bobby on the beat" in their local area in the past year, data shows.

The worst area for police visibility is Bedfordshire, where 60 per cent of those surveyed sad they have not seen a uniformed police officer or PCSO patrolling their streets in a year. Joining Bedforshire in the three worst areas for police visibility are Norfolk (52 per cent) and Wiltshire (51 per cent).

In contrast, those who live in South Wales enjoy the most visible police presence, with 19 per cent of people saying they had seen an officer at least once in the past week. The Metropolitan Police in London also did well for visible police on patrol, with 18 per cent saying the same.

More than a third (36 per cent) of the 26,057 people questioned by Ipsos Mori on behalf of HM Inspectorate of Constabulary (HMIC) said they had not seen a uniformed police presence on foot in their area in the past twelve months.

New analysis of the figures by Nextdoor, which describes itself as a social network for neighbourhoods, revealed the best and worst regions of the UK for police visibility.

In total, there were five regions where at least half of people said they had not seen a patrolling officer in the past year.

The survey also found that those living in the most deprived neighbourhoods are more likely to say they have seen a uniformed police officer. Three times more people said they were satisfied with their local police service than dissatisfied (52 per cent compared with 17 per cent).

People aged over 16 living across all the 43 police forces in England and Wales were questioned between 15 July and 6 August last year for the survey.

Max Chambers, a Director of Nextdoor, who used to be a policing adviser to former prime minister David Cameron, said: "Finding savings in police budgets was necessary, but funding is distributed so unfairly that the cuts have effectively created policing wastelands."

Nextdoor is designed to provide "virtual neighbourhood watch" groups, so that people can warn others in their area of spates of crimes like burglary in an effort to drive crime down.

uaware - further information

The following paragraph is based on extracts from the "Nextdoor" website.

https://nextdoor.co.uk/

Have a read and decide whether you want to provide them with your physical verifiable address, your real name and your email address. All of the funding companies for "Nextdoor" mentioned in the "About us" section are based within the USA. You may ask yourself: "why would a USA Hedge Fund company fund a facility that is meant to be good for a community in another country ? Would it be out of the kindness of their heart, or would there be a profit in it for them somewhere ?"

If you want neutral advice on crime prevention contact your local police, Neighbourhood Watch, Citizens Advice, local councillor or Action Fraud. They are the organisations that have the REAL interest in your community.

(20th December 2016)


ONE IN 10 CRIMES RECORDED BY POLICE ARE DOMESTIC ABUSE CASES
(The Guardian, dated 8th December 2016 author Alan Travis)

Full article [Option 1]:

www.theguardian.com/society/2016/dec/08/one-in-10-crimes-recorded-by-police-are-domestic-abuse-cases-ons

Incidents of domestic abuse, mostly involving violent attacks on women, make up one in 10 crimes recorded by the police and account for one-third of all reported violent crimes, according to the latest Office for National Statistics research.

In the year to March, 1.2 million women and 651,000 men were victims of domestic abuse, according to the Crime Survey for England and Wales. The overwhelming majority of incidents (78%) involved violent attacks.

The ONS figures confirm that domestic murders are overwhelmingly perpetrated by men against women - labelled by some women's campaigners as femicide.

The ONS said there were 432 domestic homicides recorded by police between April 2012 and March 2015, of which 315 victims (73%) were women and 117 were men.

Domestic homicides represent a third of all murders in England and Wales. Overall, two-thirds of all murder victims are male.

Among women murdered by a partner or ex-partner, 97% were killed by a man, while among male domestic homicide victims only a third were killed by a woman.

The ONS figures also reveal that domestic abuse is most common in the West Midlands, at a rate of 7.33 cases per 100 adults, and Wales, at 7.07, and lowest in London, at 4.57. The highest rates by police force area are in Suffolk and Cleveland, and the lowest in Surrey and London.

"An estimated 1.8 million adults aged 16 to 59 experienced domestic abuse in the last year, equating to a prevalence rate of six in 100 adults," the ONS said.

"Women were more likely to say they have experienced domestic abuse than men. However, the difference between the number of male and female victims is at its lowest compared with previous years.

"The trend in the prevalence of domestic abuse has remained fairly stable since the year ending March 2009, but is at its lowest since the year ending March 2005."

It said a large proportion of domestic abuse-related incidents were reported to and recorded by the police - 1.03m of the 1.8m - and after investigations the police concluded in 41% of these cases (421,000) that a domestic abuse-related criminal offence had been committed.

A decision to charge was made in 70% of domestic abuse-related cases referred by police to the Crown Prosecution Service. Convictions were secured in three-quarters of domestic abuse-related prosecutions.

In 68% of the domestic abuse cases referred to the CPS, the defendant pleaded guilty, so most of the cases recorded as successful outcomes were due to guilty pleas (91%).

(20th December 2016)


KNIFE CRIME : WHY ARE MORE YOUTHS CARRYING KNIVES ?
(BBC News, dated 8th December 2016 author Lesley Ashmall)

Full article : www.bbc.co.uk/news/uk-38237496

BBC Victoria Derbyshire programme

Knife crime is on the rise across the UK, particularly in London, and police say most of those caught carrying blades have no links to gangs. So why are more young people carrying knives?

"There are situations where your fists aren't going to help you. That's why people carry knives. People are scared."

Dontae, 15, from south-east London, has never been in a gang, although he says he has carried a knife in the past.

He believes boys carry blades because they want protection from each other. "They're thinking, if there is sufficient danger, then I'm going to pull it out, threaten with it then get rid of it. "You can't always roll with your friends. You're not always going to have someone to back you."

Knife crime has risen by 9% across the UK, and in London it has increased by 16% in the past two years.

The police say the type of person involved has changed too. Whereas in the past it was often a gang-related issue, now they estimate 75% of those caught have no connection to gangs. This can make it harder for officers to target those responsible.

Now, a cross-party group of politicians say they are determined to find solutions to the rising level of knife crime on Britain's housing estates.

Set up by Labour MP Vicky Foxcroft, the Youth Violence Commission is meeting with the police, authorities and youngsters to try to find solutions. "We're very much focusing on what we can do as a society, to make sure young people don't carry knives," she says. "It's simply not OK for young people to be going to round stabbing each other."

Ms Foxcroft says the commission will look at punishments and policies such as stop and search, and consider more pastoral options such as more youth clubs and opportunities for young people in inner cities. Its findings will be released in 2017.

--------------------------------

LONDON BOROUGHS WITH THE MOST KNIFE CRIME
Source: London Assembly (Figures exclude domestic abuse)

All London boroughs : www.london.gov.uk/what-we-do/mayors-office-policing-and-crime-mopac/data-and-research/crime%20/gangs-dashboard

Victims of knife injury where patient was aged under 24


Lambeth : 110
Tower Hamlets : 106
Newham : 96
Southwark : 95
Haringey : 92
Croydon : 84
Islington : 81
Hackney : 76
Lewisham : 71
Brent : 70

Malika, who is 17 and also from south-east London, has had two of her friends stabbed to death. One of them was actually killed by another of her friends. She sometimes visits him in jail. "It's really hard to see the victim and the murderer and to know them both," she says. "And you don't really know what happened or how the argument started, but it's just a little argument and one boy has died and the other is in prison."

The problem is overwhelmingly a young male one. In London, 95% of those caught with a knife are male and 60% are under 25 years old. In London this year, 15 people under the age of 25 have been stabbed to death, 10 of them teenagers.

Orlando, another Londoner, is 18 and knows two people in jail for knife crime offences. He thinks the root problem is far deeper. "No-one is born with a knife, but what people are also not born with is purpose. People where we live, we ain't got no purpose," he says. "We don't know our worth."

Tekisha, who is 15, agrees. She says boys try to pretend they are tough. "When you're consistently shown one image, you're going to start to conform to that image," she says. "A lot of young people living in this part of London are conforming to this 'road man' persona, and I know a lot of people who think that, because of where they live, they have to act in a certain way and carry themselves a certain way."

Sentences for knife crime have increased over the past 18 months. Now, if you are an adult and are caught twice with a knife, you will go to jail. If you are under 16, you could be given a custodial sentence but are more likely to get community service. The Sentencing Council is reviewing this and will publish its revised findings next year.

But Dontae says people are not scared of jail.

"People would rather risk it than actually get hurt by the weapon itself," he says. "So for them, going to jail would be a better alternative to them not seeing the next day."

And Malika does not think tougher sentences will help. "It's more about understanding, more opportunities, more deeper understanding of why the young person actually commits the crime," she says. But she says the problem is becoming rife, and she is convinced it is going to get worse.

'Tougher sentences'

Sharon Fearon thinks tougher penalties are the only answer. Her 17-year-old son, Shaquan, was stabbed to death last year. Two teenagers were arrested and the case went to two trials, but on each occasion the jury was hung and the case was dismissed. Sharon feels the system has let her down because no-one has been punished for her son's death.

"What message is this sending out to young people?" she says. "They're just going to carry knives.

"It needs sentence for carrying the knife itself. Straight away, even if you walk with the knife once.

"If kids don't get punishment for carrying knives, how many other mothers will be like me?"

(20th December 2016)


HUNDREDS OF POLICE ACCUSED OF SEXUAL EXPLOITATION
(BBC News, dated 8th December 2016)

Full article : www.bbc.co.uk/news/uk-38240524

More than 300 police officers have been accused of using their position to sexually exploit people, including victims of crime, a report has said.

Her Majesty's Inspectorate of Constabulary said abuse of authority for sexual gain was now the "most serious" form of corruption facing police in England and Wales.

The watchdog's figures were gathered over two years to the end of March.

The National Police Chiefs' Council described the problem as a "disease".

It acknowledged that more needed to be done to "root it out and inoculate policing for the future".

Chief Constable Stephen Watson, the NPCC's lead for counter-corruption, said: "It is the most serious form of corruption and it can never be justified or condoned."

HMIC said its police "legitimacy" inspection was positive overall, with high satisfaction among victims at how they were treated.

The watchdog was asked to investigate the extent of the problem earlier this year, by the then Home Secretary Theresa May.

It found that 306 officers, 20 PCSOs and eight police staff were involved in 436 reported allegations.

The data also showed all but one constabulary had received at least one allegation, and that almost 40% of accusations involved victims of domestic abuse.

Other people who were allegedly exploited were thought to include arrested suspects and people with drug or alcohol problems.

The report also found:

- Fewer than half (48%) of the 436 reported allegations had been referred to the Independent Police Complaints Commission

- There was an "apparent disconnect" between the numbers of alleged cases and any subsequent staff dismissals

- Officers did not have a "sufficiently clear understanding" of boundaries around establishing or pursuing relationships with vulnerable people

- Some counter-corruption units did not have the ability or capacity to seek information about potential cases

- Almost half of forces inspected were unable to audit or monitor the use of all IT systems, which limited the ability to spot any staff accessing databases to identify vulnerable victims

HM Inspector Mike Cunningham, who led the review, said the problem of sexual exploitation could be "more serious" than the reported numbers and forces needed to become "far more proactive in rooting out" such corruption.

Mr Cunningham told BBC Radio 4's Today programme: "Make no mistake about it, the sexual exploitation of vulnerable women is corruption. It is using authority for personal gain, which is a definition of corruption.

"It is the most serious corruption problem in the sense that it is the ultimate betrayal of trust, where the guardian becomes the abuser. That is what we are seeing in these cases, and we're seeing too many.

"The allegations that we collected across the country are not closed allegations, they're not confirmed or finalised allegations but nevertheless they are allegations."

Mr Cunningham said people such as former Northumbria officer Stephen Mitchell, who is serving two life sentences for serious sexual offences including rape, were clearly predators.

Others, he said, were opportunistic and found themselves in circumstances where they could abuse their power and authority.

Det Supt Ray Marley, of the College of Policing, said the report "highlighted a number of unacceptable cases which have a significant impact on the victims and public confidence".

Home Secretary Amber Rudd described the report as "shocking".

"It undermines justice and public confidence and there is no place in the police for anyone guilty of this sort of abuse," she said.

She said she had met the College of Policing and the NPCC to discuss action needed to tackle the problem.

"The vast majority of police officers do their jobs with integrity and I know they will share my determination to ensure the most vulnerable in our society are given the protection they deserve," she said.

In the wake of the report, IPCC chairwoman Dame Anne Owers has written to chief constables in England and Wales urging them to ensure that all cases involving abuse of authority for sexual gain are referred to the commission.

The report assessed whether officers were seen by the public consistently to behave fairly, ethically and within the law.

Two forces - Derbyshire and Kent - were graded as outstanding, 36 as good, and five - Cleveland, Dyfed-Powys, Gloucestershire, North Wales and South Yorkshire - as requiring improvement. No forces were graded as inadequate.

There are a total of 200,000 police officers in England and Wales.

Police and sexual exploitation - England and Wales (two years to March)

- Reported allegations of abuse of authority for sexual gain : 436
- 306 police officers accused
- 28 Police Community Support Officers and police staff also accused
- 40% of allegations involved victims of crime

Source: Her Majesty's Inspectorate of Constabulary

(20th December 2016)


NUISANCE CALLERS FACE £1m FINES IN BID TO TACKLE "BLIGHT ON SOCIETY"
(London Evening Standard, dated 7th December 2016 author Joe Murphy)

Full article [Option 1]:

www.standard.co.uk/news/politics/nuisance-callers-face-1m-fines-in-bid-to-tackle-blight-on-society-a3414441.html

Culture minister Matt Hancock said the "blight on society" from nuisance calls to mobiles and home phones will in future meet a faster response. The Government will transfer ownership of the free Telephone Preference Service, which lets the public opt out of sales calls, from regulator Ofcom to the Information Commissioner's Office (ICO).

It means the full list of numbers from which people have opted out will be directly in the hands of the enforcement teams who already hunt down rogue firms that ignore the rules. Ministers want such companies and their bosses to face up to £1 million in fines from next spring.

That will close a loophole which lets crooks declare themselves bankrupt and carry on under a new name.

"Nuisance callers are a blight on society, causing significant distress to elderly and vulnerable people," said Mr Hancock. "We won't stand for this continued harassment."

The free TPS service lets anyone register a phone or fax number and give notice that they do not wish to receive direct marketing calls.

The ICO is the body that hands out fines to nuisance call crooks who breach the Privacy and Electronic Communications Regulations. In future it will be able to control the TPS records and complaints-handling to ensure that prosecutions are faster and easier.

In another move, firms must display a caller ID to enable call blocking for vulnerable people.

More than 114,000 nuisance calls and texts were this year reported to the ICO by September 30.

(20th December 2016)


UK'S NEW NATIONAL CYBERSECURITY CENTRE RESPONDS TO NEARLY 70 HACKING INCIDENTS IN FIRST MONTH
(International Business Times, dated 7th December 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/uks-new-national-cybersecurity-centre-responds-nearly-70-hacking-incidents-within-first-month-1595295

In its first month of operation, computer experts at the UK's new GCHQ-led National Cyber Security Centre (NCSC) responded to nearly 70 reported hacking incidents including seven cases of ransomware attacks, it has been revealed.

In a parliamentary question submitted to the government, Jim McMahon, Labour MP for Oldham West and Royton, asked the Cabinet Office to outline how many cybersecurity breaches the government had recorded in the past 12 months.

In response to the question, Cabinet Office minister Ben Gummer MP said the UK government "does not comment on specific details" regarding the severity of cyberattacks but did elaborate further on statistics from the NCSC for the month of October.

"Sixty-eight cyber incidents from all types of organisations were voluntarily reported to the National Cyber Security Centre (NCSC) in its first month," Gummer said, adding: "Seven of these were reported ransomware incidents."

He said no more information would be provided "for security reasons" but stressed police and intelligence agencies are "continuously monitoring and managing the security risks to all HMG systems." He noted that reported incidents varied in "scale, nature and target."

Based in London, the NCSC was established to help combat the rising threat of cyberattack from nation-state adversaries, criminal gangs, hacking groups and terrorists. It is headed up by Ciaran Martin, a senior officer at GCHQ - the UK's main signals intelligence (SIGINT) agency.

Recently, the UK has been impacted by a series of high-profile cybersecurity incidents including attacks at Tesco Bank, the National Lottery and mobile network Three. In 2015, telecommunications provider TalkTalk was hit with a hack that exposed over 150,000 customer records.

"Regularly targeted"

Despite refusing to release exact figures about hacking attacks, another parliamentary answer from Conservative MP Mike Penning MP, published on 31 October, admitted the UK is "regularly targeted by criminals, foreign intelligence services and other malicious actors."

In terms of ransomware, it has been confirmed that three NHS hospitals in the UK were targeted last month by a strain of ransomware called Globe2 that forced officials to shut down critical computer systems and cancel nearly 3,000 patient operations.

The UK government believes the introduction of £1.9 billion-worth of investment into cybersecurity will help to bulk up security in the country. In November, an updated National Cyber Security Strategy was revealed that set out ambitious new policies and capabilities.

Chancellor Philip Hammond, in a speech launching the plans on 1 November, said these capabilities will include hacking back against those who attack UK interests.

He said: "In cyberspace those who want to harm us appear to think they can act both scalably and deniably. It is our duty to demonstrate that they cannot act with impunity. So we will not only defend ourselves in cyberspace; we will strike back in kind when we are attacked."

uaware comment

Note the words "responds to", rather than the word "prevented" nealy 70 hacking incidents. Action Fraud "responds to" by recording incidents that occur, sadly they seem to do little to prevent incidents from occuring other than advertising details of how past victims have been duped. The thing is, the NCSC doesn't seem to have provided any form of guidance or warning to organisations such as Tesco or TalkTalk.

(20th December 2016)


MEN KILLED 900 WOMEN IN SIX YEARS IN ENGLAND AND WALES
(The Guardian, dated 7th December 2016 author Helen Pidd)

Full article [Option 1]:

www.theguardian.com/society/2016/dec/07/men-killed-900-women-six-years-england-wales-figures-show

More than 900 women were killed by men in England and Wales over a six-year period, most by their current or former partners, according to the first detailed analysis of deadly male violence against women in those countries.

The Femicide Census, which tracks and analyses the deaths of women killed by partners, ex-partners, male relatives, acquaintances, colleagues and strangers, was developed by nia, a charity dedicated to ending violence against women, and Women's Aid.

Between 2009 and 2015, 936 women were killed by men, the census found. Of these, 598 (64%) were killed by their current or former partners and 75 (8%) by their sons.

Polly Neate, the chief executive of Women's Aid, said: "The killing of women, especially when women are killed by an abusive partner or ex-partner, is often reported as an isolated incident. There is an abject failure to look at patterns of behaviour.

"We accept fatal male violence as an inevitability, not a conscious choice that a man has made to end a woman's life. This dangerous culture needs to change. We need to learn the lessons. And by viewing these cases of femicide altogether, we can learn.

"Our initial analysis shows that these killings are not isolated incidents; too many of them followed a similar pattern of violence and were premeditated. Many were committed in similar settings, similar weapons were used, and similar relationships existed between the perpetrators and victims."

Just under half of the women were killed by knives. A sharp instrument was used in 426 cases of femicide, defined as the killing of women because they are women. Killings of women by their partners in a domestic setting made up 290 of those deaths.

Women are at significant risk of deadly violence when they separate from an abusive partner, the figures show. About three-quarters of women killed by their ex-partner or former spouse died within 12 months of their separation.

Women of any age can be victims of femicide. The census found that 149 women aged over 66 were killed in England and Wales over the period.

Femicide is a leading cause of premature death for women, but there is limited research on the issue, according to the groups behind the census.

The 2011 Global Study on Homicide by the UN Office on Drugs and Crime indicated that while there had been a decrease in the number of homicides worldwide, the number of femicides had risen.

The Femicide Census was developed by Karen Ingala Smith, the chief executive of nia, and Women's Aid, with support from Freshfields Bruckhaus Deringer LLP and Deloitte LLP.

The partnership is calling on the government to take urgent action, including ensuring that specialist domestic abuse and sexual violence services have sustainable, long-term funding, and funding is available for specialist projects for women to move away from prostitution. They also want the relevant authorities to recognise that women are particularly at risk when leaving abusive relationships.

Ingala Smith said: "I started counting dead women back in January 2012. In the first three days of the year, eight women were killed at men's hands: three shot, two stabbed, two beaten and strangled, and one women killed by her grandson, inflicting 15 blunt force trauma injuries.

"I made a note of their names, just to help me count, and then once I'd started, it didn't seem right to stop. When can you say that the next woman doesn't count?

"Looking at official statistics, it was overwhelmingly clear that we were not naming man's fatal violence against women and we were not counting its full extent. The Femicide Census reveals the bigger picture."

NIA - The organisation working to end violence against women : www.niaendingviolence.org.uk/

uaware - further information

Femicide Census Report link :


https://1q7dqy2unor827bqjls0c4rn-wpengine.netdna-ssl.com/wp-content/uploads/2016/12/The-Femicide-Census-2016.pdf

The total number of femicides per police force area

Police Force

Metropolitan Police Service 159
West Midlands 64
Greater Manchester 61
West Yorkshire 50
Merseyside 31
Thames Valley 31
South Yorkshire 30
Lancashire 29
Devon and Cornwall 28
Essex 26
Leicestershire 24
Sussex 22
West Mercia 22
Kent 20
Avon and Somerset 19
Norfolk 14
Staffordshire 14
Gwent Police 12
North Wales 12
South Wales Police 13
Surrey 12
Bedfordshire 11
Dorset 11
Humberside 10
Suffolk 11
Cambridgeshire 10
Cumbria 10
Northamptonshire 10
Lincolnshire 9
Warwickshire 9
Wiltshire 9
Cleveland 8
Dyfed-Powys Police 8
Gloucestershire 6
North Yorkshire 6

Total : 936

(20th December 2016)


THE CITY GETTING RICH FROM FAKE NEWS
(BBC News, dated 5th December 2016 author Emma Jane Kirby)

Full article : www.bbc.co.uk/news/magazine-38168281

Many of the fake news websites that sprang up during the US election campaign have been traced to a small city in Macedonia, where teenagers are pumping out sensationalist stories to earn cash from advertising.

The young man sitting in the cafe looks barely more than a boy - he hasn't shaved for a few days, yet he's a long way off achieving designer stubble. The hair on his chin and cheeks is still soft and his smart navy blazer and clean white shirt make him look as if he's in school uniform.

It's not the image that 19-year-old university student, Goran, sitting far back in his chair with one leg crossed over the other wants to portray.

"The Americans loved our stories and we make money from them," he boasts, making sure I see the designer watch he's fiddling with. "Who cares if they are true or false?"

Goran - not his real name by the way, he's not confident enough to reveal that - is one of scores, or probably hundreds of Macedonian teenagers who are behind a cottage industry in the small city of Veles which churned out fake pro-Trump news during the US election campaign.

Goran began putting up sensationalist stories, usually plagiarised from right-wing American sites, last summer.

After copying and pasting various articles, he packaged them under a catchy new headline, paid Facebook to share it with a target US audience hungry for Trump news and then when those Americans clicked on his stories and began to like and share them, he began earning revenue from advertising on the site.

Goran says he worked on the fakery for only a month and earned about 1,800 euros (£1,500) - but his mates, he claims, have been earning thousands of euros a day. When I ask him if he worries that his false news might have unfairly influenced voters in America, he scoffs.

"Teenagers in our city don't care how Americans vote," he laughs. "They are only satisfied that they make money and can buy expensive clothes and drinks!"

The digital gold rush has certainly provided a welcome boom for Veles where the average salary is just 350 euros a month; as we drive into the city, I notice some very new and very smart cars while the down-at-heel bars are full of excited young men drinking fancy cocktails. When it was part of the former Yugoslavia, this city was called Titov Veles after the Yugoslavian President Josip Tito - today I'm told it's been jokingly rechristened Trump Veles.

Outside the school gates, every third sixth former admits to knowing someone involved on the sites or to running one of their own. One boy whose face is the unhealthy colour and texture of porridge tells me he works eight hours every night on his fake news and then comes to school.

The peddling of false news on lookalike American news sites is not illegal but there's something a little underhand and dirty about the whole game of misleading readers.

Ironically, it's open day at the town hall - so I get to meet the right-wing mayor, Slavco Chediev, who points his finger at me crossly. "There's no dirty money in Veles," he insists, before adding curiously that he's rather proud if the entrepreneurs of his tiny little city, thousands of miles from the US, have in any way influenced the outcome of the American election.

Ubavka Janevska, a senior investigative journalist with her own news website, chokes when I recount this story to her although I'm not sure she isn't just struggling to breathe through the acrid fog of cigarette smoke which permeates her office and makes my contact lenses crimp and shrivel on my eyeballs.

She tells me that she's identified seven separate teams peddling misinformation online -and she estimates there are also hundreds of school children working individually.

"I worry for young people's morality in Veles," she tells me. "Since the US elections, all they think about is lies and making a fast buck from lies." She fumbles with her cigarette packet. "We have parliamentary elections here in Macedonia in December," she adds. "And I have traced three false domains registered in Serbia or Croatia. Those sites are already putting out lies about the opposition party which could really damage the campaign."

Goran insists he's given up fake news now - although he does let slip he's just bought a rather smart laptop. As we drop him off at his parents' house I ask him what his mum would make of his dodgy online activities. He looks at me as if I'm nuts.

"Do you think if your kid had made 30,000 euros a month you'd make a problem?" he asks incredulously. "Come on! You'd be so happy... you'd be... " he searches for his words.

"Made up?" I offer.

(20th December 2016)


TALKTALK WIFI ROUTER PASSORDS STOLEN
(BBC News, dated 5th June 2016 author Leo Kelion)

Full article : www.bbc.co.uk/news/technology-38208958

TalkTalk customers' wi-fi passwords have been stolen following a malware attack that blocked their internet access last week, an expert has warned.

The researcher said other details had also been taken that would let attackers pinpoint where the equipment was being used, making more targeted hacks possible.

Pen Test Partners' Ken Munro wants thousands of routers to be replaced.

But TalkTalk said it had not seen evidence to confirm the thefts.

"As is widely known, the Mirai worm is affecting many ISPs [internet service providers] around the world and it has affected a small number of TalkTalk customers; We continue to take steps to review any potential impacts and have deployed a variety of solutions to ensure customers' routers remain safe; We have also employed additional network-level controls to further protect our customers", a spokeswoman said.

The BBC revealed last week that TalkTalk's D-Link DSL-3780 routers had been struck by malware causing connectivity issues for those customers using the model.

The firm subsequently published advice online telling affected users to reset the equipment - which forced it to install an update to protect itself against the attack - and then "use the wireless network name and password on the back of the router" to get back online.

Security researcher Mr Munro obtained one of the affected routers to study the attack.

He said his "honeypot" router was hit by the variant of Mirai, which is now being referred to as TR-06FAIL.

But in addition to the connectivity issue, Mr Munro detected that a follow-up attack involving the same malware caused the device to disclose its wi-fi password and Service Set Identifier (SSID) code.

An SSID code can be used to reveal where a machine is located via online tools such as Wigle.

As a consequence, he said, even after subscribers had restarted their routers they could remain at risk if they continued using the same password as before.

"Most consumers never change the wi-fi keys written on the back of their router, so the fix didn't actually fix the problem," Mr Munro explained.

"Once an attacker has got the wi-fi key, if they go near to the house they can get nearly everything from their home network.

"TalkTalk should seriously consider replacing customer routers immediately unless it can prove they haven't been compromised."

Encrypted communications - such as online banking records - would not be at risk. But emails might be and it would be possible to place malware on computers linked to an exposed network.

Mr Munro estimated that the recall would involve at least 55,000 routers.

TalkTalk's spokeswoman said it "firmly" disputed that number, saying the number of routers infected had been "nothing in that order of magnitude".

"Our security team does not believe there is any greater risk that a customer's wi-fi can be used or accessed without their permission as a result of this," she added.

But Mr Munro countered that some of the routers hit by the password-stealing attack might not have had their internet connectivity disrupted, despite the same vulnerability being exploited.

Password change

An independent researcher who checked the findings said Mr Munro had reason to be concerned, but added it was not clear who had scooped up the passwords.

"It's possible they are just security researchers, but also reasonably possible that they are actually criminals that intend to exploit this information," said Dr Steven Murdoch from University College London.

"Even if it's the latter, they would have to sit outside your house to do it."

Dr Murdoch said the risk was still high enough that TalkTalk needed to address it, but said there were alternatives to recalling the routers.

"The hardware is fine, what needs to be replaced is the wi-fi password.

"The problem is how to send a new password to all the affected customers.

"If TalkTalk does this online or over the phone, that leaves the customers open to phishing attacks, where a scammer says: 'As you heard on the news you need to change your password, please do these things...'"

TalkTalk's spokeswoman said some customers who had called in had been advised to change their wi-fi passwords, but the firm's security team now believed the step was unnecessary despite Mr Munro's warnings.

----------------------
TALKTALK'S WIFI HACK ADVICE IS "ASTONISHING"
(BBC News, dated 7th December 2016 author Leo Kelion)

Full article : www.bbc.co.uk/news/technology-38223805

TalkTalk's handling of a wi-fi password breach is being criticised by several cyber-security experts.

The BBC has presented the company with evidence that many of its customers' router credentials have been hacked, putting them at risk of data theft.

The UK broadband provider confirmed that the sample of stolen router IDs it had been shown was real.

But it is still advising users that there is "no need" to change their routers' settings.

A cyber-security advisor to Europol said he was astounded by the decision. "If TalkTalk has evidence that significant numbers of passwords are out in the wild, then at the very least they should be advising their customers to change their passwords," said the University of Surrey's Prof Alan Woodward. "To say they see no need to do so is, frankly, astonishing."

A spokeswoman for TalkTalk said that customers could change their settings "if they wish" but added that she believed there was "no risk to their personal information".

She referred the BBC to another security expert. But when questioned, he also said the company should change its advice.

The risk to TalkTalk's subscribers was first flagged over the weekend by a cyber-security researchers at Pen Test Partners.

They had been investigating the spread of a variant of the Mirai worm, which was causing several makes of routers to stop working properly.

During tests of a TalkTalk model, the researchers discovered that the vulnerability exploited by the worm was also being abused to carry out a separate attack that forced the router to reveal its wi-fi password.

But TalkTalk played down the discovery, saying it had "not seen anything to confirm" that users' router credentials had been stolen.

It said it was also making "good progress" to protect its routers.

The BBC was subsequently contacted by someone who said he had access to a database of 57,000 router IDs that had been scraped before any fix had been rolled out.

He did not reveal his identity, but agreed to share a sample of the credentials that had been harvested.

The list contained details of about 100 routers including:
?their service set identifier (SSID) codes and media access control (MAC) addresses. These can be entered into online tools that reveal the physical location of the routers
?the router passwords, which would allow someone who travelled to the identified property to access the wi-fi network

The source said he wanted to highlight the problem because other more malevolent actors might have carried out a similar operation.

The BBC passed the details on to TalkTalk.

"The list that you sent me, I can confirm that they are TalkTalk router IDs," said its head of corporate communications.

"But we haven't seen anything to suggest that there are 57,000 of them out there."

Hackers could not use the credentials to carry out a mass attack from afar - but they could use the IDs to identify high value targets to travel to, or they could simply drive through the streets hunting for a match.

Prof Alan Woodward said once a hacker was outside a vulnerable property, they could:

- snoop in the resident's data, which might be clearly visible or encrypted in ways that still allowed the original information to be easily recovered

- use the internet connection to mount an onward attack. The hacker could do this to hide their own identity or to co-opt the router to join an army of other compromised equipment in later DDoS (distributed denial of service) attacks

- log in to the router as the administrator and mount a "man in the middle attack", where apparently secure communications could be listened in on

- substitute the router's firmware with a modified version that provided a backdoor for later access even if the device was reset

'Fast and loose'

TalkTalk's spokeswoman referred the BBC to Steve Armstrong, a cyber-security instructor that she said would support it on the matter.

He said the risk to an individual user was relatively low. "If you look at the average home user and what is on their home network, that would be exposed to an attacker,... then there is not a great deal. "The risk is probably no higher than using a [coffee shop's] open wi-fi network."

But he added that he still felt TalkTalk was giving the wrong advice. "Part of my pushback to them is that they should be telling people, 'You need to change your password,'" he said. "At the moment, you trust your home infrastructure, and as a result of this vulnerability, that may not be [secure]."

Note : Article continues, including a TalkTalk statement.

----------------------
(20th December 2016)


FAKE EMBASSY IN GHANA SOLD AMERICAN VISAS FOR 10 YEARS AND WAS STAFFED BY TURKISH "CONSULAR OFFICIALS"
(The Telegraph, dated 5th December 2016 author Reuters)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/12/05/fake-embassy-ghana-sold-american-visas-10-years-staffed-turkish/

Authorities in Ghana have busted a fake US embassy in the capital Accra run by a criminal network that for a decade issued illegally obtained authentic visas, the US State Department said.

Until it was shut down this summer, the sham embassy was housed in a run-down, pink two-storey building with a corrugated iron roof and flew a US flag outside. Inside hung a portrait of President Barack Obama.

"It was not operated by the United States government, but by figures from both Ghanaian and Turkish organised crime rings and a Ghanaian attorney practicing immigration and criminal law," the State Department said in a statement.

Turkish citizens, who spoke English and Dutch, posed as consular officers and staffed the operation. Investigations also uncovered a fake Dutch embassy, the State Department said.

Officials in the Netherlands were not immediately reachable for comment on Sunday.

The crime ring issued fraudulently obtained but legitimate US visas and false identification documents, including birth certificates at a cost of $6,000 each, the statement said.

During raids that led to a number of arrests, authorities also seized authentic and counterfeit Indian, South African and Schengen Zone visas and 150 passports from 10 different countries along with a laptop and smart phones.

The statement did not say how the gang obtained the authentic visas. And the State Department did not say how many people were believed to have illegally entered the United States and other countries using visas issued by the crime ring, which used bribery to operate unhindered.

"The criminals running the operation were able to pay off corrupt officials to look the other way, as well as obtain legitimate blank documents to be doctored," the statement said.

There was no immediate comment from Ghana's Criminal Investigations Division.

Visas for Western countries are in high demand in Africa and embassies say the visa market is a big target for organized crime.

The real US embassy in Ghana is a prominent and heavily fortified complex in Cantonments, one of the capital's most expensive neighbourhoods. Lines of people queue outside each day for visa appointments and other consular business.

The fake embassy was open three mornings a week and did not accept walk-in appointments. Instead, the criminals advertised on billboards in Ghana, Togo and Ivory Coast and brought clients from across West Africa to Accra where they rented them hotel rooms in nearby hotels.

US authorities conducting a broader security operation were tipped off about it and assembled a team including the Ghana Detectives Bureau and police as well as other international partners to shut down the ring.

(20th December 2016)


POLICE USING "MUGGING" TACTICS TO SWIPE UNLOCKED PHONES FROM CRIMINALS
(The Telegraph, dated 3rd December 2016 author Jane Mathews)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/12/03/police-using-mugging-tactics-swipe-unlocked-phones-criminals/

Police have begun to play criminals at their own game - by "mugging" suspects to access evidence on their phones.

Officers have become increasingly frustrated with criminals who refuse to hand over the passwords for their encrypted mobiles, denying them access to vital information.

But the Metropolitan police have come up with a novel solution, by snatching an iPhone from a suspect on the street before he had a chance to lock it.

Officers investigating a credit card racket realised that crucial evidence was stored on the phone of suspect Gabriel Yew, 45, that would be inaccessible without his password.

To get round the problem covert officers from Operation Falcon, the Met police team that investigates major fraud, seized the mobile from Yew's hand as he took a call in the street. They then tapped the screen to prevent it from locking while the evidence was being downloaded.

The information helped smash the fraud ring and led to Yew, from north London, being jailed for five and a half years after pleading guilty to fraud and weapons offences.

Detective Chief Inspector Andrew Gould, who led the operation, said: "The challenges of pin code access and encryption on some phones make it harder to access evidence in a timely fashion than ever before.

"Officers had to seize Yew's phone from him in the street. This evidence was crucial to the prosecution."

The information recovered from the phone linked Yew to four men who were also convicted of various offences, and uncovered another 100 potential suspects.

Refusal to provide a password carries a maximum sentence of two years, or five years in cases involving national security.

However, offenders are often handed sentences of just a few months.

(20th December 2016)



NIGERIAN GANGS USE FEAR TO RULE ITALIAN SEX TRADE
(The Times, dated 24th November 2016 author Tom Kington)
www.thetimes.co.uk

Police investigating a massive surge in Nigerian prostitution in Italy have uncovered a well organised and extremely violent Nigerian mafia run from Africa that has imposed a reign of terror over thousands of women.

The Black Axe mafia, which was founded on university campuses in Nigeria, uses voodoo rites and machete attacks to intimidate victims and savagely beats new mob initiates, an informer told police in Palermo.

Seventeen members were arrested this month, including the gang's "head of zone" in Verona and its "minister of defence" in Palermo, who was responsible for handing out punishments to errant members.

The rise of the Black Axe and other Nigerian mafias in Italy has coincided with an increase in the number of Nigerian women travelling illegally by boat to Italy, up from 1,454 in 2014 to 9,781 this year so far; 80 per cent of them, or nearly 8,000, have been forced into prostitution, the International Organisation for Migration said.

In September Italian police arrested members of the Maphites, another Nigerian gang involved in prostitution.

"Our probe showed how gangs like Black Axe are running the whole pipeline which brings trafficked women from Nigeria to Italy", say an investigator who declined to be named.

Tricked into believing that they will work as hairdressers or shop assistants in Europe, the women are compelled with voodoo rituals and beatings to work as prostitutes in Italy until they pay off debts of about E30,000 to pay their traffickers.

There are an estimated 30,000 prostitutes in Italy, a number that has been steady for several years. The proportion of Nigerians, though has increased.

One in every two street prostitutes in Italy today is Nigerian, including girls as young as 14, and prices for sex start at E10. The investigator said that although former prostitutes often managed the women, mobsters usually kept order. "If women rebel, it won't be madams who punish the but Black Axe," he said.

This month a Nigerian woman arriving from Africa was imprisoned in a house in Castelvetrano, Sicily, after refusing to work as a prostitute. She was freed by police after she called a help number given to her when disembarked in Italy. "We then overheard a Black Axe member on a wiredtapped phone calling Nigeria to ask a fellow member to "get" the girls parents," the source said.

The Black Axe boss arrested in Palermo was Evans Sylvester and the official said that his sister ran one of the brothels.

Vivian Wiwoloku, a Nigerian man who set up a centre in Palermo to help prostitutes retrain as cleaners and carers, has had his car firebombed twice. "As long as there is a recession in Nigeria, more girls will come," he said.

Police in Palermo stumbled on the activities of the Nigerian mafia in 2014 when Austine Johnbull, a local member, was arrested for inflicting serious face wounds on a member of another Nigerian gang.

An informant revealed parrallel Black Axe operations in Germany, France and Holland. The group has also been reported in Canada. All the Italian members greet each other by crossing raised forearms to represent axes.

Black Axe has not supplanted the Italian mafia in Palermo. In fact, their relationship appears to have been symbiotic. "The mafia here has no interest in the Nigerian community but do trade drugs with the Nigerian mafias, so its mutually beneficial", the investigator said. He added: "If you arrest the bosses, more women might find the courage to rebel".

----------------------
MAFIA AT A CROSSROADS AS NIGERIAN GANGSTERS HIT SICILY'S SHORES
(The Guardian, dated 11th June 2016 author Lorenzo Tondo)

Full article [Option 1]:

www.theguardian.com/global-development/2016/jun/11/mafia-palermo-nigerian-gangsters-hit-sicily-shores

Prosecutors in the Sicilian capital of Palermo are warning that a new alliance between the mafia and Nigerian criminal gangs moving in from Libya could herald a new era of organised crime.

"Even the Sicilian mafia has to deal with the wave of migration from Africa," said Leonardo Agueci, Palermo's deputy chief prosecutor. "The neighbourhoods under mafia control have changed profoundly in recent years due to the growing presence of foreigners, especially Nigerians coming on boats. Among them, there [are a small number] of people who want to transfer their illegal trafficking, linked to prostitution and drug dealing, to Sicily. And the mafia was quite happy to integrate them into their criminal business."

In Ballarò, a mafia stronghold market area in the historic centre of the city, a whistle is traditionally used by drug dealers to attract customers, who are offered hashish, marijuana and cocaine. In the past this signal was only used by Italian dealers working for Cosa Nostra, the Sicilian mafia. About two years ago, when Nigerians adopted the whistle, offering drugs at a discount, it was clear that a new criminal organisation had set foot in the city.

State prosecutors in Palermo say the mafia brings in drugs and the Nigerians distribute them among both Italian and African clients.

"It is clear there is a subordinate relationship between Cosa Nostra and the Nigerian clans, with the former controlling the latter," said Agueci. "If a Nigerian boss tried to rebel against Cosa Nostra, he would probably end up incaprettato [tied up and killed] in the countryside."

In Ballarò, profits from pizzo - the tax levied on merchants by the Sicilian mafia - are reinvested to buy drugs for resale to Nigerian clans and their dealers. To have better control of their new African partners, Cosa Nostra seems to have made another rule clear: no guns.

"We have reason to assume," said Agueci, "that the mafia prohibits Nigerians from owning firearms. So when Nigerians have to settle accounts within their community, they do it with axes and machetes."

Prostitution is thought to be one of the most profitable businesses for the Nigerian clans. According to police data, 90% of prostitutes in Palermo come from Nigeria. Traditionally, Cosa Nostra is reluctant to directly manage this business - according to the old mafia codes of honour, prostitution is considered a shameful activity.

Recent months have seen a spike in violence linked to Nigerian gangs.

In the state court of Palermo a trial against an alleged Nigerian gangster, Austin Ewosa, 32, is under way. His street name is John Bull and he was arrested in September 2014, in a local bar in Ballarò. He stands accused of assault, intimidation, criminal association and attempted murder, charges that could see him jailed for 10 years.

According to the prosecution, Ewosa is the head of the feared Nigerian clan Black Axe, a criminal organisation born as a sort of student fraternity in the 1970s at the University of Benin City.

On the night of 27 January 2014, Ewosa and his thugs allegedly dragged a 27-year-old man called Don Emeka down Via del Bosco, not far from Piazza Ballarò, where they brutally disfigured him with axe and machete blows. Emeka was allegedly one of dozens of Ewosa's victims and was punished for not having submitted to his power.

The risk of Nigerian criminals operating in Europe was revealed in a letter sent to the Italian prosecutors from the Nigerian ambassador to Rome in 2011.

"I would like to draw your attention to the new criminal activity of a group of Nigerians belonging to secret societies, forbidden by the government because of violent acts," wrote the diplomat. "Unfortunately, former members of these sects were able to get into Italy where they re-established their criminal organisations."

According to the prosecutors, some of the Black Axe members, including Ewosa, and also his victims, arrived in Sicily by boat. Most of them were temporarily hosted in the immigration camp at Caltanissetta, in the centre of the island.

Legal and well established Nigerians in Sicily are paying the price for this new criminal alliance between the gangs and the mafia. "Many honest Nigerians live in Palermo," says Osas Egbon, 35, vice-president of Women of Benin City, an association that tries to take Nigerian prostitutes off the streets. "They work hard and live in fear. These families are victims on two fronts. They are victims of both Sicilian and Nigerian criminality."

For now, Nigerians and Sicilians live in peace with the Abuja clans at the service of Cosa Nostra. But the equilibrium may not last.

"At the moment," says Agueci, "it is hard to imagine Nigerians taking over the Sicilians. Cosa Nostra is too strong and can't be compared to the Nigerian clans.''

But the old Palermo godfathers have been replaced by young mafiosi who don't seem to carry the same authority as their predecessors. Meanwhile, the Nigerian gangs are getting stronger.

----------------------

MORE ARTICLES

AS NIGERIAN SEX TRAFFICKING RISES, ITALY TRACKS CRIME KINGPINS
(Daily Mail, dated 9th November 2016 author Tom Esslemont)

Full article [Option 1]:

www.dailymail.co.uk/wires/reuters/article-3918462/As-Nigerian-sex-trafficking-rises-Italy-tracks-crime-kingpins.html

SPANISH PROBLEM TOO

The problem is not isolated to Italy. The authorities in parts of Spain have also been grappling with Nigerian sex trafficking rings.

In Catalonia, 99 percent of prostitution is controlled by organised crime, much of it by a dominant Nigerian crime group known as the Supreme Eiye Confraternity (SEC) or Air Lords.

----------------------

WOMEN SUSPECTED OF TRAFFICKING 40 CHILDREN INTO HEATHROW AS "RINGLEADER" OF CHILD SEX SMUGGLING GANG ARRESTED IN NIGERIA
(London Evening Standard, dated 1st April 2015 author Justin Davenport)

Full article [Option 1]:

www.standard.co.uk/news/crime/ringleader-of-heathrow-child-sex-smuggling-gang-arrested-in-nigeria-10148396.html

------------------------

ITALIAN AND NIGERIAN GANGS : A DEADLY ALLIANCE
(Independent, dated 26th September 2016 author "none quoted")

Full article [Option 1]:

www.independent.co.uk/news/world/italian-and-nigerian-gangs-a-deadly-alliance-2361393.html

-------------------------

(20th December 2016)


GOOLIGAN MALWARE SNARES ACCESS TO MORE THAT 1M GOOGLE ACCOUNTS
(Computerworld, dated 30th November 2016 author Michael Kan)

Full article [Option 1]:

www.computerworld.com/article/3145739/security/gooligan-malware-snares-access-to-more-than-1m-google-accounts.html

A new Android malware has managed to steal access to more than 1 million Google accounts, and it continues to infect new devices, according to security firm Checkpoint.

"We believe that it is the largest Google account breach to date," the security firm said in Wednesday blog post.

The malware, called Gooligan, has been preying on devices running older versions of Android, from 4.1 to 5.1, which are still used widely, especially in Asia.

Gooligan masquerades as legitimate-looking Android apps. Checkpoint has found 86 titles, many of which are offered on third-party app stores, that contain the malicious coding.

Once Gooligan is installed, it attempts to root the device, as a way to gain full control. The malware does this by exploiting well-known vulnerabilities in older versions of Android.

"These exploits still plague many devices today because security patches that fix them may not be available for some versions of Android, or the patches were never installed by the user," Checkpoint said.

Gooligan will then go on to steal the user's Google authorization tokens, giving the malware access to Gmail, Google Play, and other related services.

Of the 1 million Google accounts breached, 19 percent were based in the Americas, 9 percent in Europe, while 57 percent were in Asia, according to Checkpoint.

By gaining access to users' Google accounts, the malware is likely attempting to generate revenue for its creators. It does this by installing apps promoted by legitimate advertising networks, and then writing positive reviews for them on Google Play.

"An attacker is paid by the network when one of these apps is installed successfully," Checkpoint said.

Security researchers first noticed an earlier version of Gooligan last year, when it appeared in the malicious SnapPea app. It wasn't until this past summer that the malware reappeared with upgraded processes.

Checkpoint has published a website that lets users check if their Google account was breached by Gooligan.

Security experts also caution users should avoid downloading apps from third-party app stores. This is because these stores often do little to verify that the apps offered are safe for use.

The creators of Gooligan are also spreading the malware by sending SMS text messages to unsuspecting victims containing links to download apps carrying the harmful coding.

Google didn't immediately respond to a request for comment. But Checkpoint said that Google is investigating the matter and revoking authentication tokens that were stolen by the malware.

(20th December 2017)


DON'T MAKE IT EASY FOR THIEVES
(South Yorkshire Police)

Full Article : www.southyorks.police.uk/dontmakeiteasy

Don't make it easy for thieves is the message from South Yorkshire Police this Christmas.

At this time of year, thieves are on the lookout for opportunities to strike and steal your valuables.

On this page, you will find loads of tips and advice to help prevent you being a victim of a burglary or theft.

Don't invite burglars into your open house

Follow our tips below to reduce the risk of your home being burgled:

- Always ensure your external doors and windows are locked, even if your're just in the next room

- Consider using a UV or permanent marker to mark your property. Mark valuables with your postcode, house number or name and register them on immobilise.com

- Keep valuables and car keys out of view and away from doors and windows

- Consider using timer or sensor switches on your lights when you are out to make it look like someone's at home. You could also consider fitting exterior lighting with sensors
If you have a burglar alarm make sure you use it when you go out and consider having effective window locks fitted.

- Upgrade Euro locks to prevent "shunting", Click here for advice about locks :

http://southyorkshire.police.uk/sites/default/files/Eurolock%20leaflet%20-%20High%20Res_2.pdf

- If you don't have a burglar alarm, consider installing one. Get at least three quotes and seek specialist advice from companies who are registered with either the National Security Inspectorate (01628 637512) or Security systems and Alarm Inspection Board (0191 2963242).

- Consider fitting CCTV systems

- Consider joining a neighbourhood watch scheme if you have one in your area. If not, think about setting one up with local residents

- Don't advertise on social media that your propertry is going to be empty over the festive period. Thieves look our for this kind of information and could target your property

- Dispose of boxes and rubbish discreetly. Leaving boxes outside will signal to burglars that you have new and valuable items in the house.


Burglary Tool Kit

This booklet has been produced to offer you specialist advice and crime prevention guidance, to protect your home and your property.

http://www.southyorkshire.police.uk/sites/default/files/4-9-14%20Janes%20approved%20artwork.pdf


Personal safety advice

As more people are out and about shopping and enjoying Christmas parties, theft of valuables such as phones and purses increases. Remember thieves don't need it gift wrapping!

Have a look at the tips below to help prevent you being a victim of a theft :

- Stay alert - awareness is your best defence

- Trust your instincts - if you think something is wrong, then act on it

- Wearing earphones is common practice these days and can make walks or jogging more entertaining, however be aware the earphones may appear attractive to potential attackers and reduce your alertness to your surroundings

- If you are carrying a bag make sure the clasp is facing inwards, all zips are closed correctly and all pockets closed. If your bag is snatched let it go, your safety is more important than your property

- If you have expensive items on you such as jewellery, mobile phone, purse or wallet keep it out of sight

- If you are threatened by a person, scream and shout, set off a personal attack alarm to startle the attacker as this will give you vital seconds to escape. Try to make a note of details such as registration plates, clothing, height etc. and then report the incident to the police.

In an emergency always call 999.

For non-emergencies or if you have information about an incident call us on 101.

(2nd December 2016)



MOTORISTS WARNED ABOUT THIEVES USING KEY LOCK JAMMERS

(The Telegraph, dated 2nd December 2016 author Martin Evans)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/12/02/motorists-warned-thieves-using-key-lock-jammers/

Thieves are targeting motorists by using radio jammers to prevent them from remotely locking their cars, police have warned.

A spate of thefts from vehicles at service stations on the M4 last week left detectives baffled because there was no sign of a break in. But now police have warned drivers to manually check their doors are locked amid fears thieves are using sophisticated technology to block remote keys.

Most modern vehicles allow motorists to centrally lock them by simply pressing a button on the key fob.

The keys use radio waves to communicate with a receiver in the car and by sending a unique code can lock or unlock from yards away.

But the signals can be jammed using devices that interrupt or confuse the signal as it is being transmitted.

Jammers can be bought for as little as £50 from unscrupulous dealers on the internet and organised crime gangs.

Police believe thieves are lying in wait in service stations and striking when unsuspecting motorists leave their vehicles for a short time.

Thames Valley Police issued a warning after a spate of 14 thefts from vehicles parked at motorway services in Berkshire in just a few days.

Two vans, two lorries and a Mercedes car were were all targeted in the last week at Chieveley Services at Junction 13 of the M4 with tools, a suitcase and a laptop.

Last week two Land Rovers, a Mercedes and a Renault were hit at Membury Welcome Break services between junctions 14 and 15 with luggage, wallets and cash stolen.

Thieves also struck at Reading Moto Services on the M4 between Junctions 11 and 12 targeting two Range Rovers, a Jaguar, a Mercedes and a Fiat 500.

In all the cases there was no sign that the vehicles had been broken into.

In the past victims have had problems when making an insurance claim because with no sign of forced entry they have had difficulty proving that they did not leave the car unlocked.

Investigating officer, Sgt Alan Hawkett of Newbury Police Station said: "I strongly recommend that any members of the public visiting motorway services stations anywhere in the country keep all valuable items in their possession when away from their vehicle.

"Offenders may be using technology to prevent your vehicle from locking therefore we would advise a manual check of the doors before leaving your vehicle."

But drivers with modern bluetooth locking systems on their cars cannot easily check if their cars are secure because the remote technology unlocks the vehicle automatically as they approach.

Motorists are therefore advised to listen carefully to ensure the locking mechanism has engaged. But drivers are always advised to not leave anything of value on show to tempt thieves to strike.

(2nd December 2016)


SADIQ KHAN SCRAPS TARGETS FOR CUTTING CRIME
(London Evening Standard, dated 1st December 2016 author Justin Davenport)

Full article [Option 1]:

www.standard.co.uk/news/mayor/sadiq-khan-scraps-targets-for-cutting-crime-a3409586.html

Mayor Sadiq Khan today scrapped "inflexible" police targets to cut crimes such as burglary and robbery - and announced a new emphasis on victims and neighbourhood policing.

In future, the Mayor wants to see boroughs set their own crime-fighting priorities, which could include serious "harm" crimes, such as domestic abuse and child sexual exploitation.

In a draft Police and Crime Plan for London announced today, the Mayor confirms plans to create larger command units with boroughs merging into one to slash management costs.

In two trial schemes, the boroughs of Barking & Dagenham, Havering and Redbridge will be merged into one policing command unit, and Camden and Islington police units will also be merged.

Launching the draft plan in Southwark today, Mr Khan said that it "aims to build trust and confidence in policing and criminal justice for everyone. We want to restore real neighbourhood policing and make sure local priorities reflect local concerns.

"Most importantly, this plan signals a step change in efforts to protect the most vulnerable Londoners, and I want to encourage everyone to feed into our public consultation and help us make sure we are providing for them." The Mayor pledges to establish at least two dedicated police constables and one PCSO in each ward by the end of next year.

The plan states that police chiefs want to keep the total number of officers in the Met at about 32,000 but adds that this will be increasingly difficult.

One idea is to boost the number of officers working with schools to improve relations between children and police.

The report says the Met survived cuts of £600 million in recent years by axing 4,500 PCSOs and back-office staff and selling more than 120 buildings but states the force still needs to make hundreds of millions of savings.

The Mayor also announces plans for a victims commissioner to speak up for those affected by crime, and he pledges to roll out restorative justice programmes where victims meet offenders to explain the impact of their crimes.

Victims will be able to track the progress of their case online.

There are also plans for two Child Houses, described as a "one-stop shop for young victims to report sexual abuse and receive long-term support" with proposals to overhaul child protection in the capital.

A new effort is proposed to boost the number of ethnic minority officers in the Met with a plan for a new police "recruitment assessment" process to "select officers with unique skills for policing London".

The draft plan said the "MOPAC 7" targets introduced by Boris Johnson focused police resources on volume crime, at the expense of other serious crimes such as domestic abuse and child sexual exploitation. The study also confirms Mr Khan's commitment to sell three water cannon bought by his predecessor and use the money to tackle youth crime.

The public consultation on the plan runs until February 23

uaware addition - The Consultation

https://www.london.gov.uk/what-we-do/mayors-office-policing-and-crime-mopac/mopac-consultations/your-views-policing-and-crime

(1st December 2016)


THE TOWN IN BELARUS FROM WHERE CIGARETTES ARE SMUGGLED TO THE UK
(BBC News, dated 1st December 2016 author Angus Crawford)

Full article [Option 1]: www.bbc.co.uk/news/uk-38170754

A town in Belarus is producing billions of cigarettes a year, about a third of which are thought to be smuggled to the EU. How do they end up in the UK and what measures are taken to stop the illegal trade?

We pull into Grodno in the west of Belarus - effectively the last communist state in Europe and some say the "last dictatorship" too. In the most recent elections President Alexander Lukashenko was re-elected with 83% of the vote.

On the outskirts stand Soviet-era tower blocks, 15 storeys of cracked paint and crumbling brickwork.

But it's the long, yellow building with grilles on its windows stretching along Harnavych Street that we have come to see - the "Neman" cigarette factory.

It produces more than 20 billion cigarettes per year, but a third of them are thought to end up being smuggled into the European Union.

In the UK, 610 million cigarettes illegally sold in 2015 were estimated to have originated from Belarus.

Packets can be bought in Belarus for the equivalent of 40p but sold in the UK for as much as £3, making the illegal trade highly lucrative.

The cigarettes, with brand names such as NZ, Minsk and Fest, are made only for the market in Belarus and cannot be legally sold in the UK because no tax is paid on them.

Recent figures from HMRC put the amount of tax lost to the Treasury from the sale of illegal cigarettes at £1.6bn last year.

We did not receive permission to enter the factory or talk to the management. "The production of tobacco products is a commercial secret of the enterprise," we were told.

There is no evidence that the factory promotes the illegal trade.

Within a mile of the factory on the road to the Polish border we find a shop selling cigarettes 24 hours a day.

I ask the shop assistant how many I can buy and am asked "How many do you want?".

I tell her I want to take them to Lithuania and she advises me to hide them in the car.

Later we meet Viktor, who used to smuggle back in the 1990s and even wrote a book about it. He says people smuggle because the economy is in trouble and if you do not have a job in Belarus you have to pay the government a fine. Smuggling is how some people get the money for the fine.

On the same road closer to the border we found another shop, again open 24 hours a day.

The rules about taking cigarettes into the EU are clear - only two packs per person.

The assistant again says we can buy as many as we like and even gives us advice on how to get them past customs and into the EU.

She suggests hiding them "about your body" and says people also make holes in their cars to hide them.

The assistant freely admits her shop is used by smugglers.

A recent report suggested 12% of all the cigarettes smuggled out of Belarus ended up in the UK.

'Two priorities'

Countries on the edge of the EU are stepping up efforts against the trade.

A patrol of Lithuanian border guards is checking the border fence with Belarus.

"We have two priorities, illegal immigrants and cigarette smuggling" says Border Guard Karolis Tumosa.

Smugglers often arrange to meet and simply throw packs over the fence. They have also used drones and GPS-tracked rafts on the Neman river.

At the nearby border post we are shown a lorry, found to have a false roof with 12,000 packets hidden underneath.

The Grodno cigarettes can be bought in markets across Lithuania for the equivalent of £1.50. But the real money is to be made sending shipments on to Germany, Italy and the UK. So how do they get there?

Channel Tunnel

Jonas, not his real name, was a Lithuanian police officer who also had a sideline in smuggling.

He was caught, sacked and sent to prison. He tells us smuggling is easy.

"Mostly they use minivans, or take the cigarettes on planes," he says. "It's more difficult to smuggle large amounts. The main route is through Calais and the Channel Tunnel. I went that way myself. Some go in large shipping containers, but most go on minibuses which have had hiding places prepared beforehand. You can fit up to five boxes into one bus or truck, all hidden so that nobody can find them."

We do our own research in shops and online in east London.

Within two hours we have bought the same brands from four separate sources. The first is a newsagent, a woman then meets us in the street, and another seller turns up in her car with a baby in the passenger seat.

We also spend a morning with Liverpool trading standards officers searching shops in the city.

In one shop Bert the sniffer dog leads his handler to a concrete step covered by a piece of carpet. Hidden behind fake bricks are a secret compartment and a hidden drawer. Inside are cigarettes from Grodno; NZ, Fest and Minsk.

Mark Wainwright from Trading standards describes the problem as "huge". As he loads another evidence bag into the van, he says simply, "On to the next one."

Newsagents who allow illegal cigarettes to be sold may have to pay a penalty of £5,000.

People caught smuggling large quantities of cigarettes into the UK can face up to 10 years in prison and an unlimited fine.

An HMRC spokesman said: "We are continuing to reduce the amount of illicit tobacco entering the UK from around the globe. Our close work with other enforcement agencies to tackle this practice is producing clear results, with over 3.5 billion illicit cigarettes and 599 tonnes of hand-rolling tobacco seized in last two years alone."

uaware - further information

So £1.6bn is lost in UK taxes. That's a quarter of the cost of the new aircraft carrier HMS Queen Elizabeth, nearly 2 Royal Navy Type 45 Destroyers, a hip operation costs around £14,000 - that avoided tax could pay for a million of those. Perhaps more poignant, lung transplants cost £23,000 each - that tax avoidance could pay for 500,000 of those. Makes you think doesn't it !

(1st December 2016)



TALKTALK AND POST OFFICE ROUTERS HIT BY CYBER-ATTACK
(BBC News, dated 1st December 2016)

Full article [Option 1]: www.bbc.co.uk/news/technology-38167453

TalkTalk and Post Office broadband customers have had their online access cut by an attack targeting certain types of internet routers.

A spokeswoman for the Post Office told the BBC that the problem began on Sunday and had affected about 100,000 of its customers.

Talk Talk also confirmed that some of its customers had been affected, and it was working on a fix.

It is not yet known who is responsible for the attack.

Earlier in the week, Germany's Deutsche Telekom revealed that up to 900,000 of its customers had lost their internet connection as a result of the attack.

It involves the use of a modified form of the Mirai worm - a type of malware that is spread via hijacked computers, which causes damage to equipment powered by Linux-based operating systems.

Mirai was also involved in an earlier attack that caused several of the world's leading websites to become inaccessible, including Spotify, Twitter and Reddit.

Several models of router are vulnerable to the latest cyber-assault, including the Zyxel AMG1302, which is used by the Post Office.

"We would like to reassure customers that no personal data or devices have been compromised," said the Post Office's spokeswoman.

"We have identified the source of the problem and implemented a resolution which is currently being rolled out to all customers.

"For those customers who are still having problems, we are advising them to reboot their router."

Doing so causes the machine to make use of updated software.

The same router is also used by Kcom, an internet service provider (ISP) based in Hull, whose customers have also been affected.

"The vast majority of our customers are now able to connect to and use their broadband service as usual," the firm said in a statement.

"Our core network was not affected at any time and we have put in place measures to block future attacks from impacting our customers' routers and their ability to access the internet."

Attack widens

TalkTalk also confirmed that its D-Link DSL-3780 routers were affected but said only a small percentage of its customers used them.

Security researchers had suggested that the routers were vulnerable to the Mirai malware. According to the Downdetector website, TalkTalk customers have reported disruption to their internet service over the past days.

(1st December 2016)


NOVEMBER 2016


COMPUTER SECURITY REVIEW - NOVEMBER 2016

-----------------------
DEUTSCHE TELEKOM SAYS UP TO 900,000 CUSTOMERS HIT WITH SUSPECTED CYBERATTACK
(International Business Times, dated 28th November 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/deutsche-telekom-says-900000-customers-hit-suspected-cyberattack-1593863

Hundreds of thousands of Deutsche Telekom customers in Germany have been knocked offline in what the leading telecommunications provider has described as a suspected cyberattack. The firm said roughly 900,000 of its 20 million fixed-line customers have faced issues.

The connectivity problems reportedly started on Sunday 27 November when users across the country started to complain their phone and internet services were offline. Deutsche Telekom said that "specific routers" were impacted but did not reveal further details.

"Some customers are experiencing temporary problems or very marked fluctuations in quality, but there are also customers for whom the service is not working at all," the firm said in a statement published on the homepage of its website.

-----------------------
HACKERS TARGET HIGH-PROFILE CUSTOMERS OF LIECHTENSTEIN BANK IN EXTORTION SCAM
(International Business Times, dated 28th November 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/hackers-target-high-profile-customers-liechtenstein-bank-extortion-scam-report-1593772

High-profile customers of Chinese-owned Valartis Bank Liechtenstein have reportedly been targeted by an extortion scam. Hackers have allegedly gained access to the bank's systems and obtained account details of customers, a German newspaper reported.

The hackers have demanded that victims, including politicians, celebrities and wealthy personalities, transfer 10% of their account balance via bitcoins, Bild am Sonntag reported. Victims reportedly received the extortion demand in an email on 25 November.

In case victims refuse to comply with their demands, the scammers have threatened to expose the stolen data to the media and the authorities.

-----------------------
JAPAN TARGETED BY SUSPECTED STATE-SPONSORED CYBERATTACK
(International Business Times, dated 28th November 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/japan-targeted-by-suspected-state-sponsored-cyberattack-1593741

The Japanese defence ministry's computer networks could have been subjected to a breach - sometime in September. Local reports cited officials confirming the attack. However, Bloomberg reported that a ministry official denied the occurrence of the incident.

According to Kyodo News, the defence ministry and the Self-Defense Forces (SDF) were victim of a suspected state-backed cyberattack, where a hacker allegedly infiltrated the shared communications networks. Authorities fear that data may have been accessed by the hacker.

-----------------------
SAN FRANCISCO TRANSPORT SYSTEM HELD TO RANSOM IN CYBERATTACK
(International Business Times, dated 28th November 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/san-franciscos-transport-system-held-ransom-cyberattack-giving-passengers-free-rides-1593724

San Francisco's transport system was hit by a ransomware attack with hacker/hackers demanding a ransom of 100 bitcoins ($70,000, £56,000, €66,000). Following the attack, ticket machines shut down and passengers of the San Francisco Municipal Railway (MUNI) were allowed to ride for free, according to reports.

Over 2,000 systems were hit by a variant of the HDDCrypto ransomware, according to a report by The Register. The attack affected systems including office admin desktops, email and print servers, employee laptops, payroll systems, SQL database, station kiosk PCs and lost and found property terminals.

"There's no impact on the transit service, but we have opened the fare gates as a precaution to minimise customer impact," MUNI spokesperson Paul Rose told a CBS affiliate. "Because this is an ongoing investigation it would not be appropriate to provide additional details at this point."

-----------------------
HACKERS TARGET THE EUROPEAN COMMISSION
(Euronews, dated 25th November 2016)

Article [Option 1]:

www.euronews.com/2016/11/25/hackers-target-european-commission

Hackers have targeted the European Commission's computer network - trying to overload and crash it.

Officials say connection speeds were affected on Thursday, but there was no data breach.

"The Commission was indeed targeted by an attempt to saturate our internet connection. The Commission took effective counter-measures and there was no interruption of service," said Margaritis Schinas, a European Commission spokesman.

"Generally speaking, the attribution of these attacks is difficult, because different attackers share and use the same tools and methods."

The hackers launched their attack on the same day that Ukrainian President Petro Poroshenko was in Brussels for a summit.

Schinas declined to comment on whether there was any connection.

###uaware other snippets :

www.politico.eu/article/hackers-attack-european-commission/

-----------------------
A DDoS - FOR - HIRE SERVICE NOW ADVERTISING RENTING OUT A 400,000 STRONG MIRAI BOTNET
(International Business Time, dated 25th November 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/ddos-hire-service-now-advertising-renting-out-400000-bot-strong-mirai-botnet-1593345

A "Distributed Denial of Service" DDoS-for-hire service, run by two hackers going by the pseudonyms Popopret and BestBuy, is now reportedly advertising a Mirai botnet up for rent. The Mirai botnet allegedly comprises of over 400,000 infected bots and may have been sired from the original Mirai source code.

Security researchers believe that the hackers renting out the botnet may likely be the operators of the largest known Mirai botnet. Popopret and BestBuy are also believed to have been behind the GovRAT malware, which was reportedly used to target the US government and businesses.

According to a report by Bleeping Computer, renting the botnet does not come cheap. Customers desiring to rent the botnet must do so for a minimum of two weeks. However, clients can determine the amount of bots, the attack duration and the DDoS cooldown (a term which refers to the length of time between consecutive attacks).

-----------------------
USE NAVY ADMITS ONE HACKED LAPTOP LEAKED PERSONAL DETAILS OF OVER 130,000 SAILORS
(International Business Times, dated 24th November 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/us-navy-admits-one-hacked-laptop-leaked-personal-details-over-130000-sailors-1593194

Hackers have managed to get their hands on personal and sensitive information of over 130,000 US Navy officials. The US Navy has acknowledged the security breach, adding that a laptop of a Navy contactor was hacked.

The hacked laptop belonged to an unnamed employee of Hewlett Packard Enterprise Services. The firm notified the Navy about the breach on 27 October. An NCIS (Naval Criminal Investigative Service) investigation revealed that sensitive information, including names and social security numbers of 134, 386 current and former sailors were stolen by hackers.

-----------------------
FBI HACKED INTO OVER 8,000 COMPUTERS IN 120 COUNTRIES WITH JUST ONE WARRANT, COURT DOCUMENT REVEAL
(International Business Times, dated 23rd November 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/fbi-hacked-into-over-8000-computers-120-countries-just-one-warrant-court-documents-reveal-1592953

Newly published court filings shed light on the magnitude of the FBI's mass hacking campaign related to the high-profile child pornography Playpen case. The bureau hacked into computers across 120 countries and obtained 8,000 IP addresses, with a single warrant, according to transcripts from a recent hearing in a related case.

The revelations come as the US government gears up for major changes to mass hacking authorisation policies, which would allow magistrate judges to grant law authorities permission to mass hack computers located in any part of the world. Current laws under America's Rule 41 prohibit such authorisations, but expansion of the law, expected to come into effect on 1 December, may arm agencies such as the FBI with additional hacking powers.

Earlier in the year, documents related to the Playpen case revealed that the FBI had hacked into over 1,000 computers, by deploying its malware called NIT (network investigative technique), with just one warrant. It was later uncovered that the FBI also hacked into computers in countries including Australia, Austria, Chile, Colombia, Denmark, Greece, and likely the UK, Turkey, and Norway. New court filings also reveal that the FBI hacked into a "satellite provider".

-----------------------
HACKER GROUP "COBALT" HITS ATMs ACROSS EUROPE
(International Business Times, dated 22nd November 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/hacker-group-cobalt-hits-atms-across-europe-1592748

A hacker group called Cobalt targeted ATMs across Europe in "smash and grab" operations. The hackers are reported to have remotely attacked ATMs using malicious software, which manipulated the systems to dispense cash.

Two of the biggest global ATM manufacturers, NCR and Diebold Nixdorf, said they were aware of the attacks and were working with customers in efforts to mitigate the threat. The targeted countries include Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, the Netherlands, Poland, Romania, Russia, Spain, the United Kingdom, and Malaysia, according to Russian cybersecurity firm Group IB.

Group IB researchers believe that Cobalt is linked to a well-known cybercrime syndicate called Buhtrap, which stole over 1.8m roubles ($28m) from Russian banks between August 2015 and January 2016. Researchers noted several similarities in the use of tools and techniques between Cobalt and Buhtrap. However, Buhtrap stole money via fraudulent wire transfers and not ATM jackpotting (a term referred to forcing ATMs to spit out cash).

-----------------------

SPAMMERS USING FACEBOOK MESSAGES TO SPREAD RANSOMWARE
(International Business Times, dated 21st November 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/spammers-using-facebook-messages-spread-notorious-locky-ransomware-1592665

Spammers are reportedly using Facebook's instant messaging (IM) feature to spread malware - including a notorious strain of ransomware called Locky - to unsuspecting users of the world's most popular social media platform.

The spam campaign, highlighted in a blog post by security researcher Bart Blaze on 20 November, was using the IM feature to spread a malware downloader called Nemucod hidden in an .svg file extension. It was reportedly able to easily bypass Facebook's spam filters.

The rogue image - which will open on any modern browser - contained a "heavily obfuscated script" that redirected the victim to a fake website that mimics YouTube.


-----------------------
MORE ANDROIDS CARRY PHONE-HOME FIRMWARE
(The Register, dated 20th November 2016 author Richard Chirgwin)

Full article [Option 1]:

www.theregister.co.uk/2016/11/20/more_androids_carry_phonehome_firmware/

Got a cheap-and-cheerful Android phone from BLU, Infinix, Doogee, Leagoo, IKU, Beeline or Xolo? It might be harbouring some badware in the firmware.

The issue affects phones that use an over-the-air update mechanism from Chinese company according to BitSight researcher Dan Dahlberg and Anubis Networks' João Gouveia and Tiago Pereira.

Since a firmware update runs at root, the phones in question are vulnerable to pretty much anything a malicious server might install. Which means a keylogger, bugging software, or anything else an attacker might contemplate.

In a twist that doesn't look like an accident, the vulnerable process tries to hide itself from the user and has a command that would let the manufacturer turn it off for six months or until the phone is rebooted.

-----------------------

CANADIAN ARMED FORCES RECRUITMENT WEBSITE HACKED
(International Business Times, dated 18th November 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/canadian-armed-forces-recruitment-website-hacked-users-redirected-chinese-government-home-page-1592242

Hackers hit the Canadian armed forces recruitment website on 17 November. The hacked site was reportedly redirecting users to the official home page of the Chinese government. It is still unclear if the attack compromised users' information in any way.

A spokesperson for the Canadian defence ministry, Ashley Lemire, confirmed the attack, the Guardian reported. Upon discovery of the attack, the site was hurriedly taken down by the armed forces. At the time of writing, the Canadian military recruitment site was still down.

-----------------------
A FULLY AUTOMATED CHEAP DEVICE CAN HACK YOUR LOCKED COMPUTER IN ONE MINUTE
(International Business Times, dated 17th November 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/fully-automated-5-device-called-poisontap-can-hack-your-locked-computer-just-one-minute-1591981

A serial hacker has come up with a little USB device that can hack into any computer, even one that is password protected, with little or no effort. Called PoisonTap, the $5 (£4) USB stick is reportedly able to hack into even a locked PC in just one minute.

The fully automated, proof-of-concept device works by opening up a web-based backdoor onto victims' PCs, which allows hackers to gain access to online accounts and their routers. Once plugged into a PC, it mimics a network device, purporting to be the entire internet, to attack all outbound connections and hoodwink computers into sending all its traffic to the device.

A Microsoft spokesperson told Wired that for PoistonTap to work, "physical access to a machine is required. So, the best defense is to avoid leaving laptops and computers unattended and to keep your software up to date".

-----------------------
PATIENT DATA FEARED AT RISK AS SEVEN NHS TRUSTS "SPENT NOTHING" ON CYBERSECURITY IN 2015
(International Business Times, dated 16th November 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/patient-data-feared-risk-seven-nhs-trusts-spent-nothing-cybersecurity-2015-1591852

Seven National Health Service (NHS) trusts serving over two million people in the UK reportedly failed to spend a single penny on cybersecurity protections last year - a discovery that could leave sensitive medical information vulnerable to exploitation by cybercriminals.

NHS trusts are set up to offer hospital services to geographic areas and can often be responsible for thousands of patients at a time. According to official statistics, the NHS deals with one million patients every 36 hours. Now, an investigation by Sky News has claimed the data of these users has been left at risk to "relatively unskilled" hackers.

Note : See full article on NEWS 2016 page

------------------------

SECURITY BOFFINS FIND ANDROID PHONING HOME - HOME BEING CHINA
(The Register, dated 15th November 2016 author Kieren McCarthy)

Full article [Option 1]:

www.theregister.co.uk/2016/11/15/android_phoning_home_to_china/

Security researchers have uncovered a secret backdoor in Android phones that sends almost all personally identifiable information to servers based in China.

The firmware is managed by Shanghai Adups Technology, and according to the company, is contained on over 700 million phones worldwide, including phones available in the United States.

Adups says that the firmware provides companies with data for customer support, but an analysis by Kryptowire revealed that the software sends the full bodies of text messages, contact lists, call history with full telephone numbers, and unique device identifiers including the International Mobile Subscriber Identity and the International Mobile Station Equipment Identity.

Or, in other words, everything that you would need to keep someone under surveillance.

Although Shanghai Adups is not affiliated with the Chinese government, the discovery of the firmware is being taken very seriously by US government officials: not least because the firmware does not disclose what it is doing and the firmware - spyware - comes pre-installed on new phones.

------------------------
412 MILLION USER ACCOUNTS EXPOSED I FRIENDFINDER NETWORKS HACK
(Computer Weekly, dated 14th November 2016 author Warwick Ashford)

Full article [Option 1]:

http://www.computerweekly.com/news/450402859/412-million-user-accounts-exposed-in-FriendFinder-Networks-hack?utm_medium=EM&asrc=EM_EDA_67900086&utm_campaign=20161114_412%20million%20user%20accounts%20exposed%20in%20FriendFinder%20Networks%20hack&utm_source=EDA

The user details of more than 412 million accounts have been exposed in a data breach at FriendFinder Networks, confirming poor password practices, according to breach notification site LeakedSource.

Nearly 340 million compromised accounts belong to the company's AdultFriendFinder swinger community site, while the rest belong to live sex chat site Cams.com (63,000), iCams.com (1.1 million), and others.

The compromised data reportedly includes usernames, account passwords, email addresses and the date of a user's last visit, but does not include sexual preference data according to ZDNet, as was the case in May 2015 when more than 3.5 million AdultFriendFinder accounts were exposed in a breach.

------------------------
NHS IT WORKER SENDS TEST EMAIL TO 1.2 MILLION NHS STAFF
(The Register, dated 14th November 2016 author Gareth Corfield)

Full article [Option 1]:

www.theregister.co.uk/2016/11/14/nhs_email_test_reply_all_fail_1_2_million_users/

A test email sent by accident to 1.2 million NHS workers has caused utter chaos after being sent from an apparently incorrectly configured* email distribution list.

The sender, who The Register will identify only as R, sent the blank message with a subject line that simply read "test" to a distribution list called CroydonPractices, according to irritated health service workers who contacted us.

The message somehow found its way to all NHS.net email addresses - and was immediately magnified by thoughtless people hitting "reply all" to point out the error and demand they be removed.

Sources said actual work emails were delayed by at least three hours at the time of writing, thanks to the huge volumes of traffic snarling up NHS.net servers. By 11.30am we were told that 70 or 80 people had reply-all'd to the message, inadvertently copying it to all 1.2 million NHS employees.

###uaware Comment

The NHS IT worker effectively created his own distributed denial of service attack on his employer !

See also :

www.theregister.co.uk/2016/11/14/nhs_blames_supplier_accenture_850k_user_reply_all_email/

-----------------------
24 CYBER CRIMINALS ARRESTED IN EUROPOL OPERATION
(Computer Weekly, dated 11th November 2016 author Warwick Ashford)

Full article [Option 1]:

www.computerweekly.com/news/450402767/24-cyber-criminals-arrested-in-Europol-operation

Romanian police have arrested 24 cyber criminals in a Europol operation aimed at dismantling a payment card fraud gang.

Police searched 18 houses in six Romanian counties and seized electronic devices, computers, mobile phones, equipment used to make card skimming devices and around €50,000 in cash.

Europol said the gang had installed skimming devices in several EU member states at automatic bank teller machines and self-service fuel stations to copy the magnetic stripe data from payment cards.

Criminal gangs are able to create clones of legitimate payment cards once they have copied all the necessary information from the card.

Card cloning has been suggested as one way the criminals who raided Tesco Bank could have tapped into 9,000 accounts in a short period of time to steal £2.5m. One of the affected Tesco Bank customers told the Mail Online that withdrawals using a card had been made in Brazil.

-----------------------
FIVE MAJOR RUSSIAN BANKS TARGETED BY IoT CYBERATTACK
(International Business Times, dated 11th November 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/five-major-russian-banks-targeted-by-iot-botnet-cyberattack-1591075

At least five major banks in Russia have been hit with a series of cyberattacks made possible by a malicious botnet consisting of roughly 24,000 computer systems and Internet of Things (IoT) devices from 30 different countries, a security firm has said.

Sberbank, Russia's largest state-controlled bank, alongside with four other financial intuitions, reportedly suffering a barrage of distributed-denial-of-service (DDoS) traffic starting on 8 November. The firms maintain that no customer funds were compromised in the attacks.

-----------------------
HACKER SHOWS HOW EASY IT IS TO TAKE OVER A CITY'S PUBLIC WiFi NETWORK
(Computer World, dated 10th November 2016 author Lucian Constantin)

Full article [Option 1]:

http://www.computerworld.com/article/3138014/security/hacker-shows-how-easy-it-is-to-take-over-a-citys-public-wi-fi-network.html

In a perfect example of how public wireless networks can be dangerous for privacy and security, an Israeli hacker showed that he could have taken over the free Wi-Fi network of an entire city.

On his way home from work one day, Amihai Neiderman, the head of research at Israeli cybersecurity firm Equus Technologies, spotted a wireless hotspot that he hadn't seen before. What made it unusual was that it was in an area with no buildings.

It turned out that the hotspot he saw, advertised as "FREE_TLV," was part of the citywide free Wi-Fi network set up by the local administration of Tel Aviv, Israel. This made Neiderman wonder: How secure is it?

For the next few weeks, finding a way to compromise this network became a side project to do in his free time. First he connected to the network through one of the access points spread around the city and checked what his new IP (Internet Protocol) address was.

uaware abbreviation : From there he managed to discover the routers manufacturer and the routers firmware software version. He downloaded the software to an emulator where he discovered the software could be corrupted......

-----------------------
HACKERS LEAVE FINNISH RESIDENTS COLD AFTER DDoS ATTACK KNOCKS OUT HEATING SYSTEMS
(International Business Times, dated 9th November 2016 author India Ashok)
Full article [Option 1]:

www.ibtimes.co.uk/hackers-leave-finnish-residents-cold-after-ddos-attack-knocks-out-heating-systems-1590639

Residents of two apartment buildings in Lappeenranta city in southeast Finland were left in the cold after a DDoS attack knocked out heating systems. The cyberattack is believed to have lasted for nearly a week, starting in late October and ending on 3 November, local reports said.

In an attempt to ward off the attacks and remain functional, the targeted systems went into an endless cycle of rebooting. This in turn resulted in the heating system being cut off, leaving residents with no heat and presumably, cold showers. "Remote connection was not working, so went on-site for more inspections," Rounela said. He explained that the controlling systems affected by the attack rebooted every 5 minutes until they eventually stopped functioning altogether.

-----------------------
GOOGLE TO PATCH CHROME MOBILE HOLE AFTER BANK TROJAN HITS 318,000 USERS
(The Register, dated 8th November 2016 auther Darren Pauli)

Full article [Option 1]:

www.theregister.co.uk/2016/11/08/google_to_patch_chrome_mobile_hole_after_bank_trojan_hits_318k_users/

An Android Chrome bug that's already under attack - with criminals pushing banking trojans to more than 300,000 devices - won't get patched until the next release of the mobile browser.

The flaw allows malware writers to quietly download Android app installation (.apk) files to devices without requiring approval.

Users need to install the banking trojan apps and tweak settings to allow installation of apps from stores other than Google Playto be infected; however, attackers increased the likelihood of compromise by using the titles of popular Android apps such as Skype, MinecraftPE, and WhatsApp.

Kaspersky researchers Mikhail Kuzin and Nikita Buchka found the flaw last month in a wide-spread campaign across Russian news sites and web properties.

------------------------
FBI USED MALWARE LIKE "A GRENADE" TO HACK TORMAIL USERS
(International Business Times, dated 8th November 2016 author India Ashok)
Full article [Option 1]:

www.ibtimes.co.uk/fbi-used-malware-like-grenade-hack-tormail-users-unsealed-court-documents-show-1590381

Privacy experts believe that the FBI illegally exceeded the scope of previously obtained warrants that granted them permission to hack specific TorMail users. The agency had gained permission to hack into 300 users of the dark web email service in 2013. However, unsealed court documents, including the warrants and applications, now reveal that the FBI may have hacked legitimate TorMail users as well.

-----------------------
WORLD LEADING HEART HOSPITAL LUCKY TO DODGE RANSOMWARE HIT
(The register, dated 4th November 2016 author SA Mathieson)

Full article [Option 1]:

www.theregister.co.uk/2016/11/04/papworth_ransomware_dodge/

World-leading Papworth Hospital has escaped a full-on zero-day crypto ransomware attack thanks to the "very, very lucky" timing of its daily backup.

It's believed that an on-duty nurse at the heart and lung hospital in Cambridgeshire, UK, unwittingly clicked on something in an infected email, activating the attack at about 11pm on a Saturday night a few months back.

But the malware did not start encrypting files until after midnight - just after the daily backup had completed, ICT director Jane Berezynskyj has said.

The NHS foundation trust had made recovery plans and recruited experienced staff following earlier attacks, but Berezynskyj said: "We were also very, very lucky. Timing absolutely was everything for us."

Papworth has since moved to hourly incremental backups, using mixed media including tape, given that some attacks target digital backups.

----------------------
WeMo DEVICES CAN HACK YOUR ANDROID PHONE, SO ATTACKER CAN TRACK YOU
(Computer World, dated 2nd November 2016 author Darlene Storm)

Full article [Option 1]:

http://www.computerworld.com/article/3138004/security/wemo-devices-can-hack-your-android-phone-so-attacker-can-track-you-steal-photos.html?

On November 4, Joe Tanen and Scott Tenaglia, security researchers at Invincea Labs, will show you how to root a Belkin WeMo device and then inject code into the WeMo Android app from a WeMo device. They added, "That's right, we will show you how to make your IoT hack your phone."

Between 100,000 to 500,000 people should be paying attention, since Google Play says that is how many installs the Android WeMo app has. Everyone else should take note that this is a first, even for the insecure murky IoT waters.

"In the past, people may not have been concerned if there were vulnerabilities with their internet-connected lighting or crockpot, but now that we've discovered that bugs in IoT systems can impact their smartphones, people will pay a bit more attention," Tenaglia told Dark Reading. "It's the first case that we've found that an insecure IoT device could be used to run malicious code inside a phone."

----------------------
GOOGLE CLASHES WITH MICROSOFT OVER WINDOWS FLAW DISCLOSURE
(Computer World, dated 1st November 2016 author Michael Kan)

Full article [Option 1]:

www.computerworld.com/article/3137192/security/google-clashes-with-microsoft-over-windows-flaw-disclosure.html

Google and Microsoft are butting heads over the disclosure of vulnerabilities. On Monday, Google revealed a critical flaw in Windows after it gave Microsoft a ten-day window to warn the public about it.

Google posted about the zero-day vulnerability on its security blog, saying Microsoft had yet to publish a fix or issue an advisory about the software flaw.

"This vulnerability is particularly serious because we know it is being actively exploited," Google said. It lets hackers exploit a bug in the Windows kernel, via a win32k.sys system call, to bypass the security sandbox.

The search giant originally told Microsoft about the problem 10 days ago, on Oct. 21. It waited to say anything about it publicly so Microsoft could fix the problem first. But Google has a strict policy of giving vendors only seven days to either publish a patch or issue a warning about a flaw.

----------------------

(1st December 2016)



MORE THAN 2,000 POLICE DATA BREACHES IN 4.5 YEARS, REPORT REVEALS
(Computer Weekly, dated 5th July 2016 author Warwick Ashford)

Full article [Option 1]:

www.computerweekly.com/news/450299647/More-than-2000-police-data-breaches-in-45-years-report-reveals

The Safe in Police Hands? report, based on freedom of information (FOI) requests, reveals that between June 2011 and December 2015 police officers and staff were responsible for at least 2,315 data breaches.

The greatest number of data breaches were by the West Midlands Police (488), followed by the Surrey Police (202), Humberside Police (168), and Avon and Somerset Police (163).

More than 800 employees accessed personal information for no policing purpose, while data was shared inappropriately or without authorisation almost 900 times, the report claims.

Specific incidents show officers misusing their access to information for financial gain and passing sensitive information to members of organised crime groups, the report said.

In more than half the cases, the report said no formal disciplinary action was taken, while a written or verbal warning was issued in only 11% of cases.

However, 13% of cases resulted in either a resignation or dismissal and 3% resulted in a criminal conviction or a caution.

Considering data is now the driving force of society, Big Brother Watch said any breach can pose a threat to our privacy and security.

"Abusing access to private and sensitive information is not acceptable by anyone, but particularly by those charged with keeping us safe and upholding the law," the group said in a statement.

As a result of the government's digital by default policy, the report notes that the levels of data the police handle will increase.

"While there have been improvements in how forces ensure data is handled correctly, this report reveals there is still room for improvement. Forces must look closely at the controls in place to prevent misuse and abuse," the report said.

With the potential introduction of internet connection records (ICRs), as outlined in the Investigatory Powers Bill, the report said the police will be able to access data which will offer the deepest insight possible into the personal lives of all UK citizens.

Big Brother Watch said the breach of such detailed information would be over and above the extent of the breaches outlined in the report.

Big Brother Watch policy receommendations


Based on the findings of this report, Big Brother Watch has proposed 5 policy recommendations aimed at enhancing protections for personal information and ensuring that serious data breaches are properly punished.

Big Brother Watch recommends:

- The introduction of custodial sentences for serious data breaches.
- That where a serious breach is uncovered the individual should be given a criminal record.
- The mandatory reporting of a breach that concerns a member of the public.
- The removal of internet connection records from the Investigatory Powers Bill.
- The adoption of the EU General Data Protection Regulation (GDPR) despite the Brexit vote.

"We trust the police to keep us safe, in the 21st century that is as much about keeping our data secure as protecting us on the streets," said Renate Samson, chief executive of Big Brother Watch.

"The revelation that the police are still committing 10 data breaches a week shows that work still needs to be done before we can be sure our personal information is safe in their hands.

"The government are about to give law enforcement access to the details of all the websites each and every one of us look at. In light of our findings, questions must be asked about whether more access will make for better policing, or only increase the opportunities for misuse."

(1st December 2016)



THE MOST SERVERE CRIMES UP BY 30% IN SOME AREAS
(The Telegraph, dated 30th November 2016 author Martin Evans)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/11/30/severe-crimes-30-per-cent-areas/

The most severe crimes, such as murder, rape and violent offences are up by almost a third in some areas, even though overall crime might be falling in the same location, according to new analysis.

A new way of measuring crime in England and Wales will now rank offences according to the harm they cause, rather than simply recording the overall number.

Under the new system each offence will be given a Crime Severity Score, with murder weighted at 7,979 and cannabis possession the lowest with three points.

Attempted murder is rated as the second most severe, with 4,663 followed by aiding suicide and a number of rape offences.

Robbery is rated higher than child abduction, while immigration offences are given a slightly greater weighting than arson.

As well as cannabis possession, other crimes with low weightings include soliciting for prostitution and criminal damage.

Applying the new system, the Office for National Statistics (ONS) found that West Yorkshire had the highest crime severity score, followed by London, with Dyfed-Powys the lowest.

The ONS said over the past 14-years the overall crime rate and the Crime Severity Score had shown similar trends.

But the statistics showed that in some areas the most severe crime had risen at a faster rate than the overall rate.

In Nottinghamshire the offence rate had increased by 5 per cent, while the Severity Score increased by 30 per cent.

Part of the reason for the increase could be down to improved recording techniques, after Her Majesty's Inspectorate of Constabulary was highly critical of forces for under reporting certain offences.

The ONS added: "Since recent recording improvements have focused particularly on violent crime and sexual offences (for which weights are typically higher), increases in crime recorded by the police are likely to be more pronounced in the Crime Severity Score than in standard crime counts."

The new system of measuring criminal offences is intended to provide a more accurate picture of the harm caused by crime as well as pinpointing the areas where these take place.

In its paper, the ONS said the weighting was "not intended to be a pure ranking of severity of offences" but provided the basis for deriving a severity score.

Once the weights are calculated for each individual offence, they are multiplied by the number of incidents recorded by the police, added up and then divided by the estimated population.

For England and Wales as a whole, the headline severity score for 2015/16 was 11.2 - down compared with 14.7 in 2002/03 but up on 9.6 in 2010/11.

The rise in the severity score in 2015/16 compared with five years earlier was sharper than that for the offence rate.

Crime figures have come under close scrutiny in recent years.

The ONS said the severity score is intended to complement existing police recorded crime data, and is aimed principally as an "analytical tool" for expert analysts.

Crime Severity Score Table

Murder - 7,979 points
Attempted murder - 4,663
Robbery - 746
Child abduction - 293
Immigration offences 447
Arson - 439
Criminal damage - 7
Soliciting for prostitution - 4
Cannabis possession - 3

uaware comment

I do not know what is worse, having a crime severity rating or quoting crimes based on the size of population. For example, if one person is murdered in a ward of 100,000 residents as a crime statistic that would appear as .001. Why quote a death as a statistic or in terms of severity ? I seems to be statistics for statistics sake.

Eleven robberies (11 x 746) is more severe than a murder ?????

(1st December 2016)



NATIONAL LOTTERY ACCOUNTS FEARED HACKED (Extract)
(BBC News, dated 30th November 2016 author Leo Kelion)

Full article [Option 1]:

www.bbc.co.uk/news/technology-38155710

About 26,500 National Lottery accounts are feared to have been hacked, according to its operator Camelot.

The firm said it did not believe its own systems had been compromised, but rather that the players' login details had been stolen from elsewhere.

The company said that no money had been taken from or added to the compromised accounts.

But it added that there had been other suspicious activity on fewer than 50 of them.

The Information Commissioner's Office said it had launched an investigation into the matter.

"Camelot submitted a breach report to us last night which we have reviewed. We will be talking to Camelot today," said a spokeswoman.

"The Data Protection Act requires organisations to do all they can to keep personal data secure - that includes protecting it from cyberattacks. Where we find this has not happened, we can take action.

"Organisations should be reminded that cybersecurity is a matter for the boardroom, not just the IT department."

Personal information

Camelot said it became aware of the problem on Sunday.

"We are currently taking all the necessary steps to fully understand what has happened, but we believe that the email address and password used on the National Lottery website may have been stolen from another website where affected players use the same details," it said in a statement.

"We do not hold full debit card or bank account details in National Lottery players' online accounts and no money has been taken or deposited.

"However, we do believe that this attack may have resulted in some of the personal information that the affected players hold in their online account being accessed."

A spokeswoman added that the accounts represented a small fraction of the draw's 9.5 million registered online players.

Camelot is contacting the owners of the accounts thought to have been compromised and instructing them to change their passwords.

One security expert said there had been many recent attacks where logins stolen from one platform had been tested and used to breach another.

But he still had concerns about Camelot's explanation.

"If there's 26,500 accounts here and they are saying the credentials are correct but they didn't come from us, they still let an attacker log in 26,500 times," said Troy Hunt.

"That alone is something that illustrates a deficiency."

Camelot has defended its systems.

"We do have extremely robust systems in place. However, cybercriminals are very persistent and, in this case, used multiple, different IP [internet protocol] addresses over a short period of time.

"As soon as we detected [a] significant increase in both attempted and failed log-ins, we were able to quickly take action to block them."

(1st December 2016)



HUGE RISE IN "SEXTORTION" BY CRIME GANGS USING SOCIAL MEDIA
(The Telegraph, dated 30th November 2016 author Patrick Sawyer)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/11/30/huge-rise-sextortion-crime-gangs-using-social-media-entrap-victims/

Organised criminal gangs are blackmailing growing numbers of young men after using social media to entice them into performing sex acts on screen.

Police have revealed an unprecedented rise in the new crime of webcam blackmail - known as 'sextortion' - with more than 900 cases reported so far this year.

That is already more than double the total for the whole of 2015.

But senior officers at the National Crime Agency fear the true scale of the problem is far bigger, with many victims too ashamed to report their involvement to police.

Among recent victims were four young men who became so desperate at the thought of being publicly humiliated that they took their own lives.

Police are now launching a campaign to raise awareness of the problem, including an hard-hitting film to be shown on Facebook, Youtube and other social media platforms to warn of the dangers of entrapment.

The phenomenon has mushroomed alongside the use of social media by growing numbers of people, particularly in their teens and twenties.

Some of the victims are as young as 14. While the majority are in the 18 to 24 age bracket, there are also some in their 50s to 80s. More than 90 per cent of victims are male.

Assistant Commissioner Martin Hewitt, the National Police Chiefs' Council lead for adult sexual offences, said: "This is a really worrying, emerging new threat. As a result to this crime we've already had four young men in the UK kill themselves because they saw no way out of the situation they had got themselves into."

Roy Sinclair, head of operations at the NCA's anti-kidnap and extortion unit, added: "There is huge under-reporting of these kinds of offences, often because victims feel ashamed or embarrassed, but of course criminals are relying on that reaction in order to succeed.

"This is still a relatively new and emerging type of crime. However the trend is clear. Cases of webcam blackmail - or sextortion - are going up dramatically. As recently as 2012 we were only getting a handful of reports, now we're getting hundreds."

The crime is deceptively simple, typically involving the intended victim being approached through social media by an ostensibly attractive young woman who entices into engaging in explicit conversation culminating in a sex act.

As soon as the act has been caught on camera the victim receives a demand for cash, ranging typically from £50 to £500, with the treat the recorded film will be sent to all their friends and contacts - downloaded while the victim was online - and broadcast across the internet.

Behind the young woman used to enticing the victim on-screen will lie an organised crime gang, sometimes operating in the UK but frequently based overseas, targeting hundreds of other victims at a time.

British police have traced a number of the gangs to Morocco, the Philippines and the Ivory coast, where officers are working with the local authorities to help smash their operations and bring the perpetrators to justice.

Forty men were arrested in the Philippines after two raids in June following intelligence supplied to local police by British officers.

One of the cases being brought to trial involves one of the four suicide victims, though police would not reveal further details because of the extreme sensitivity of the case.

Among the other victims this year was a man in his 20s from Northern Ireland who was blackmailed after being approached on through a dating app by a young woman.

After sharing explicit photographs of himself the woman threatened to send them to his family and Facebook friends and demanded payment.

The young man, known only as Jimmy to protect his identity, sent her £150 via PayPal before going to the police.

He said: "I was so worried about what my friends and family would think. I've spoken to my mum about it, that was tough enough, but I still can't talk to anyone else. I'm OK now but at the time it was so hard."

The NCA film, featuring a young blackmailer called 'Jess', is to be broadcast on Facebook, Youtube and other social media platforms to warn of the dangers of sextortion.

Police advice social media users never to do anything compromising online with someone they don't know or trust; cease all contact immediately if they receive a blackmail demand; never under any circumstance pay the blackmailer; and immediately report the matter to the police.

Assistant Commissioner Hewitt said: "This kind of offence is being perpetrated by organised crime and we will take it seriously."

uaware further information

www.nationalcrimeagency.gov.uk/news/960-help-available-for-webcam-blackmail-victims-don-t-panic-and-don-t-pay

From an article in the International Business Times, dated 30th November 2016 :

New figures from the National Crime Agency (NCA) show there have been 864 reported cases in the UK so far this year, more thandouble the figure for the whole of 2015. In 2011 there were just nine reported cases.

(1st December 2016)



FA "PULLED ALL FUNDING" FROM CHILD PROTECTION PROJECT

(BBC News, dated 30th November 2016 author Jim Read)

Full article : www.bbc.co.uk/news/uk-38145061

By Jim Reed (Reporter, Victoria Derbyshire programme)

The Football Association scrapped a flagship project meant to ensure children were being protected from sexual abuse, the BBC's Victoria Derbyshire programme has learned.

In 2003, the FA pulled all funding from a major review of its child protection policies, three years early.

An evaluation of the project later suggested some FA staff had also been bullied into not talking.

The FA said it could not comment due to a new review into sex abuse.

It has instructed independent leading counsel Kate Gallafent QC to oversee an internal review, following allegations of sexual abuse in football.

It is understood the decision to pull funding for the project in 2003 will form part of this.

'FA resistance'

The five-year research study was commissioned by the FA in 2001 to map the state of child protection across all clubs, and to monitor the impact of a new strategy it had rolled out across England to protect under-18s.

It was thought to be the first sports body in the world to commission such detailed research into child protection.

In the first two years of the project, a team of academics behind the study interviewed 189 children and spoke to senior coaches, referees and administrators across all levels of the game.

The authors were effectively representatives of the FA - carrying FA badges and business cards.

But an evaluation of the project published in 2007 appears to show the project met some resistance from inside the Football Association itself.

It said the authors found some staff at the organisation had been bullied into not talking, and that information had not been provided on time or in enough detail.

Of the 13 members of FA staff contacted by the academics to give interviews and evidence for the project, only four responded.

Across the project as a whole, the authors were described as being "seen as the police" and subject to some verbal attacks.

The researchers were said to have found a "wall of silence" from some people they had tried to speak to.

'Used to deflect attention'


It is understood that in April 2002 the scale of the project was significantly scaled back, with some internet survey work reduced and the number of interviews cut in half.

Then in 2003, after the sudden resignation of Adam Crozier as FA chief executive, all funding was pulled and the project was closed down three years before it was due to complete its work.

The authors were told the decision had been because of budget cuts at the FA.

The report's lead author, Celia Brackenridge from Brunel University, said she had to threaten the organisation with legal action in the small claims court to pay its bills.

She wrote in her notes at the time: "The whole business has drained me and left me feeling even more cynical about their stated intentions to develop welfare initiatives.

"England have been warned that they will be kicked out of the European Cup if there is one more pitch invasion or racist incident at a game and that should at least keep the new equity strategy to the forefront but, as for child protection, who knows?"

She later wrote: "It left me asking myself whether some of the senior officers in the game might not be simply using child protection as a kind of ethical fig leaf, to cover their embarrassment at the many problems facing the game - doping, crowd control, bungs and fixes - among others.

"The more the FA could trumpet their work for children, the better they could deflect attention from the uglier side of the game."

But Ms Brackenridge said some senior FA staff, directly responsible for child protection, were "exemplary" in their dealings with the research team.

At the time funding was removed, and the project ended, she said their work did show that the new measures introduced by the FA appeared to be working effectively.

'Extremely concerning'

MP Damian Collins, chairman of the Commons Culture, Media and Sport Select Committee, said claims the FA scrapped the project were "extremely concerning".

"It helps to feed the impression that many people will have, that people within football were aware that there was a problem with child protection - people at clubs, people at the FA.

"People will now look at this story and say 'is this further evidence that there were some people at the Football Association who didn't want to pursue this as properly as they should have done, which may have meant that stories of abuse went unreported and [were not] investigated?'."

In an interview with the BBC on Tuesday, FA chairman Greg Clarke described how he had talked to all 43 English county Football Associations about their safeguarding procedures which were "front of mind" in the FA.

"We have a lot of people working on it," he said. "We have 8,500 safeguarding officers, 55,000 criminal record checks done on people every year and we have 35000 people trained every year in child safe guarding.

"I don't think we can ever say things are clean," he added.

"Because our job is to be paranoid about the safety of children in our game, every year we need to assume bad things are happening, and make sure our process, and our training, and our investment is as good as it can be and we do that every year overseen by the NSPCC and you will never see complacency at the FA."

Meanwhile, North Yorkshire Police has become the latest force to confirm it is investigating allegations of historical child sexual abuse in football.

Police in Dorset, Staffordshire, Greater Manchester, Cambridgeshire, Hampshire, Cheshire, the North East, London and Scotland also have investigations.

North Wales Police said it had received "a number of reports" of historical sexual abuse within football.

(1st December 2016)



EUROPOL DATA BREACH BY FORMER AGENT LEAKS "HISTORICAL" DATA ON 54 TERRORISM INVESTIGATIONS
(International Business Times, dated 30th November 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/europol-data-breach-by-former-agent-leaks-historical-data-54-terrorism-investigations-1594186

Over 700 pages full of sensitive files detailing various terrorism investigations spearheaded by crime-fighting agency Europol have reportedly been exposed online. The data, spanning from 2006 to 2008, was found on a hard drive connected to the internet without password protection.

According to Zembla, the Dutch television programme that uncovered the leak, the dossiers - which allegedly referenced 54 separate European investigations - were mishandled by a national police employee who brought them home against Europol policy.

The files included analysis of the Hofstad Network, the Madrid bombings and foiled attacks on airplanes with liquid explosives, Zembla said. They also featured "hundreds of names" and telephone numbers believed to be linked with terrorism alongside information on investigations never made public.

The TV programme cited Wil van Gemert, the deputy director of Europol, as acknowledging the validity of the leak. "This affects confidentiality and that is why we immediately set up an investigation to see how this could have happened," he is quoted as saying.

The police chief admitted that some identities included in the exposed files may still be under "long-term" active investigation. "The fact that they were ten years ago, part of an investigation, can still mean that they are part of an investigation," Van Gemert added.

Europol spokesperson Jan Op Gen Oorth told IBTimes UK that because no on-going investigations have been jeopardised the agency does not consider the incident to be a leak.

"The concerned former staff member, who is an experienced police officer from a national authority, uploaded Europol data to a private storage device while still working at Europol, in clear contravention to Europol policy," he explained.

Op Gen Oorth continued: "A security investigation regarding this case is ongoing, in coordination with the respective authorities at national level to which the staff member returned. Current information suggests that the security breach was not ill-intended.

"Although this case relates to Europol sensitive information dating from around 10 years ago, Europol immediately informed the concerned Member States. As of today, there is no indication that an investigation has been jeopardised, due to the compromise of this historical data."

The dossiers have not been published online to protect the sensitive nature of the data. It is unclear if any unauthorised access occurred while they were exposed to the open internet. Zembla said it would not release the files to ensure it did not "bring terrorism investigations [into] danger."

Sophie in 't Veld, a privacy campaigner and Dutch member of the European Parliament (MEP), tweeted on 30 November: "Huge data leak. Will call for @EU_Commission and @Europol director to come and inform @Europarl_EN."

Dr Bibi van Ginkel, terrorism expert and senior research fellow at the Clingendael Institute think tank in The Netherlands, tweeted: "Police organisations never want to reveal how much they know to prevent bad guys understanding how police operates/infiltrates. She added: "This leak might jeopardise trust between states."

Europol, headquartered in The Hague, assists the 28 EU member states in their fight against serious international crime and terrorism. It helps combat terrorism, money laundering, drug trafficking, fraud, counterfeiting, cybercrime and other major illicit operations.

Recently, the European Union's legislative body, the European Commission (EC) was hit with a "large-scale" distributed-denial-of-service (DDoS) cyberattack that knocked its website and internal computer systems offline for "several hours" on 24 November.

While earlier this year, in a separate terrorism-related leak, a database called World-Check was left exposed online. According to researchers, it contained 2.2million records from 2014 that included "risk profiles" on individuals with alleged links to organised crime, terror groups and corruption.

Full statement from Europol:

"Europol operates state-of-the-art databases and secure communication capabilities for processing and analysing operational and classified information. Europol adheres to the highest standards of data security, including continuous security briefings provided to staff members: State-of-the-art security is the basis for maintaining trust among all the parties that share information and intelligence with and through Europol.

"As for any law enforcement agency processing sensitive information, the design of a robust system cannot completely eliminate human error. Europol has a robust framework in place regarding security clearance measures and sanctions for breaches of security rules.

"A recent case included in a Dutch television programme concerned the breach of an ex-Europol staff member with Europol's security regime. The concerned former staff member, who is an experienced police officer from a national authority, uploaded Europol data to a private storage device while still working at Europol, in clear contravention to Europol policy.

"A security investigation regarding this case is on-going, in coordination with the respective authorities at national level to which the staff member returned. Current information suggests that the security breach was not ill-intended.

"Although this case relates to Europol sensitive information dating from around 10 years ago, Europol immediately informed the concerned Member States. As of today, there is no indication that an investigation has been jeopardised, due to the compromise of this historical data. Europol will continue to assess the impact of the data in question, together with concerned Member States.

"Human error is the weakest link when it comes to the intersection of staff, data, and technology. Although this risk can never fully be ruled out, Europol's systems and the security training offered to Europol staff are constantly reviewed. Europol is serious about maintaining the trust from EU Member States and partners."

(1st December 2016)



BLETCHLEY PARK TRUST VOWS TO SHORE UP INSECURE WEBSITE

(The Register, dated 29th November 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/11/29/bletchley_insecure_website/

The Bletchley Park Trust has promised that a website revamp due in January will address security concerns highlighted by a security expert on Sunday.

Paul Moore slammed the site, which was home of the WWII Enigma codebreakers, for all manner of security shortcomings including emailing password resets and vulnerabilities to the well-known DROWN security flaw.

Moore further faulted Bletchley Park for a cross-site scripting flaw in a password field on its site.

It's fair to say that we are dealing with a national heritage/museum website, rather than a bank. But it's not unreasonable to suggest that those behind the site should be setting an example for similar businesses, in honour of the heroic security legacy they celebrate.

A techie who created the original site expressed embarrassment about its latest woes. "I was @bletchleypark's 1st webmaster back in the '90s, but that was a long time ago so don't blame me," said Jeffrey Goldberg on Twitter.

In a statement, a representative of the Bletchley Park Trust acknowledged the website's security shortcomings before stating that a more secure version is due to debut in the new year.

uaware comment

This has to be the best definition example for the word "irony" ! Especially when most of the museum sponsors are some of the largest IT supliers and researchers in the World who also look after the UK online banking websites.

(1st December 2016)



RANSOMWARE SCAMS COST BRITS £4.5m PER YEAR

(The Register, dated 28th November 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/11/28/ransomware_scams_hurt_brits/

More than 4,000 Brits have had their computers infected with ransomware this year, with over £4.5m paid out to cyber criminals, according to Action Fraud.

Ransomware is a type of malware that encrypts files of infected PCs before demanding an extortionate payment for the encryption key needed to recover data. The malware typically arrives in the form of malicious email attachments prospective marks are encouraged to open or through exploit kits that exploit software vulnerabilities to push malware onto the PCs of visiting surfers.

Representatives of the UK's national fraud and cyber reporting centre told the BBC that it was fighting the growing scam by both working with the antivirus industry and by taking down the domains, servers and networks of cybercriminals.

Paul Mitchell, from FixMeStick, a company that helps individuals and companies remove viruses and malware, warned that ransomware poses a potentially devastating threat to both companies and individual users alike.

A recent multi-country study by security software firm Malwarebytes found that nearly 40 per cent of businesses had experienced a ransomware attack in the previous year. Of these victims, more than a third had lost revenue and 20 per cent had to stop business completely.

(1st December 2016)



BANK CHIEFS : MAKE IT EASIER FOR US TO SHARE CUSTOMERS DATA TO FIGHT CRIME
(London Evening Standard, dated 28th November 2016 author Martin Bentham)

Full article [Option 1]:

www.standard.co.uk/news/london/bank-chiefs-demand-new-legal-powers-to-help-stop-terrorists-laundering-money-through-london-firms-a3406306.html

Banking chiefs are calling for new legal powers to help them stop terrorists and other criminals from chanelling funds through the City - after revealing that as much as £50 million is already "frozen" in accounts as suspected proceeds of crime.

In evidence to Parliament, the British Bankers' Association says its members have a "strong interest" in helping the authorities investigate criminal financing and regard the problem as a "very important" issue.

But it warns existing legislation makes it too difficult for banks to share information about their customers' accounts with each other. It says this is hindering efforts to identify illegal activity by making it harder to put together "jigsaw" pieces that would identify money launderers, fraudsters and terrorists.

The BBA, which represents 200 banks managing £7 trillion in UK assets, wants MPs to "lower the threshold" for intelligence-sharing and make it easier for institutions to help each other spot criminal transactions.

Making a submission to MPs examining the Government's new Criminal Finances Bill, it also revealed "banks have frozen thousands of accounts because of suspicions they are linked to criminality" worth an estimated total of between £30 and £50 million.

The "stock of suspended accounts" is expected to grow by £2.5 million a year. The BBA added: "The financial sector can... support law enforcement.

"However, members have strong concerns that the powers do not go as far as necessary. Greater intelligence-sharing powers would aid the prevention and detection of financial crime [and] create a far stronger intelligence picture to allow industry and law enforcement to protect the public from fraud, and better disrupt terrorist financing and organised crime."

At the moment banks are only able to divulge information about a customer's transactions if concerns are sufficient to trigger a "suspicious activity report" to law enforcers. The BBA says this threshold is too high.

Anthony Browne, chief executive of the BBA, told MPs: "If there was activity just below the formal level of suspicion, if [banks] could at that stage share intelligence like two pieces of a jigsaw, they could find out that something happening in bank A is also happening in bank B. That could ... enhance intelligence-sharing."

"Mules" and others who "are used to disguise money laundering including the proceeds of fraud or corruption" could also be more easily detected, they suggest.

The bankers concede that increased sharing of customers' data will raise concerns about civil liberties, but say these can be addressed by stating clearly in the new legislation details of "what information can be shared and when".

(1st December 2016)



POLICE FORCE WASTED AN HOUR A DAY USING PUBLIC 101 HOTLINE FOR FORCE ADMIN

(The Telegraph, dated 25th November 2016 author Tom Ough)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/11/25/devon-cornwall-police-wasted-hour-day-using-public-101-hotline/

Police wasted up to an hour a day calling the 101 telephone line to carry out administrative tasks.

The hotline, which is a non-emergency alternative to 999 that was introduced in 2006, is notorious for testing the public's patience thanks to long waiting times.

It was designed for the public to report crime and other concerns that do not require an emergency response.

But some forces have been misusing the hotline.

BBC reported that a memo was sent in March to Devon & Cornwall Police staff saying: "Police officers and police staff must cease immediately the practice of calling 101 for administrative tasks: on average one hour a day is being spent by 101 operator's (sic) managing this demand."

It explained that officers and staff had been using the hotline to request internal telephone numbers, but reminded them that there was a directory on the force's intranet.

Derbyshire Constabulary had also warned its officers not to abuse the 101 facility, the investigation found.

Chief Superintendent Jim Nye, Strategic Alliance Commander for Operations for Devon, Cornwall and Dorset said: "An internal message went out 8 months ago asking staff and officers not to contact 101 for tasks including requesting in and out of force telephone numbers.

"This was part of a wider internal message to promote the new force telephone directory which allowed staff and officers to locate said details themselves. We receive in the region of 2,000 calls a day to our 101 service, officer calls were averaging around 10 per day - since the message went out to staff and our new directory was launched, this practice has ceased entirely."

A spokesman also said that the hour a day figure was significantly less than the hundreds of man hours a day put in by call centre staff.

Superintendent Tracy Harrison, of Derbyshire Constabulary, said that staff had "responded positively" to instructions to use their online telephone directory rather than the public hotline.

"There are always times when it is appropriate for officers to call 101," she said, "but the recent introduction of mobile data equipment will reduce these calls even further."

Almost three-and-a-half million calls to 101, the police's non-emergency number, went unanswered in the last four years, according to figures uncovered in July.

Some callers to the number, designed to deal with reports of crime such as drug dealing and theft, waited for more than two hours before they either gave up or were answered.

The number of abandoned calls between 2012 and May this year is 3,469,984, according to Freedom of Information requests by the Daily Mail that were answered by 36 out of 43 UK police forces.

In 2015, a senior police officer admitted the public are wasting their time dialling 101.

Inspector Matt Johnson, from Cambridgeshire Police, left local politicians flabbergasted when he admitted in a public meeting that "life was too short" to use the service.

The inspector appeared to have realised his mistake almost immediately, and added: "I'm not supposed to say that."

His comments came after repeated criticisms of the 101 service.

It was designed to replace local police station numbers and cut the number of 999 calls by diverting non-urgent calls away from the main force control room.

The public also have to pay around 15p to call 101, while 999 calls are free of charge.

(1st December 2016)


CONSETT "BECAME PORN AND DATING PAYMENT HUB"
(BBC News, dated 25th November 2016)

Full article : www.bbc.co.uk/news/uk-england-tyne-38097382

Hundreds of people in a former steel-making town became directors of companies involved in pornography, dating, diets and travel, a Reuters investigation has revealed.

Residents in Consett, County Durham, were paid to forward post that came to their address, but said they otherwise had no involvement in the companies.

One, John Mawson, said he "didn't really know" what his role involved.

Simon Dowson, who set up the legal firms, said everyone was informed.

Mr Dowson, 35, from Shotley Bridge formed the shell entities to provide a UK address, directors, company records and tax returns to meet UK requirements so overseas online businesses could trade in Europe.

'Money was tight'


These were businesses considered by credit card companies to be at high risk of refund requests.

The investigation by the Reuters news agency found at least 429 unconnected people in the town were paid £50 cash to become directors, with a further £150 a year for forwarding company mail and fees for extra paperwork.

Mr Mawson, 61, was recruited by a neighbour who had already signed up.

"All we were told was that we would just get letters sent and all we had to do was hand them on," he told BBC Newcastle.

"Money was rather tight. All we wanted was a bit of extra cash."

Another director, Andrew McBride, 46, said he did not realise what he had agreed to, but accepted he should have checked further.

Mr Dowson was paid between £2,500 and £3,000 per shell company, administering 1,200 at his peak.

Using unconnected individuals as directors prevented "cross contamination" if credit card companies withdrew services from one company, he said.

"It's a very simple operation. It's commonplace. It's just not commonplace here," he said.

Mr Dowson said the directors were given information about the companies, their role and any documents they had to sign.

"There was nobody ever kept in the dark," he said.

Mr Mawson only found out a few years ago that one of his directorships involved pornography sites and wanted "nothing more to do" with the arrangement.

Mr Dowson said the overseas companies' trade included travel, bingo and "vanilla" dating sites, not just adult entertainment.

He has been investigated by the Insolvency Service, part of what is now the government's Department for Business, Energy and Industrial Strategy, he said.

Some of the firms using his service have also been investigated, and some closed down, but there have been no criminal charges or sanctions brought against Mr Dowson or any of the directors.

He was told what he had been doing was "incorrect or maybe not best practice" but "not illegal in any way, shape or form", he said.

He has agreed to stop using untrained people as directors and said his company formation business would soon close.

The government declined Reuters' request for comment.

(1st December 2016)


THE SECRET LIVES OF PASSWORDS
(London Evening Standard, dated 24th November 2016 author Phoebe Luckhurst)

Full article [Option 1]:

www.standard.co.uk/lifestyle/london-life/how-to-create-a-secure-password-for-your-emails-apps-and-social-media-accounts-a3403831.html

Today's crimes are virtual and intangible. Certainly, you could be burgled or someone might pluck your bag from under the table in the pub. But this year a report by the National Crime Agency certified that the balance had tipped from offline crime towards online. Computer misuse and cyber-enabled fraud now account for 53 per cent of all UK crime.

It's also an inevitable consequence of the smartphone's centrality to our lives. We shop and bank on apps; we pay by brushing devices against readers. We share home and email addresses complacently and we surf for dates by synching Tinder with our social media profiles.

At the centre of all these activities are passwords. They are the multipurpose key but you struggle (or can't be bothered) to come up with anything more inventive or secure than Mum's name and birthday, which you use for everything because you know you'll (probably) remember it.

This is no longer enough. Experts have called for us to up our game, while sites such as Instagram and Mastercard online banking are updating their password protocols, replacing secret phrases with selfies. So what else can you do to stay safe?

This week researchers reported that typing a password on your phone while connected to a public network can imprint signals onto radio waves that can in turn be read by hackers, and some criminals might create fake wi-fi hotspots to lure users. Loafing in a coffee shop using the wi-fi? You're endangering your data.

Facebook is trying to help. At a conference this month the social network revealed that criminals are using dark-web marketplaces to sell passwords leaked during data breaches. Facebook is also buying them, in order, it says, to protect its users - though critics argue that this practice could help fund cyber-terrorism. The caution is timely: yesterday, it was found that Deliveroo customers had been the victims of a hack, using passwords that had been stolen in previous privacy breaches - a phenomenon experts call the "domino effect".
The first thing you can do is change your passwords. "We're asking people to have a number of passwords for everything that matters," says Dr Bob Nowill, chairman of Cyber Security Challenge, an educational initiative for online safety. Controversially, he advocates writing them somewhere: "in a way that is protected - whether that's by storing them in a safe or using password management software".

You'll need to generate something secure first. Nowill explains that passwords using combinations of words are "a known construct - so pretty much every one can be broken with brute force". The key is to have passwords that are "distinct and complex" - and crucially not words. Instead, use a combination of random letters, symbols and numbers.

(1st December 2016)


POLICE WARNING OVER DATING APPS
(The Guardian, dated 24th November 2016 authors Caroline Davies and Sandra Laville)

Full article [Option 1]:

www.theguardian.com/uk-news/2016/nov/24/stephen-port-conviction-prompts-police-warning-over-dating-apps

A senior police officer is warning people who use dating apps to take extra security precautions as concerns grow over the scale of violence and sexual assaults linked to their use.

The conviction of Stephen Port for the serial killings of young men he met via a variety of dating apps, including Grindr and Gaydar, comes after the case of Stefano Brizzi, who killed a police officer, Gordon Semple, whom he met via the Grindr app.

The use of dating apps by perpetrators of sexual violence is one of the National Crime Agency's emerging threats to the general public. Recent figures showed the number of allegations of rapes linked to dating websites have risen sixfold in the last five years.

The NCA said in its most recent figures that 184 people had reported being raped by someone they had met via a dating app or website in 2014 - up from 33 in 2009. Twice as many people now report being raped by someone they met online as are attacked by a bogus taxi driver - a danger once seen as so great it attracted a huge public awareness campaign.

The Norfolk chief constable, Simon Bailey, national police lead on violence and public protection, said there was a direct connection between the use of dating apps and a rise in crime.

"The rising popularity of online dating apps and websites has contributed to an increase in the number of recorded crimes," said Bailey. "We strongly encourage users to report offences and seek support if they become a victim of any type of crime.

"I would urge those who use online dating apps to be as security-conscious as possible and not to share personal data with anyone until they are sure about those they are communicating with."

Port was a prolific user of gay dating apps including Grindr, Gaydar, FitLads, SlaveBoys, Hornet and Badoo. His case highlights how individuals with violent intentions can exploit the apps to gain the trust of victims. Port used a false name and a fake profile picture in some of his personal information to gain the trust of the men who were to meet him.

He used the names "shyguy", "top fun Joe", "Basketballguy" and a variety of others and cited his preference for "under 30" and slim men. In one profile, he claimed to be an Oxford graduate. In another, a special needs teacher.

"I am a shy, polite guy. Enjoy keeping in shape, love to have a good time. I am romantic, caring and would take good care of my partner. I am successful, educated and determined," he wrote. "I'm looking for fun/date/bf who is between 18-24, slim, smooth twink type, not too camp tho .... who has plenty of energy and enjoys a good time."

Bailey said the greatest danger was often at the first face-to-face meeting. He urged men and women who use dating apps to take security precautions when they met their "date" for the first time.

"If you are planning on meeting someone for the first time, take precautions and meet in a public place," he said. "Individuals should stop all communication with anyone who attempts to pressurise them into something they are not comfortable with. If this happens you should contact the dating app provider immediately to discuss your concerns and always report any criminal activity to the police."

The vulnerability of victims who meet people with violent intent via dating apps was starkly illustrated by the Port case. Having enticed his victim with a fake profile, Port would use his first meeting with the men to slip GHB into their drink, or in some cases, he would tell them it was lubricant. Within 15 minutes, they would be unconscious.

GHB, an anaesthetic, is popular on the dance and club scene, and is available in liquid form [liquid ecstasy] or powdered form.

In low doses, it is reported to produce euphoria, to lower social inhibition and increase libido. At higher doses, euphoria gives way to sedation. Still larger doses can induce coma. In some cases death can arise as a result of respiratory depression or inhalation of vomit. It is particularly dangerous when taken in conjunction with other sedatives, such as alcohol, or sleeping pills.

Port worked as a male escort - and was well aware of the power a stranger with violent intentions could hold over an unwitting victim.

When giving evidence he was asked about his safety as an escort. He replied: "I would never accept a drink or anything to eat off a client. And I always took my own lube, condoms and poppers." It was just such vulnerability he exploited in the victims he targeted.

(1st December 2016)


NO SUPER-KINKY WEB SMUT PLEASE, WE'RE BRITISH
(The Register, dated 24th November 2016 author Iain Thompson)

Full article [Option 1]:

www.theregister.co.uk/2016/11/24/internet_censors_to_block_certain_acts/

Film censors in the United Kingdom will be able to ban Brits from accessing websites that stream especially kinky X-rated videos, if a proposed change in the law gets up.

The Digital Economy bill, which is due to penetrate the statute books in early 2017, is set to include a provision that will allow the British Board of Film Classification to order internet service providers to block webpages that feature non-conventional sex acts - basically anything that you can't sell on a porno DVD in the UK, you won't be able to watch online either.

If this sounds familiar, it is: from 2014 onwards, Blighty's Audiovisual Media Services Regulations forbid smut vid websites from violating UK obscenity laws: if you can't legally flog a DVD featuring a particular naughty sex act in Blighty, you can't stream it online to Brits either.

Now the forthcoming Digital Economy Act takes the hard crackdown to broadband providers, requiring ISPs to block sites that fall foul of the British film classification board. The bill contains a provision that requires online porn slingers to verify the age of their UK-based gawpers. The age of a site's visitor must be sufficient for the webpage's classification in order to view the material - but if the page cannot be classified because it's too strong for the film censors, then age verification cannot be completed and access must be denied.

ISPs will be required to block pornography websites that do not perform age verification or are not classified. If ISPs refuse, they face stiff fines.

According to the notes attached to the bill's amendments:


This new clause enables the age-verification regulator to require internet service providers to prevent persons in the United Kingdom from being able to access material on the internet where it is being made available in contravention of clause 15(1) or is "prohibited material" as defined in clause 22.

The measures are being touted as a way to keep harmful content from children, and to ensure that children are not exploited. But campaigners are worried it's also the start of a slippery slope.

"It should not be the business of government to regulate what kinds of consensual adult sex can be viewed by adults," said Jodie Ginsberg, chief executive of Index on Censorship, told The Guardian.

While the BBFC doesn't have explicit guidelines on what is acceptable or not, years of regulating pornographic DVDs does give an inkling of what the censors would deem acceptable or otherwise. The 1958 Obscene Publications Act is also used as a reference point for the BBFC.

Based on past experience, male ejaculation is fine, but female ejaculation isn't allowed. Spanking or caning that leaves a visible mark is out, as well as anything involving urination, face sitting, menstrual blood, or sex in public. The fact that these acts are largely legal for those 16 and over doesn't enter into the calculations.

"In making this assessment, we will apply the standards that we apply to pornography that is distributed offline," a BBFC spokeswoman said. "If a website fails on either of these [age verification or obscene content] tests, then a notification of non-compliance will be sent to the site."

Under the amendment, pornographic providers can get a hard time from the BBFC's non-compliance notices. Thrusting fines of up to $250,000 or five per cent of turnover can be issued to British porn sites and overseas firms can be blocked from accepting payments via Visa or MasterCard from UK viewers.

(1st December 2016)



MPs URGED TO END DELAYS TO EMERGENCY SERVICE 4G SYSTEM ON TUBE

(London Evening Standard, dated 24th November 2016 author Nicholas Cecil)

Full article [Option 1]:

www.standard.co.uk/news/transport/mps-urged-to-end-delays-to-emergency-service-4g-system-on-tube-a3403451.html

A senior MP today warned of a delay in the introduction of a new emergency communications system on the Underground.

Meg Hillier, chairwoman of the Commons public accounts committee, issued the alert after hearing evidence from Whitehall officials on the proposed 4G network.

One of them, the Government's national technology adviser Liam Maxwell, told how he was being kept awake at night by his concerns about bringing in the new system on the Tube.

A communications system called Airwave was introduced on the Tube after the July 7 terror attacks in 2005.

Now, the Government is seeking to bring in a new system for the emergency services across the country, including on the Tube.

The Emergency Services Network (ESN) aims to make high-speed data more readily available to police, fire and ambulance crews, to better exploit new technologies and be cheaper.

It was due to start being introduced in London next year and run in parallel with Airwave for a period.

But there are growing concerns over the project, with key talks still to take place between the Home Office and Transport for London. Delays could add to the cost of the £1.2 billion scheme.

"All of us who lived through 7/7 will be alarmed that the key issue of our police, ambulance crews and firefighters being able to communicate on the Underground is still not sorted," said Ms Hillier.

"This deal needs to be tied down in the next month."

Mark Sedwill, the Home Office's permanent secretary, told the committee it was very much in the interests of Mayor Sadiq Khan "to be part of the solution" given his responsibilities for TfL and security.

But a review by Lord Harris of Haringey of London's readiness for a terrorist attack put the Home Office in the spotlight.

He said he was "very concerned" the new system might not operate effectively on the Tube and recommended that Airwave should not be switched off until it can be shown ESN would work to the satisfaction of police and TfL.

A spokesman for Mr Khan said: "He is considering the recommendations of Lord Harris and will be taking this issue up with TfL and the Home Office to ensure everything possible is done to aid emergency communications."

(1st December 2016)



AI LEARNS TO PPREDICT IF PEOPLE ARE CRIMINALS FROM THEIR FACIAL FEATURES

(The Telegraph, dated 24th November 2016 author Cara McGoogan(

Full article [Option 1]:

www.telegraph.co.uk/technology/2016/11/24/minority-report-style-ai-learns-predict-people-criminals-facial/

Researchers have created a machine that they claim can tell if a person is a convicted criminal simply from their facial features.

The artificial intelligence (AI), created at Shanghai Jiao Tong University, was able to correctly identify criminals from a selection of 186 photos nine out of 10 times by assessing their eyes, nose and mouth.

The findings add support to an often-discredited view that criminals have particular facial features, suggesting that the structure of someone's face, including "lip curvature, eye inner corner distance, and the so-called nose-mouth angle", can identify criminality.

It would be highly controversial if applied, but raises fears that China could add such information to its surveillance capabilities, which already include a dossier on almost everyone called dang'an. The files, collected since the Mao era, contain personal and confidential information such as health records and school reports.

As part of the research, Xiaolin Wu and Xi Zhang trained the artificial intelligence with around 1,670 pictures of Chinese men, half of whom were convicted criminals. The pictures analysed were taken from identification cards in which the men, aged 18 to 55, were clean-shaven and holding neutral poses.

Having taught the system, Mr Wu and Mr Xiang then fed it a further 186 images and asked it to sort them into criminals and non-criminals.

The accuracy of its guesses, which were based on features it associates with criminality, led the researchers to claim that, "despite the historical controversy", people who have committed a crime have certain unique facial features.

"The faces of general law-abiding public have a greater degree of resemblance compared with the faces of criminals, or criminals have a higher degree of dissimilarity in facial appearance than normal people," said Mr Wu and Mr Xiang.

More research is required to cover different races, genders and facial expressions before the tool could be widely used.

The research could add to China's vast security apparatus, which already includes AI-based "predictive policing".

Earlier this year, Beijing hired the China Electronics Technology Group, the country's largest defence contractor, to create an AI that can analyse the behaviour of people in CCTV footage for signs that they're about to commit an act of terror.

Once complete, the system will be used to predict "security events" so that police or the military can be deployed in advance.

Digital rights experts warned that using AI in this way could be dangerous and that "reaching generalised conclusions from such small data poses huge problems for innocent people".

Dr Richard Tynan, technologist at Privacy International, said: "This is no different than Craniometry from the 1800s, which has been debunked. In fact, the problem runs much deeper because it can be impossible to know why a machine has made a certain decision about you.

"It demonstrates the arbitrary and absurd correlations that algorithms, AI, and machine learning can find in tiny datasets. This is not the fault of these technologies but rather the danger of applying complex systems in inappropriate contexts."

(1st December 2016)



SNAIL MAIL THIEVES FEED INTERNATIONAL IDENTITY THEFT RING SAY OZ COPS

(The Register, dated 23rd November 2016 author Simon Sharwood)

Full article [Option 1]:

www.theregister.co.uk/2016/11/23/snail_mail_id_theft/

You may run security software, encrypt everything, protect your very complex passwords and use two-factor authentication for everything, but the humble mailbox and the snail mail it contains can still see your identity stolen.

So say Police in the Australian State of New South Wales, where Fraud and Cybercrime Squad detectives say they have "established direct links between international identity thieves and the large-scale theft of residential mail".

Your correspondent has experience of this attack: friends noticed a bank statement envelope open in their letterbox and months later learned that parties unknown had used the information in the letter to socially engineer a bank call centre and establish a new user for an internet banking account. Months later, thousands of dollars disappeared*.

NSW Police say this kind of attack has now been industrialised, with folks called "boxers" wielding tools to pop simple locks and making organised raids on apartment buildings where the pickings are rich. The resulting haul of financial statements and bills are then sold to offshore criminals.

Police recommend applying your very own sturdy padlock to letter boxes as a deterrent, and suggest apartment buildings might care to point a CCTV camera in the direction of the problem. And if you take a holiday, ask a mate to clear your box before its bulge signals rich pickings.

(1st December 2016)



CYBER CRIMINALS HOLD PARENTS TO RANSOM FOR CHRISTMAS HIT TOYS

(London Evening Standard, dated 23rd November 2016 author Mark Blunden)

Full article [Option 1]:

www.standard.co.uk/news/crime/cyber-criminals-hold-parents-to-ransom-for-christmas-hit-toys-a3402571.html

Cyber criminals are targeting British parents desperate to get their hands on this year's must-have Hatchimal toys for Christmas, experts warned today.

Online security firm Sophos told Londoners bargain-hunting on Black Friday - the shopping frenzy ahead of the festive season - to be extra vigilant for slick-looking emails offering "buy now" deals on the sold-out creatures.

The £60 Hatchimals are not available for delivery or collection at Argos and are selling for £100 and more on eBay.

John Shier, senior security adviser at Sophos, said: "Cyber criminals love to take an opportunity with seasonal events like Black Friday and Cyber Monday.

"There's going to be an increase in spam emails trying to entice you to click on a link for a Black Friday deal.

"Market forces have made Hatchimals a very wanted, but unavailable, item and parents are doing what they can to get one.

So an email lands in your inbox offering a Hatchimal or an iPhone 7 at a discounted price, click on this link to get one.

"A bunch of things can happen, including the 'bait and switch', that says in order to get the product you have to fill out a survey or all sorts of other tricks.

"But they're just generating money for themselves and you get nothing." Mr Shier said "buy now" spam emails captured by Sophos have an increasingly polished quality that no longer stick out with a "poor look, spelling and grammar", many using images from websites such as Amazon and similar-looking web addresses.

In the worst cases, clicking on links in emails has led to increasing numbers of people getting their computer taken over and locked by criminals, who demand a ransom to reinstate it.

Mr Shier said: "Ransomware is quite a prevalent threat. The UK, US, Canada and Germany are especially targeted for the simple reason we can afford to pay up."

(1st December 2016)



MPs CALL FOR "WALTER MITTY" LAW TO PROSECUTE FAKE MILITARY HEROES

(The Guardian, dated 22nd November 2016 author Maev Kennedy)

Full article [Option 1]:

www.theguardian.com/politics/2016/nov/22/mps-walter-mitty-law-prosecute-fake-military-heroes-medals

A new law is needed to criminalise impostors wearing military medals and decorations, the parliamentary defence committee has said, despite admitting there is only anecdotal evidence for the extent of it.

Julian Lewis, chair of the committee whose report is published on Tuesday, described the impostors as "contemptible fantasists".

"Military impostors commit a specific harm that requires a specific criminal sanction. Other countries have sought to maintain these sanctions, for reasons of deterrence and punishment, while the United Kingdom has foolishly disposed of them," he said.

"We support the aim of the bill to remove this anomaly, and have called our report Exposing Walter Mitty, because those who seek public admiration by pretending to have risked their lives are contemptible fantasists who need to be deterred."

The committee says the law, which dates to the aftermath of the first world war, should have been revised rather than scrapped in 2006.

The Ministry of Defence was wrong to decide that impostors could be prosecuted under other offences, and that there was a lack of clarity in the law, the committee says. It supports a private member's bill, the awards for valour (protection) bill, sponsored by Gareth Johnson, the Conservative MP for Dartford, which is scheduled to have its second reading in the Commons on Friday.

"The committee concludes that the deceitful wearing of decorations and medals is a specific harm which is insulting to the rightful recipients of these awards, damaging to the integrity of the military honours system and harmful to the bond between the public and the armed forces. This specific harm was considered to require a specific criminal sanction."

The report insists there is a "strong body of anecdotal evidence" of "tangible and identifiable harm", but concedes the incidence is difficult to determine from official statistics. "The experience of encountering military impostors among the service charities which submitted evidence also seems to vary."

Internationally, the report notes that other countries have criminalised the deceitful use of decorations and medals, "to the extent that the lack of such protection in the United Kingdom can be considered exceptional".

In 2009 a Warwickshire man, Roger Day, was arrested and pleaded guilty to wearing 17 medals and an SAS tie pin when he joined a Remembrance Day parade. He was later reported to have sold the medals, which his wife had bought for him, believing she was replacing ones he had genuinely earned. The case against him was later withdrawn.

At the time the MoD said the case was unusual because most of those who impersonated veterans were trying to extort free meals or drinks, or a bed for the night, rather than wanting to show off their decorations in public.

(1st December 2016)



ON AVERAGE 50% OF SURVEYED BUSINESSES ADMITTED TO SUFFERING A RANSOMWARE ATTACK

(Computer World, dated 21st November 2016 author Darlene Storm)

Full article [Option 1]:

www.computerworld.com/article/3142779/security/half-of-surveyed-us-businesses-admitted-to-suffering-a-ransomware-attack.html

Expect to hear more, not less, about ransomware next year.

A recent survey of 500 businesses revealed that nearly half were slammed by a ransomware attack within the last 12 months; 85 percent suffered from three or more attacks, with six being the average for how many times an organization was a victim of ransomware.

If you narrow the SentinelOne survey (pdf) down from cybersecurity decision makers in U.S., UK, France and Germany, to look at only U.S. respondents, then 50 percent admitted to being successfully attacked in the last year. That's slightly higher than the overall worldwide picture of 48 percent suffering from a ransomware attack in the last 12 months.

Number of businesses suffering a ransomware attack in the last 12 months (based on respondents)

UK : 39%
US : 50%
France : 52%
Germany : 51%

Eighty one percent of those surveyed said the hackers gained access to their networks via phishing emails or social media. Fifty percent were hit via drive-by-downloads after visiting compromised sites. Forty percent were infected through a computer that was part of botnet.

Being slammed with ransomware numerous times was enough for half of the companies to lose faith in traditional security measures such as antivirus and a third felt "helpless to defend their organization from new forms of ransomware." Although 68 percent said traditional cybersecurity techniques are unable to protect them, "only 42 percent would demand answers from their IT security vendors."

"Ransomware has become one of the most successful forms of cybercrime in 2016 and is on the top of every security professional's list of most prolific threats," said Jeremiah Grossman, chief of security strategy at SentinelOne. "It's not surprising to see high levels of apathy towards traditional antivirus software, and we don't expect the ransomware epidemic to slow down anytime soon. The situation is likely to get far worse, as some of the ill-gotten gains will be invested into research and development designed to improve encryption strength and utilize new delivery methods, as witnessed with Locky."

Reporting Crimes

Upon suffering a ransomware attack, respondent IT security departments would :

n = notify their CEO / Board
[n] = notify law enforcement

UK : 69% [50%]
US : 68% [57%]
France : 46% [49%]
Germany : 56% [59%]

The largest chunk of ransomware affected employee information, followed by financial data and then customer information. The victims believed financial gain, followed by disruption of business and then cyber espionage to be the most common motives for the attacks.

After being hit with ransomware, 67 percent upped spending on IT security. It took an average of 38 man hours for companies in the U.S. and Germany to replace the encrypted data with back-up data; for France the average was 37 hours and 22 hours for the UK.

Getting hit with ransomware would be bad enough, but imagine paying the ransom and then having the attacker come back and demand a second ransom? It happens; more and more people pay, but it's not like a cybercriminal's promise to decrypt upon receiving the first ransom is a sterling guarantee that the victim's files will be decrypted.

Grossman believes that unlockers - the decryption keys to unlock ransomware-encrypted files which are released to the public by security experts - may not be something people can hope for in the future. Right now, some crooks reuse the same key for all their ransomware infections; once a security researcher gets hold of the key, then they offer it to the public since it works for other victims of the same ransomware to decrypt their files.

"I personally think that era, the era of unlockers, is short lived," Grossman told CSO. "Some of the bad guys are still in amateur mode, but we can expect the malware families to grow in sophistication and effectiveness. The bad guys will move almost universally to asynchronous encryption."

Some experts believe traditional ransomware will move over to doxware; if the demanded ransomware is not paid, then the files, photos, videos or whatever the cybercriminal locked up, will be leaked online.

Backup is great advice, but that won't help if doxware actually catches on.

(1st December 2016)



END LONDON'S ROLE AS A CLEARING-HOUSE FOR DIRTY MONEY

(The Guardian, dated 20th November 2016 author Tristram Hunt)

Full Article [Option 1]:

www.theguardian.com/commentisfree/2016/nov/20/london-property-dirty-money-clearing-house-property-market

London, that great cesspool into which all the loungers and idlers of the Empire are irresistibly drained" was what Sherlock Holmes's companion, Dr Watson, thought of the capital. Well, this week a cross-party coalition of MPs will be trying to drain the mire of its dirtiest elements.

The government's criminal finances bill, with its crackdown on unexplained foreign wealth, secretive shell companies and high-level tax evasion, is a smart attempt to end London's culture of money-laundering. But if we are really going to stop the capital's property being used as a reserve currency by global kleptocrats, we have to go further. For London's historic place at the heart of the empire has endowed it with the networks and skills, from the Square Mile to Caribbean tax havens, to become one of the world's leading hubs for the dispersal and camouflaging of dubious funds.

In the late 19th century, as the scramble for Africa extended the British empire, London's banks and accountancy firms funnelled cash around the colonies. Joseph Chamberlain called the City "the clearing-house of the world", financing mining in New South Wales and tea plantations in India. In EM Forster's Howards End, Henry Wilcox is said to have the "colonial spirit" as he successfully enriches himself at the Imperial and West Africa Rubber Company. With the capital flowed the ships and steamers out of the Thames, sitting on board one of which was Joseph Conrad's traumatised Marlow, with his Congo tales of venturing "into the heart of an immense darkness".

The National Crime Agency says up to £90bn is laundered through the UK each year, while an estimated £120bn worth of UK property is owned by offshore shell companies. Some 75% of properties whose owners are under investigation for corruption made use of offshore corporate secrecy to hide their identities. And according to the director of the National Crime Agency, "the London property market has been skewed by laundered money. Prices are being artificially driven up by overseas criminals who want to sequester their assets here in the UK."

Those assets are far too often being extracted from developing nations desperately in need of tax revenues. A century on from Heart of Darkness, the Democratic Republic of the Congo still ranks near the bottom of the UN Human Development Index, with one in seven children dead before the age of five. And, as in Conrad's time, London's imperial connections are helping to facilitate the exploitation of this asset-rich nation. Diamond and mineral wealth is being extracted by political elites, funnelled via London to old remnants of empire in the overseas territories, then repatriated via Kensington townhouses back to the UK. Our financial, accountancy and property agents are the beneficiaries, the people of the DRC and househunters of London the losers.

When the Panama Papers revealed the extent of global tax haven exploitation, the government responded with the criminal finances bill. It introduces unexplained wealth orders to unearth the sources of suspect assets, gives crime agencies more time to investigate complex networks behind shell companies and goes after companies that assist with criminally facilitating tax evasion. I want to do more, with amendments that urge the publication of a list of UK property held by foreign companies so we can find out the real owners. We need companies convicted of a failure to prevent tax evasion to be excluded from public procurement. And I am supporting an annual parliamentary report on unexplained wealth orders so we create a culture change at the top of government.

We are told that much of London's success is because of its unimpeachable legal system and absence of corruption. But that is no good if, under the banner of the rule of law, we are also aiding and abetting exploitation.

In Surrey mansions and Mayfair sit the lost wealth, the never-built hospitals and unopened schools of too many developing nations. London still houses the loungers and idlers of empire, growing rich from the spoils of exploitation. It is time today's Sherlocks had the tools they need to straighten out the City's finances.

(1st December 2016)



A SEX ATTACK EVERY DAY IN BRITAIN'S UNIVERSITIES

(Mail on Sunday, dated 20th November 2016 authors Michael Powell and Matthew Davis)

Full article [Option 1]:

www.dailymail.co.uk/news/article-3953498/A-sex-attack-day-Britain-s-universities-Campaigners-urge-colleges-release-figures-amid-fears-number-assaults-higher.html

Hundreds of students are being raped and sexually assaulted in British educational institutions every year.

Shocking new figures reveal that at least 463 sex attacks were reported by female university students during the past two years - equating to one suspected victim a day during term time.

But rape crisis groups warned last night that the figures were likely to be a 'gross underestimate' after 28 top universities refused to release statistics.

Rachel Krys, from End Violence Against Women, said: 'These are disturbing numbers, but they are just the tip of the iceberg.

'There is a laddish culture at our universities that believes highly sexualised behaviour towards women is somehow acceptable - that it is all just banter. Universities are not doing enough to tackle this problem.'

Figures from 70 leading institutions show the majority of alleged offenders were male students. Male tutors were accused of being the culprits in a handful of cases.

The University of Oxford and Durham University had the largest number of recorded rape and sex assault allegations in the past two years, with 36 incidents apiece.

At Cambridge, a male tutor was accused of sexually assaulting a female student. Similar tutor-pupil sex allegations were made at Lincoln, Glasgow, Kingston and East Anglia universities.

In London, there were 15 claims of sexual assaults at the School of Oriental and African Studies, two attacks in the halls of residence at the University of Westminster and three reported at London South Bank University.

Falmouth University had 16 reports of suspected sex assaults, including one on a male student.

Hareem Ghani, National Women's Officer at the National Union of Students (NUS), said: 'This data shows that incidents, whether perpetrated by students or by staff, are far too common for women students.'

An NUS survey previously revealed that one in seven women claimed to have experienced a serious physical or sexual assault while studying at university. More than a third said they sometimes felt unsafe visiting their university in the evening.

Almost a third of universities contacted by The Mail on Sunday refused to reveal how assault allegations were made. Fourteen institutions - including Warwick, Nottingham Trent and York universities - even claimed that such disclosure under the Freedom of Information Act would breach confidentiality rules.

Ms Ghani said: 'There is an urgent need for institutions to be transparent about the prevalence of sexual violence affecting their students.

'This includes implementing a centralised reporting system so that incidents can be effectively monitored and to ensure survivors are being properly supported.'

A Government inquiry was launched last year to tackle violence against women at universities. A task force of university heads has also been set up to 'bring about a cultural change'.

Spokesmen for Oxford and Durham universities both said their figures were higher than other universities because students felt more confident in reporting cases to them.

(1st December 2016)



THREE MOBILE HACK : PERSONAL DATA FROM MILLIONS OF CUSTOMERS AT RISK AS CYBERCRIMINALS STRIKE

(International Business Times, dated 17th November 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/three-mobile-hack-personal-data-millions-customers-risk-cybercriminals-strike-1592158

Three Mobile, one of the UK's biggest phone companies, has reportedly suffered a hack on its computer systems that put the personal data of roughly six million of its customers at risk.

The information reportedly accessed by hackers included names, phone numbers, addresses and dates of birth, however officials from the popular telecommunications firm stressed it is not believed financial details such as banking or credit card numbers were stolen.

Sources close to the incident told The Telegraph that private data of "two thirds of the company's nine million customers" could now be vulnerable.

Three Mobile confirmed hackers were able to access its customer upgrade database using employee login credentials but declined to comment on the scale of the breach or if customer data was successfully stolen.

While the exact details of the hack are still coming to light, Three Mobile said it believes the hackers accessed customer accounts, requested upgrades then intercepting the new phones while they were being delivered - possibly with the intention to sell them on.

In a statement, a spokesperson for Three Mobile said: "Over the last four weeks Three has seen an increasing level of attempted handset fraud. This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices.

"We've been working closely with the police and relevant authorities. To date, we have confirmed approximately 400 high value handsets have been stolen through burglaries and eight devices have been illegally obtained through the upgrade activity.

"In order to commit this type of upgrade handset fraud, the perpetrators used authorised logins to Three's upgrade system. This upgrade system does not include any customer payment, card information or bank account information. The investigation is ongoing and we have taken a number of steps to further strengthen our controls."

The National Crime Agency (NCA), which is now probing what could be one of the most widespread hacking cases to hit the UK said three people have been arrested - two on computer misuse charges and one for perverting the course of justice.

An NCA spokesperson said: "On Wednesday 16 November 2016, officers from the National Crime Agency arrested a 48-year old man from Orpington, Kent and a 39-year old man from Ashton-under-Lyne, Manchester on suspicion of computer misuse offences, and a 35-year old man from Moston, Manchester on suspicion of attempting to pervert the course of justice.

"All three have since been released on bail pending further enquiries. As investigations are on-going no further information will be provided at this time".

News of the breach comes after recent cybersecurity incidents at Tesco Bank and TalkTalk - both of which significantly impacted UK consumers. On 1 November, UK chancellor Phillip Hammond MP issued a warning about the rising threat of cybercrime.

Three has advised concerned customers to call 333 on a Three mobile phone or 0333 338 1001 from another phone to get more information about the breach.

-----------------------
THREE MOBILE CONFIRMS PERSONAL DATA OF OVER 133,000 CUSTOMERS COMPROMISED IN MASSIVE BREACH
(International Business Times, dated 19th November 2016 author Hyacinth Mascarenhas)

Full article [Option 1]:

www.ibtimes.co.uk/three-mobile-confirms-personal-data-over-133000-customers-compromised-massive-breach-1592395

Three Mobile has confirmed that personal customer information from over 133,000 customers has been compromised in a massive data hack. The UK mobile network said that no bank details, passwords or financial information had been accessed in the cybersecurity breach.

"As you may already know, we recently became aware of suspicious activity on the system we use to upgrade existing customers to new devices," Three CEO Dave Dyson said in a statement. "Once we became aware of the suspicious activity, we took immediate steps to block it and add additional layers of security to the system while we investigated the issue.

"On 17th November, we were able to confirm that 8 customers had been unlawfully upgraded to a new device by fraudsters who intended to intercept and sell on those devices. I can now confirm that the people carrying out this activity were also able to obtain some information," the statement read.

Dyson said that personal information from 133,827 customer accounts were obtained in the breach. However, "no bank details, passwords, pin numbers, payment information or credit/debit card information" are stored on the upgrade system," he said.

According to the company's investigation of the upgrade system, information regarding "whether they are a handset or SIM only customer, contract start and end date, handset type, Three account number, how long they've been with Three, whether the bill is paid by cash or card, billing date and name" for more than 107,000 customers could have been obtained in the breach.

For another 26,725 customers, information including name, address, date of birth, email address, telephone number, handset type, marital and employment status, Three account number, whether they are a handset or SIM-only customer, contract start and end date and how long they have been a Three customer were possibly accessed in the cyberattack.

"We believe the primary purpose of this was not to steal customer information but was criminal activity to acquire new handsets fraudulently," Dyson said. He added that the company is working closely with law enforcement agencies and has been contacting all affected customers individually. Additional security measures have also been placed on customer accounts, the company said.

The company has drawn sharp criticism from users on social media for failing to immediately contact and inform customers about the breach that was reported by the Telegraph.

Earlier this week, the National Crime Agency said that three people have been arrested in connection to the data breach, including two men from Manchester and one man from Kent. Two of the men were detained under the Computer Misuse Act and one on suspicion of attempting to pervert the course of justice, the NCA said. All three men have been released on bail "pending further enquiries."

The latest data breach follows a series of cyberattacks and massive data hacks including one on TalkTalk in October 2015. The company was recently fined a record £400,000 by the Information Commissioner's Office (ICO) over the 'easy' hack in which 157,000 customers had their personal details stolen. In another nearly 157,000 cases, the attacker had access to customers' bank account details and sort codes.

------------------------
HACKERS ARRESTED IN THREE MOBILE UPGRADE SCAM (Extract)
(Computer Weekly, dated 18th November 2016 author Warwick Ashford)

Full article [Option 1]:

www.computerweekly.com/news/450403170/Hackers-arrested-in-Three-mobile-upgrade-scam?utm_medium=EM&asrc=EM_EDA_68215811&utm_campaign=20161118_Hackers%20arrested%20in%20Three%20mobile%20upgrade%20scam&utm_source=EDA

The case is reminiscent of the data breach at UK-based accounting software firm Sage in August 2016, when an internal login was used to gain unauthorised access to employee data at nearly 300 UK firms.

In that case, police arrested a woman who was employed by the software company, but Three would not tell Computer Weekly whether any of those arrested were current or former employees of the organisation, saying the matter was "still under investigation".

The National Crime Agency (NCA) said it had arrested a 48-year-old man from Orpington, Kent, and a 39-year-old man from Ashton-under-Lyne, Greater Manchester, on suspicion of computer misuse offences.

A 35-year-old from Moston, Greater Manchester, was arrested on suspicion of attempting to pervert the course of justice, and all three have been released on bail pending further enquiries, the NCA said.

Most organisations in Europe rely on outdated security technologies, exposing them to breaches by malicious or hapless insiders, a report reveals.

Malicious employees are usually the focus of insider threat protection efforts, but accidents and negligence are often overlooked data security threats.

This report from analyst group Quocirca looks at the challenges faced by organisations when it comes to the insider threat and the protection of sensitive information.

The compromised database was reportedly used to find customers eligible for mobile phone upgrades so that new phones could be ordered, deliveries intercepted and the devices sold for profit.

Three has been quoted as saying it has seen an increase in phone thefts and upgrade scams recently, including at least eight cases of handset upgrades being ordered and then stolen while in transit.

-----------------------
(1st December 2016)



FIRST POLICE STATION WITH NO FULL-TIMERS IS LED BY WAITROSE MANAGER

(The Telegraph, dated 18th November 2016 author Tom Ough)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/11/18/first-police-station-with-no-full-timers-is-led-by-waitrose-mana/

A rural police station led by a Waitrose part-timer is believed to be the first in the country with no front-line officers.

Hucclecote police station in Gloucestershire once had several full-time police officers and a sergeant patrolling the streets.

But thanks to budget cutbacks it is now staffed by a team of 10 special inspectors, who are not fully trained or paid.

In charge of them is Richard Godfrey, 29, who works on a voluntary basis around his full-time job as a branch manager at Waitrose.

"It's quite a juggle," he said, "especially as I have a wife and day job." But he said that his team can do everything the regular force can, and added: "When you get into it, it becomes a life changer."

Locals expressed fears that "special constabularies" will become the norm for hard-up forces across the country in the future, with some describing them as "hobby bobbies". Others claim that communities will suffer with no police officers having the required experience and training.

Specials were brought in to patrol the area and attend incidents of antisocial behaviour after residents complained about the lack of police presence in the area.

Last year's cuts to the force's budget means Gloucestershire Constabulary is now 20th in the list of fewest officers protecting the public in the country out of 43 forces.

New figures reveal that there is only one police officer on duty at night in Gloucestershire to protect 5,400 people - in a county of nearly 900,000. And on average Gloucestershire has 115 response officers available at night.

But Gloucestershire's Police and Crime Commissioner, Martin Surl, defended the officers - and said they are a necessary asset. "Specials already work alongside full time officers on the frontline and on specific operations and, like all volunteers, their commitment is not in dispute."

Crimes reported in Hucclecote in September 2016 (Source: police.uk)

Anti-social behaviour: 26
Vehicle crime: 10
Violence and sexual offences: 8
Shoplifting: 8
Criminal damage and arson: 7
Theft from the person: 3
Burglary: 3
Other theft: 3
Public order: 1
Robbery: 1
Drugs: 1

(1st December 2016)



POLICE "UNABLE TO KEEP UP WITH RISE IN DOMESTIC VIOLENCE CASES"

(London Evening Standard, dated 16th November 2016 author Justin Davenport)

Full article [Option 1]:

www.standard.co.uk/news/crime/police-unable-to-keep-up-with-rise-in-domestic-violence-cases-a3396966.html

Scotland Yard is failing to keep pace with a surge in the number of reports of domestic violence offences in London, a report warned today.

Although figures show a six per cent rise in cases of domestic abuse last year, the proportion of people being charged with offences has fallen.

The study by the London Assembly Police and Crime Committee blames extra pressure on police for the widening gap between the number of recorded cases and prosecutions.

There were more than 150,000 domestic abuse incidents and over 17,000 sexual offences, including nearly 6,000 rapes, in the capital in the 12 months to September.

In the same period only 28 per cent of domestic offences resulted in a charge, caution or other outcome, as against 41 per cent of the total four years earlier.

The committee found that prosecution rates against perpetrators of sexual violence were rising but the figures remained low. In the year to September, 16 per cent of sexual offences resulted in action, compared to just 10 per cent in 2012.

The study found that the number of reports of domestic abuse and sexual violence had risen by 11 per cent year on year in the past four years. Cases of domestic violence had soared by 57 per cent over the same period.

The committee said the rise in the number of reports of rape and sexual assault was expected to continue.

Steve O'Connell, the Tory chairman of the Police and Crime Committee, said: "While the rise in reporting should be seen as a success - as more victims gain confidence to come forward - there is a risk that this confidence will be lost if the resources available do not meet demand. Complainant confidence in the police, which is hard won, will be undermined."

(1st December 2016)



PATIENT DATA FEARED AT RISK AS SEVEN NHS TRUSTS "SPENT NOTHING" ON CYBERSECURITY IN 2015

(International Business Times, dated 16th November 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/patient-data-feared-risk-seven-nhs-trusts-spent-nothing-cybersecurity-2015-1591852

Seven National Health Service (NHS) trusts serving over two million people in the UK reportedly failed to spend a single penny on cybersecurity protections last year - a discovery that could leave sensitive medical information vulnerable to exploitation by cybercriminals.

NHS trusts are set up to offer hospital services to geographic areas and can often be responsible for thousands of patients at a time. According to official statistics, the NHS deals with one million patients every 36 hours. Now, an investigation by Sky News has claimed the data of these users has been left at risk to "relatively unskilled" hackers.

Working alongside enterprise-facing security and penetration testing firm Hacker House, the probe reportedly found misconfigured email servers and outdated software and security certificates. Researchers also uncovered NHS trusts' emails and passwords.

Using Freedom of Information requests, Sky News said it received responses from 97 NHS trusts in total. It said the annual spend for a single trust was £23,040 and that 45 trusts were "unable to specify" their cybersecurity budgets. Seven, it said, spent nothing.

In terms of breaches of sensitive data, the investigation found they had spiked from 3,133 in 2014 to 4,177 last year. Cybersecurity incidents have also been blamed for rocketing statistics - from eight in 2014 to 60 last year, Sky News reported.

Jennifer Arcuri, security expert with Hacker House, said: "I would have to say that the security across the board was weak for many factors. Out of date SSLs, out of date software, it was very clear that you could bypass any number of these trusts just by doing the right recon online."

Indeed, only last week, roughly 1,000 NHS patients were impacted by widespread cancellations at three UK hospitals after a computer virus infected critical computer systems. Ultimately, staff were forced to resort to pen-and-paper filing system and declare a "major incident".

Across the water, a slew of hospitals in the US were recently attacked by a notorious form of ransomware called Locky that - true to its name - locked down critical systems and demanded a payment from the hospital in order to hand back access.

In February, one healthcare facility paid hackers $17,000 (£12,000) in Bitcoin after being targeted. This payment, according to a number of security experts contacted by IBTimes UK at the time, only set a precedent for future attacks to take place.

"In today's connected world, not only do we need to worry about sensitive health data being stolen, there is also the possibility that hacks could shut down vital equipment and systems," said John Benjamin, a technology specialist and partner at London-based law firm DWF.

"We are seeing more and more types of medical devices join the health Internet of Things (IoT) which may be susceptible to hacks and provide cybercriminals with easy access to secure networks."

Additionally, cybersecurity firm NCC Group questioned 60 separate NHS trusts earlier this year and later revealed that nearly 50% of them had encountered ransomware in 2015. This, like many threats, often spreads via email phishing and can infect entire networks with a single click.

As previously reported, statistics released by Big Brother Watch claim that the NHS routinely faces up to 2,000 data breaches a year. Between 2011 and 2014, based on Freedom of Information requests, the healthcare system faced 124 separate incidents "related to IT systems".

(1st December 2016)




FOREIGN NATIONAL COULD BE HIRED AS MET POLICE COMMISSIONER

(London Evening Standard, dated 16th November 2016 authors Justin Davenport and Martin Bentham)

Full article [Option 1]:

www.standard.co.uk/news/crime/foreign-national-could-be-hired-as-met-police-commissioner-a3396976.html

A foreign national could be appointed as the new Metropolitan police commissioner, it emerged today as the post was officially advertised.

The Home Office advert states that a candidate from countries such as the United States, Canada, Australia or New Zealand could be appointed providing they have held the post of a police constable.

Current Met chief Sir Bernard Hogan-Howe announced his retirement in September and will step down in February. His decision leaves the Home Office and London Mayor Sadiq Khan little time to seek a replacement for £275,901-a-year role widely seen as the toughest job in policing.

Mr Khan said he was looking for the "best possible" person for the post. Sir Bernard took on the job five years ago in the wake of the early departures of Ian Blair and Paul Stephenson and lasted for the full term.

Among the favourites for the role are Assistant Commissioner Mark Rowley, Sara Thornton, head of the National Police Chiefs' Council, Stephen Kavanagh, Chief Constable of Essex, and former senior Met officer Cressida Dick, who now works for the Foreign Office.

Mr Khan, speaking at the London Assembly this morning, said: "The Metropolitan Police do an incredible service... It is therefore absolutely essential that we find the best possible person to take the Met forward over the coming years."

uaware question

If the new incumbent was not British what would their role as being in charge of anti-terrorism be ?
You cannot be a member of any of the British Security Services (MI5, MI6 and GCHQ) if you are not a British citizen !

Scenario - Commissioners job given to a US citizen, where does their loyalties lie ? Imminent attack on either Houses of Parliament or the US Embassy (intelligence is fuzzy). Where would they send armed Met police ?

(1st December 2016)



EU EYES US-STYLE SCREENING SYSTEM FOR TRAVELLERS

(Euronews, dated 16th November 2016)

Full article [Option 1]:

www.euronews.com/2016/11/16/eu-eyes-us-style-screening-system-for-travellers

The EU plans to create a US-style security screening system as part of efforts to fight terrorism.

Travellers from visa waiver countries will have to pay five euros and fill out an online clearance form; any approved application would then be valid for five years.

They would then be able to move freely across Europe's Schengen zone, a passport-free area made up of 26 countries.

American officials introduced their version after the attacks on September 11th, 2001.

The deadly attacks on Paris and Brussels last year, in which a total of 162 people were killed, have spurred Europe's security clampdown.

"By spotting problem individuals and stopping them from coming, we'll enhance Europe's internal security," said Julian King, the EU's security czar.

The Commission aims to get this new travel clearance system in place by 2020.

uaware comment

Its odd that in the short time since the referendum that EU has decided to set up a screening system that will be operational by 2020.

Top 10 countries visited by UK residents for at least 1 night, 2015
Source: International Passenger Survey (IPS) - Office for National Statistics

Link : www.ons.gov.uk/peoplepopulationandcommunity/leisureandtourism/articles/traveltrends/2015#uk-residents-visits-abroad

Spain : 12,988,000
France : 8,849,000
Italy : 3,533,000
Republic of Ireland : 3,504,000
USA : 3,503,000 (Included for comparison only)
Portugal : 2,602,000
Germany : 2,592,000
Netherlands : 2,548,000
Greece : 2,314,000

Note 1: UK residents may make multiple journeys during the course of a year.
Note 2. The number of trips to Spain may reflect the number of British Citizens living in there.

(1st December 2016)



BRITISH POLITICIANS SIGN OFF ON SURVEILLANCE LAW

(The Register, dated 16th November 2016 author Alexander J Martin)

Full article [Option 1]:

www.theregister.co.uk/2016/11/16/british_pols_sign_off_on_surveillance_law/

The UK's Investigatory Powers Bill has completed its passage through parliament and now only awaits Her Majesty's stamp of approval before becoming law.

Also known as the Snoopers' Charter, the legislation has been criticised as being among the most onerous in the world upon the civilian population, and will require British ISPs to retain a curtailed form of their customers' internet browsing histories - including what websites they had visited - for 12 months so that various authorities could request it for investigative purposes.

Additional powers are legislated for, including offensive hacking, despite concerns about the State finding an appropriate balance between creating and patching exploits, and the collection of bulk personal data by government spies for the sake of running enormous queries on surveillance data sets.

Despite opposition from other parties, the majority Conservative and second-majority Labour parties saw the bill pass through in both of the houses of parliament - the Conservative party by voting for it, the Labour party by refusing to vote against it and instead abstaining.

Although there was a minor delay in which the House of Lords quibbled with the government over the separate issue of the regulation of the press, the bill is now set to become law by the end-of-year deadline set by Theresa May, with the Lords having recognised that they couldn't throw a tantrum at the Commons indefinitely.

May had published the first draft of the Investigatory Powers Bill in November 2015, alongside a confession that successive British governments had been issuing secret directives to telcos to intercept their users' communications.

Lawmakers applauded themselves that such secret surveillance was now being more explicitly codified in statute. They spoke with similar tact when Theresa May - then Home Secretary - claimed that it only introduced the one new power "requiring communications service providers to retain internet connection records when given a notice by the Secretary of State."

(1st December 2016)



RECRUITER PAGE FALLS VICTIM TO HUGE CYBER ATTACK

(London Evening Standard, dated 11th November 2016 author Simon English)

Full article [Option 1]:

www.standard.co.uk/business/recruiter-page-falls-victim-to-huge-cyber-attack-a3393326.html

More than 700,000 job-seekers on the books of recruitment giant Michael Page had their details hacked in one of the biggest security breaches to hit a British firm, the Evening Standard can reveal.

An email to job-seekers from Page's marketing director Eamon Collins warns that "an unauthorised third party illegally gained online access" to sensitive data just days ago.

Although Page, a FTSE 250 company valued on the stock market at £1.2 billion, insists the hackers had no "malicious intent", it admits that the security breach is "deeply disappointing and of serious concern".

Coming days after Tesco Bank revealed that 40,000 accounts had been hacked and money stolen, possibly by internet gangsters based in Brazil, this latest incident will heighten concern about web security.

Page says email addresses, passwords, phone numbers and private job applications were all accessed.

Collins said in the email to job-seekers: "We will continue to work to understand fully how the breach has occurred and to ensure it does not happen again."

One of the affected Page Group job-seekers told the Standard: "My personal details were breached - not good. First Tesco, now this. What's next? The internet is not secure at all."

The company says it worked "non-stop" with IT provider Capgemini to fix the issue - 711,000 accounts were affected in all, some in the Netherlands and China.

"Because of the nature of the data, there is limited risk of fraudulent activity," Page said. "We requested that the third party destroys all copies of the data and they have confirmed they have already done so."

No party involved would confirm the identity of the hacker, but it is understood that this is not the first time they have targeted a major group.

Cliff Moyce at tech consultants DataArt said: "This type of occurrence - personal, sensitive and confidential information becoming discoverable through clicking on certain commands within websites - is endemic.

"Following professional standards for infrastructure management, development, testing, database management, etc will prevent it happening."

Capgemini said in a statement: "Our work has established that this was not a malicious attack."

Founded in 1976, Page describes itself as one of the world's best-known and most respected recruitment consultancies.

It places people in some of the City's top jobs as well as finding jobs for temporary office staff.

(1st December 2016)



POLICE FORCE CONSIDERS BRINGING BACK ICONIC HAT TO HELP SHORT OFFICER STAND OUT FROM THE CROWD

(The Telegraph, dated 11th November 2016 author Leon Watson)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/11/11/police-force-considers-bringing-back-iconic-hat-to-help-short-of/

The iconic tall British police helmet is making a comeback as officers look to stand out from the crowd.

Known as the custodian, the traditional bobby on the beat helmet famously worn by Dixon of Dock Green has been disappearing in recent years as forces opt for flatter, more modern headgear.

But now Thames Valley police, one of the forces which scrapped the hard woodentop, is considering reintroducing them on a trial basis.

Anthony Stansfeld, the police and crime commissioner of Thames Valley police, told The Times they could be brought back into use in Reading town centre.

He suggested that shorter officers in modern peaked caps were not always visible to the public.

Mr Stansfeld said: "It's a daytime thing, people don't see the police very often I think. The officers are no longer all six foot, we have brains as well as brawn these days. I think it would be a good move but that is a personal view and we will do a consultation on it."

No cost estimate has yet been revealed for the revival but Tony Page, the deputy leader of Reading borough council, gave it his backing.

Mr Page said: "On the helmets proposal, I can indicate we would be up for working with you on that. We would obviously like a bit more detail. We would be up for working with thepolice on trialling a helmet initiative in the town."

In 2009 Thames Valley police officers switched from traditional uniforms to black combat trousers and polo shirts, although a plan to introduce baseball caps was scrapped.

West Yorkshire police ended the use of traditional helmets last year, arguing that peaked caps were less likely to fall off and could be worn in a car.

The custodian helmet, which replaced the top hat formerly in use, was first used by the Metropolitan police in 1863.

Originally made of cork and covered by felt or serge, it was based on the spiked Pickelhaube worn by the Prussian army. Later they were made from hard-wearing plastic.

Over the years it became a cultural icon: one of the most famous images of the miners' strike of 1984-85 showed a picket wearing a toy helmet facing a line of helmet-clad police at Orgreave.

A helmet was used to protect the modesty of Michael O'Brien, who streaked at Twickenham in 1974.

The equivalent for female officers is a "bowler" hat, which still affords the same protection as the male custodian.

From the 1930s to the 1960s, police in Brighton wore white helmets in the summer, as they kept the head cooler.

Other forces using the custodian helmet include Jersey, Guernsey, the Isle of Man, Gibraltar and Bermuda.

(1st December 2016)



POLICE ASK DRIVING INSTRUCTORS TO HELP THEM CRACK CRIME

(The Telegraph, dated 10th November 2016 auther Martin Evans)

Full article :

www.telegraph.co.uk/news/2016/11/10/police-ask-driving-instructors-to-help-them-crack-crime/

riving instructors are being recruited to help fight crime in the latest example of policing on the cheap.

Essex Police are asking people giving driving lessons to act as their eyes and ears in areas of high crime and contact them if they spot anyone acting suspiciously.

Those who sign up will be given crime maps so they know the worst areas and even descriptions of suspects to keep an eye out for.

Police also hope they will be able to make use of dashboard mounted cameras that many driving instructors now use, in order to film criminals in the act.

Dubbed Neighbourhood Watch on Wheels, the he scheme is being trialled in the Tendring district of Essex around Clacton-on-Sea, where police cuts have drastically reduced the numbers of bobbies on the beat.

The reduction in frontline policing comes at a time when burglaries in the area have soared, with drug addicts targeting properties to feed their habits.

Last year locals in nearby Frinton-on-Sea agreed to pay £100 each to fund a private security firm to patrol their streets.

District commander, Russ Cole, who is behind the driving instructor scheme, said he hoped it would help deter criminals and reassure the public.

He said: "Driving instructors seemed like an obvious choice - here is a group of professionals who are willing to help.

"Whilst they are doing their three-point turns and manoeuvres, they'll be keeping an eye out for suspects.

"We will be working with as many of the instructors as possible, sharing information with them, such as maps of where burglaries are taking place and descriptions of suspects.

"They are professional people and we trust them to teach young people to drive and they have dash cams which could prove invaluable.

"We are asking them to be our eyes and ears and to give us a call if they have any information."

But critics expressed concern that the system was ushering in policing on the cheap and asking driving instructors to do a job they were not trained to do.

Carly Brookfield the CEO of the Driving Instructors Association said: "While we would welcome the opportunity to work with the police to reduce crime this should be in the area of road safety, which is more aligned to the professional skillset and knowledge of a driver trainer, rather than spotting burglaries and assaults.

"Also, as distraction is one of the biggest causes of risk and accident while driving, I would be very concerned about instructors becoming distracted looking for crimes occurring off the road, while they are trying to teach motorists to concentrate on the roads."

Local driving instructor Kevin Carroll, 57, who runs the Benson school, said: "We'd more interested in reporting bad driving than burglaries. I'm not looking what's going on around me when I'm teaching students how to drive. I look at the road."

Steve Taylor from the Essex Police Federation said: "This idea is about making the most of the resources we have. It is looking for more creative ideas to have partners in the community and this won't be the only resources in that area."

(1st December 2016)



NATIONAL CRIME AGENCY WEBSITE BRIEFLY DOWN AFTER HACKERS LAUNCH DDoS ATTACK

(International Business Times, dated 10th November 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/national-crime-agency-website-briefly-down-after-hackers-launch-ddos-attack-1590833

The National Crime Agency (NCA), considered to be the UK's version of the FBI, was hit by hackers. The public-facing website of the NCA was briefly taken offline after a DDoS attack on 9 November, according to reports. At the time of writing, the website appeared to be struggling to remain online as several attempts to access it saw it intermittently going offline.

An NCA spokesperson claimed the agency's site was "an attractive target" and that targeted "attacks on it are a fact of life", the Register reported. He confirmed that the attack did not cause a security breach, deeming DDoS a "blunt form of attack which takes volume and not skill."

"It isn't a security breach, and it doesn't affect our operational capability. At worst it is a temporary inconvenience to users of our website", the agency added.

The agency also said it had "a duty to balance the value of keeping our website accessible with the cost of doing so, especially in the face of a threat which can scale up endlessly." This indicates that the NCA may not be employing additional DDoS prevention services due to limited financing for its website security.

"The measures we have in place at present mean that our site is generally up and running again within 30 minutes, and we think that's proportionate," the agency concluded.

There is no indication yet of when the attack may have begun or what measures the NCA takes when under attack. It is also unclear as to the identity, location and motivation of the hackers.

The alarming rise and propensity of DDoS attacks, especially with the leveraging of vulnerable IoT devices, has caused widespread concern among the infosec community. The recent massive US internet outage, caused by the now-proliferate Mirai botnet has brought to light the effectiveness of DDoS attacks as a tool as well as shed light on the dangers of vulnerable IoT devices.

Recently, hackers have extensively leveraged the Mirai botnet in launching DDoS attacks against various targets. From targeting the websites of US president-elect Donald Trump and former Democrat presidential candidate Hillary Clinton, to taking the entire nation of Liberia offline, Mirai has had a primary role in numerous attacks. It is unclear if the attack against the NCA site also leveraged the Mirai botnet.

(1st December 2016)



LONDONERS MUST BEFRIEND NEIGHBOURS TO PREVENT BREAK-INS

(London Evening Standard, dated 10th November 2016 author David Churchill)
Full article [Option 1]:

www.standard.co.uk/news/crime/stop-breakins-by-getting-to-know-your-neighbours-a3392696.html

Police today called on more Londoners to befriend their neighbours in a bid to tackle a rise in burglary - as a poll revealed many do not know who lives next door.

The study, called "Burglary Britain", found 76 per cent of Londoners do not belong to any kind of neighbourhood watch group. Of these, more than 30 per cent said it was because they did not know their neighbours.

The survey, conducted by home technology firm Nest, found 58 per cent of Londoners had been victims of break-ins.

It also found 28 per cent of people did not think neighbourhood watches had any impact on stopping criminals, although 44 per cent would join such a scheme if it was digital.

The Met said there had been a "small" seasonal rise in burglaries in recent weeks because it gets darker earlier but added that overall numbers were down.

Chief Superintendent Sean Wilson, Scotland Yard's lead for burglary, said the figures reveal a pressing need for more Londoners to get to know their neighbours.

"It's important for any residents to know who lives next door to them, either side, above and below," he said.

"People really should know this and neighbourhood watch is an excellent vehicle for providing a framework in which people are kept up to date with time-frames, what is actually happening in their area and what to look out for.

"So if you have groups targeting the elderly for example, or groups who are targeting arts and antiques or family jewellery it just gives you a network. The message is, 'Look after your communities, look after each other'."

Met figures show there were 69,479 burglaries in the 12 months to September this year, down 2.9 per cent from 71,566 during the previous 12-month period. Nest surveyed 1,500 people across the UK for its study.

(1st December 2016)



MORE DRIVERS FACE BAN FOR USING MOBILES

(The Times, dated 9th November 2016 authors Graeme Paton and Sam Coates)
www.thetimes.co.uk [Option 1]

A loophole allowing motorists to avoid bans after being caught using a mobile phone will be closed, the Department for Transport said yesterday. New drivers, particularly those in their teens or early 20s, will no longer be able to take a re-education course as an alternative to a fine and penalty points. The courses have been criticised as a "soft-touch" response to driving offences and there is little evidence that they work.

The change forms part of a package of measures designed to stamp out the practice of phoning and texting on a hand-held mobile while driving. Ministers also confirmed plans outlined in September to double fines from £100 to £200 and increase the number of penalty points from three to six. It means that those with less than 2 years experience will be banned for a first-time offence because they have their licence revoked after 6 points. For other drivers the threshold is 12 points.

Theresa May said yesterday that she wanted to make using a mobile at the wheel as socially unacceptable as drink-driving. "A moment's distraction can wreck the lives of others for ever", she said. "We are determined to make our roads safer by taking action against those who flout the law".

The prime minster was speaking days after Tomasz Kroker, a Polish truck driver, was jailed for ten years for killing a mother and three children while using his phone as he travelled at 50mph. Mobile phone use was a contributory factor in 440 traffic accidents in Britain last year, 22 of them fatal, official figures show. However, the number of fines issued has fallen by 84% since 2011. Motoring groups blame a substantial drop in the numbers of police on the road.

The DfT's announcement comes after a sharp rise in the number of driver re-education courses being offered to offenders, prompting claims that they were merely a money spinner for police forces.

"Young drivers are the most likely group to be observed using as mobile phone while driving," the department said. "The majority of novice drivers are young people, below the age of 25, and, although it is recognised that this group will be disproportinately impacted, th are also more likely to offend in the first place. Targeting this group with relatively higher penalties is thus likely to lead to greater behavioural change."

Steve Gooding, director of the RAC Foundation, said:" Penalties for using hand-held mobile have been around since 2003 but the problem has been getting worse, not better. By ruling out courses and doubling the fne, ministers are reflecting public concern and showing they want to stamp out a potentially lethat activity.

-----------------------
POLICE SEIZE £225k LAMBORGHINI IN CRACKDOWN ON USING PHONES AT THE WHEEL
(London Evening Standard, dated 18th November 2016 author Saphora Smith)

Full article [Option 1]:

www.standard.co.uk/news/crime/police-seize-225k-lamborghini-in-crackdown-on-using-phones-at-the-wheel-a3399201.html

Police seized this Lamborghini which was allegedly being driven without a licence or insurance.

The £225,000 supercar was pulled over on the Queens Road in Hendon, north London. Police accused the driver of using his mobile phone at the wheel.

The 42-year-old was then unable to produce a driving licence or proof of insurance, saying he did not hold a UK licence and his German one was back in Germany, officers said.

Police seized the right-hand drive vehicle, which had a German number plate, on Wednesday.

The driver could face disqualification and a fine of up to £500.

He will either be summonsed or receive a fixed penalty notice and points on his licence for driving whilst using a mobile phone, driving without a licence and with no insurance.

The arrest was part of a week-long national police operation against mobile phone use behind the wheel.

Detective Chief Superintendent Paul Rickett, Roads and Transport Policing Command, said: "Throughout the week of action, there will be up to 600 officers each day focussed on motorists who unlawfully use hand-held mobile devices whilst driving and who pose a very real danger to themselves, other drivers and pedestrians.

"I want to send a clear message to the motorists of London: driving whilst on a mobile phone is unacceptable.

"You are unaware of your surroundings, you are not in control of your vehicle and you are breaking the law.

"If you are caught driving whilst on a mobile phone, you could receive points on your licence, a substantial fine or a driver disqualification.

"If you cause a collision, you could be facing imprisonment."

(1st December 2016)



GREATER MANCHESTER POLICE GAVE "SLAP ON WRIST" CAUTIONS FOR RAPE

(The Guardian, dated 9th November 2016 author Nazia Parveen)

Full article [Option 1]:

www.theguardian.com/uk-news/2016/nov/09/greater-manchester-police-gave-slap-on-the-wrist-cautions-for-rapes

A police force has been criticised after it emerged it handed out cautions for serious offences including rape, child abduction and soliciting to commit murder.

The police and crime commissioner, Tony Lloyd, has demanded answers from Greater Manchester police (GMP) after it was revealed that cautions were given out for hundreds of serious crimes over the past five years.

The figures were released under freedom of information legislation and revealed that the force had handed out 14 cautions for rape offences and a further 177 for a variety of sex crimes.

A caution requires an offender to admit their crime and is regarded as an official "slap on the wrist" and an alternative to a charge that would bring the perpetrator before a court.

Lloyd said: "On the face of it, it is clearly unacceptable that cautions should be issued for serious crimes such as rape. Taking this approach without a clear, transparent and justifiable rationale risks endangering public confidence in the way in which the police deal with the most serious of offences.

"Greater Manchester police now need to explain clearly to the public how it is that rapists have ended up with a slap on the wrist, and I will demand an explanation from the chief constable Ian Hopkins this week at my monthly public scrutiny forum."

Half the rapists were handed a "conditional caution", where they could be required to complete a course addressing their behaviour or make reparation to their victim to go along with an official warning, which would remain on their police record.

No minimum sentence applies to rape crimes although official guidelines for judges suggest a "starting point" of five years in prison before time is added or subtracted for aggravating or mitigating factors.

The MP for Blackley and Broughton, Graham Stringer, said the use of cautions for rape and sex offences was "completely inappropriate".

He said: "There is a place for the police caution, but for rape and sexual assault it's simply wrong."

An analysis of the cautions handed out for 14 rape offences shows three were given to adults, two for the rape of a girl under 16 and another two for the rape of a girl under 13.

A further 11 cautions were given to boys for rape crimes, three of them in 2015-16 for raping under-13s.

It was also revealed that many more serious crimes ended in a caution, including robbery, gross bodily harm (GBH) and wounding.

The figures, released to the Manchester Evening News, showed 86 cautions were handed out for robbery; 81 for GBH; 149 for malicious wounding; 60 for racially or religiously aggravated common assault; 60 for indecent exposure; 33 for violent disorder; 26 for aggravated vehicle taking; 22 for arson endangering life; 18 for possessing a real or imitation firearm; 18 for supplying or offering to supply class A drugs; 16 for endangering the safety of an aircraft and 12 for child abduction.

A single caution was also recorded for other crimes such as soliciting to commit murder, perjury, misconduct in a public office, causing or allowing the death of a child or vulnerable person, bigamy and aggravated burglary.

GMP issued nearly 32,831 cautions between 1 April 2011, and 31 March 2016. During the whole period, the most common offence for which a caution was handed out was assault occasioning actual bodily harm (5,123 cautions).

However, the figures showed the force uses the sanction less frequently now than in 2011-12, when 8,977 were handed out compared with 4,358 in 2015-16.

He added: "A police caution is a formal warning given by the police to deliver swift and effective justice that carries a deterrent effect and reduces the likelihood of reoffending. A police caution can also act as a record for possible reference in future criminal proceedings.

"Each offence is dealt with on an individual basis and when a decision to issue a caution is taken, all evidence is considered to ensure this is the most appropriate course of action.

"Cautions are normally issued for more minor offences but no two cases are the same and all the circumstances are taken into account."

(1st December 2016)



FRENCH PRIVACY ROW OVER MASS ID DATABASE

(BBC News, dated 8th November 2016)

Full article [Option 1]: www.bbc.co.uk/news/37894968

A French state watchdog has called for the suspension of a database that could end up holding the biometric details of 60 million people.

The aim of a single "mega-database" is to fight identity fraud and improve efficiency. But, as Paul Kirby explains, there are fears the database could be abused not only by hackers but by state intelligence too,

What's the database for?

The single database would not be used in judicial investigations, ministers insist. Rather, it would help tackle identity fraud by comparing one set of digital fingerprints with another.

France's interior ministry wants the Secure Electronic Documents (TES) to collect all the information on an individual held on two separate databases that have details of people's passports and national ID cards. Only children under 12 would be exempt.

It would include an individual's name, address, marital status, eye colour, weight, photograph and fingerprints.

It's merely an administrative register, argues Justice Minister Jean-Jacques Urvoas. Its only legal use would be when data need to be requisitioned.

What's the problem with it?


First of all, there are very real security concerns. A centralised database of that magnitude, in the words of France's CNNum digital watchdog, would create a "target of inestimable value" in a data world where no system is impregnable.

Then there's privacy, a highly sensitive issue across Europe, particularly as it is enshrined in the European Convention on Human Rights.

One centre-right senator spoke of a "time bomb for public freedoms" and the digital watchdog warned that democracy was on the retreat in Europe and the US.

France's Socialists objected to an earlier database on grounds of privacy when the centre-right government suggested one in 2012. That database would have been used to investigate crime. It was eventually slapped down by the constitutional court because it did not protect against "arbitrary use".

Now the Socialist government has steered through a revamped database by government decree, during a holiday weekend, without the agreement of France's National Assembly.

Is France the only country to want a single database?


Every country is having to balance privacy and security, especially in Europe. Earlier this year, the European Parliament backed a joint system on airline passenger data on flights in and out of the EU and there's a push for greater information sharing across police forces.

For Joe McNamee of European digital rights group Edri it's becoming "an ideology rather than a tool".

"You're creating a specific privacy risk for the individual vis-a-vis the state. We're getting to a stage where the question is how much bang for a buck are you getting."

In Denmark, a personal ID number works across all the public service databases and campaigners worry that safeguards are insufficient.

For some countries, such as Germany and Spain which suffered decades of state surveillance in the 20th Century, personal privacy is seen as essential.

The UK is due to pass by the end of 2016 the Investigatory Powers Bill which will allow security agencies to access databases held by private and public organisations. Critics have dubbed the law a "snooper's charter" but the House of Lords has inserted an amendment emphasising privacy as a fundamental priority.

How serious is the threat of being hacked?


It is real and it has happened before:
- Earlier this year the personal details of some 50 million people in Turkey were reportedly leaked
- Hackers stole some 5.6 million fingerprint records after breaching US government networks in 2015
- French experts point to a hack involving the theft of millions of people's data in Israel in 2011

If the French database does get off the ground, an estimated 10,000 staff would have access to it, raising further questions about the system's inherent security.

###Is there an alternative to the French proposal?

It would cost more, but there was a plan for an electronic chip to be inserted on the ID card with details of the holder's biometric data.

Either way, the database was set to be launched as a pilot scheme on Tuesday despite the controversy. The Socialist minister responsible for digital affairs, Axelle Lemaire, said she was appalled at the secrecy behind the government's decree.

(1st December 2016)



SMART MOTORWAYS CATCH MORE THAN 1,000 SPEEDING DRIVERS A WEEK

(BBC News, dated 7th November 2016 author Mick Tucker)

Full article : www.bbc.co.uk/news/uk-37888207

More than 1,000 motorists a week are being caught speeding on the UK's smart motorways, police figures suggest.

Last year, 52,516 fixed penalties were issued on 11 smart sections, including on stretches of the M1, M25 and M6.

This compared to 2,023 on the same stretches in 2010-11, before they were upgraded to smart motorways - which use the hard shoulder and variable speed limits to control traffic flow.

The government says they are used to improve capacity, not generate revenue.

Smart motorways are operated by Highways England, which uses overhead gantries - also containing speed cameras - to direct traffic into open lanes and change speed limits depending on the volume of traffic.

There are more than 236 miles of smart motorways in England.

A further 200 miles of smart motorways are currently either planned or under construction.

Revenue increased

The BBC's One Show asked 12 police forces in England that monitor major stretches of smart motorway, including parts of the M1, M25, M4, M42 and M6, for the total number of speeding tickets and fines collected.

The majority of forces responded, with half supplying directly comparable data, showing that a total of 52,516 tickets had been issued on these stretches in 2014-15, compared to 2,023 in 2010-11.

That meant the revenue going to central government every year increased to more than £1.1m, from £150,600 five years ago.

There is just one stretch of smart motorway in Scotland - on the M9 - which saw the annual number of tickets issued increase from nine to 41 over the four years. No data was supplied by police for the stretch of the M4 in South Wales.

On one section of the M1 in Nottinghamshire, police issued 8,489 tickets, amounting to £425,000 of fines, in 2015.

Nottingham-based motoring lawyer Paul Wright said he had seen a "deluge" of cases along one stretch of the M1.

He told the BBC: "A cynic might say that it's another way of getting more and more money out of the motorist, over and above what we're paying already.

"And it's an easy way to extract fines from people, because once you're clocked over the limit by the camera, it's very difficult to fight against that."

And the AA told The One Show "questions need to be answered about the money being recouped".

It has also raised safety concerns about drivers having to use emergency refuge areas when the hard shoulder is removed to operate as an extra lane.

AA president Edmund King said more emergency refuges were needed and they should be twice as long, adding: "Only a couple of weeks ago one of our members broke down on a smart motorway. There was a red 'X' up but they still got hit from behind."

Cut congestion

With motorway traffic forecast to increase by up to 60% from 2010 rates by 2040, the government is pressing ahead with its £6bn investment in smart motorways.

A spokesman for the Department for Transport said: "Smart motorways smooth traffic flow and cut congestion for millions of motorists, with evidence from trials showing they are just as safe as regular motorways.

"Enforcement is a matter for the police and it is clear that speeding costs lives. However, we have been clear for a number of years that speed cameras should not be used to generate revenue."

Shaun Pidcock, head of Highways England's smart motorway network, said they were "the safest motorways on the network".

"We have 100% CCTV coverage and we have people watching over them, making sure they're safe, and we can get people in the traffic office to them far safer and quicker than we can do on normal motorways."

(1st December 2016)



CALL 999 WITH LIVE FOOTAGE OF EMERGENCIES

(The Times, dated 4th November 2016 author Mark Bridge)
www.thetimes.co.uk [Option 1]

Pedestrians who film car crashes or housefires with their phones and then post the footage online could soon be doing the emergency services a favour.

West Midlands fire service will test a new system next month that enables 999 callers with smartphones to securely send live footage of incidents to control rooms, without having to download special technology.

It works by sending the caller a text message containing a weblink, while the caller and control staff both stay on the line. Once the caller clicks through, a live stream is established that allows footage or images to be sent directly to call-handlers. GPS co-ordinates are also sent across, helping responders to pinpoint the location.

Eddie Sammons, of West Midlands fire service, said: "We can use it in all scenarios from a road traffic accident to a house fire. It means control room staff can give an incident the right priority, advise the crews who will be responding and advise the caller on how to stay safe. In the next pase, the footage will be shared not only with the control room but also directly with the crews on their way to an incident."

He said that the technology could also be used to connect callers to trained medical personnel, who could give advice on helping injured people.

Chris Jones, of Capita, which developed the app with the Fire Service, said: "In addition to fire and rescue services this could advance the way 999 calls are reported and dealt with by the police, ambulance services, the coast guard and mountain rescue across the UK."

The technology will allow emergency services to benefit from an invention that has previously hindered rescue efforts. In March Warwickshire police took action against more that 80 motorists who slowed down to film or take photographs of a lorry crash on the M40 in which the driver was injured.

(1st December 2016)



BELKIN WeMO DEVICES COULD BE HACKING YOUR SMARTPHONE (Extract)

(International Business Times, dated 4th November 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/belkin-wemo-devices-could-be-hacking-your-smartphone-heres-why-you-need-update-now-1589701

On paper, the Internet of Things (IoT) sounds irresistible. From remote cameras to smart fridges and Wi-Fi controlled lightbulbs, it seems the future has finally arrived. However, evidence is growing of a rush-to-market approach with security as an afterthought.

To demonstrate this, two researchers from Invincea Labs - Joe Tanen and Scott Tenaglia - are set to outline how "multiple flaws" in IoT-based Belkin WeMo products could be used to not only compromise home automation devices but also the Android devices linked to them.

The outcome of the hack could give a cybercriminal the ability to steal photos and even track locations in real time, the researchers said. The findings will be revealed in greater detail at Black Hat Europe in a talk titled 'Breaking BHAD: Abusing Belkin Home Automation Devices'.

The pair tested a slew of WeMo IoT devices and found vulnerabilities "in both the device and the Android app that can be used to obtain a root shell on the device, run arbitrary code on the phone paired with the device, deny service to the device, and launch DDoS attacks without rooting the device".

Tanen and Tenaglia said that two issues were found in the Belkin WeMo products. The first was an malcious software injection problem that could give hackers near complete control over the IoT device - be it camera, home temperature kit or remote Wi-Fi controller.

The WeMo Android application has been downloaded between 100,000 and 500,000 times, according to Google Play statistics. While the flaw did not provide a full root of the Android smartphone, it did allow access to the granted permissions - camera, location and storage.

When a person opens the WeMo app it automatically scans to identify all IoT devices that are in range. The two researchers claimed an attacker could replace the "name" of a friendly device with the malicious mimic code which, when clicked, will load when the application attempts to connect.

Both security vulnerabilities were disclosed to Belkin on 11th August and patches have now been released. Users are now strongly advised to update their devices.

(1st December 2016)



ONLINE SCAMS AND PORTAL JUGGLING NATIONAL TRADING STANDARDS LISTS THREATS

(The Guardian, dated 3rd November 2016 author Rebecca Smithers)

Full article [Option 1]:

www.theguardian.com/money/2016/nov/03/online-scams-and-portal-juggling-national-trading-standards-lists-threats

Consumers are facing emerging threats from increasingly sophisticated online scammers, which include counterfeit goods advertised on social media and misleading listings by estate agents on online portals.

The dangers are highlighted by National Trading Standards (NTS) in its annual Consumer Harm Report, which highlights the types of scams people should watch out for and how they can report suspected criminal activity.

Although crackdowns by trading standards teams have saved businesses and consumers an estimated £93m over the past 12 months, officials warned that this is only the tip of the iceberg.

NTS is a group of senior local government trading standards heads from across England and Wales, set up by the government in 2012 as part of the legislative shake-up of consumer protection.

Its report warns that the trend of criminals selling fake products on social media platforms - where it is easier to conceal their identity and disguise contact details as well as lure victims with cheap prices - is likely to get worse.

"Portal juggling" by estate agents is also expected to continue, it said. This involves misleading prospective homebuyers by removing and re-listing properties on property websites to make them appear brand new on the market, and to disguise any price cuts. This is despite the phenomenon being in breach of trading regulations and in some cases fraudulent.

The continuing expansion of online marketplaces is also expected to lead to a growth in "micro-importers", consumers in the UK who order goods online for onward sale. This can lead to fake, and often dangerous, products ending up in people's homes, including dangerous electrical products with faulty chargers that can overheat and cause fires.

Yet not all criminals are online. The report also identifies some of the more longstanding scams, including doorstep crime, mail scams and selling secondhand cars with tampered mileage clocks.

Over the past year, nearly 80 criminals were convicted and collectively sentenced to 161 years' worth of jail time as a result of NTS investigations.

"Our teams are working within the resources available to clamp down on criminals who target consumers and honest businesses," said Lord Toby Harris, chair of National Trading Standards.

"The dedicated work of our officers has prevented a £345m loss for businesses and consumers in the past two years, representing a saving of £12.63 for every £1 spent. Our work is making inroads into criminal activity, but we know that in many cases this is just tackling the tip of the iceberg."

National Trading Standards - Consumer Harm Report 2016 :

www.nationaltradingstandards.uk/site_assets/files/NTS%20Consumer%20Harm%20Report%202016.pdf

(1st December 2016)



POLICE ACROSS THE GLOBE CRACK DOWN ON DARKNET MARKETPLACES

(Computer World, dated 2nd November 2016 author Michael Kan)

Full article [Option 1]:

www.computerworld.com/article/3137559/security/police-across-the-globe-crackdown-on-darknet-marketplaces.html

Law enforcement agencies across the globe staged a crackdown on so-called darknet web sites last week, targeting marchants and thousands of customers who were looking to obtain illegal drugs and goods.

From 22nd October to 28th October, the agencies took action against merchants and customers that used these sites for illicit items, U.S. Immigration and Customs Enforcement said in a statement on Monday.

Unlike other websites, these underground marketplaces reside within the darknet -- a sort of parallel internet accessible to visitors via anonymizing software like Tor. While the software has legitimate uses, such as safeguarding communications in authoritarian countries, it has been adopted for more illicit means.

Last week's crackdown was global in scale. In addition to the U.S., Europol and law enforcement agencies from Australia, Canada, New Zealand and the U.K. participated in the operation.

In the U.S., the FBI said it made "contact" with 150 individuals suspected of buying illicit items from darknet marketplaces. "Some of these individuals confessed to ordering a range of illegal drugs and controlled substances online, including heroin, cocaine, morphine, and ketamine," the FBI said.

It's unclear how U.S. investigators found out about the suspects' activities. But a video posted online shows agents searching for illegal goods by opening packages at a Los Angeles mail facility. Among the items seized were live turtles sent from Las Vegas, a counterfeit bong made in China, and fake Ray-Ban sunglasses.

In other countries such as Sweden, local police said they had identified more than 3,000 suspected buyers of drugs sold over the darknet. Police were able to identify the suspects because six of the largest Swedish merchants on the darknet had been arrested in the past year.

Police in Netherlands also said they took "some criminal justice actions" as part of last week's operation. Authorities there have even published a website, naming which vendors are still active on the darknet, and which have already been arrested.

Some of those merchants go by usernames that appear on AlphaBay Market, a major underground website known to sell drugs, stolen credit cards and counterfeit items. AlphaBay continues to operate as of Tuesday.

New Zealand police have also said they contacted over 160 people in the country suspected of buying drugs from the websites. The crackdown has so far resulted in six arrests and 66 formal warnings.

(1st December 2016)



HOW TO GET RID OF RANSOMWARE

(International Business Times, dated 2nd November 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/how-get-rid-ransomware-no-more-ransom-campaign-aims-set-you-free-1589523

In a joint operation between industry and law enforcement, over a dozen countries have now banded together to help internet users combat the rising scourge of ransomware - a notorious type of malware that can lock down entire computer systems with the click of a mouse.

Dubbed No More Ransom, the project was launched in July by Europol, the Dutch National Police, Intel Security and Kaspersky Lab. Touting an online portal offering advice, a reporting service and free decryption tools - it recently announced law enforcement from 13 countries was now involved.

Ransomware is increasingly lucrative for cybercriminals and its ease-of-use means that it does not take a particularly sophisticated "hacker" to deploy it. In one landmark case earlier this year, a hospital in the US was forced to pay up $17,000 in bitcoin after its critical systems was infected.

It hijacks control of pictures, videos, documents including messages and typically shows a "lock screen" on the users' computer. The criminal will then direct the victim to pay a fee using bitcoin - a cryptocurrency that is difficult to trace. Thankfully, No More Ransom offers ways around paying.

One of the innovative tools is called 'Crypto Sherriff' and can help infected users to decrypt versions of Teslacrypt, Chimera, WildFire, CoinVault and Rakhni. The service allows users to upload their encrypted files alongside the ransom notice they received to identify the virus. Most recently, on 3 October, a decryptor called Rannoh was uploaded that can help patch at least seven ransomware strains.

It also offers a reporting system that spans the UK, Netherlands and the US. "You need to report it to your local law enforcement agency," the website states. "Your report will help to catch cybercriminals and prevent other users from being infected."

No More Ransom claims that in the first two months of operation over 2,500 people have used the service to decrypt their data without having to pay the cybercriminals. The project estimates this has cost the hackers over $1 million in ransoms, and it only expects this loss to grow.

"Getting more law enforcement agencies from different countries on board will therefore improve operational information-sharing, so that in the end ransomware will be fought more effectively," said Jornt van der Wiel, a security researcher at Kaspersky Lab.

He continued: "In some cases, the researchers' insight can also help to track down and arrest the criminals responsible. The seized servers can contain decryption keys, and, when shared with private sector companies this can be turned into decryption tools that help victims to unlock their data without paying the ransom."

The project comes with a strong warning not to pay any criminal who successfully infects a victim's systems. It states: "By sending money to cybercriminals you'll only confirm that ransomware works,
and there's no guarantee you'll get the encryption key you need in return."

Wil van Gemert, Europol's deputy director of operations, said ransomware has become "a dominant concern" for law enforcement, adding: "Initiatives like the No More Ransom project shows that linking expertise and joining forces is the way to go in the successful fight against cybercrime."

He elaborated: "[Ransomware] is a problem affecting citizens and business alike, computers and mobile devices, with criminals developing more sophisticated techniques to cause the highest impact on the victim's data. We expect to help many people to recover control over their files."

(1st December 2016)



WOMENS REFUGES TO RECEIVE £20 MILLION LIFELINE FOR VICTIMS OF DOMESTIC VIOLENCE FLEEING HOME

(The Telegraph, dated 3rd November 2016 author Cristina Criddle)

Full article [Option 1]:

www.telegraph.co.uk/women/politics/womens-refuges-to-receive-20-million-lifeline-for-victims-of-dom/

Women's refuges will receive a £20 million boost as part of a Government initiative that obliges councils to accommodate those fleeing violent partners from outside their local area.

Theresa May this week approved the funding, which forms the first part of a £40 million pledge to support domestic abuse victims. First announced in the 2015 Spending Review, the initial wave will cover 2017 and 2018.

Communities secretary Sajid Javid said local authorities, in partnership with specialist charities, can bid for a share of the funds to safeguard existing centres and create more accommodation for women escaping domestic violence. Councils will only be awarded a share of the funds if they commit to collaborating with refuge providers from across the UK.

Previously, cuts to local authority grants have resulted in non-statutory services being reduced, putting refuges at risk of closure. Some councils also introduced local connection rules, meaning that only women from the nearby area could access support.

Charities have warned of the dangers of this policy, as it stops women and children who are in fear of their lives from moving across the country to a place of safety, and away from their abuser.

Recent research by Women's Aid, who the Government has consulted about the funding, found that 17 per cent of specialist women's refuges had closed since 2010, with more than 155 women a day refused accommodation, due to a lack of space.

But national domestic violence charity Refuge, who also worked with the Government, today welcomed the funding as a "positive step" and a "lifeline for women and children in need of protection."

"Refuges are often the only escape route for women and children in fear of losing their lives," chief executive Sandra Horley added. "Refuges provide women and children with much needed safety, expert support and the building blocks they need to begin a new life, free from fear."

The Government is also publishing its new priorities for domestic abuse services, setting out how councils can provide services "in a collaborative and effective way".

Mr Javid said the funding was designed to ensure no victim is turned away from refuges. "Domestic abuse knows no barriers. It can happen to anyone of us, at any time," he added.

The news could be seen as an indication that Mrs May wishes to deliver on her promise of social reform. The Prime Minister has fought to tackle domestic violence since she was home secretary and her key adviser, Fiona Hill, is also said to feel strongly about the issue.

Last month, Mrs May temporarily exempted women's refuges from planned changes to housing benefit rules which could have forced further closures.

In a previous speech to the Police Federation, she said: "Let me be absolutely clear. Domestic abuse is a crime. Sexual assault is a crime. Child sexual abuse is a crime. Modern slavery is a crime. And the victims and survivors of those crimes deserve to be heard now, just as they should have been years ago, and they deserve justice, just as they did then."

(3rd November 2016)



MAKE ANTI-GROOMING LESSONS COMPULSORY

(London Evening Standard, dated 1st November 2016 author Kate Proctor)

Full article [Option 1]:

www.standard.co.uk/news/education/schools-urged-to-hold-compulsory-antigrooming-lessons-a3384041.html

Compulsory anti-grooming lessons could be held in schools to protect children from falling victim to abuse.

Proposals put forward today by Labour's shadow women and equalities minister, Sarah Champion, call for the introduction of awareness lessons for pupils aged five and above.

It is understood Education Secretary Justine Greening is sympathetic to suggestions that existing sex and relationship guidance needs to be updated.

Ms Champion - who is MP for Rotherham and campaigns on behalf of victims of the Rotherham child abuse scandal - said it was time to shake off the cultural "prudishness" that had turned abuse into the Britain's "dirty little secret".

Ms Champion said of Ms Greening, who went to state school in Rotherham: "From the work she's done in this area before and the way she was in the [Commons], she seems to get and understand this. I hope - because I believe both Home Secretary Amber Rudd and Prime Minister Theresa May get and understand this - we will be able to push this forward."

Ms Champion has produced a National Action Plan for Preventing Child Abuse and Violence in Teenage Relationships, with evidence from The Children's Society, Royal College of Paediatrics and Child Health, and Children's Commissioner for England.

Her recommendations include introducing age-appropriate education on the subject from Key Stage 1, and ensuring sex and relationship education lessons take place in academies, free schools and new grammar schools, which currently have no statutory requirement to do so. She said: "It's giving children an awareness that they respect themselves, they respect others and no means no. So we are not teaching little children about sex, but we are teaching that some people can be mean and if you feel uncomfortable you can report that to someone.

"The Government has never justified why they don't give proper resilience education to all children from Key Stage 1. I do not think there are any arguments that are valid about why we wouldn't be protecting our children in this way."

The Department for Education said: "Sex and relationship education is compulsory in all maintained secondary schools, and many academies and free schools teach it. We are looking at all options to ensure that all children have access to high quality teaching of sex, relationships, personal, social and health education."

-----------------------
SOMALI GANG JAILED FOR THE SYSTEMATIC RAPE AND ABUSE OF VULNERABLE SCHOOLGIRLS IN BRISTOL
(The Telegraph, dated 1st November 2016 author Martin Evans)
Full article [Option 1]:

www.telegraph.co.uk/news/2016/11/01/somali-gang-jailed-for-the-systematic-rape-and-abuse-of-vulnerab/

gang of Somali refugees have been jailed for their part in the systematic rape and abuse of teenage girls who were failed by police and told their "lifestyle choices" were to blame for their ordeal.

Victims, as young as 14, were given drugs and repeatedly pestered for sex by the men, who were part of a wider gang based in Bristol.

Three men - Sakariya Sheikh, 23, Mohammed Dahir, 24, and Abdirashid Abdulahi, 23 - were convicted of 14 charges relating to four girls, following a third trial into the sexual exploitation of vulnerable schoolgirls.

It takes to 13, the number of men convicted of the "chilling" abuse which occurred in Bristol between 2009 and 2013.

But a report into the abuse found that many of the victims had been let down by social services, doctors and the police, whose failure to launch an investigation immediately meant the gang were free to abuse the victims for another six months.

A review, commissioned by the Bristol Safeguarding Children Board, revealed a series of shortcomings including by doctors, sexual health services and schools, who failed to notice the abuse.

The report also found that in some cases the victims were blamed by police for their "lifestyle choices" with one girl being told she had "brought it all on herself" after she reported two rapes.

Officers dealing with the crimes were also "under extreme pressure" as a consequence of austerity and cuts, the report found.

Contraception was dished out to girls as young as 12, who went to their GPs complaining of heavy bleeding, abdominal pains and needing tests for STDs.

Following the publication of the review, Assistant Chief Constable Kay Wozniak of Avon and Somerset Police, said: "We recognise that there were shortcomings. Unfortunately, financial pressures continue not just in Avon and Somerset but across the country."

Jailing Sheikh for 16-years and Dahir and Abdulahi for eight-years each Judge Peter Blair QC told the men: "You have brought shame upon your families and upon yourselves. You are not worthy of very much further attention in this courtroom. "

Seven men went on trial accused of 46 charges.

Three were acquitted after the jury failed to reach verdicts and another man was found not guilty of the two charges against him.

The trial, codenamed Operation Button, was the third in a series of prosecutions of Somali men for child sexual exploitation and drugs offences.

In two earlier trials in 2014, codenamed Operation Brooke, 14 men were jailed for more than 100 years.

The three convicted defendants in Operation Button - rapists Sheikh and Abdulahi and Dahir - were also found guilty in Operation Brooke.

During the trial, jurors heard how a 15-year-old girl was simultaneously raped by Sheikh and another man in March 2013.

The majority of the offences happened between 2011 and 2012 against girls who had travelled to Bristol by train to meet the men.

Speaking after the case, Detective Sergeant Lisa Jones, of Avon and Somerset Police, said the offences had inflicted "long-term pain and torment" on the victims.

"These defendants befriended these vulnerable young people who were still at school, grooming and sexually exploiting them.

"Their systematic abuse over a number of years slowly eroded their confidence and made them think these crimes were normal behaviour."

In a statement issued through police, the Bristol Somali community said it was "deeply appalled" by the case.

"Our deepest sympathy wholeheartedly goes out to the victims and their families who are undoubtedly experiencing extreme pain at the moment," it said.

"Our community, a Muslim and black minority ethnic community, in Bristol would like to underline that we sincerely condemn the nature of these crimes."

(3rd November 2016)



TRAIN COMMUTERS URGED TO WATCH FOR SIGNS OF TERRORISM

(London Evening Standard, dated 1st November 2016 author Dick Murray)

Full article [Option 1]:

www.standard.co.uk/news/transport/commuters-must-be-the-eyes-and-ears-in-fight-against-terror-police-warn-in-new-see-it-say-it-sorted-a3383801.html

London commuters were told today they are the "eyes and ears" needed to help keep the railways safe from a terrorist attack.

It came as Government and the British Transport Police (BTP) made an unprecedented appeal to passengers to watch out for anything unusual - and report it the moment they do.

Passengers today arriving at major mainline stations in the capital were among the first to hear updated security announcements and see posters promoting the the new "See IT. Say It. Sorted" campaign.

Launching the new measures at Waterloo Station Paul Maynard, the rail minister, said: "We want to send a clear message to anyone threatening the security of the rail network that there are thousands of pairs of eyes and ears ready to report any potential threat to the BTP and rail staff who are ready to respond."

Passengers were encouraged particularly to watch out for:

- Someone avoiding rail staff or police

- Unattended bags, luggage or packages

- Anyone checking out security arrangements

It was made clear the campaign is in response to a general tightening of security measures across the network rather than a specific threat.

Last week the Evening Standard revealed armed police are to travel on the London Underground instead of using patrol cars to get around the capital.

BTP Temporary Assistant Chief Constable Alun Thomas said it was better to be safe than sorry and passengers should not be afraid in coming forward and reporting their suspicions.

"We rely on information from the public to help us keep the railway safe.

"It could be someone avoiding rail staff or police, leaving a bag on the railway, checking out security arrangements like CCTV or trying to access staff only areas."

"If it doesn't feel right, we want to hear from you. Let us decide if what you have seen or what you know is important. We will check the information thoroughly."

There was simultaneous launch of the campaign at Birmingham, Glasgow and Manchester stations and will be extended across the country.

Gary Cooper, director of operations at the Rail Delivery Group, which represents the passenger train operators, said the combination of passengers, staff and police all working together would ensure Britain's railways "remain the safest in Europe."

The campaign complements BTP's 61016 texting service which allows members of the public to report non-emergency incidents on the railway 24 hours a day, 365 days of the year - receiving 50,000 messages since it started three years ago.

More than 8,000 incidents have been investigated and 4100 crimes recorded.

(3rd November 2016)


POLISH PAIR JAILED FOR THROWING BACON AT WORSHIPPERS IN NORTH LONDON MOSQUE
(International Business Times, dated 1st November 2016 author Ewan Palmer)

Full article [Option 1]:

www.ibtimes.co.uk/polish-pair-jailed-throwing-bacon-worshipers-north-london-mosque-1589371

Two people have been jailed for throwing bacon inside a North London mosque in a racially motivated attack. Polish nationals Mateusz Pawlikowski, 22 and Piotr Czak-Zukowski, 28, both of Sneath Avenue, were sentenced for criminal damage and racial/religious public offence order after hurling bacon at worshippers inside Al-Rahman Mosque in Crowndale Road on 2 October.

Blackfriars Crown Court heard how Pawlikowski approached one of the worshippers, swore at him, and threw a rasher of bacon towards him, before throwing more bacon on the floor of the prayer room.

After fleeing the scene, Pawlikowski was arrested just minutes away from the Mosque after being stopped for matching the witnesses' description. When officers arrested Czak-Zukowski, who again matched the witness description, in Camden Lock, he was carrying an empty packet of bacon in his pocket.

Both men were arrested on suspicion of inciting racial hatred and taken into custody. The pair have now been sentenced to eight months' imprisonment for criminal damage and eight months' imprisonment for a racial / religious public order offence. The sentences are to run concurrently.

DC Tracey McMath, from the Camden Community Safety Unit, said: "The defendants showed a complete disregard for the faith and belief of others in this callous and highly offensive incident; and I hope their convictions highlight that we will not tolerate hate crime in any of its forms.

"I know this incident has had a significant impact on the community and commend the victims for speaking up. Hate crime is often a hidden crime and it is essential we stand together with policing partners, colleagues and groups to investigate all such allegations, support victims and bring perpetrators to justice."

(3rd November 2016)


HOW MUCH OF A PROBLEM IS CYBER CRIME IN THE UK ?
(The Telegraph, dated 1st November 2016 author Patrick Scott)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/11/01/how-much-of-a-problem-is-cyber-crime-in-the-uk/

Chancellor Philip Hammond has announced a new five-year £1.9 billion scheme to help prevent cyber-crime in the UK.

The National Cyber Security Strategy is to be used to develop a strategy for tackling hackers and the problems they pose to national security as well as to the public individually.

In his introduction to the new strategy, Mr Hammond writes: "From the most basic cyber hygiene, to the most sophisticated deterrence, we need a comprehensive response.

"We will focus on raising the cost of mounting an attack against anyone in the UK, both through stronger defences and better cyber skills. This is no longer just an issue for the IT department but for the whole workforce. Cyber skills need to reach into every profession."

How big of a problem is cyber-crime in the UK?

Cyber-crime has risen in prominence in recent years and is no longer the stuff of spy novels. However, the full extent of it in the UK is still difficult to gauge.

The Office for National Statistics has recently begun asking people about their experiences of fraud and online crime in its Crime Survey of England and Wales.

From these responses the ONS was able to estimate that there were 5.6 million fraud and computer misuse crimes in the 12 months up to the end of June 2016.

To put this into context, the total number of crimes recorded in the rest of the survey stood at 6.5 million over the same period, meaning that crime in the UK has nearly doubled with the addition of these new questions.

Out of these 5.6 million fraud and computer misuse offences more than two thirds were specifically labelled as being examples of cyber-crime. This means they involved the internet or online activity.

This would mean that there were 3.8 million instances of cyber-crime in the 12 months to June 2016.

The figures show that bank account fraud, for example Phishing, was the most common type of online crime with 2.4 million instances in the year to June.

As many as 708,000 people lost money in fraud cases last year while there were 487,000 instances in which people lost money due to hacking or computer viruses.

Of the people who lost money due to fraud, more than a quarter lost in excess of £500 and 15.4 per cent of them lost in excess of £1,000.

Despite the scale of cyber-crime apparently being vast, victims were unlikely to actually report incidents to the authorities. Only 13.2 per cent of cases were referred to police forces or Action Fraud, the new body policing fraud across the UK.

While the ONS is still labeling their cyber-crime figures as being experimental and has yet to incorporate them into the rest of the crime survey, it seems that these types of offences are very prevalent in the UK.

###Most common UK online crime offences ( Source : Office for National Statistics)

These are the ten most common cyber-crimes in the UK, with number of cases reported in the year to June 2016

1. Bank account fraud - 2,356,000

Criminals trick their way to get account details. For example: "Phishing" emails contain links or attachments that either take you to a website that looks like your bank's, or install malware on your system. A 2015 report by Verizon into data breach investigations has shown that 23pc of people open phishing emails.

2. Non-investment fraud - 1,028,000

AKA Ponzi schemes. Examples include penny stocks, pension liberation, and investment in commodities, such as wine or art, that later prove worthless

3. Computer virus - 1,340,000

Unauthorised software damages or takes control of your machine. For example: "Ransomware" encrypts your files and pictures then demands a payment to restore your access to it

4. Hacking - 681,000

Criminals exploit security weaknesses to illegally access other machines or networks. They steal sensitive data or subvert machines for their own purposes, such as sending spam or launching other cyber attacks

5. Advance fee fraud - 117,000

The victim is promised access to a great deal of money in return for a smaller upfront payment. For example, the classic "Nigerian Prince" email scam

6. Other fraud - 116,000

One example is "solicitor scams", where a solicitor's website is hacked, then clients asked to divert large payments into the criminals' bank accounts.

7. Harassment and stalking - 18,826

Threats, abuse and online bullying - what's commonly been termed "trolling" on social media

8. Obscene publications - 6,292

Pornography that meets the definition of the Obscene Publications Act, thus generally involving some form of physical abuse

9. Child sexual offences - 4,184

Assault, grooming, indecent communication, coercing a child to witness a sex act. These crimes may be being under-reported

10. Blackmail - 2,028

This includes threats to publish intimate photographs online

(1st November 2016)


UK TO INCREASE NATIONAL CYBER-DEFENCE GRID
(BBC News, dated 1st November 2016)

Full article : www.bbc.co.uk/news/technology-37821867

Automatic defences to stop hackers hijacking websites or spoofing official domains will get a boost from a £1.9bn government cybersecurity strategy.

Chancellor Philip Hammond will give details of the plans in a speech later.

Other defences that intercept booby-trapped emails or shut down thieves impersonating bank websites will also be expanded.

The strategy will also help enlarge specialist police units that tackle organised online gangs.

Some cash will go towards education and training of cybersecurity experts.

Mr Hammond is expected to formally launch the scheme, called the National Cyber Security Strategy, on Tuesday.

The plans will set out action needed to protect the UK economy and the privacy of British citizens, and will also encourage industry to ramp up efforts to prevent cyber-attacks.

Mr Hammond said Britain "must now keep up with the scale and pace of the threats we face".

"Our new strategy... will allow us to take even greater steps to defend ourselves in cyberspace and to strike back when we are attacked," he added.

Ben Gummer, paymaster general, said in a statement: "No longer the stuff of spy thrillers and action movies, cyber-attacks are a reality and they are happening now.

"Our adversaries are varied - organised criminal groups, 'hacktivists', untrained teenagers and foreign states."

Finding talent

The £1.9bn to pay for the national strategy was allocated last year and will fund the programme until the end of 2020.

In its strategy, the government explained what some of the money has been spent on already.

With the aid of industry, it has set up automated systems that limit how much malware and spam reaches UK citizens. Other projects have helped the government verify where emails come from to thwart specific tax fraud campaigns aimed at the UK.

Future spending plans involved cash for recruiting more than 50 specialists who will work at the cybercrime unit at the National Crime Agency. These will help tackle organised gangs and aim to raise the cost of engaging in hi-tech crime to make it much less attractive.

The cyber-plan will also involve the creation of a Cyber Security Research Institute that aims to unite researchers across the UK's universities to work together on improving defences for smartphones, laptops and tablets.

Security-based start-ups will also get help via an innovation fund that will commercialise work on novel tools and defences.

A national scheme will also be set up to retrain "high-aptitude professionals" as cybersecurity experts.

Prof Alan Woodward, a computer security expert from the University of Surrey, said he hoped the government spent cash on the "high volume, low sophistication attacks" that plague people and cause the majority of financial losses.

"I hope the £1.9bn will be spent in growing talent," he said. "The government talk about 50 recruits here and 50 there. I'm afraid we need many more."

Prof Woodward said it was getting "increasingly difficult" to persuade young people to study computer science and getting them to try cybersecurity was "a real headache".

"I would really like to see money put into reaching young people early enough to influence the subjects they decide upon at school and pairing an image for them of just how interesting and rewarding a career in cybersecurity can be," he said.

uaware comment


Wow, that is some security investment ! Not really, it is estimated that for the whole of the UK economy that amount is lost to fraud, scams and forced computer systems downtime in under a month.

(1st November 2016)


OCTOBER 2016


COMPUTER SECURITY REVIEW - OCTOBER 2016

------------------------
APPOINTMENTS ON HOLD AS COMPUTER VIRUS WREAKS HAVOC WITH NHS TRUST SYSTEMS
(The Register, dated 31st October 2016 author Alexander J Martin)

Full article [Option 1]: www.theregister.co.uk/2016/10/31/virus_shuts_down_nhs_trust/

An NHS trust in England shut down all of its IT systems today and has all but ground to a halt in general after a virus compromised them on Sunday.

In a bright-red warning labelled "Major incident" on the website for Northern Lincolnshire & Goole NHS Foundation Trust, patients are warned that their appointments have been cancelled due to a virus infecting electronic systems.

The trust announced that it has "taken the decision, following expert advice, to shut down the majority of our systems so we can isolate and destroy it".

The nature of the virus has not been disclosed, but the infection comes after NHS Digital committed to expanding the range of cybersecurity services available to UK hospitals and clinics.

Almost half (47 per cent) of NHS trusts have been subject to a ransomware attack in the past year, according to figures from a freedom of information (FOI) request published last month. NCC Group's FOI is based on requests to 60 trusts, 28 of which confirmed they had been victims of ransomware.

------------------------

EU PRIVACY WATCHDOGS WANT ANSWERS FROM WHATSAPP AND YAHOO ABOUT USER DATA
(Computer World, dated 28th October 2016 author Peter Sayer)

Full article [Option 1]:

www.computerworld.com/article/3136198/data-privacy/eu-privacy-watchdogs-want-answers-from-whatsapp-and-yahoo-about-user-data.html

European Union privacy watchdogs have warned WhatsApp CEO Jan Koum to stop sharing users' data with parent company Facebook until they investigated whether the transfers comply with EU data protection law. They also want Yahoo's Marissa Mayer to come clean about recent leaks and spying allegations.

In an open letter to Koum published Friday, an umbrella group representing the EU's national data protection authorities expressed its serious concerns at the way WhatsApp users were informed of changes to the company's terms of service and privacy policy, and questioned whether the company had their valid consent to the changes.

------------------------
MALWARE FROM LAST WEEKS DDOS ATTACK CONTINUES TO HARASS
(Computer World, dated 27th October 2016 author Michael Kan)

Full article [Option 1]:

www.computerworld.com/article/3136354/security/malware-from-last-weeks-ddos-attack-continues-to-harass.html

It's still unclear who pulled off Friday's massive internet disruption, but the malware largely responsible for the cyber attack has since assaulted new targets -- possibly including video gamers.

Since last Friday, botnets created by the Mirai malware have been launching distributed denial-of-service attacks at seemingly random targets, in short bursts, according to a security researcher who goes by the name MalwareTech.

He has tracked Mirai-powered botnets and helped produce a Twitter feed that monitors their DDoS attacks. On Wednesday alone, the feed posted close to 60 attacks, many of them lasting from 30 seconds to over a minute long.

------------------------
CHINESE FIRM ADMITS ITS HACKED PRODUCTS WERE BEHIND FRIDAYS DDOS ATTACK
(Computer World, dated 23rd October 2016 author Michael Kan)

Full article [Option 1]:

http://www.computerworld.com/article/3134097/security/chinese-firm-admits-its-hacked-products-were-behind-fridays-ddos-attack.html

A Chinese electronics component manufacturer says its products inadvertently played a role in a massive cyberattack that disrupted major internet sites in the U.S. on Friday.

Hangzhou Xiongmai Technology, a vendor behind DVRs and internet-connected cameras, said on Sunday that security vulnerabilities involving weak default passwords in its products were partly to blame.

According to security researchers, malware known as Mirai has been taking advantage of these vulnerabilities by infecting the devices and using them to launch huge distributed denial-of service attacks, including Friday's outage.

See also :

Title : Chinese firm recalls camera products linked to massive DDOS attack

Full article [Option 1]: www.computerworld.com/article/3134548/security/chinese-firm-recalls-camera-products-linked-to-massive-ddos-attack.html

------------------------

MASSIVE DENIAL OF SERVICE ATTACK THAT ALMOST BOUGHT DOWN U.S. INTERNET
(International Business Times, dated 22nd October 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/massive-ddos-attack-that-almost-brought-down-us-internet-how-it-happened-why-1587696#

On Friday (21 October), hackers mounted unprecedented concurrent global DDoS attacks on internet services firm Dyn. The attack severely impacted Dyn's clients, which include Twitter, Reddift, Spotify, SoundCloud, among others. Mere hours after Dyn claimed to have restored services, hackers hit again, leading the firm's engineers scrambling to mitigate the attack. The cyberattacks caused outages for many across the East Coast in the US.

Explaining the sequence of attacks in an update, Dyn said: "On Friday October 21, 2016 at approximately 11:10 UTC, Dyn came under attack by a large Distributed Denial of Service (DDoS) attack against our Managed DNS infrastructure in the US-East region. Customers affected may have seen regional resolution failures in US-East and intermittent spikes in latency globally. Dyn's engineers were able to successfully mitigate the attack at approximately 13:20 UTC, and shortly after, the attack subsided.

###See also :

BBC article - Smart Home devices used as weapons in website attack

www.bbc.co.uk/news/technology-37738823

------------------------
THREE MILLION DEBIT CARDS ARE RISK AFTER HACKERS RAID INDIAN PAYMENT SYSTEMS
(The Register, dated 20th October 2016 author Iain Thomson)

Full article [Option 1]:

www.theregister.co.uk/2016/10/20/indian_banks_fear_3m_debit_cards_at_risk/

A suspected security breach has led banks in India to warn 3.25 million customers to replace their debit cards or change the PINs.

National Payments Corporation of India (NCPI), the umbrella organization for the nation's retail IT systems, said customers at 19 banks were affected. We're told 641 people have been defrauded - approximately $200,000 has been taken, largely from cloned cards used in Chinese and US ATMs.

"Necessary corrective actions already have been taken and hence there is no reason for bank customers to panic," said NPCI CEO Mr Abhaya Hota. "Advisory issued by NPCI to banks for re-cardification is more as a preventive exercise."

The recall of RuPay, Visa and MasterCard debit cards has hit a slew of banks: State Bank of India, HDFC Bank, ICICI Bank, Yes Bank and Axis Bank. Early reports suggested the problem had been at the backend systems of Hitachi Payment Services (HPS), which runs a network of 48,000 ATMs and 230,000 sales terminals across the country, but the firm has denied this.

------------------------
NETFLIX REMINDS PASSWORD RE-USERS TO RUN A RESET
(The Register, dated 16th October 2016 author Richard Chirgwin)

Full article [Option 1]:

www.theregister.co.uk/2016/10/16/netflix_reminding_password_reusers_to_run_a_reset/

Netflix has reminded people whose user IDs are circulating in breach-lists to check their security and if necessary reset their passwords.

The issue resurfaced late last week, when an Adweek writer posted that he'd received a "reset your password" message:

"As part of our regular security monitoring, we discovered that credentials that match your Netflix email address and password were included in a release of email addresses and passwords from a breach at another company."

------------------------
THOUSANDS OF ONLINE SHOPS COMPROMISED FOR CREDIT CARD THEFT
(Computer World, dated 13th October 2016 author Lucian Constantin)

Full article [Option 1]:

www.computerworld.com/article/3131085/security/thousands-of-online-shops-compromised-for-credit-card-theft.html

Almost 6,000 online shops have been compromised by hackers who added specially crafted code that intercepts and steals payment card details.

These online skimming attacks were first discovered by Dutch researcher Willem de Groot a year ago. At that time, he found 3,501 stores containing the malicious JavaScript code. However, instead of getting better, the situation is increasingly worse.

By March the number of infected shops grew by almost 30 percent to 4,476, and by September, it reached 5,925. More than 750 online stores that were unwillingly skimming payment card details for attackers in 2015 are still doing so today, showing that this type of activity can go undetected for months, the researcher said

------------------------
NEW GCHQ UNIT TO "CHAT" TO HACKED BUSINESSES
(The Register, dated 13th October 2016 author Alexander J Martin)

Full article [Option 1]:

www.theregister.co.uk/2016/10/13/new_gchq_unit_says_it_wont_rat_your_breached_business_out_to_the_ico/

The new National Cyber Security Centre is pitching itself to CEOs as a friendly government organisation which won't get the regulators involved after data breaches.

Those gathered this morning on the 18th floor of 125 London Wall heard one of the NCSC's deputy directors address CEOs on how they should lead their businesses' recovery from cyber attacks-and it was primarily by contacting NCSC, a part of GCHQ.

Peter Yapp, the deputy director for the incident management directorate, explained how his role worked: "If something [regarding a cyber incident and your company] breaks in the press, I'll get a call from someone in government," he said, and he would be expected to explain what the incident meant.

"If you haven't phoned me and told me about it, I will phone you," stated Yapp.

"It is worth telling me about the most serious incidents," he told his audience, acknowledging that these were difficult to define, before comforting them: "We do not tell the ICO what you tell us."

------------------------
BT YAHOO CUSTOMERS - WHY CAN'T WE DELETE OUR WEBMAIL ACCOUNTS
(The Register, dated 7th October 2016 author Kat Hall)

Full article [Option 1]: www.theregister.co.uk/2016/10/07/bt_yahoo_customers_unable_to_delete_webmail_accounts/

BT customers are unable to delete BT Yahoo email services - despite an exodus of users seeking to leave the security-challenged webmail biz.

Since allegations arose that Yahoo built an app to enable it to scan all of its users' emails at the request of US intelligence, many users have sought to delete their email accounts.

That was in addition to Yahoo!'s confession last month that hackers had stolen the credentials for at least 500 million of its customer email accounts.

BT had outsourced its webmail hosting to Yahoo - and has a total of 7 million accounts. BT had said a minority of its customer base had been affected by the breach, but declined to say how many.

-----------------------
ONLY A RADICAL NEW APPROACH TO DIGITAL SKILLS CAN WARD OFF CYBERTHREATS AND PROTECT UK BUSINESS
(International Business Times, dated 7th October 2016 author Ashok Vaswani)

Full article [Option 1]:

www.ibtimes.co.uk/only-radical-new-approach-digital-skills-can-ward-off-cyberthreats-protect-uk-business-1584215

The average British household owns 7.4 internet devices. But for a nation so seemingly tech-absorbed, we are worryingly complacent when it comes to protecting ourselves online, leaving individuals and businesses at risk. With the use of online platforms and cloud storage as well as portable devices increasingly common, the need for vigilance, knowledge and awareness has never been greater.

The results of The Barclays Digital Development Index highlight this issue; workers in the UK are far less likely to keep their phones and laptops secure than those in Brazil, South Africa or China. This poses potential risks in the coming years as cyber hackers find increasingly sophisticated ways to access information.

-----------------------
CITIZENS DON'T TRUST UK.GOV WITH THEIR DATA
(The Register, dated 6th October 2016 author Kat Hall)
Full Article [Option 1]:

www.theregister.co.uk/2016/10/06/citizens_dont_trust_ukgov_with_their_data/

UK citizens have little faith in the government's ability to securely handle their private data - according to a wide-ranging survey which echoes findings by the National Audit Office.

Just 22 per cent believed that the government has appropriate means to stop cyber-attacks and identity breaches, according to 1,500 citizens polled by YouGov on behalf of security biz Covata.

Only 37 per cent said they were confident that the government would keep their personal data secure; while 32 per cent believed departments would not be able toe share information securely between public sector bodies.

-----------------------
ONE ELECTION-SYSTEM VENDOR USES DEVELOPERS IN SERBIA
(Computer World, dated 5th October 2016 author Patrick Thibodeau)

Full article [Option 1]:

www.computerworld.com/article/3126791/election-hacking/one-election-system-vendor-uses-developers-in-serbia.html

Voting machines are privately manufactured and developed and, as with other many other IT systems, the code is typically proprietary.

The use of proprietary systems in elections has its critics. One Silicon Valley group, the Open Source Election Technology Foundation, is pushing for an election system that shifts from proprietary, vendor-owned systems to one that that is owned "by the people of the United States."

But today, election system makers can operate in much the same manner as any vendor to build code; that includes using overseas developers.

One major election technology company, Dominion Voting Systems (DVS), develops its systems in the U.S. and Canada but also has an office in Belgrade, Serbia.

-----------------------
TECH GIANTS SAY THEY DID NOT DO YAHOO-STYLE EMAIL SPYING
(Computer World, dated 5th October 2016 author Michael Kan)

Full article [Option 1]:

www.computerworld.com/article/3127162/security/tech-giants-say-they-didnt-do-yahoo-style-email-spying.html

Reports of a secret Yahoo program to search through customers' incoming emails has spurred other tech companies to deny ever receiving a similar request from the U.S. government.

The program, first reported by Reuters, was created last year through a classified U.S. order, and involves Yahoo searching through hundreds of millions of user accounts at the behest of the National Security Agency or the FBI.

Other U.S. tech companies, including Google, Microsoft, Twitter and Facebook, denied doing anything like it. Most also said they would challenge such a request in court.

Privacy advocates said the government's enlisting Yahoo to assist in email monitoring would be wrong.

-----------------------
YAHOO MAY HAVE ALLOWED US GOVERNMENT TO SEARCH USER EMAILS
(Computer World, dated 4th October 2016 author Michael Kan)

Full article [Option 1]:

http://www.computerworld.com/article/3127617/security/yahoo-may-have-allowed-us-government-to-search-user-emails.html

Yahoo has reportedly searched through all of its users' incoming emails with a secret software program that's designed to ferret out information for U.S. government agencies.

The software program, which was created last year, has scanned hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, according to a Tuesday report from Reuters.

Yahoo reportedly created the program to comply with a U.S. classified government directive. It's unclear if the mass email-searching program is still in use.

"Yahoo is a law-abiding company and complies with the laws of the United States," the company said in a statement.

-----------------------
ANDROID MALWARE THAT CAN INFILTRATE CORPORATE NETWORKS IS SPREADING
(Computer World, dated 30th September 2016 author Michael Kan)

Full article [Option 1]:

www.computerworld.com/article/3126390/security/android-malware-that-can-infiltrate-corporate-networks-is-spreading.html

An Android malware is spreading across app stores, including Google Play, and has the capability of stealing sensitive files from corporate networks.

DressCode, a family of Android malware, has been found circulating in at least 3,000 Trojanized apps, security firm Trend Micro said on Friday.

DressCode hides itself inside games, user interface themes and phone optimization boosters. It can also be difficult to detect because the malicious coding only makes up a small portion of the overall app.

On Google Play, Trend Micro found more than 400 apps that are part of the DressCode family, it said. That's 10 times more than what security researchers at Check Point noticed a month ago.

-----------------------

NHS HEALTH APPS PROJECT PLAN : POWERED BY YOUR MEDICAL RECORDS
(The Register, dated 9th September 2016 author John Leyden)

Full article [Option 1]: www.theregister.co.uk/2016/09/09/nhs_health_apps_concerns/

UK health secretary Jeremy Hunt plans for NHS-approved health apps to play a role in patient records and healthcare have already spawned a rash of privacy concerns.

The NHS.UK site will have a new collection of NHS-approved health apps to guide patient choice. Data from health apps and wearable activity trackers such as Fitbits will feed directly into people's personal health records.

NHS England will approve a library of apps so people can have confidence in the technology that they are using to manage their healthcare, as explained in a Department of Heath statement. The decision last year to shelve the NHS' Apps Library amidst security and more general criticisms of the software on offer hardly inspires confidence on this front. Health ministers - unbowed by this set-back - are determined to prescribe more technology.

------------------------

(1st November 2016)


FAKE TRAIN TICKETS SOLD ON THE DARK WEB
(The Telegraph, dated 31st October 2016 author Lydia Willgress)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/10/31/fake-train-tickets-sold-on-dark-web-as-criminals-take-advantage/

Fake train tickets are increasingly being sold on the dark web as criminals take advantage of customers' anger over expensive travel, an investigation has found.

Tickets are being sold on the "hidden" part of the internet for a fraction of their original price by a self-styled "Robin Hood" group, who claim they are offering "an affordable public service".

Fares available include first-class and monthly tickets. The investigation, carried out by BBC South East, found some tickets, including a season ticket from Gatwick to the capital, were being advertised for a third of their retail price. Customers can use Bitcoin, a virtual currency, to buy them.

The investigation found that although the tickets do not have the correct metal strip that allows customers through barriers at stations, staff let users through anyway because the tickets appear genuine.

The group, who were not named in the investigation, told the BBC "no one should be ashamed of getting one over companies like Southern Rail".

"The train companies keep stuffing their pockets with public subsidies while treating the operation of rail services as an inconvenience," they said in a statement.

"We wish one day everyone will be able to use an affordable public service. Until then, we will be providing it."

A spokesman for the Rail Delivery Group, which represents train companies, said fare dodgers "deprive" the railway of around £200 million per year. People caught in possession of a forged ticket risk a "hefty fine" or even a prison sentence as it is a criminal offence, he added.

"Train companies work closely with the British Transport Police to combat and investigate fraud, and operators take a range of measures to make sure that customers are buying and using the correct tickets," he said.

Staff carry out regular inspections on trains and at stations, and automatic ticket barriers are installed in many stations.

"Sadly there will always be people who try to get away with not paying. The vast majority of passengers who do pay the correct fare don't feel they should subsidise those who choose not to pay."

It is understood that around 97 per cent of fares are put back into helping run and improve services, with around 3p from every £1 going to the train companies.

Det Insp Jeremy Banks, from British Transport Police's Cyber Crime Unit, said they were aware criminals were using the dark web to exploit rail firms.

"We take all reports of criminality seriously and our dedicated Cyber Crime Unit works closely with the rail industry as well as police forces nationally to investigate fraud and bring offenders before the courts," he added.

--------------------------

WHERE DOES THE RAIL TICKET FEES GO

(uaware, dated 31st October 2016, uaware Editor)

The UK probably has the most open rail network in the World. Has this liberalisation bought benefits, bearing in mind that no rail company directly competes with another over the same route ? Many passengers would say no, especially with the current Southern rail problems.

Many critics of the current franchise rail operation state that profits go to fat cat investors. In many cases this is true, but many of those "fat cats" are pension funds and those profits pay UK pensioners. You could say that those ticket fraudsters mentioned above will have some effect on pension investments. Conversely, much of those profits leave the UK and line the coffers of EU state railways !

The list below makes some attempt in describing who actually runs our trains. Note, I don't say who owns our trains, as these are leasing companies which are normally backed by banks.

Passenger Train Operating Companies

- ARRIVA TRAINS WALES

Parent Company : Deutsche Bahn AG (DB Regio)

- C2C ( Fenchurch Street to Shoebury)

Parent Company : National Express

- CHILTERN RAIL (Birmingham, Kidderminster, Oxford, Aylesbury, London)

Parent Company : Deutsche Bahn AG (DB Regio)

- CROSS COUNTRY (Journeys not connecting in London - Aberdeen, Manchester, Glasgow, Penzance, Bournemouth)

Parent Company : Deutsche Bahn AG (DB Regio) / Arriva

- EAST MIDLANDS TRAINS ( London St Pancras, Doncaster, Derby, Leeds, Worksop, Scarborough)

Parent Company : Stagecoach Group (Multinational, UK HQ)

- GREAT NORTHERN ( London Kings Cross / London Moorgate, Peterborough, Cambridge, Kings Lyn, London Suburbs)

Parent Company : Govia which is a joint venture between Koelis (French) and Go-ahead Group (Multi-national / UK HQ)

- THAMESLINK ( Brighton, London (City), Luton, Bedford)

Parent Company : Govia which is a joint venture between Koelis (French) and Go-ahead Group (Multi-national / UK HQ)

- GREAT WESTERN RAILWAY [Formerly First Great Western] (London, Bath, Bristol, Cardiff, Exeter, Penzance) both inter-city and rural.

Parent Company : First Group plc (Multi-national / UK HQ)

- ABELLIO SCOTRAIL (Scotish Cities, Highland, rural and suburban)

Parent Company : Dutch national rail operator Nederlandse Spoorwegen

- FIRST TRANS-PENNINE EXPRESS (Manchester, Liverpool, Glasgow, Newcastle, Hull)

Parent Company : First Group plc (Multi-national / UK HQ)

- GRAND CENTRAL ( London Kings Cross, Hull, Sunderland, Bradford)

Parent Company : Arriva Trains a subsidiary of Deutsche Bahn AG

- ABELLIO GREAT ANGLIA ( The majority of train services in the counties of Essex, Suffolk and Norfolk)

Parent Company : Dutch national rail operator Nederlandse Spoorwegen

- LONDON MIDLAND ( London Euston, Coventry, Stratford upon Avon, Birmingham, Liverpool)

Parent Company : Govia which is a joint venture between Koelis (French) and Go-ahead Group (Multi-national / UK HQ)

- MERSEY RAIL (Liverpool, Chester - suburbs and rural)

Parent Company : A joint venture between Serco (UK) and Abellio the international arm of the Dutch national rail operator Nederlandse Spoorwegen.

- NORTHERN RAIL ( Durham, Whitby, Scarborough, Hull, Blackpool, Manchester, Liverpool, Crewe, Lincoln, Sheffield)

Parent Company : A joint venture between Serco (UK) and Abellio the international arm of the Dutch national rail operator Nederlandse Spoorwegen.


- SOUTHERN ( London Victoria, London Bridge to Brighton, Hastings and other stations in West Kent, counties of Surrey and Sussex)

Parent Company : Govia which is a joint venture between Koelis (French) and Go-ahead Group (Multi-national / UK HQ)


- SOUTH EASTERN ( London Charing Cross / Victoria / Blackfriars / Cannon Street / London Bridge to Kent)

Parent Company : Govia which is a joint venture between Koelis (French) and Go-ahead Group (Multi-national / UK HQ)

- SOUTH WEST TRAINS ( London Waterloo, Portsmouth, Southampton, Exeter, Bristol, Reading, Rural and Suburban)

Parent Company : Stagecoach Group (Multinational, UK HQ)

- VIRGIN EAST COAST ( London (Kings Cross), Lincoln, Leeds, York, Edinburh, Aberdeen)

Parent Company : It is a joint venture between Stagecoach (90%), and Virgin Group (10%).

- VIRGIN WEST COAST( London Euston, Rugby, Birmingham, Manchester, Liverpool, Glasgow, Edinburgh)

Parent Company : West Coast Trains Limited joint venture Virgin Rail Group (UK) and Stagecoach (UK).


Parent Organisation

If you wanted to make a personal investment in a railway company you can via a broker. On the other hand if the train operator is a State (country) you can't. Remember, the UK pays rail companies subsidies, so the UK (British taxpayers) are, in simple terms, sending money to Germany.

Arriva - owned by Deutsche Bahn (German national railways)
Stagecoach - mainly owned by investment companies *
First Group - mainly owned by investment companies *
National Express - mainly owned by investment companies * (Subsidiaries operate in mainland EU)
Stagecoach - mainly owned by investment companies *

Source * - Morningstar (http://corporate.morningstar.com)
Morningstar, Inc. is a leading provider of independent investment research in North America, Europe, Australia, and Asia. They offer an extensive line of products and services for individual investors, financial advisors, asset managers, and retirement plan providers and sponsors.

Interesting note, the Government Pension Fund of Norway is a institutional investor in National Express !

(1st November 2016)


TERRORIST ALERT ISSUED OVER MACHINE GUN ON STREETS OF LONDON
(London Evening Standard, dated 31st November 2016 author Martin Bentham)

Full article [Option 1]:

www.standard.co.uk/news/crime/terrorist-alert-issued-over-machine-guns-on-the-streets-of-london-a3383346.html

Law enforcement chiefs today made an unprecedented appeal for the public to help police prevent terrorists from using machineguns and other illegal weapons to inflict "immeasurable harm" on Britain's streets.

The National Crime Agency and the country's most senior counter-terrorism officer, Met Assistant Commissioner Mark Rowley, said they were making the appeal because of rising concerns about the flow of weapons entering the UK.

They said the public could "save lives" by tipping off police about anyone who might own or have access to an illegal firearm and that it was "imperative" that weapons were found before they reached terrorists.

The new appeal, with the hashtag #GunsOffOurStreets, came as Mr Rowley and NCA director general Lynne Owens released figures showing that 884 firearms - including 62 found to have been used in a crime - have been seized by law enforcement officers in the past year.

The weapons included a Skorpion sub-machine pistol, an Uzi 9mm machine pistol, a Mac-10 machine pistol and an assault rifle. Around 128 suspects have also been arrested.

At least 9,000 rounds of ammunition have been seized over the past 18 months.

The Met has also reported a big leap in the number of shots fired in the capital this summer. A key fear is that weapons sought by organised crime gangs will be sold on to terrorists.

Urging the public to help police, Mr Rowley said that counter-terrorism officers in Britain had a "unique tactical advantage" over their overseas counterparts because of the "relatively low level of weapons, especially automatics" in circulation.

But he said that law enforcers could not be "complacent" and were now mounting "intensified counter-firearms operations" because of the growing danger posed by terrorists.

He added that "about half" the terrorist plots foiled by police involved extremists seeking to obtain guns and said that the risk of a Paris-style attack being attempted here meant that information from the public about illegal weapons could be vital.

"It is imperative that we intercept these firearms before they can do immeasurable harm to our communities," he said.

"Ultimately it is communities that defeat terrorism and our collective safety depends on everyone's efforts to report criminality and a possible firearms incident.

"Law enforcement, together with security and intelligence services, are working tirelessly to locate these weapons and confront the terrorist threat.

"We also need more help from the public and are appealing for people to come forward with information that will help keep communities safer from guns and prohibited weapons.

"Our message to the public is this: if you know anyone who may own or have access to an illegal firearm then please call Crimestoppers. Your call could help save lives. The current threat to the UK from international terrorism remains severe, meaning an attack is highly likely.

"Of the attack planning plots that we have disrupted since 2013, nearly half of these have involved a firearms angle to some degree."

NCA director general Ms Owens said that the families and friends of gang members or organised crime groups should also be ready to alert police and be aware that weapons could fall into terrorists' hands.

She added: "Suppressing the availability of illegal firearms in the UK has never been a more significant priority for law enforcement. Criminal networks, who think nothing about who they sell firearms to, present a significant route by which extremist groups will try to access the sort of weapons used in recent attacks in Europe.

"To stop weapons getting into the wrong hands we need intelligence about the firearms being used, both the supply and the access to them.

"Today's appeal is to raise awareness amongst the general public and also families, partners, friends and associates of criminal or gang members and make them consider the deadly consequences of keeping silent."

The new campaign follows a warning last month in the National Crime Agency's annual "strategic assessment" of threats facing Britain that the number of firearms offences rose last year for the first time since 2008.

The report said that weapons were "commonly sourced from eastern Europe and the Balkans" and often transported here via the Netherlands, Belgium and France.

Anyone who has information about illegally-held guns or ammunition should either contact the police or if you wish to remain anonymous call Crimestoppers on 0800 555 111.

(1st November 2016)


5,000 POLICE STRIP SEARCHES CARRIED OUT ON CHILDREN AS YOUNG AS 12 OVER JUST TWO YEARS
(International Business Times, dated 30th October 2016 author Matt Thomas)

Full article [Option 1]:

www.ibtimes.co.uk/5000-police-strip-searches-carried-out-children-young-12-over-just-two-years-1589001

According to figures released by 13 police forces in England and Wales, more than 5,000 children aged 17 or under have been strip-searched between 2013 and 2015.

Four thousand of these searches, normally aimed at discovering weapons or drugs, were carried out by London's Metropolitan Police - which described the ability to carry out strip searches as "a vital power".

Across subjects of all age groups, 113,000 searches that involved the removal of more than a suspect's outer clothing were undertaken.

The figures emerged as part of a Radio 5 Live investigation into policing practices, which asked all 45 UK police forces for strip-search information. Only 13 responded with figures.

Georgia Wood was taken into police custody and strip-searched when she was just 12 years old. She remembers being taken into custody in south Wales eight years ago by officers who suspected her mother of possessing drugs.

"They didn't explain to me until we got to the police station. And they literally just said 'this is what's going to happen and we're going to do it'," she told BBC Radio 5 Live Investigates.

"For someone to just be so horrible and demeaning, I just thought 'well, if I'm meant to respect my elders, aren't my elders meant to respect me'? And I really didn't feel respected in that situation."

Another young person subjected to a strip search was Marion - not her real name - who says she was handcuffed, pinned to the floor, and had all her clothes cut from her body by female officers at a London police station.

She says male officers stood at an open door while she was naked on the floor before she was later "paraded through the station" in just a paper suit.

She was 24 when she had been taken into custody while trying to help a young man she saw being arrested.

"I was pinned to the ground with three officers on me. It felt like there were more than that because they were grabbing me from all sides," she told 5 Live.

"They were also talking with male officers who were standing at the open door. They were chatting together about what implements to use on me, like leg restraints, scissors, things like that. They were saying things like, 'there's a good girl' which I found really humiliating.

"Once they had me completely naked they put me into a paper suit which didn't do up properly so my breasts were exposed and they paraded me like that through the station then dumped me on the floor of another cell."

She was subsequently found not guilty of obstruction and two charges of assaulting police officers.

The Metropolitan Police said two officers were dealt with under misconduct regulations for failure to maintain adequate records.

"The complainant appealed the Met's decision to the IPCC [Independent Police Complaints Commission]. This appeal is currently under consideration," it said.

The Met added that 5.1% of children arrested in 2015 were strip-searched compared to 12.2% of adults.

It said: "Strip-searching is a vital power in police custody to not only identify and seize evidence but also to ensure the safety and security of all detainees and staff.

"Each search must be based on an objective assessment of the need and proportionality to search the person to that extent. Legal safeguards are applied to ensure the welfare needs of the detainee are considered and met."

Labour MP Yvette Cooper, who chairs the Home Affairs Select Committee, described the figures as "very troubling".

"I think this is quite concerning because we know so little about why so many strip-searches are taking place," she said.

"It's really distressing for people and I think the thing about a strip-search is it is so intrusive, especially if you're talking about children or teenagers."

(1st November 2016)


TOP 5 CYBERTHREATS THAT EVERYBODY NEEDS TO BE AWARE OF
(International Business Times, dated 29th October 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/top-5-cyberthreats-that-everybody-needs-be-aware-1588897

Cyberspace has increasingly become a battleground for malicious entities intent on creating havoc. Whether it be scamming unsuspecting users, profiting by stealing sensitive user data or targeting big businesses and governments to ferret out classified information, cyberspace offers avenues for all this and more.

Cybercriminals have been leveraging various tools and creating new ones at alarming speed. However, the best way to stay safe is to arm yourself with knowledge about the various threats out in the wild, as in this case, knowledge truly is power.

IBTimes UK spoke to cybersecurity researchers, and experts from various law-enforcement agencies to find out more about serious threats and what one can do to keep safe.

Here are the top five cyberthreats that everyone should be on the lookout for:

1. Phishing campaigns

Phishing campaigns are one of the most common tools used by hackers seeking to surreptitiously steal user data and credentials. Phishing campaigns generally involve hackers sending out malware-laced emails purporting to be from legitimate businesses and/or sources, which then trick victims into divulging sensitive information such as usernames, passwords, card numbers and other credentials.

Of late, social media scam phishing campaigns have gained ground. Hackers have taken to posing as customer care accounts of legitimate businesses and brands on Twitter to hijack conversations of customers and deliver malware. According to Duo Security, it takes less than five minutes for cybercriminals to put together an effective phishing campaign and less than half an hour to gain access to data from a victim's system.

ESET malware researcher Robert Lipovsky told IBTimes UK, "There are a great number of techniques to achieve that (and a persistent actor would choose the best way of getting in after doing reconnaissance on the target), such as spear-phishing, drive-by-downloads using exploits, watering hole attacks, manual installation with physical access, and so on. Interestingly, spear-phishing is one of the most commonly used techniques, because it is simple and effective: when the attacker knows their target, they will send them a malware-carrying email with a topic of interest to the recipient so that they're very likely to open it without a second thought, or even something they might be expecting to receive."

It is essential that users proceed with caution when opening emails that appear to come with suspicious subject lines. Emails that advertise too-good-to-be-true deals or claim to need "urgent" attention are some of the commonly used subject lines by hackers in the past. Additionally, when approaching customer support on social media, it is advisable that users contact verified accounts and closely check for any minor spelling differences from main accounts to customer support accounts.

2. Malware

Malware is a malicious code designed to infect a victim's system and render it damaged. In recent years malware has progressed to have gained the ability to infect almost any device. Among the various kinds of malware are banking malware, mobile malware, specifically Android malware, which recently has become a potent tool in posing as fake apps infecting phones, spyware and ransomware.

There are various anti-malware security software available, which can be installed on both PC and mobile phones. Additionally, users are also advised to be wary of suspicious apps, and programs. It is best not to download any program or app from an unfamiliar or untrusted source.

3. Ransomware

Ransomware has quickly become one of the deadliest and most effective tools used by hackers to steal credentials and/or make a quick buck. This is a type of malware, which after infecting a target's system, encrypts all data and locks out the user from accessing anything within. Ransomware authors generally demand ransom in the form of bitcoins, in exchange for releasing the victim's data.

Some of the most common strains of ransomware in the wild are Locky, CryptXXX, TeslaCrypt, KeRanger and CryptoLocker, among others.

Since decryption is often tricky, ransomware attacks have become extremely popular among cybercriminals. Carbon Black co-founder and chief security strategist Ben Johnson told IBTimes UK, "Ransomware attackers do not need to be sophisticated, in fact, it's fairly simple to buy ransomware and kick-off a campaign. Ransomware's rise in popularity parallels the development of fileless attack methods that traditional antivirus (AV) simply cannot stop. Cyber criminals are quick learners and eager to make fast money. Whether extorting $300 per user from a small business or $30 million from a multinational enterprise, the level of effort is often similar.

"A few of the more successful ransomware campaigns include Cryptolocker, Teslacrypt, CryptoWall, Locky, KeRanger, CryptXXX and PowerWare."

Former FBI national security executive Bob Anderson, who now serves as MD at cybersecurity firm Navigant Consultants told IBTimes UK, "This is very lucrative in the criminal cyberspace. Hackers attack thousands of people around the world instantly for historically low ransoms. They get away before law enforcement has been called. They then move on to the next victim or entity.

"Russian organised crime and other nation states have utilised ransomware attacks. For the most part it is organised and very sophisticated. Currently in the US, the hospital and health care industries are targeted regularly."

4. Cyberespionage

In the run-up to the highly anticipated US presidential elections, talk of cyberespionage has moved from the infosec community to the streets. Although this has been an effective means by which to spy on corporations and/or governments, only recently has the public become aware about cyberspying.

Johnson said, "Cyber is the new face of espionage. State-sponsored actors have increasingly invested energy and money into cyber attacks and intel gathering. Previously, espionage utilised undercover agents trying to recruit moles or cracking safes to steal sensitive information. While I'm sure that still occurs on some level, the game has certainly shifted to cyber espionage. As we've seen with recent major hacks against political and government organisations, this level of espionage is certainly paying dividends for attackers."

Anderson added, "In today's world, cyber espionage is everything! Adversaries 10 years ago had to physically penetrate the company or Agency. In today's world they can do it remotely and obtain far more access to the victim's IT."

Lipovsky said, "Perhaps the most common way for an intruder to get inside of their target's computer network and spy on them (by stealing files, logging keystrokes, capturing screenshots, and so on) is by using malware. In suspected state-sponsored cyberespionage attacks, we often see malware that is custom-built and state-of-the-art, which indicates that significant amount of resources have been put into the operation. But that is not the only type that we see. There is a lot of espionage malware that can achieve the same goals, that is either offered for sale on the black market, or even freely available. Another possibility is not to use outright malware but to abuse legitimate software for remote control. While that may generally be easier to detect, if the attackers do succeed, it is even more difficult to fingerprint than a 'limited use' malware family and attribute it to a threat actor."

5. DDoS attacks

In light of the recent massive DDoS attack that nearly shut down internet services in the US, public awareness of this type of cybercrime has become vitally important. Distributed Denial of Service attacks occur when multiple systems flood the bandwidth of servers with unprecedented traffic, effectively taking them offline.

Cybercriminals have now begun leveraging unsecured IoT (Internet of Things) devices to create botnet armies of compromised devices to launch DDoS attacks.

Jay Kaplan, former NSA analyst and CEO of security firm Synack, told IBTimes UK, "DDoS attacks are one of the oldest tricks in the book, but they continue to be a very real threat - especially as of late - with hackers targeting the latest exposed vulnerabilities in the IoT space, like poorly crafted passwords.

"Cybercriminals do not need much technical proficiency to launch a DDoS attack, and the scale of these attacks is rapidly increasing. While sophisticated hacking groups no doubt utilize DDoS as one "tool in the toolkit," a record-breaking attack like seen with Dyn last week is believed to be the work of amateur hackers. Even further, individuals with no technical/hacking proficiency can hire DDoS-as-a-service companies if there's enough motivation."

Johnson added, "IoT devices are often created and marketed to make consumers' lives easier. The unfortunate reality is that security is often an afterthought during the production cycle. The focus is on creating an easy-to-use, marketable product. Security comes after the fact, if at all. IoT botnets are designed to target the low-hanging fruit when it comes to vulnerabilities in IoT devices. If the botnets continue to work, attackers will continue to use them.

"With DDoS attacks, 'protection' is all about increasing bandwidth so that an overflow of traffic doesn't cripple the infrastructure. In that regard, there's very little any single business or user can do other than to lean on internet provides to put the proper security controls and hygiene in place. When it comes to IoT devices and home computers, though, individuals can make sure the software being used on baby cameras, thermostats, etc. are always patched. You should always be using the latest software version provided by the manufacturing company. This way, when a botnet targets a known vulnerability, your specific device is not contributing to the traffic overflow. The onus of responsibility, though, is on IoT manufacturers to think security first."

(1st November 2016)



LONDONERS SHOULD BE SENT WARNINGS ABOUT TERROR ATTACKS STRAIGHT TO THEIR MOBILE PHONES
(London Evening Standard, dated 28th October 2016 author Justin Davenport)

Full article [Option 1]:

www.standard.co.uk/news/london/londoners-should-be-sent-warnings-about-terror-attacks-straight-to-their-mobile-phones-a3380901.html

A ring of mobile security barriers should protect Government buildings from a Nice-style terrorist lorry attack, a major report says today.

The capital should also trial a new public alert system to inform Londoners of a fast moving terror incident with messages to their mobile phones.

The recommendations are contained in a wide-ranging review of security in the capital ordered by Mayor Sadiq Khan following the Bastille Day lorry attack in France which 84 people were killed.

The terror preparedness review by Lord Toby Harris of Haringey puts forward a total of 127 recommendations for the Mayor, the Government and other agencies.

The report outlines how a marauding terrorist firearms attack is now considered the most significant terrorist threat to the UK and Europe.

While London is a natural target with 50 out of 73 of the highest risk crowded places across the UK, the consequences of a terrorist atrocity in London similar to the Paris massacres in November 2015 could be more than £1 billion.

The study says that around 850 UK nationals have travelled to join Islamic State in Syria, around half of whom have returned and represent a "real threat."

Lord Harris said : "The quality and effectiveness of the work done by the intelligence services and the counter-terrorist police is amongst the best in the world, and if London were subject to a terrorist attack today, our emergency services response would be substantially faster than five years ago.

"Nevertheless, a serious terrorist attack remains highly possible and we cannot be complacent.

"London needs to become a city where security and resilience is designed in and is part of the city's fabric, and where everyone who lives and works here sees security and resilience as their responsibility just as much as it is for the emergency services and civic authorities."

Mayor Sadiq Khan said: "Lord Harris's many recommendations deserve careful consideration and exploration over the coming months so we can take steps to ensure we are as prepared as possible."

The report makes a series of recommendations to tighten security which include:

- Mobile temporary barriers and security bollards to protect the central London Government area against a Nice-style attack.


- More affordable housing for specialist emergency services workers in the capital.


- A change in protocols to allow Mayor to attend Cabinet Office COBR meetings and have a greater defined role in the event of a terror attack.


- The Met should merge with the City of London force and take over policing the London Underground.


- All schools in London should have evacuation plans in place for a terror attack and appoint a governor responsible for security.


The report also calls for a full review of security at City Airport after the Black Lives Matter protest group breached the airport perimeter last month.

In a controversial recommendation Lord Harris also urges the Government to consider merging the Met and the City of London police force saying the City's fraud role could go to the National Crime Agency.

Lord Harris also said the mobile barriers should be available for specific events in central London involving large crowds.

He said there a number of central London locations which needed permanent "pop up" barriers.

The City of London police dismissed the review saying it was outside the remit of the report to consider the merger.

He also says the Met should take over policing of the London Underground from the British Transport Police to improve the response to incidents.

The report outlines details of the Met's response to a marauding firearms attack saying it would trigger a plan codenamed Operation Plato.

A 24-hour immediate response team of highly trained Counter-Terrorism Specialist Firearms Officers would be deployed to an onslaught by air, car or by motorcycle.

Lord Harris says the Met should review the number motorcycles for armed officers to speed up the response to incidents. He also urges the force to increase the number of Taser equipped officers.

An attack as serious as the Paris massacre would result in soldiers being deployed on the streets and the report says military leaders are now routinely involved in counter terrorism planning in London.

The report states: "When needed, the military would deploy under Operation Temperer which would see potentially hundreds of troops deployed to backfill armed police roles, or deployed alongside British Transport Police, to increase the operational capacity and capability of specialist counter-terrorism and armed policing."

Lord Harris also proposes tighter controls on boats using the River Thames while the Mayor should review security on the river amid the possibility of a water born firearms attack.

The report also raises concerns that a proposed new communications system for the emergency services may not work effectively underground.

It also urges that cuts to the number of health personnel trained in dealing with Chemical, Biological, Radiological and Nuclear attacks should be reversed

(1st November 2016)


THREAT OF COMPLEX MOBILE MALWARE IS ON THE RISE WARNS EUROPOL
(International Business Times, dated 27th October 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/threat-complex-mobile-malware-rise-warns-europol-1588558#

Europol said it had enlisted the help of 22 EU member states, three non-EU countries, two EU agencies and "numerous public and private partners" to speak out about the dangers of sophisticated malware that can attack smartphones and tablets.

"Law enforcement and our industry partners continue to report the proliferation of mobile malware, which is now as complex as PC malware," said Rob Wainwright, director of Europol, in a statement, adding that if users start to report mobile cyberattacks it will help to combat the threat.

He continued: "We need to send an awareness message to citizens and business, and this global campaign is the first step to create a common alliance between public and private sectors within the EU and beyond".

In the agency's latest 'Internet Organised Crime Threat Assessment', released this year, mobile malware featured in law enforcement investigations across 14 European countries. Europol said this is a "clear indication" that this form of attack is finally being taken seriously in criminal probes.

"As mobile devices increasingly operate less as simple phones and more as mobile computers, the nature and complexity of malware attacking mobile devices and the methods of infecting those devices are beginning to more closely mirror those of 'conventional' desktop malware," the report found.

While most of the headline-grabbing hacks largely revolve around alleged nation state cybercrime activity - from the WikiLeaks disclosures to the infiltration of the World Anti-Doping Agency (Wada) - the general public is more likely to be hit with financial fraud attacks, malvertising or phishing.

There have been a number of notable pieces of mobile malware exposed by security researchers in recent years. One major strain, dubbed Pegasus, was a form of spyware that could turn on the devices' camera, intercept text messages and alter existing applications.

Meanwhile, a different strain called YiSpecter was uncovered by Palo Alto Networks in 2015 that specifically targeted non-jailbroken iOS devices. It could launch apps, replace existing apps, display adware and upload device information straight to the hacker's command and control server.

According to mobile cybersecurity firm Lookout, the developers of malicious software will "always find creative ways" to infect devices to steal sensitive data. In a blog post, it advised users to only download applications from official app stores, be aware of the signs of phishing scams and keep all mobile devices up-to-date with the latest security upgrades.

uaware Further information

Europol originating article :

https://www.europol.europa.eu/content/malware-has-gone-mobile-stopthinkconnect-keep-cybercriminals-out-your-mobile-device

(1st November 2016)


CITY HALL TO LAUNCH ONLINE "LIVE CHAT" SERVICE SO CRIME VICTIMS DON'T SUFFER IN SILENCE
(London Evening Standard, dated 27th October 2016 author Pippa Crerar)

Full article [Option 1]:

www.standard.co.uk/news/mayor/city-hall-to-launch-online-live-chat-service-policing-chief-sophie-linden-reveals-a3379986.html

Note : This is an extract from that published as the remainder of the article covered other subjects

London's deputy mayor for policing today pledged that victims of crime would not be left to "suffer in silence" as she announced plans for an online "live chat" to provide extra support.

Sophie Linden, 46, a former Hackney councillor and aide to David Blunkett at the Home Office, said the free and anonymous service - the first of its kind in Britain - would target those who found it difficult to get help over the phone or face-to-face.

Mayor Sadiq Khan has vowed to put victims at the heart of his policing plans and his number two said the "live chat" facility, which starts today, would play a key role in tackling the "devastating" impacts of crime.

From Victim Support Homepage (uaware addition)

Live chat is currently available for people affected by crime in London, England only.

When you're ready to talk to one of our trained supporters, use the 'chat now' button at the bottom right of the screen to start. You'll need to be using an up-to-date internet browser to use live chat.

Live chat is available from 12 noon to 7.30pm Monday to Friday within London only. If the service is offline or busy, or if you are outside of London, you can:

- Find support near you : https://www.victimsupport.org.uk/help-and-support/get-help/support-near-you

- If you're under 18, find out what support is available on our You & Co site :

https://www.youandco.org.uk/support-next-steps/support-available

- Request support online :

https://www.victimsupport.org.uk/help-and-support/get-help/request-support

- Ring us on freephone 0808 178 5184

- Online chat (Open Monday to Friday 12pm to 7.30pm)

https://www.victimsupport.org.uk/livechatlondon

(1st November 2016)


BLACK PEOPLE SIX TIMES MORE LIKELY THAT WHITES TO BE STOPPED AND SEARCHED
(London Evening Standard, dated 27th October 2016 author Jamie Bullen)

Full article [Option 1]:

www.standard.co.uk/news/crime/black-people-six-times-more-likely-than-whites-to-be-stopped-and-searched-a3380736.html

Black people are over six times more likely than whites to be stopped and searched by police, new figures reveal.

Overall use of the controversial powers reduced by more than a quarter across all ethnicities but stops of white people fell more sharply.

Official figures showed those from black and minority ethnic (BME) groups were three times as likely to be stopped and searched as those who are white in 2015/16.

Black people were over six times more likely to be stopped.

Home Secretary Amber Rudd branded the statistics "unacceptable" but added stop and search powers remained "vital" in the fight against crime.

The findings emerged as new standards and training for officers using the tactic will be rolled out.

A Home Office report said the difference between BME and white groups narrowed to twice as likely between the years ending in March 2011 and 2015 but has risen again in the latest year.

It went on: "A similar story has been seen for the black group, which fell from over six times more likely to just over four times more likely between the years ending March 31 2011 and 2015, before rising again to over six times more likely in the year ending March 31 2016."

Labour MP Yvette Cooper, chairwoman of the Commons Home Affairs Committee, said the figures raise "important questions" for the police and the Home Office.

Shadow home secretary Diane Abbott said: "The decline in stop and search clearly shows there is some effort to use these police powers more reasonably. But there are clear signs that some communities are being disproportionately targeted.

"The overwhelming majority of all searches result in no further action."

Officers can stop and search people if they have "reasonable grounds" to suspect they are carrying items such as drugs, weapons or stolen property.

Figures showed that 16% of stops led to an arrest, up 2 percentage points from 14% in the previous year.

Home Secretary Amber Rudd said: "The Government is clear that the power of stop and search, when used correctly, is vital in the fight against crime.

"However, when it is misused, stop and search is counter-productive, wastes police time and can have a hugely damaging effect on community confidence.

"While today's statistics show that our stop and search reforms are working, with a continuing fall in the overall number of stops and the highest ever recorded arrest rate, it is completely unacceptable that you are six times more likely to be stopped and searched if you are black than if you are white.

"I am clear that in a Britain that works for everyone, no one should be stopped on the basis of their race or ethnicity."

Further information (uaware)


NEW STOP AND SEARCH TRAINING AND GUIDANCE FOR POLICE
(College for Policing, dated 27th October 2017)

Full article : www.college.police.uk/News/College-news/Pages/Stop-and-search-APP.aspx

Police officers across England and Wales will receive new training and guidance on the use of stop and search.

The training and guidance will give officers confidence to use their powers legally, fairly, professionally and transparently and help them recognise the potential for unconscious bias.

For the first time, evidence-based standards for training and police practice on stop and search will be set nationally. They will focus on the law, how to decide when to stop and search and how officers handle encounters as part of their continuing professional development.

To create the training the College of Policing undertook the first ever randomised controlled trial on stop and search and involved more than 1,300 officers across six police forces.

The training and guidance will help officers to recognise and challenge unconscious bias in stop and search. Unconscious bias affects everybody's decision-making. It happens when we make quick decisions in ambiguous situations that, without us realising, disadvantage particular groups of people. Our biases are influenced by our background, culture and personal experiences.

Equality and Human Rights Commission involvement

CEO at the Equality and Human Rights Commission, Rebecca Hilsenrath said: "Stop and search must be lawful, non-arbitrary, non-discriminatory and based on reasonable suspicion. This is why we commissioned the College of Policing to develop a comprehensive stop and search training programme to help ensure officers meet these obligations.

"We worked closely with the College to develop and design the training to help police officers understand the importance of applying the rules fairly when stopping members of the public. Doing so is vital in building and maintaining trust between the police and the communities they serve, and increasing public confidence in the police."

(1st November 2016)


GRADUATE RECRUITMENT SITE EXPOSED 50,000 CVs SENT TO VIRGIN MEDIA UK
(The Register, dated 25th October 2016 author Darren Pauli)

Full articl [Option 1]:

www.theregister.co.uk/2016/10/25/virgin_media_uk_site_exposed_50000_resumes/

Virgin Media has shuttered a kindergarten-grade bug in a third party website that exposed up to 50,000 résumés it's received over the years, complete with names, street and email addresses of applicants.

The vulnerability was due to entirely absent access controls on a public server to which applicants were directed to upload their résumés.

British student hacker Alikhan Uzakov (@alikhan_uzakov) found he was able to peruse the entire directory without restraint or being challenged to log in.

"About 30,000 to 50,000 applications, past and present, were accessible," Uzakov says in a blog.

"Personal information including telephone numbers, emails, where someone lives, and other details were out there in the open: my personal information was exposed as well.

"The problem is patched now but had I been someone with malicious intentions, I could have done a lot more and might not have reported it at all."

Uzakov phoned Virgin Media's London Hammersmith office to report the flaw and "walked" a security engineer through resolving the mind-bending bug.

He says Virgin Media would not comment on the vulnerability nor award him a bug bounty or name recognition for the bug.

The graduate recruitment site has been fixed and is back online.

(1st November 2016)


UK BANKS ALLEGEDLY STOCKPILING BITCOIN TO PAY OFF CYBERCRIME EXTORTION
(International Business Times, dated 24th October 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/uk-banks-allegedly-stockpiling-bitcoin-pay-off-cybercrime-extortion-threats-1587974#

As cybercrime tools become cheaper and easier to use, financial institutions in the UK are reportedly stockpiling reserves of cryptocurrency that can be used to pay off criminals who threaten to disrupt key computer networks.

Some major banks now take the position it is more effective to agree to the extortion demands of cybercriminals rather than risk a full-blown cyberattack, according to Dr Simon Moores, chairman of the e-Crime Congress and former technology ambassador for the UK government.

"Financial institutions are now exploring the need to maintain stocks of bitcoin in the unfortunate event that they themselves become the target of a high-intensity attack," he told The Guardian, adding: "The police will concede that they don't have the resources available to deal with this because of the significant growth in the number of attacks."

One of the most recent incidents was a distributed-denial-of-service (DDoS) attack against the US-based DNS provider Dyn.

The subsequent outage - since blamed on the notorious Mirai botnet - took out a slew of websites including Twitter, Reddit, Netflix, PayPal and Amazon Web Services (AWS).

The botnet, which infects Internet of Things (IoT) devices such as home internet routers and CCTV cameras, was exploited by an unknown cybercriminal to send waves of traffic towards the Dyn website servers, which hosted these major sites, and used to force the platform offline.

The same DDoS tactic - deployed on an unprecedented scale last month - was used to target security researcher and journalist Brian Krebs. Later, the source code for the malware was published online and has since been used as a basis for extortion demands.

On such threat, as published on the Web Hosting Talk forum, warned: "If you will not pay in time, DDoS attack will start, your web-services will go down permanently. After that, price to stop will be increased to 5 BTC with further increment of 5 BTC for every day of attack."

The weaponisation of hacking tools

This evolution, according to Moores, is the "weaponisation" of [hacking] tools. He said: "Big companies are now starting to worry that an attack is no longer an information security issue, it's a board and shareholder and customer confidence issue."

In 2016, the size of DDoS attacks in the wild have spiked - now reaching well over 600 gigabits of data a second being directed at a victims' server. Moores predicts the situation is getting out of control. "Once it goes above a terabit, that wipes out any protection," he said. "No current protection systems can deal with that sort of flood."

Alongside an alarming rise in ransomware attacks, the introduction of botnets enhanced by IoT devices - many of which remain easy to hack - now appears to be of major concern to financial institutions, all of which rely on online infrastructure to operate effectively.

Back in August, Marcin Kleczynski, chief executive of cybersecurity firm Malwarebytes, also said UK banks were hoarding Bitcoin as a method of paying extortion attempts. "I talked to a couple of banks and they say they have 50-100 bitcoin ready at all times in a wallet to deploy if a ransomware attack hits," he told Business Insider.

(1st November 2016)


POLICE IN US SELLING CONFISCATED WEAPONS TO RAISE CASH
(The Telegraph, dated 23rd October 2016 author David Millward)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/10/23/police-in-us-selling-confiscated-weapons-to-raise-cash/

Police departments across the United States have been selling confiscated weapons to raise money, it has emerged.

At least 16 states have authorised or, in many cases, compelled police to auction firearms they have seized rather than destroy them.

The states include Connecticut where 28 people, including the gunman Adam Lanza, were killed at the Sandy Hook elementary school in December 2012.

While many oppose the policy, the sales are supported by the National Rifle Association which has said destruction of the weapons would be wasteful.

The sales have been taking place despite fears among some officers that the weapons could end up back on the streets in the hands of criminals.

In January last year Raymond Kmetz, 68, who was banned from owning guns, used a straw buyer to get his hands on a weapon which had been sold off by the police in Duluth, Minnesota.

He wounded two officers before being shot and killed. Two more guns were discovered in his car - they too had originally been sold off by the Duluth police department.

A Las Vegas court security officer was killed by a man who stormed into the building using a gun which had been previously sold by the Memphis Tennessee area sheriff's office.A number of senior officers have made little secret of their opposition to the policy, including Fred Fletcher, the police chief in Chattanooga, Tennessee where last year there were more than 100 recorded shootings.

He has stopped selling guns. "My feelings are very strong. Chattanooga police officers place themselves at great risk every day to take guns off the street which threaten our community," he said.

"This will contribute to an environment in which these brave men and women will have to face these same weapons again."

Seattle has now banned the sale of confiscated guns. Other cities including Chicago, which could make $2 million a year selling weapons, New York and Los Angeles destroy them.

However, David Davis, the sheriff of Bibb County in Georgia, said he was obliged to comply with the law and a sale a couple of months ago raised $18,000.

"Before that we used to crush them. We had accumulated so many guns we had no space for them," he said.

"There is a risk they could fall into the hands of someone who would do something wrong with them and some of my colleagues have reservations.

"We use a contractor and people are thoroughly checked. If people are really intent they will get one whether they steal it from a gun or a car.

"My position is the law requires it and it does raise a substantial amount of money for our outreach and crime prevention programme."

Police anxiety at the gun sales is shared by senators such as Chris Murphy from Connecticut.

"Senator Murphy is working hard in Congress to take simple steps to keep guns away from dangerous people and drastically reduce rates of gun violence," his spokesman said.

"By closing the loopholes in the background check system and cracking down on straw purchasers and gun trafficking, policymakers can stop the flow of guns flooding our streets and prevent guns from being used in crimes in the first place.

"Police departments shouldn't be compelled to sell guns already used in crimes to raise revenue."

The stance of the NRA, which declined to speak to the Telegraph, has been condemned by anti gun groups.

Accusing the NRA of hypocrisy Christian Heyne, Legislative Director, Coalition to Stop Gun Violence, said it opposed the group of opposing policies which would keep weapons out of dangerous hands.

"We applaud police departments for doing what politicians will not, standing up to the dangerous policies of the corporate gun lobby."

The Violence Policy Centre added: "Guns seized by law enforcement should be destroyed, not resold, which places both the police and public at risk."

-----------------------

UAWARE BACKGROUND INFORMATION

Being "devils advocate", does it really matter if there is another gun dealer (the police) selling guns in the USA ? Cynically you could say that re-cycling "second hand" guns will deflate the new gun market and make it less profitable for new ones to be produced. In addition, the police could become more proactive with the additional funds from their sales.

How many gun dealers in the USA

It depends on what you define as a gun dealer. Some articles define a dealer as someone or an organisation whose sole operation is selling / trading in firearms. Whilst others, including the ATF (the licensing body) consider anyone who sells / trades firearms as being a gun dealer. This includes supermarkets (ie. Walmart, Pawn shops, sporting goods shops etc).

There were more than 139,000 FFLs in fiscal year 2015. This includes firearm licenses for dealers, manufacturers, importers, and collectors. During that time, ATF conducted 8,696 firearms compliance inspections. Source : Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) :

www.atf.gov/resource-center/fact-sheet/fact-sheet-federal-firearms-compliance-inspections-and-revocation-process

Other articles try to define an actual number, stating that the ATF figures don't just included full time gun dealers, but individuals who make an occassional sale to clear part of their collection for example. So using their information the "real" figure is nearer to 58,000.

Source : Politifact.com

Article : www.politifact.com/georgia/statements/2013/feb/11/markel-hutchins/are-there-more-places-buy-gun-big-mac/


How many guns are there in the USA ?

In short, they don't know.

From a Guardian newspaper article from October 2015 (https://www.theguardian.com/us-news/2015/oct/27/how-many-guns-are-in-america-state-secrecy-means-no-one-knows) :

"The best available data comes from a private survey by the University of Chicago, not the federal government, and that is still an estimate, finding that 79 million US households have guns. Other surveys have estimated there are between 270 and 310m guns."

But using some figures from The Independent (October 2015 : www.independent.co.uk/news/world/americas/gun-owners-now-have-eight-weapons-on-average-double-what-it-used-to-be-a6703751.html) where it is quoted that each gun owning households now own 8.1 guns each ; the previously quoted estimate is considerably outstripped to 640m guns.

Sadly, whatever way you look at it; be it 58,000 or 139,000 gun dealers. Will the police recycling comparatively a few guns make much difference ?

Definition of an FFL

A Federal Firearms License (FFL) is a license in the United States that enables an individual or a company to engage in a business pertaining to the manufacture or importation of firearms and ammunition, or the interstate and intrastate sale of firearms. Holding an FFL to engage in certain such activities has been a legal requirement within the United States since the enactment of the Gun Control Act of 1968.

See Wikipeadia: https://en.wikipedia.org/wiki/Federal_Firearms_License

(1st November 2016)


DETECTIVES SENT INTO COMMUNITIES TO PROTECT CHILDREN FROM PREDATORS
(London Evening Standard, dated 21st October 2016 author Martin Bentham)

Full article [Option 1]:

www.standard.co.uk/news/crime/detectives-sent-into-communities-to-protect-children-from-predators-a3375306.html

Hundreds of specialist detectives are to be posted to front-line local policing roles to protect children from "sexual predators" in an overhaul of the way the Met tackles the threat of sex abuse, violence and radicalisation.

Scotland Yard said it would also be beefing up action to stop young Londoners being lured into gangs as it warned of "new and frightening " dangers fuelled by online pornography and extremist propaganda.

The reforms form part of a new blueprint for fighting crime in the capital which also involves significant changes to police efforts to combat rape and offences against "vulnerable" adults.

They came as the force issued a raft of statistics highlighting the threat to the capital's children. The figures show that:

There are about 1,500 children in London identified as being at risk of sexual exploitation.

Another 8,100 "very young" children are on protection plans because of the risk of violence or abuse.

A "staggering" 400 cases a month of a person viewing child porn are being uncovered, with the numbers so great that officers can only pursue offenders posing a direct threat.

Nearly 6,000 sex offenders are being monitored in the community.

More than 17,000 child sex abuse investigations were launched by the Met last year.

Unveiling the new police approach today, Met Assistant Commissioner Martin Hewitt said the attacks by Jimmy Savile and other sex abuse scandals demonstrated the scale of the potential danger to children.

He added: "Child protection is an incredibly complex task in a modern world with numerous threats to children - being drawn into gangs… their smartphone with all the temptations of pornographic and violent content… being groomed for sexual exploitation and abuse by predators… [and] grooming by terrorists who want to lure them into radicalisation and violence.

"It's a new and a frightening landscape. Despite all we do at present to protect against these threats, we must do more."

Mr Hewitt said the response would include shifting hundreds of specialist detectives to local policing teams. There would also be more officers working in schools.

The aim was to create a new "safeguarding service embedded in local policing" which will focus on "protecting vulnerable people, adults as well as children, from violence, abuse, sexual offending and radicalisation."

(1st November 2016)


ATTACK US AND YOU ARE BASICALLY ATTACKING AMERICA, SAYS UK DEFENCE SECRETARY
(The Register, dated 21st October 2016 author Gareth Corfield)

Full article [Option 1]:

www.theregister.co.uk/2016/10/21/britain_investing_cyber_warfare_offensive_capability/

Britain is splurging £265m on military cyber security - and that includes offensive capabilities, according to Defence Secretary Sir Michael Fallon.

Speaking at the Royal United Services Institute yesterday, Sir Michael said the investment into the Cyber Vulnerability Investigations programme would "help us protect against these threats".

"The average cost of the most severe online security breaches for bigger companies starts at almost £1.5m, up £600,000 from 2014," said Sir Michael, adding: "It's only a matter of time before we have to deal with a major attack on UK interests."

So far Britain has managed to avoid the sort of targeted large-scale hacks that have seen big US tech companies such as Yahoo! see 500 million user accounts compromised, or the Target hack which saw millions of credit card and debit card details as well as names and addresses leaked into the hands of cyber-criminals.

It seems, from Sir Michael's speech, that Blighty is gearing up to proactively attack any cyber-villains with designs on British internet infrastructure.

Lauding various government security initiatives, including the National Cyber Security Centre in Victoria, London, the Defence Secretary said: "This cannot just be about our defence. It must be about our offence too. It is important that our adversaries know there is a price to pay if they use cyber weapons against us, and that we have the capability to project power in cyberspace as elsewhere."

Given that most large-scale hacks tend to be backed by states such as China and Russia, it seems that Sir Michael's speech is a public shot across their bows, warning them not to target Blighty - while simultaneously urging NATO to treat the Article 5 collective defence provisions as applying to cyberspace.

Originally, Article 5 of the Washington Treaty, which founded NATO, was intended to ensure that any westward expansion of the Soviet Union would trigger World War Three by dragging Britain and America in, thereby keeping the Soviets and the Eastern Bloc's expansionist aims firmly under control.

It is unlikely that many countries would take Article 5 seriously in the context of cyberspace, given that many NATO member states effectively ignore the treaty requirement for them to spend two per cent of GDP on military spending.

(1st November 2016)


VIOLENT CRIME IN ENGLAND AND WALES IS UP 24%, POLICE FIGURES SHOW
(The Guardian, dated 20th October 2016 author Alan Travis)

Full article [Option 1]:

www.theguardian.com/uk-news/2016/oct/20/violent-crime-in-england-and-wales-rises-police-figures

Violent crime in England and Wales has risen by 24%, including a 9% rise in knife crime and a 7% rise in gun crime in the 12 months to June, according to police recorded crime figures.

The number of murders in England and Wales also jumped 20% to 681, a rise of 144 - the highest level for more than five years. The murder rate includes the 96 killed at Hillsborough in 1989 following the conclusion of the official inquests.

Police figures also show that the number of reported rapes and other sexual offences rose by 14%, reflecting a slowing of the recent increase in reporting rates for these types of crime.

The Office for National Statistics (ONS) said the 24% rise in violent crime was largely due to improvements in recording practices and increased coverage but did include "a small but genuine increase in some categories of violent crime".

But the overall crime rate remained broadly flat as measured by the Crime Survey of England and Wales, which estimated that there were 6.5m crime incidents in the 12 months to June - a fall of 1% compared to the previous year.

The ONS also published its second ever estimate of online crime, which it put at 5.6m fraud and computer misuse offences, confirming its high volume on a level comparable with offline crime. The two sets of figures will be merged into the overall headline figure in January.

John Flatley of the ONS said: "Violent crime covers a wide spectrum from minor assaults, harassment and abuse that result in no physical harm to the victim through to incidents of wounding and murder.

"The latest figures present a complex picture, with the crime survey for England and Wales estimating similar levels of violent crime to that seen in recent years, but the number of offences recorded by the police increasing.

"We think the rise in the police figures is due to a combination of factors. First, the expansion of the police series to cover new harassment offences. Second, a greater proportion of incidents reported to the police being recorded as crimes. At the same time, the crime survey has shown a greater proportion of victims of violent crime reporting to the police. Finally, it appears there has been a small but genuine increase in some categories of violent crime."

(1st November 2016)


HIGH STREET BANKS SECURITY FLAWS ARE LEAVING CUSTOMERS VULNERABLE TO ONLINE FRAUD
(Daily Mail, dated 20th October 2016 author Sean Poulter)

Full article [Option 1]:

www.dailymail.co.uk/news/article-3853678/High-street-banks-security-flaws-leaving-customers-vulnerable-online-fraud-hitting-pocket.html

High Street banks are opening the door to fraudsters by failing to adopt effective security around online banking, it was claimed last night.

The criticism comes from Which? amid a 64 per cent increase in online banking fraud last year, taking it up to £133.5 million. At the same time, phone banking fraud rose by 28 per cent to £322.3 million.

The scandal is hitting customers in the pocket as banks try to pass on the cost of fraud - which they could and should prevent - to victims.

Which? has launched a super complaint with the Payment Systems Regulator over claims the banks are failing to protect customers duped into transferring money from their accounts to fraudsters. In the majority of these cases, the banks wash their hands of responsibility, leaving victims penniless.

The consumer group says some banks have failed to implement two-factor security steps that can help keep online accounts safe. Two-factor authentication at log-in combines two different types of ID checks - typically something you know, such as a password or PIN, with something you have, such as a card reader or a mobile phone or device on which you get a single-use pass code.

A Which? test of 11 high street banks found that only five have adopted two-factor security checks. It named and shamed Halifax, Bank of Scotland and Lloyds Bank, which are all part of the same group, along with Santander and TSB as scoring poorly on security over a number of years. It said none of these banks offers two-factor authentication at log-in, despite having the technology.

The research, which involved the security consultancy SureCloud, also tested online security features at different stages, including logging in via a browser, adding a new payee and transferring money, and password complexity requirements.

Best for online banking security are First Direct, HSBC and Barclays. First Direct and HSBC have introduced customer voice recognition for their telephone banking customers. Which? spokesman Alex Neill said: 'The best banks in our test manage to use two-factor authentication without it being too onerous for their customers, so there's no excuse for others to sacrifice security.

'Online banking is increasingly part of our daily lives and at the same time online scams are becoming more sophisticated.

'People can only do so much to protect themselves from fraud - it's time for banks to shoulder more of the responsibility and introduce extra protections to safeguard their customers.'

The Lloyds group challenged the validity of the Which? criticism, saying: 'The findings do not provide an accurate reflection of the highly sophisticated security our customers benefit from that is undetectable in this research. We don't consider the results accurately reflect these factors which have a material impact on how we protect our customers' daily needs.'

TSB said: 'Customers are at the very forefront of everything we do at TSB, and we take their safety and security very seriously. It is our number one priority to offer safe and secure banking facilities for our customers across all of our products and services.

'To achieve this we maintain complex and multi-layered fraud prevention controls which will not be visible to the customer - or reflected in this survey. We continually review and improve our services to ensure they remain robust and fit for purpose.'

Santander said: 'We continually look to improve and enhance our customer experience. In doing so we seek to maintain an appropriate balance between customer usability and security.

'Our security model is robust and this is reflected by the low ratio of fraud incidents compared to the rest of the market based on our market share.'

HOW THEY RATE ( % Security Score)

First Direct : 78%
HSBC : 76%
Barclays : 75%
M&S Bank : 73%
Nationwide : 73%
NatWest / RBS : 68%
Metro Bank : 64%
Halifax (Bank of Scotland) : 62%
Lloyds Bank : 62%
Santander : 59%
TSB : 56%

Note : Score is a measure of security around log-in, encryption levels, account management, site navigation and log-out. Source : Which?

(1st November 2016)


LONDON FINANCIAL SECTOR PRIME TARGET OF RANSOMWARE ATTACKS
(International Business Times, dated 19th October 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/london-financial-sector-prime-target-ransomware-attacks-security-researchers-find-1587105#

Ransomware attackers have set their sights on the UK's capital. Security researchers have uncovered that London has been under attack from threat actors, who are specifically launching ransomware attacks to target individuals and businesses.

Some of London's top banks, law firms and other businesses were found to have suffered nearly 10,500 ransomware hits, Malwarebytes researchers uncovered. Additionally, the City of London was found to be the top ransomware target in the UK, with 670% more ransomware attacks than the rest of the UK's top 10 vulnerable areas combined.

Malwarebytes researchers' analysis of London's Square Mile, which is home to a significant number of financial service companies and other businesses, revealed that the city was hit more times than many other countries, including Sweden, Malaysia and Hungary.

Malwarebytes data science analyst Nima Samadi told IBTimes UK: "When analysing the data it gave us an interesting snapshot into a growing problem facing companies. These nefarious threats, which essentially demand money with menaces, are becoming a real problem for big business - encrypting company files for ever unless the ransom is paid. It is a modern day protection racket.

"Given that only 7,000 people live in the City of London, but hundreds of thousands commute there every day, it is not a great leap to assume these attacks involved compromised work systems. With over 80m square ft of office space in just 1.1 miles - that is a hugely tempting target for the bad guys."

In August, Malwarebytes CEO Marcin Kleczynski told Business Insider in an interview that banks had begun stockpiling bitcoins, in the event that they were hit by a ransomware attack. "I talked to a couple of banks and they say they have 50-100 bitcoin ready at all times in a wallet to deploy if a ransomware attack hits," he said.

Researchers were able to identify the top 10 ransomware campaigns targeting people in the UK. The File Cryptor ransomware was found to be the most common, closely followed by File Locker. Trojan Ransom, Cryptowall and TeslaCrypt were among the other top campaigns identified.

UK businesses are not the only sector to be targeted by ransomware authors. Hospitals across the UK have also been targeted by ransomware, but unlike banks, the NHS claims to have not paid up the hackers.

(1st November 2016)


UK'S AGE VERIFICATION PROPOSAL OUTRAGES PRIVACY ADVOCATES
(Computer World, dated 19th October 2016 author Darleen Storm)

Full article [Option 1]:

www.computerworld.com/article/3132964/security/uks-porn-age-verification-proposal-outrages-privacy-advocates.html

Although Britain's GCHQ and the NSA seem to be in bed together on most things, invading the privacy of innocent users supposedly in the name of national security, every once in a while the UK does something that makes the US online surveillance machine seem like it is tamer in comparison; its online age check is one of those times.

The GCHQ has already expressed a Chinese-esque plan to create the Great UK firewall, but now the UK, which previously dabbled in porn blocking, wants online age verification services to ensure that people viewing porn are age 18 or over; the dangerous implementation of the system has outraged privacy advocates.

Age-checking kids

In the US, when a person wants to view "mature" content for gaming or something more risqué, the online age verification allows you to simply pick some dates, usually from a birth date drop-down; if a person is 18-years-old or older, then the content is available. It's up to the user to decide if that answer is truthful.

At the symposium "Online Age Checking: The Time Has Come," one proof of concept for the UK's plan suggested verifying kids' attributes "against school data" or verifying "against school user account." One "benefit" would be that notifications would be sent to parents for consent. One explanation for how it would work suggested that a child would need to register with a service provider which then makes sure the child had signed in on a "trust platform" with a school ID.

On top of that, "out of band authentication, e.g. Google authenticator, device ID, location awareness, parental consent, phone number match, etc. could be added." There is a video about the online age-checking POC here.

Porn-browsing adults please verify age via banking account?

But the UK's proposed age verification to view porn won't stop at checking for ages from 5 to 18. Forget about privacy and anonymity for porn viewing since adults will also hit an Age Gate. As the Open Rights Group pointed out, "Current proposals for age-verification systems suggest using people's emails, social media accounts, bank details, credit and electoral information, biometrics and mobile phone details. The use of any of this information exposes pornography website users to threats of data mining, identity theft and unsolicited marketing."

Proposed age verification plan

The proposed online age-checking draft, a provision in the Digital Economy Bill, did not specify any particular age-checking tools to be used in the age verification framework; however, it suggested the age-checking could be used not only for accessing porn or other adult content, but also for "buying age-restricted merchandise online [e.g. e-liquids (nicotine), adult materials, dangerous goods]; using online services (e.g. dating services, gaming or gambling websites); and accessing online age-gated material (e.g. education and health)."

The BSI Group, which prides itself in having been the world's first National Standards Body, has taken down the draft of the BSI Security Standard, also called a publicly available specification (PAS), so that it is "no longer available to be viewed;" public comments were only allowed until October 13 at any rate.

Nevertheless, it seemed to hit Cory Doctorow's radar after network security consultant Alec Muffett, who is also on the Open Rights Group board of directors, ripped into the ridiculousness of PAS 1296.

No privacy safeguards

David Austen, who will most likely become the regulator of the Age Gate, said, "Privacy is one of the most important things to get right in relation to this regime. As a regulator, we are not interested in identity at all. The only thing that we are interested in is age, and the only thing that a porn website should be interested in is age."

That's nice except there are no privacy safeguards and Austen will leave the market to implement age verification systems; the Open Rights Group asked, "What could possibly go wrong?"

The group pointed out that some implementations may involve "vast data trawls through Facebook and social media," or linking "people's identity across web services," or piggybacking "upon payment providers." The UK government has a privacy-friendly age verification system called Verify, but doesn't intend to use it.

Open Rights Group wrote:

If the government wants to have Age Verification in place, it must mandate a system that increases the privacy and safety of end users, since the users will be compelled to use Age Verification tools. Also, any and all Age Verification solutions must not make Britain's cybersecurity worse overall, e.g. by building databases of the nation's porn-surfing habits which might later appear on WikiLeaks.

What if it's not just WikiLeaks? Let's take a freaky hypothetical scenario. As the creepy clown epidemic in the US moved to also include clown sightings in Britain, there has been a 213 percent spike in clown-related porn on Pornhub and a 50 percent increase on xHamster.

Whether or not that is a Halloween thing or based on some other twisted reason, who would want that linked to their banking, credit and electoral information, or even a social media account using a "real" name such as Facebook supposedly enforces? Stupid comments on Facebook and other social media platforms have cost people jobs, loans, insurance…and the list goes on.

It won't stop kids, but opens adults to chances of life-wrecking leaks


The UK cracked down on revenge porn, but that does nothing to stop people from requesting photos be nudeshopped via Photoshop so it can be used for revenge porn; nor can it stop "porn bombing, the worrying new face of revenge porn." As sick as revenge porn is, a determined person will find a way.

In the same way, determined under-aged people will find a way to browse porn; a simple solution would be using a proxy to view porn which is hosted outside of the UK.

It's not that the idea to keep inappropriate material out of the reach of children is a horrible one, just that it will likely fall short of that goal. Meanwhile for adults, as Open Rights Group said, viewing porn will be linked to real-life identities and "could be vulnerable to Ashley Madison-style leaks."

uaware comment

Do you get the impression that the firewall will be controlled by the BBC at a charge to supplement licence fees. Whats next licencing brothels !

(1st November 2016)


NHS PATIENTS MUST BE TAUGHT TO SHARE THEIR DATA, SAYS EU LOBBY GROUP
(The Register, dated 18th October 2016 author Alexander J Martin)

Full article [Option 1]:

www.theregister.co.uk/2016/10/18/nhs_patients_need_to_learn_to_give_their_data_to_us_says_lobby_group/

Bemoaning the results of a survey showing that more than a third of people don't trust the NHS with their personal information, a new EU-funded lobby group has stressed the need for a "new culture of openness" in allowing patient data to be shared between studies.

eTRIKS, which describes itself as "the result of a collaboration between 17 different partners" including Pfizer, GlaxoSmithKline, AstraZeneca, Imperial College London, and the University of Oxford's e-Research Centre, has reported the results of its own survey.

The survey is released ahead of a data sharing event taking place at the EU parliament on 20 October, which is being introduced by Soledad Cabezón Ruiz, a Spanish Socialist Worker's Party MEP, and professional cardiologist, alongside Scott Wagers, the CEO of BioSci Consulting.

The project, which aims to "reduce the effort needed to combine different types of data and making collected data from one project usable in other research projects" complained how "a total of 56 per cent of the 2,000 people surveyed in the inaugural National Personal Data in Research Survey would also stand in the way of advances in medical science by not allowing their data to be shared for research."

eTRIKS stands for the European Translational Information and Knowledge Management Services, and is funded by the controversial Innovative Medicines Initiative (IMI). IMI sources its own €3.2bn funding from the EU and also from the pharmaceutical industry's Brussels-based lobbying association, EFPIA. It has been criticised in an article in Nature noting how it uses public funds to facilitate the free flow of intellectual property from public research organisations and academia to the large pharmaceutical giants also funding it.

IMI's executive director, Pierre Meulien, said: "Medical researchers rely on data from patients to advance our understanding of diseases and develop new treatments. By bringing together different stakeholders in research, projects like eTRIKS are well placed to facilitate the use of this data to advance research while respecting patients' wishes and addressing wider ethical and legal issues."

Almost 65 per cent of the survey's respondents said they trusted the NHS with their personal data, while 16 per cent said they did not and 20 percent were unsure - but only 43 per cent said they would be happy to share their medical data "in the pursuit of research" as eTRIKS phrased it.

A further 21 per cent said their personal data had already been shared without their consent, while 38 per cent were unsure whether their healthcare information had been flogged to third parties, while only 40 per cent said that their details had not been taken.

Paul Houston, a spokesman for eTRIKS, was quoted as "urging a 'new culture of greater willingness' to support medical scientists." Houston, who is also the head of operations for eTRIKS partner, CDISC, a research data standards organisation, added: "Medical research continues to provide more and more breakthroughs, resulting in improvements to the lives of millions of people across the world."

He continued to explain that eTRIKS wanted "to create a new culture of openness in research, making the sharing of data much easier and opening up more opportunities to pursue medical advances. But to support our new smarter approach to research, we also need a new culture of greater willingness from research participants and the general public."

(1st November 2016)


IS YOUR NETFLIX ACCOUNT SAFE ? USERS URGED TO CHANGE PASSWORDS TO PROTECT FROM HACKERS
(International Business Times, dated 17th October 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/your-netflix-account-safe-users-urged-change-passwords-protect-hackers-1586779#

When it comes to protecting its millions of users against the threat of cyberattack, streaming giant Netflix is taking a "proactive" approach by combing through recent leaks in order to locate users at risk due to password reuse across multiple services.

A number of major technology and social media companies have been hit with cybersecurity scandals this year - including LinkedIn, MySpace and Tumblr - with the incidents now being coined 'mega-breaches' due to the sheer size of data being released into the public domain.

Now according to an email sent to Adweek writer Steve Safran on 14 October, Netflix is contacting those with vulnerable accounts and enforcing password changes - even in cases where its security teams find no evidence the account has been tampered with.

"We discovered that credentials that match your Netflix email address and password were included in a release of email addresses and passwords from a breach at another company," the firm said in an email, adding it uncovered the credentials as part of "regular security monitoring.

As noted by cybersecurity researcher Brian Krebs, similarly-worded notices have been spotted in circulation since early June. Since that time, however, Yahoo has <a
title="Yahoo reveals 'state-sponsored' hackers stole a massive 500 million of its users' accounts were compromised in a late-2014 breach.

There is no suggestion that Netflix itself - which boasts 83 million members in over 190 countries - has been hacked. In a statement sent to The Register, Netflix said the latest round of password change notifications were simply "a precautionary measure due to the recent disclosure of credentials from other internet companies.

It continued: "This is part of our ongoing, proactive efforts to alert members to potential security risks not associated with Netflix. There can be a variety of triggers such as username and password breaches at other companies, phishing schemes, and malware attacks.

On its website, Netflix warns about the dangers of password reuse. "If any of those services are compromised, the attacker can try the user's email address and password on Netflix and take over the account. We strongly encourage you to select strong passwords that are unique to Netflix," it said.

As such, the service stated that users should always strive to make a unique password that is at least eight characters in length and contains a mixture of letters, numbers and symbols.

(1st November 2016)


FRONTLINE POLICE ARE GIVEN BODY CAMERAS
(London Evening Standard, dated 17th October 2016 authors Justin Davenport, Ben Morgan, Chloe Chaplain)

Full article [Option 1]:

www.standard.co.uk/news/london/bodyworn-cameras-rolled-out-to-thousands-of-met-police-officers-a3370696.html

Scotland Yard today launched the world's biggest ever roll-out of body worn video cameras to frontline police officers in London.

Around 22,000 cameras are being issued to all neighbourhood and response officers in the capital at a cost of nearly £10 million.

The first of the cameras were deployed in Lewisham today with further boroughs being issued with the equipment each week.

Once completed next summer the Met will have the largest number of officers equipped with body worn video cameras of any force globally.

The Met hopes the cameras will help restore trust among communities angered by stop and search and events, such as the police shooting of Mark Duggan in 2011.

Commissioner Sir Bernard Hogan-Howe said: "The cameras will support our officers in the many challenging situations they have to deal with, at the same time as building the public's confidence.

"What we do every day will be seen by the public - that has to be good."

He was joined at the launch in Lewisham this morning by Mayor Sadiq Khan who said the technology brings the police force "into the 21st century".

He added: "This will lead to more transparency and accountability. I hope this will lead to the principal of policing by consent being more meaningful. By its nature police need public confidence to move forward.

"The more confidence that the police have from the public, the safer our streets will be."

The cigarette pack-sized cameras are being issued to London's 32 boroughs and a number of frontline specialist roles, including overt firearms officers.

However, the cameras are not yet being deployed to covert firearms or surveillance teams because their size could give them away.

Cameras have also been fitted to the Met's prison vans.

The move follows a trial which saw 550 body cameras used across 10 London boroughs as well as armed response teams.

The Met said the cameras had already proved successful in bringing about speedier justice for victims, and have been particularly successful in domestic abuse cases.

The force said there has been an increase in earlier guilty pleas from offenders who know their actions have been recorded.

A video recording of the arrest of a violent suspect was issued by the Met as part of today's launch.

Last month, a study by the University of Cambridge found a 93 per cent decrease in complaints made against officers clearly wearing body cameras.

Sir Bernard added: "Our experience of using cameras already shows that people are more likely to plead guilty when they know we have captured the incident on a camera.

"That then speeds up justice, puts offenders behind bars more quickly and most importantly protects potential victims.

"Video captures events in a way that can't be represented on paper in the same detail, a picture paints a thousand words, and it has been shown the mere presence of this type of video can often defuse potentially violent situations without the need for force to be used."

"People have pleaded guilty when seeing evidence on film rather than challenging what our officers said happened. It's powerful because it captures the emotional state of everyone at the scene. It will capture the suspect, the victim or how children appear affected.

This is a vital piece in the chain to make sure what we do is transparent. "

The cameras will be attached to the officer's uniform and will not be permanently recording.

Police said members of the public will be told as soon as practical that they are being recorded, and when the camera is recording it is highly visible - notable by a flashing red circle in the centre of the camera and a frequent beeping noise when the camera is activated.

Civil liberties groups have raised concerns about the technology, particularly around how it will be kept and how it could be used.

Footage from the Axon cameras will be automatically uploaded to secure servers once the device has been docked, and flagged for use as evidence at court or other proceedings.

Video not retained as evidence or another policing purpose will be automatically deleted within 31 days.

People will be able to apply for any footage of them under freedom of information law.

(1st November 2016)


BURGLARIES WHERE WINDOW LEFT OPEN SHOULD NOT BE INVESTIGATED, POLICE CHIEF SUGGESTS
(The Guardian, dated 17th October 2016 author Press Association)

Full article [Option 1]:

https://www.theguardian.com/uk-news/2016/oct/17/burglaries-linked-to-carelessness-should-not-be-investigated-police-chief-suggests

A senior police officer has been criticised for suggesting some burglaries should not be investigated if doors and windows have been left open.

Phil Kay, assistant chief constable of Leicestershire police, said he would "far rather" officers focus on preventing crime and protecting the public than investigate break-ins where carelessness may have played a role.

The senior officer posed the question while discussing a high rate of burglaries at properties occupied by students at Loughborough University.

In order to get students to "take notice", Kay suggested police could employ similar methods to NHS services when providing treatment for the clinically obese.

"What the National Health Service will say is 'we are not going to operate on you because your body mass is too high'. They have not helped themselves to prevent an illness," he told the Loughborough Echo.

"Yet if people leave doors or windows open there is an expectation the police will investigate.

"I would far rather my officers were spending their time preventing crime, protecting the public and focusing on other stuff than things that are preventable."

Under a long-running operation Leicestershire police have attempted to tackle the problem by raising awareness among students.

"It is right that we try and stop it but it is right that people take responsibility," Kay said.

Kay said he was not suggesting Leicestershire police had any plans to change their practices, adding: "I pose that as a question."

However the suggestion was met with criticism.

Tory MP Andrew Bridgen, who represents north-west Leicestershire, said: "I would like to hope that the force are putting this out there as a way of reminding the public of the importance of not leaving doors or windows open.

"But it is their job to detect and investigate such crimes, not to penalise law-abiding citizens who may have made a mistake."

Sandie Forrest, a local councillor, said she was "astounded" the question had been posed. "I think the comparison that the police are making with the NHS is a poor one because at the end of the day the NHS will intervene at some stage," she said.

"I appreciate that the police have an enormously difficult job to do, but this would be extremely unpopular with the public," she told the Echo.

(1st November 2016)


MET FAILING TO COMBAT RISE IN PETROL THEFTS
(London Evening Standard, dated 14th October 2016 author Justin Davenport)

Full article [Option 1]:

www.standard.co.uk/news/crime/met-police-failing-miserably-to-tackle-london-petrol-thefts-a3369136.html

Police are "failing miserably" to tackle a soaring number of thefts of fuel from petrol stations in London, it was claimed today.

Figures show that there have been 22,910 thefts of petrol from stations in the capital in the past three years - but only 249 suspects were charged, slightly over one per cent of the total.

The number of thefts has risen steadily since 2013. In the 12 months to the end of August this year there were 8,336 petrol thefts compared with 7,590 in the same period in 2014/15 and 6,984 the previous year.

In the year to August the number of people charged with thefts was 70 compared with 106 the previous year and 73 in 2013/14.

Conservative London Assembly member Steve O'Connell, who obtained the figures, said the number of people charged was "staggeringly low when you consider the amount of CCTV evidence the police must have available to them", and added that "it would appear the Met is not taking these crimes seriously".

Mr O'Connell, the chairman of the Assembly's police and crime committee, said: "It is quite clear from the data that more and more people are getting away with this every year and it is a problem that will only get worse unless something is done.

"This is a matter I'll be raising with the Mayor to try and find out why the police are failing so miserably to pursue these criminals."

A Met spokesman said that allegations of this type of crime are taken seriously and "where there are investigative opportunities, incidents are pursued".

The spokesman added: "We continue to work with retailers to identify opportunities to reduce the theft of fuel from forecourts.

"One proven method is to adopt 'pre-pay' technology for fuel, which we would recommend, this is a matter for retailers to consider."

(1st November 2016)


REPORTED RAPES IN ENGLAND AND WALES DOUBLE IN FOUR YEARS
(The Guardian, dated 13th October 2016 authors Vikram Dodd and Helena Bengtsson)

Full article [Option 1]:

https://www.theguardian.com/society/2016/oct/13/reported-rapes-in-england-and-wales-double-in-five-years

The number of rapes recorded by police has doubled in the past four years while the percentage of allegations resulting in conviction has fallen, official figures indicate.

Police and prosecutors believe that the rise in reported cases indicates that people are more willing to report sexual attacks in the aftermath of the Jimmy Savile sexual abuse scandal and other recent high-profile historical cases, and amid promises that a culture of disbelief in the justice system has been banished.

In 2015-16, police recorded 23,851 reports of adults being raped - nearly all of them women - compared with 10,160 in 2011-12, according to data released today by HM Inspectorate of Constabulary on behalf of its rape monitoring group.

Recorded rapes of children rose from 5,878 in 2011-12 to 11,947 in 2015-16. The figures suggest that 109 out of every 100,000 children were recorded as being attacked in England and Wales.

The number of reported rapes has risen by 123% since 2011/12. Over the same period convictions rose only 11%.

"It may be that in the wake of publicity associated with the late Jimmy Savile and other historical abuse cases, more adult survivors of child sexual abuse, as well as more recent victims, have felt empowered to come forward to tell the police," the report says.

Convictions in court compared with recorded allegations halved in four years. But because more cases were going through the system, the actual number of convictions increased.

Thus last year there were 2,689 convictions recorded, a rate of 7.5% of recorded allegations by adults and children. The same figure four years earlier was 15%, while the number convicted in 2011-12 was lower, at 2,414.

Liz Kelly, professor of sexualised violence at London Metropolitan University, said: "We have always argued you should calculate it [the conviction rate] as a proportion of reports. The vast majority of cases are lost at the investigation stage. If you don't look at the whole process … then you get a skewed picture … 80% of cases don't get to prosecution."

Data in the report suggests rape cases take longer than other types of crime to process; they take 247 days to be completed, compared with 171 days for all crown court cases.

"The increase in volume of rape cases may have an impact on the timeliness," the report adds. "However, groups representing victims have expressed concern that the longer it takes for a case to go to court, the harder it becomes for the victim to give evidence. Timing is crucial and delays may have a detrimental psychological impact on victims."

A CPS spokesperson said: "In our 2015-16 Violence Against Women and Girls Report the volume of prosecutions and convictions were shown to be the highest ever recorded, while the conviction rate saw an annual rise from 56.9% to 57.9%. The statistics are clear - today a rape is more likely to be prosecuted and convicted than ever before."

Sarah Green, from Rape Crisis England and Wales and the End Violence Against Women Coalition, said there was an "ongoing enormous rise in victims reporting rape to the police". She said "the shame around this abuse may be declining and the desire to seek justice increasing. Police, courts, government and everyone in frontline services and public life should do everything to keep driving this, including speaking out against victim-blaming attitudes."

Only a fraction of the total number of rapes are reported to police and thus enter the criminal justice system. The report says: "It is widely recognised that rape is under-reported, with many more rapes committed than are reported to and recorded by the police."

Crime statisticians estimate that the number of actual rapes is about six times greater, which if true would mean that the proportion of people actually convicted for rape is tiny. The report says: "Convictions of the guilty are extremely important outcomes but convictions are not the only important outcomes for victims of rape." It adds: "Cases involving sexual offences can often, by their nature, lack corroborating evidence and come down to complex decisions around consent and one person's word against another.

"The process of preparing for court, and the trials themselves, can be very lengthy and involve levels of scrutiny of the victim not seen for other offences. At any time victims may withdraw from the process for fear of giving evidence in court, fear that the process will be too distressing, fear of being disbelieved or judged, or as a result of delays from start to finish."

Kelly said problems remained with attitudes: "People within the criminal justice system are working with antiquated ideas and so is the public, which makes up juries."

Kelly said these include issues to do with victims not being believed because they have not suffered internal injuries or because they froze and did not fight back. She said an alleged victim's drug or alcohol consumption could also sway opinions within the criminal justice system. "There is a whole set of social assumptions about what a rape looks like, which most rapes don't look like."

The reports were prepared for 42 local police force areas. Vera Baird, police and crime commissioner for Northumbria, said: "It is straightforward to increase the percentage of convictions to prosecutions - only take the certainties to court. That is now a thing of the past as more complainants have the confidence to report and the police believe that they deserve a prosecution."
This article was amended on 13 October 2016. The conviction rate in an earlier version was calculated on the assumption that the number of convictions was for crimes against adults only. It included crimes against children as well. As such, the conviction rate in 2015-16 was 7.5% of recorded allegations, not 11%, and the rate in 2011-12 was 15%, not nearly 24%. This has been corrected in the text and graphics. The article has also been amended to clarify that while the data covered a five-year period, the statistical changes referred to occurred over four years.

Further information - uaware counterbalance

WHAT IF THERE'S MORE SEXUAL VIOLENCE NOW, NOT JUST REPORTS OF IT (Extract)
(The Guardian, dated 13th October 2016 author Joan Smith)

Full article [Option 1]:

https://www.theguardian.com/commentisfree/2016/oct/13/more-sexual-violence-reports-rape-victims

e've been saying it for years: the huge increase in recorded rapes in this country is because victims are more confident about reporting it. Women have read about Jimmy Savile, they've heard about well-known men going to prison and they trust the police more than they used to. But the trend is so relentless that I think we now have to consider a much more alarming possibility - that more rapes are being committed.

First, the figures. The number of rape claims - from both adults and children - recorded annually by the police has more than doubled in the past four years, from just over 16,000 to almost 36,000, according to figures just published by HM Inspectorate of Constabulary. I've got used to arguing that these increases are a good thing because we need victims to go to the police, to get justice for themselves and to protect other women.

All of that is true, but it doesn't look to me as though it's happening. There is a long-running argument about how to calculate the percentage of rape reports that end in convictions but the actual figure - only 2,689 this year - tells its own story. While that number is slightly up on the 2,414 convictions four years ago, over the same period the proportion of reported cases that led to conviction - already stubbornly low - has dropped by half, from 15% to 7.5%.

I'm not dismissing the idea that some victims have more confidence in the criminal justice system, post-Savile. But I'm worried that the assumption may hide an actual increase in the number of rapes and serious sexual assaults. If the conviction rate had kept pace with the increase in reported cases, there would have been 5,400 convictions this year - more than 2,700 higher than the actual figure.

----Continued

(1st November 2016)


LONDONS HUMAN SLAVERY SHAME REVEALED
(London Evening Standard, dated 12th October 2016 author Martin Bentham)

Full article [Option 1]:

www.standard.co.uk/news/politics/london-revealed-as-modern-slavery-hotspot-a3367316.html

London was today revealed as Britain's modern slavery hotspot as a new report to Parliament warned that there are "too many gaps" in the action taken to protect victims.

Kevin Hyland, the independent anti-slavery commissioner, said that "domestic slaves abused in wealthy London residences" and Nigerian women trafficked into prostitution were among those being forced unlawfully into servitude.

He also warned that eastern European men are being "exploited in shocking conditions in car washes" and raised fears that people traffickers are using the migrant crisis to lure people into slavery.

Mr Hyland said the homeless, including in London, were also being exploited as he called for major improvements to help victims.

The warnings came in Mr Hyland's first annual report to Parliament, which shows that the details of 1,242 potential victims in London were passed to the "National Referral Mechanism" during 2015/16 - over a third of the national total of 3,146 referrals.

London also accounted for a quarter of cases logged as crimes with 248 offences recorded during the period, a quarter of the national total of slavery offences.

But only 71 suspected slavery offenders were arrested during the same period in the capital, with 18 summonsed or charged so far.

Mr Hyland, appointed to his role by then-Home Secretary Theresa May, said that although police action to tackle slavery in London and elsewhere had increased during the past year, "dramatic" improvements were needed.

He added that the number of offenders brought to justice was "still relatively low given the scale of offending".

Mr Hyland also said it was "unacceptable that nothing is known about victims' futures once they leave support accommodation" and then warned: "There is strong evidence that the migration crisis is being used by human trafficking networks to target and exploit the most vulnerable and that there is a need for urgent action."

He said: "Victims of modern slavery are robbed of their right to life and liberty... The domestic slaves abused in wealthy London residences.

The Nigerian women and girls trafficked across the Sahara to work as sex slaves in Europe.

These are all individuals - someone's mother, father, brother, sister, daughter or son - with a freedom and a future that must be fought for."

Mrs May has made tackling modern slavery one of her priorities as Prime Minister, and today she told a service at Westminster Abbey to honour 18th-century abolitionist William Wilberforce that Britain would "target every aspect of this despicable trade and put the slave-drivers out of business for good".

(1st November 2016)


POLICE NOT RECORDING MOST UK SLAVERY CASES AS CRIMES
(The Guardian, dated 12th October 2016 author Peter Walker)

Full article [Option 1]:

https://www.theguardian.com/world/2016/oct/12/police-not-recording-uk-slavery-cases-crimes-report-kevin-hyland

UK police forces are failing victims of modern slavery by not recording what happens to them as crimes, meaning many cases are never investigated, the independent anti-slavery commissioner has said in his first annual report.

Kevin Hyland, whose job was created under last year's Modern Slavery Act, said just over a quarter of the 3,000-plus slavery cases identified in England and Wales last year under the national referral mechanism (NRM) for recording the offence resulted in crimes recorded by police.

The situation was similarly bad in Scotland, Hyland noted in his report, although the Police Service of Northern Ireland (PSNI) logged every one of the offences referred to it.

This meant too many police forces were failing victims, Hyland said. "When NRM referrals are not recorded as crimes, investigations are not launched and victims do not receive the justice and support that they both need and deserve."

The report identified some areas in which anti-slavery procedures had improved but said a series of other areas needed improvement and there were "too many gaps in the system for victims to fall through", especially once they left supported accommodation.

Hyland's biggest concern was the failure by police to properly record slavery referrals. Among English and Welsh forces, he found, 3,146 NRM referrals brought just 884 recordings of slavery crimes, or 28% of the total. This amounted to "chronic weaknesses" in recording the crime, Hyland said.

More than half of the English and Welsh forces had difficulties answering whether any referrals via the NRM had resulted in a crime record, while four could not find their internal records about NRM cases.

In Scotland the situation was, if anything, worse, the report found, with police forces having a policy - since changed - that slavery crimes would only be recorded if there were "conclusive grounds" connected to the NRM. In contrast, the PSNI logged 100% of NRM referrals in 2015-16.

Matters were not all bad, Hyland said. In the foreword to the report, he wrote: "Evidence I have collected does demonstrate that some UK police forces are taking a proactive approach to combating modern slavery through the development of bespoke units, quality assurance mechanisms and training."

He added: "I am disappointed, however, that many instances of substandard modern slavery crime recording remain."

Hyland said he had raised the issue with the National Crime Agency and the National Police Chiefs' Council.

Shaun Sawyer, who leads on anti-slavery for the NPCC, said police wanted to do more to tackle the "vile crime".

"This complex and cross-border-type offence presents the police with unique challenges," he said. "However, it does not excuse the gap between national referrals and recorded crime in some areas. We also believe there are many victims of modern slavery who are yet to be identified."

In a statement following the report, Theresa May said the government was committed to tackling the issue.

"So let us send out this message," the prime minister said. "To the victims of modern slavery: we will not ignore your plight. We will not turn away. We will not shut our eyes and pretend your suffering does not exist.

"We will work tirelessly, relentlessly pursuing the perpetrators of these appalling crimes so that victims of slavery can go free. And my message to these criminals is simply this: we are coming after you."

According to the report, there are believed to be up to 13,000 victims of modern slavery currently in the UK, including domestic slaves, forced agricultural workers and people exploited in brothels.

Hyland said a visit to Italy and Greece this year had uncovered "strong evidence that the migration crisis is being used by human trafficking networks to target and exploit the most vulnerable, and that there is a need for urgent action".

Hyland also noted concerns about the potential numbers of women and girls trafficked from Nigeria for sexual slavery.

In 2015, more than 5,600 Nigerian women and girls arrived in Italy by sea, almost four times as many as in 2014, the report said. The majority of these came from the Nigerian state of Edo.

Hyland also highlighted the issue of homeless people being exploited by traffickers for what is described as work in the informal economy. He said a number of them were "being held in exploitation and slave-like conditions across the UK".

The report warned: "As there is currently no national evidence base or recording mechanisms for this phenomenon, and despite the best efforts of organisations working in this field, the response to date has not been effective."

(1st November 2016)


WHITEHALL PLANS NATIONAL ARMED POLICE FORCE
(London Evening Standard, dated 11th October 2016 author Justin Davenport)

Full article [Option 1]:

www.standard.co.uk/news/uk/new-national-armed-police-force-planned-by-government-a3365941.html

A new national armed police force to respond to a Paris-style terror attack is under consideration by the Government.

The 4,000 strong unit would combine firearms officers from the British Transport Police, the Civil Nuclear Constabulary and the Ministry of Defence police, according to the Financial Times.

The new unit is expected to be a highly mobile team with unified equipment and communications.

As well as protecting the country's infrastructure, including power stations, airports, railways and ports, the unit would be expected to respond to marauding attacks by armed gunmen such as the atrocities in Paris and Mumbai.

Local police forces would continue to operate their own armed units and the proposals would not involve the recruitment of any extra armed officers.

Former prime minister David Cameron announced the recruitment of an extra 1,500 firearms officers to bolster defences against a terror attacks, including an extra 600 officers in London.

(1st November 2016)


THREE QUARTERS OF UK POLICING WEBSITES LACK SECURE ENCRYPTION
(Computer Weekly, dated 11th October 2016 author Warwick Ashford)

Full article [Option 1]:

www.computerweekly.com/news/450400830/Three-quarters-of-UK-policing-websites-lack-secure-encryption

A quarter of UK policing websites have secure foundations, but half have room for improvement, and the remaining quarter are in need of serious and urgent improvement, according to the Centre for Public Safety.

Only just over a quarter of UK policing and related websites demonstrate high standards of secure encryption, a study by the Centre for Public Safety has revealed.

The remaining 73% have significant room for improvement, with some putting sensitive information at risk, according to a public safety briefing on UK police cyber security.

The briefing is based on a scan of 71 police and policing-affiliated websites in the first independent assessment of UK policing's cyber security, according to the centre, which is a non-profit organisation aimed at promoting world-class policing and public safety and providing supporting frontline professionals.

The majority of the websites assessed either lacked a secure (SSL/TLS) connection for visitors or their implementation was deemed deficient or insecure.

Almost a quarter of sites lacked any automatic secure connections, meaning information is communicated in plain unencrypted text across the internet, with more than 70% of these sites inviting users to submit personal data.

In some cases, information specifically relating to criminal activity was sought in plain text without any form of secure connection, which the briefing said should be halted because it puts members of the public at risk.

The briefing said it is ironic that the police service encourages the public to "look for the padlock" that indicates secure internet connections, while many policing sites do not offer this security benefit.

Even some of the newest implementations fell short of the highest standards, the briefing said, with the Cheshire Constabulary scoring a 'C' grade in July 2016, but in September 2016 - following the launch of a new "upgraded" website - the connection was less secure, achieving only an 'F' grade.

The new version of the website was found to be vulnerable to Poodle and man-in-the-middle (MITM) attacks and lacked support for the latest version of TLS.

With the move towards digital transformation, the briefing said police service and related agencies must ensure their services are secure.

"While the rest of the world moves to secure-by-default, some forces and their IT providers seem intent on delivering not-enough-by-default," said Rory Geoghegan, founding director of The Centre for Public Safety. "Take the Met Police - spending hundreds of millions per year and only achieving a grade C," he said.

According to Geoghegan, those police forces accepting personal data and information on criminal activity over plain text should implement secure connections as a matter of priority.

The websites of the Civil Nuclear Constabulary and Independent Police Complaints Commission (IPCC) were found to be the most secure, while those achieving A-grades included the police forces of Cleveland, Cumbria, Devon and Cornwall, Dorset, Durham, Gwent, Kent, Leicestershire, Merseyside, Norfolk, North Yorkshire, Police Service of Northern Ireland (PSNI), Suffolk, Warwickshire, West Mercia, and West Yorkshire.

The worst performing, were the websites of the British Transport Police, College of Policing, Dyfed-Powys, Greater Manchester, Hampshire, HMICS, Humberside, Ministry of Defence Police, National Crime Agency, National Police Air Service, National Police Chiefs' Council, North Wales, Northumbria, Police Investigations and Review Commissioner (PIRC), Surrey, Sussex, and the UK Missing Persons Bureau.

"It's 2016 - the internet is not new, the cyber security threat is not new - and yet some police forces and their IT providers seem to think it is acceptable to pay large sums of taxpayer money for insecure technology," said Geoghegan.

"Police and crime commissioners and chief officers are banking on savings from digital transformation. They must ensure the online services provided are secure, or they risk public trust and public safety," he said.

(1st November 2016)


UK PASSPORTS 10 TIMES MORE LIKELY TO BE LOST OR STOLEN AT HOME
(BT News, dated 10th October 2016)

Full article [Option 1]:

http://home.bt.com/news/uk-news/uk-passports-10-times-more-likely-to-be-lost-or-stolen-at-home-11364104453946

UK passports are 10 times more likely to be lost or stolen within this country than overseas, new figures show.

Some 300,000 passports were recorded as missing in 2014/15, but just 7% were reported through embassies overseas.

The majority are being mislaid within this country, with one leading travel association blaming people's habit of throwing the document "in a drawer or an old travel bag".

The figures were obtained by the Press Association through Freedom of Information requests from the Foreign and Commonwealth Office (FCO) and Her Majesty's Passport Office (HMPO).

Spain is the most common foreign place for passports to go missing, followed by the US and then France, the FCO statistics show.

The total number of passports lost or stolen jumped by a quarter in the three-year period between 2013/14 and 2015/16 - from 261,929 to 328,228.

A Home Office spokeswoman said: "The annual number of losses represents less than 1% of the total UK passports that are in circulation.

"However, it is a valuable document and we urge all passport holders to keep their passport safe and secure."

Gary Lewis, chief executive of the Travel Network Group, said people tend to be "much more vigilant" when on holiday but after returning they often throw their passports "in a drawer" or an "old travel bag" and forget about them.

He added: "We are always hearing about how customers have mislaid or lost their passports prior to travelling on holiday."

The figures also show that in the three years between 2012/13 and 2014/15 the number of lost passports reported to embassies abroad dropped by almost a quarter - from 27,320 to 20,663.

It follows reports that stolen British passports have increased in value since Brexit and can sell on the dark web for around £2,800 with the UK passport black market worth over £46 million, according to cybercrime researcher Stefan Fafinski.

Assuming a passport cost of £72.50, UK citizens will have spent more than £60 million renewing the documents between 2013/14 and 2015/16.

There are around 60 million British passports in circulation.

------------------------
MORE PASSPORTS GO MISSING IN THE POST
(The Times, dated 3rd October 2016 author Andrew Ellson)
www.thetimes.co.uk [Option 1]

The number of passports lost in the post has more than doubled in the past four years, figures obtained by The Times show.

Almost 600 passports or supporting documents were sent to the wrong address or completely disappeared last year compared with 248 four years ago.

Since 2006 nearly 4,500 passports or supporting documents have suffered a similar fate, a freedom of information request reveals

A spokeswoman for Cifas, a fraud prevention charity, said: "Your passport is a valuable document that contains important personal information, information that can be used to commit identity fraud against you if it falls into the hands of criminals. A lost document is more than an inconvenience, it is a real threat".

Katy Worobec, of Financial Fraud Action UK, said: " Information is the life blood of the financial fraudster."

Some people whose documents have gone astray say the Passport Office shows a cavalier attitude. Sarah Lebutsch was horrified when her passport, her husbands passport and her eldest childs birth certificate went to a stranger after she sent the documents as supporting evidence for passport applications for her two children.

She said: "We received an email from a lady we do not know who lives in Northampton, who informed us that she had received our older daughters birth certificate and our passports. "She had immediately called the Passport Office, only to be casually told to stick them in an envelope and freepost them back. She did not feel comfortable doing this and instead tracked us down via the internet.

"I called the Passport Office immediately, expecting them to be apologetic. I was told to await a call back within 4 hours but heard nothing. I called again only to be advised that no one was around until after the bank holiday."

The freedom of information request found that the problem is getting worse. Based on the number that went missing in the first three months of this year, more than 550 passports will disappear this year and a further 300 will be sent to the wrong address.

The delivery of passports is handled by DX, a private company that has had the £21 million delivery contract for 12 years.

The cost of a passport has risen by 75% since 2005 and now £72.50. Inflation increase by 39% during the same period.

The Passport Office said the problem was small compared with the number of passports issued. A spokesman added: "The safety of our customers personal data is of paramount importance and every attempt is made to recover lost or misdelivered documents.

"Once reported, passports are cancelled on the system immediately to itigate against the risk of misuse and we work with DX to develop measures to reduce the number of losses overall.

------------------------
Further information (uaware addition)

Always go to a "gov.uk" website when dealing with a UK passport.

Cancel a lost or stolen passport :

https://www.gov.uk/report-a-lost-or-stolen-passport

Sadly things don't change !

FIVE PASSPORTS ARE LOST IN THE POST
(Daily Mail, dated 12th November 2008 author Ian Drury)

Five passports are lost in the post on an average day, ministers have admitted.

Since February 2004, when the Identity and Passport Service - a Home Office agency - ditched Royal Mail and awarded a multi-million-pound contract to a courier service to deliver the documents, 3,000 have gone missing.

Experts estimate that the black market value of the passports, which can fetch £1,700 a time from criminals, is £20million.
--------------------------

CRACKDOWN ON MAIL TO HALT THEFT OF PASSPORTS
(The Observer, dated 25th May 2003 author Martin Bright)

Full article [Option 1]:

https://www.theguardian.com/uk/2003/may/25/ukcrime.immigrationpolicy

Parliamentary answers from Home Office Minister Beverley Hughes to Liberal Democrat MP Paul Burstow show that losses of new passports sent out by the Passport Agency soared by 17 per cent to 2,982 last year, with a total of 11,733 lost over the past four years. A fresh passport, newly stolen from the post, fetches between £500 and £1,000 on the black market. The price rockets to £5,000 when it has been adapted by the counterfeiters to fit the new identity.

(1st November 2016)


CYBER-BLACKMAILERS INCREASINGLY TARGET NHS TRUSTS WITH RANSOMS FOR PATIENTS DATA
(The Telegraph, dated 10th October 2016 author Telegraph Reporters)
Full article [Option 1]:

www.telegraph.co.uk/news/2016/10/10/cyber-blackmailers-increasingly-target-nhs-trusts-with-ransoms-f/

NHS IT systems are increasingly vulnerable to attacks by cyber-blackmailers trying to extort ransoms from hospitals, according to reports.

At least 28 NHS trusts in England have been victims of ransomware incursions in the last 12 months, according to figures handed to the i in Freedom of Information request.

NHS Digital, the body which oversees cyber-security for the health service, admitted there has been an increase in attacks but said that no ransom was paid and no data was lost.

It said patient records had not been affected and added that other organisations have been targeted in the attacks.

Ollie Whitehouse, technical director of NCC Group, the internet security company which obtained the data, told the paper: "Ransomware has become the bottom line of cyber-crime - if hackers break into a system and can't find any other way to monetise what they find, they encrypt the data and demand a ransom.

"We have seen a 400 per cent increase in these attacks. The health service is by no means alone in facing this kind of attack.

"But NHS trusts are being increasingly targeted and any loss of patient data would be a nightmare scenario. Like everyone else, they need to be applying robust controls."

Ransomware, among other malicious software, has long been known to target computer users, generating millions of pounds a year for cyber-criminals.

Europol issued a warning about the malware last week, warning that it is now the top form of online theft.

The virus works by implanting a piece of software, often sent disguised in an email, which locks the user out of the system or files.

The hackers then demand a BitCoin ransom, which can be the equivalent of thousands of pounds.

About Ransomware

What is ransomware? A virus which locks a device, such as a computer, tablet or smartphone and then demands a ransom to unlock it

Where did ransomware originate? It first emerged in 2005 in the United States, but quickly spread around the world, along with other so-called malware

How does it affect a computer? The virus is normally contained win an attachment to an email that masquerades as something innocent. Once opened it freezes the machine, making it impossible to access or retrieve anything stored on there such as photographs, documents, music etc

How can you protect yourself? Anti-virus software can protect your machine, although cybercriminals are constantly working on new ways to override such protection

How much are victims expected to pay? The ransom demanded varies but when there was an attack in the UK in 2014, people were charged £500

The 4 most popular cyber crimes

Phishing - The aim is to trick people into handing over their card details or access to protected systems. Emails are sent out that contain either links or attachments that either take you to a website that looks like your bank's, or installs malware on your system.

A report by Verizon into data breach investigations has shown that 23% of people open phishing emails.

Identity theft - According to fraud protection agency Cifas, the number of victims rose by 31 per cent to 32,058 in the first three months of 2015. Criminals use online 'fraud forums' to buy and sell credit cards, email addresses and passports.

Hacking - In a Verizon study of security breaches there were 285 million data exposures, which works out to about 9 records exposed every second. 26% of these attacks were executed internally within organisations.

It is estimated that 90% of all data records that were used in a crime was a result of hackers employed by organised crime.

Online harrassment - Over half of adolescents and teens have been bullied online, while 73% of adult users have seen someone harassed in some way online and 40% have experienced it.

(1st November 2016)



THREE POLICE OFFICERS ACCUSE IPCC OF CRIMINAL CONDUCT OVER TASER CASE
(London Evening Standard, dated 8th October 2016 author Tom Powell)

Full article [Option 1]:

www.standard.co.uk/news/crime/three-police-officers-accuse-independent-watchdog-of-criminal-conduct-over-taser-case-a3364286.html

Three police officers accused of racially discriminating against a black firefighter have officially complained about the independent watchdog which handled the case.

Inspector Sutinderjit Mahi and PCs Daniel Roberts and Mark Gatland made official allegations to Scotland Yard over the Independent Police Complaints Commission (IPCC) probe into their treatment of Edric Kennedy-Macfoy.

Mr Kennedy-Macfoy was helping officers identify a teenager who had thrown a rock at a police van in Harrow, north London, in September 2011 when he was Tasered and arrested.

He was later cleared in court of obstructing police and received damages from the Metropolitan Police.

Mr Mahi and PC Roberts were accused of using abusive and offensive language motivated by racial discrimination and/or racial stereotyping.

Firearms officer PC Gatland - who used the Taser - was accused of using unreasonable force motivated by racial discrimination and/or racial stereotyping.

But a misconduct hearing against the three in July collapsed when the IPCC withdrew its case over "procedural shortfalls".

The officers' lawyer, John Downes, from Slater and Gordon, said: "We welcome the news that officers from Scotland Yard are assessing the criminal claims against the IPCC.

"My clients have suffered for the past five years since the original incident and the spurious claims against them have tarnished their lives.

"They now hope the allegations they have made against the IPCC are taken seriously by the Metropolitan Police and look forward to being updated soon."

The IPCC admitted at the July hearing that it failed to take into account statements corroborating the officers' accounts from independent witnesses, did not interview those witnesses and failed to disclose those statements during disciplinary proceedings.

A Metropolitan Police spokesman said on Saturday: "We can confirm that in September the MPS received two linked allegations of crime, relating to issues arising from a misconduct hearing in July 2016 which was halted because of issues with disclosure.

"The allegation has been recorded and is being assessed."

An IPCC spokeswoman said: "The MPS has made us aware that two linked allegations are being assessed and as such it would be inappropriate to say more at this stage."

Mr Kennedy-Macfoy's lawyer, Shamik Dutta, said he had yet to be informed by the Metropolitan Police of any complaints and would expect Mr Kennedy-Macfoy to be notified. He also said the firefighter should be "invited to participate" if there is an investigation.

Mr Dutta added: "It is worth reiterating that after Mr Kennedy-Macfoy was found not guilty in the magistrates' court, both the Metropolitan Police and the IPCC investigated his police complaint. In the course of those investigations, independent witnesses supported Mr Kennedy-Macfoy's account.

"Senior Metropolitan Police officers have invited Mr Kennedy-Macfoy to a meeting to discuss my client's concerns about the case and my client intends to help them learn from his terrible experience."

(1st November 2016)


SCALE OF SEXUAL ABUSE IN UK UNIVERSITIES LIKENED TO SAVILE AND CATHOLIC SCANDALS
(The Guardian, dated 7th October 2016 author Sally Weale and David Batty)

Full article [Option 1]:

www.theguardian.com/society/2016/oct/07/scale-of-sexual-abuse-in-uk-universities-likened-to-savile-and-catholic-scandals

The scale of sexual harassment and gender violence by UK university staff has been likened to the scandals involving the Catholic church and Jimmy Savile in accounts shared by more than 100 women with the Guardian.

Their stories - including those of verbal bullying, serial harassment, assault, sexual assault and rape - expose an alarming pattern of abuse and harassment in British universities which remains largely hidden.

A number of contributors drew parallels with the abuse scandals affecting the Catholic church and Savile, the disgraced late TV star.

Many women said they had not pursued complaints for fear of jeopardising their academic careers. Those who did complain said they felt isolated and unprotected, while the more powerful men they accused appeared to be untouchable.

The women's accounts follow an exclusive Guardian report on the use of non-disclosure agreements in university sexual harassment cases.

Rachel Krys, the co-director of End Violence Against Women, called for urgent change within universities to both prevent senior male academics abusing positions of power and develop better processes to bring them to account.

"We know this is happening to young women at universities across the country and they continue to be failed by the institutions in which they put their trust," Krys said. "Our universities need to listen more to the women who are coming forward and telling these stories. They need to investigate properly when there is an allegation of abuse, and act quickly to protect all women from these perpetrators."

According to EVAW, UK universities are legally obliged under human rights and equality laws to protect female students from sexual assault and other forms of violence against women. Their analysis of universities' policies concluded that many were likely to be in breach of these obligations.

Later this month Universities UK (UUK) is publishing its long awaited report on sexual violence and harassment in universities, but there is concern that it will focus on "lad culture" and incidents between students, rather than those involving staff and students, which have remained largely under the radar.

The majority of cases reported to the Guardian involve senior male academics, often professors, harassing and abusing younger female PhD students whose work they supervise. There are also accounts from undergraduates and female academics, while a small number of other allegations involve assault, male-on-male harassment and one allegation of sexual assault by a female lecturer.

Many of the accounts indicate that universities are failing in their duty of care to students and staff who are harassed. One female academic who made a complaint of sexual harassment against a more senior male colleague - against whom there had been previous complaints - said she was marched off the university premises and suspended for three months after he accused her of making a false allegation.

Another female academic who complained to HR of being sexually assaulted by a more senior male colleague, was then interviewed by two male colleagues. "I was so traumatised and ashamed, not only by the assault but by having to give details of the assault to two men (one of whom seemed to regard me as a waste of space) that I did not take my complaint to the next formal level."

In another statement, a PhD student, who brought a complaint after being raped by a senior member of staff with whom she was in a relationship, described her sense of utter powerlessness: "He is a renowned professor. He can do what he wants."

The incidents are reported to have taken place at a variety of institutions across the UK, including prestigious and high-ranking Russell Group universities. Some date back to the 1980s and 90s, but most are recent and many are ongoing, and in the majority of cases the women involved have asked to remain anonymous, and their institutions unnamed, because of fear of repercussions.

Jennifer Saul, professor of philosophy at the University of Sheffield and an expert on sexual harassment in higher education, said she was not surprised by the deluge of stories: "There's a systemic problem. Too often, victims are afraid to come forward for fear (well-justified) of retaliation.

"When they do come forward, often they are brushed off or not believed. When they are believed, their allegations are still often dismissed as unprovable. Even when things are taken more seriously, harassers are generally allowed to leave quietly, which enables them to move some place else and do the same thing."

Many of the women who made complaints to their institutions said they felt they were the ones on trial, while alleged perpetrators were often protected by management who feared losing a star researcher and their funding.


A number of respondents said their harassers were allowed to remain in post; some moved to other institutions without facing any formal investigation or disciplinary action, leaving them with an unblemished employment record and the opportunity to continue preying on students elsewhere.

"They don't know where he is or what he is doing, and they don't care. He is not their problem any more," said one female academic whose sexual harassment complaint resulted in her senior colleague leaving with a financial settlement and a non-disclosure agreement which prevents any discussion of the case.

A number of PhD students described their excitement to be working with eminent professors, only to find themselves under pressure to enter into more intimate relationships. When they refused, they were ostracised and neglected by their supervisor, putting their academic future at risk.

"My (much older) supervisor kept messaging me for naked photos of myself," said another student who didn't report the incidents. "When I refused he told me I was probably going to get raped. He was very well liked, and I knew he would never be punished for it."

Another contributor said: "The culture [in universities] is very sexualised. It's very, very macho. Whenever complaints arise, they are covered up. In general society there's been a shift in the way in which complaints of sexual misconduct are dealt with - in higher education, not so much."

A UUK spokesperson said the forthcoming report would identify best practice in a range of areas which would be shared across all universities. "The university sector has been clear that there is no place for violence and sexual harassment on a university campus, nor anywhere else.

"Universities across the UK already have a range of initiatives and policies in place to address these issues, including policies on student-staff relationships."

How far the higher education sector will enforce the report's recommendations remains to be seen. A number of universities have instigated reviews of their own policies and practices in response to individual cases within their institution.

The University of Sussex has commissioned an independent inquiry into its handling of the assault of a postgraduate student by a lecturer. The media lecturer Lee Salter met Allison Smith during induction week and they began a relationship. But in September 2015, he punched her, knocked her out, stamped on her and threw salt at her face. He was found guilty of assault by beating and causing criminal damage on 13 July at Brighton magistrates court.

In the 10 months between his arrest and sentence, he continued to teach at the university, to Smith's distress. "Their policies were clear that he should have been suspended," she said. "It felt very damaging that the institution would do this. It started to feel that their reputation was more important. They swept me under the carpet and that was that."

Salter, who pleaded not guilty in court and received a 22-week suspended jail sentence, was issued with a restraining order not to contact Smith. He has appealed against his convictions.

More than 300 Sussex University staff and students sent a letter to the vice chancellor, Adam Tickell, calling on the university to "investigate and publicly acknowledge its mishandling of the case [and] establish a taskforce to comprehensively examine university policy and practice on issues of violence and harassment".

Tickell, who was appointed after the alleged incident and launched the inquiry at the start of his tenure, has promised to appoint a deputy pro-vice chancellor for equalities. "I believe strongly that this institution should learn lessons from this case and rectify any failings, and I'm committed to ensuring that Sussex does what is right for our community," he said.

(1st November 2016)


YOUNG KNIFE CRIMINALS WHO FILM OFFENCES TO SHARE ONLINE MAY FACE TOUGHER SENTENCES
(International Business Times, dated 6th October 2016 author Nandini Krishnamoorthy)

Full article [Option 1]:

www.ibtimes.co.uk/young-knife-criminals-who-film-offences-share-online-may-face-tougher-sentences-1585053

The Sentencing Council has proposed that young knife criminals should face tougher punishments if they film their offences to post them on social media. The draft states that youngsters in England and Wales, who carry knives or blades in public - when in a group - could face longer jail sentences.

The proposal noted that young people film their offence to "deliberately humiliate" victims and listed a number of probable "aggravating factors" for judges and magistrates to consider when deciding a punishment. These include, "deliberate humiliation of victims, including but not limited to filming of the offence, deliberately committing the offence before a group of peers with the intent of causing additional distress or circulating details/photos/videos etc of the offence on social media or within peer group", the Press Association reported.

These factors also include attempts to hide their identity and targeting victims working in the public sector or someone, who they find vulnerable.

Speaking about the proposal, Justice Minister Sam Gyimah said: "Knife crime ruins lives. Our crackdown is working - under this Government more people are being sent to jail for carrying a knife, and for longer. I want those who carry knives to feel the full force of the law. These new guidelines will help ensure sentences reflect the devastation caused to families and communities."

While the new proposals are aimed at bringing about changes to knife crime laws, they do not cover offences where another weapon is used to injure a victim. It also does not include the use or possession of guns.

The Sentencing Council stressed that it was aware of the use of social media to intentionally embarrass victims of knife crimes and that it has increasingly become common practice among young offenders. The council is seeking tougher sentences to help address public concerns as knife crimes are on the rise.

Nearly 29,000 knife-related crimes were recorded in the 12 months up to March 2016, while 7,800 adults and 1,400 young offenders were sentenced for the crime in 2015. The possession of knives and blades also increased from almost 10,000 to 11,500 during the period, BBC reported.

Meanwhile, Council Member and District Judge Richard Williams said: "Too many people are carrying knives and it only takes a moment of anger or drunkenness for one to be pulled out with fatal results or serious injury. Through these guidelines, we want to provide courts with comprehensive, up-to-date guidance to ensure that sentences reflect the seriousness of offending."

Last year, the government introduced a new compulsory "two strikes" jail sentence for adults caught with a knife more than once, who would face a minimum six-month jail term. However, figures have revealed that nearly half of the repeat offenders escaped jail sentences arguing that there were exceptional circumstances to their case.

(1st November 2016)


LONDON KNIFE CRIME IN SHOCKING RISE AS 4000 PEOPLE INJURED BY KNIVES LAST YEAR
(London Evening Standard, dated 6th October 2016 author Justin Davenport)

Full article [Option 1]:

www.standard.co.uk/news/crime/revealed-4000-people-were-stabbed-in-london-last-year-a3362201.html

London's epidemic of stabbings and knife injuries is at its highest rate for five years - with 11 people being injured in attacks each day.

The latest Met police statistics show more than 4,000 people suffered knife injuries in the capital in the last 12 months, a rise of 4.4 per cent on the previous 12 month period.

Deputy Mayor for Policing Sophie Linden described the rise as "deeply concerning," saying Mayor Sadiq Khan had called a knife crime summit later this month to tackle the crisis.

The figures also show the number of shootings in London is also rising, though the numbers involved are smaller.

Outgoing Met police chief Sir Bernard Hogan-Howe told a recent City Hall meeting that the force was worried about the involvement of gang members in the number of stabbings and the casual carrying of knives by young people.

He said while overall knife crime offences were falling, often cases where people reported seeing a blade, more people in London were getting stabbed.

He said : "We have too many casually carrying knives. Most of these events happen in public, they don't appear to be that pre-arranged. Casual or random arguments turn into very serious issues."

Sir Bernard said stabbings involving gangs were often linked to organised crime.

Figures show the number of young people being stabbed is rising at a rate of five per cent - a total of 1,751 people under the age of 25 suffered knife injuries in the last 12 months, compared to 1,668 over the same period a year ago.

A total of 4,015 people suffered knife crime injuries in the 12 months to August, compared to 3,844 in the previous period, a rise of 4.4 per cent.

The last highest total was in 2011 when they were 4,135 victims of stabbings.

The figures are revealed as the Sentencing Council for England and Wales recommended tougher sentences for people caught carrying knives in the street.

Carrying a knife while in a group or gang, or filming attacks for social media could also spell more jail time.

The Council, who produces guidlines for the judiciary, says it wants sentences to better recognise public concern amid a rise in recorded knife offences.

Justice Minister Sam Gyimah said sentences should reflect the "devastation" caused by knife crime.

Ms Linden said: "Every death or serious injury of a young Londoner is an utter tragedy and the recent rise in knife crime is deeply concerning.

"This is a complex issue that cannot be solved by policing alone, which is why we are working with communities, partner organisations, local authorities, and schools to understand the causes, identify those at greatest risk and intervene more effectively to stop people carrying knives."

Statistics also show that guns were fired 302 times in London in the year to the end of August 2016, 91 more than the previous year There was also a leap of a third in the number of guns fired in the month of August this year compared to June.

There were 46 firearm discharges in both July and August this year.

Sir Bernard said he believed the rise in gun crime was due to an increase in the number of weapons being smuggled into the UK.

The Met seized 714 guns in 2015, including semi-automatic guns, which he said was "worrying".

Sir Bernard said one reason more people were carrying and using knives was the mistaken belief that they would feel safer if they carried a blade, when the opposite is true because often the same weapon was used against them.

The Met chief said he had ordered more stop and searches to be carried out in areas where there were the most stabbings. Figures compiled by the Mayor's Office for Policing and Crime show victims under 25 experience half of all knife injury robberies and 48% of all serious knife assault offences.

A Met operation to tackle knife crime launched in October last year had resulted in the seizure of 4,700 knives in London.

The figures were revealed after a series of shocking knife attacks on London's streets.

Last month Ricky Hayden, 27, a celebrities' bodyguard who worked at the wedding of ex-England footballer Peter Crouch, was killed and his father Paul, 46, suffered serious injuries after they confronted four masked men armed with machetes who were allegedly trying to steal a moped outside the family home in Chadwell Heath. One man has been charged with murder.

In August 19-year-old Andre Aderemi became the eighth teenager to be stabbed to death in London this year.

He allegedly suffered multiple stab injuries. Four teenagers have been charged with his murder.

Sixteen people suffered knife injuries at this year's Notting Hill carnival while a teenager who 'stabbed people for fun' when a water fight in Hyde Park exploded into violence is facing years behind bars.

Joshua Clements, 18, has admitted wounding two men with a hunting knife at the London park.

Concern that gangs were increasingly carrying so-called Zombie knives led to a Government ban on the sale knives with 25 inch serrated blades earlier this year.

(1st November 2016)


POLICE IN INDIA DETAIN 750 OVER US CALL CENTRE SCAM
(BBC News, dated 5th October 2016)

Full article : www.bbc.co.uk/news/world-asia-india-37564408

Police in the western Indian city of Thane have arrested more than 750 people suspected of defrauding US citizens from a fake call centre.

Officers say the suspects obtained lists of US tax defaulters and used threats to obtain their bank details.

The scam is said to have netted more than $150,000 (£118,000) a day, making it one of the biggest frauds in India's history.

Thane police officials said they were contacting the FBI to ask for help.

Some 70 of those detained were formally arrested, police said, with the rest released pending further inquiries. Nine people believed to have led the scam have been identified.

The scammers pretended to be members of the US Internal Revenue Service, and told victims they owed back taxes.

In some cases, the victims were duped into buying gift vouchers from different companies and bullied into revealing voucher ID numbers, police said.

The scammers then made purchases with the voucher numbers.

Police say those involved in the scam at the Indian end retained 70% of the earnings, with 30% going to their US collaborators.

Paramvir Singh, the police commissioner of Thane, told reporters that 851 hard disks, high-end servers, and other electronic equipment had been seized.

Mr Singh said overnight raids on Wednesday had lasted well into the morning, and involved more than 200 policemen who had raided buildings in three locations in the city.

Thane police superintendent Mahesh Patil told BBC Hindi that the investigation could open up cases from other countries as well.

A US State Department official said: "We have seen reports and are following the situation closely to confirm any US citizen involvement. We would refer you to the local Indian authorities for further details on the case."

(1st November 2016)


MRSA VARIANT FOUND IN BRITISH PORK AT ASDA AND SAINSBURYS'S
(The Guardian, dated 3rd October 2016 authors Andrew Wasley, Kjeld Hansen and Fiona Harvey)

Full article [Option 1] :

www.theguardian.com/environment/2016/oct/03/revealed-mrsa-variant-found-in-british-pork-at-asda-and-sainsburys

Meat produced from British pigs has been shown to be infected with a livestock strain of MRSA, the Guardian can reveal, raising concerns that the UK is on the brink of another food scandal.

Tests on a sample of 97 UK-produced pork products from supermarkets show that three - sold at Asda and Sainsbury's - were contaminated with the superbug strain which can cause serious health problems.

The Guardian, working with the Bureau of Investigative Journalism (BIJ), has also established that a loophole in import regulations is leaving an open door for MRSA CC398-infected live pigs from countries such as Denmark, where the disease is rife.

The findings have serious implications for human health. MRSA CC398 is a potentially deadly bacteria which can be resistant to even the strongest antibiotics. It is less harmful to humans than the MRSA bug that kills about 300 people in hospitals in England and Wales each year. But it causes unpleasant persistent infections and can seriously harm people with compromised immune systems, such as those already suffering other illness.

It is known to have been responsible for at least six deaths in Denmark, though that is likely to be the tip of the iceberg. People can contract the disease from infected meat, and from infected animals.

The superbug, like other foodborne germs, is killed by thorough cooking - but it can be passed on through lapses in hygiene. Workers on pig farms can also catch the disease from infected animals and pass it on to other people.

Without action to halt it, the spread of the bug could follow the pattern in Denmark, where MRSA CC398 became established over a decade, now afflicts about two-thirds of pig farms and is viewed as a major public health crisis, with 12,000 people believed to have contracted it. Currently, there is no screening programme for MRSA CC398 on British farms.

Prof Tim Lang, of the Centre for Food Policy at City University in London, said: "If we don't have tight infection control and we don't try to control the movement of live animals, infection can spread. The British are up in arms about the movement of people, but the EU also has a large movement of animals. We need biosecurity, we need to tighten up this livestock movement. You may get cheap meat, but in the long term it's going to add to your public health problems."

Prof Erik Millstone of Sussex University added that the emergence of antibiotic-resistant superbugs from agriculture was "a huge threat to human health" and that there was a clear risk that MRSA CC398 could spread among British livestock herds and to people. He anticipated that the government would downplay this risk but warned: "While the [government] tries its customary tactics of blaming the victim, it won't work."

The tests were carried out by Dr Mark Holmes, director of studies in clinical veterinary medicine at Churchill College, Cambridge University, and commissioned by the Alliance to Save Our Antibiotics, founded by the Soil Association, Compassion in World Farming and Sustain. Two samples of minced pork from Asda and one from Sainsbury's were found positive.

Last year, tests by the Guardian on 100 samples of pork in UK supermarkets, including a mix of imported and UK-bred meat, found nine contained the superbug. However, all but one of the infected products were of Danish origin, the other Irish. That investigation marked the first time MRSA CC398 had been publicly found in products in UK supermarkets.

Today's follow-up tests are the first to name supermarkets whose UK-produced pork has been contaminated with the superbug. It is not possible to say whether these products originally came from imported pigs, or whether UK pig herds have been infected through imports. Either way, imports are likely to be the main agent spreading the disease, as the UK's pork production has remained relatively free from MRSA CC398 until now, and the main method of spreading the disease is from animal-to-animal contact on farms.

At least one regular Danish supplier of imported pigs to the UK was found to be contaminated with the drug-resistant bacteria in 2014, the Bureau of Investigative Journalism has established. The company -Breeding Centre Rønshauge A/S - refused to say how many pigs it had exported to the UK and whether they could have been contaminated. But official export figures show that the company supplied 41 pigs to the UK in July this year, 65 in 2013 and 16 in 2012.

But the UK government does not screen for the infection in imported animals, citing a low risk of serious illness. The main initial effect is a nasty skin infection that is disfiguring, unpleasant and highly infectious, but not fatal.

Emma Rose, from the Alliance to Save Our Antibiotics, said: "It is extremely worrying to find LA [livestock-associated]-MRSA in British-produced pork."

"Scientists are now warning that the extensive MRSA reservoir in animals could ultimately lead to a pandemic spread in the human population. LA-MRSA is able to cause serious and potentially fatal infections in humans, and as the bacteria is resistant to antibiotics, it is extremely difficult to treat. What's more, even more dangerous variations are emerging as the superbug evolves."

The Department for Environment, Food and Rural Affairs (Defra) said: "Livestock-associated MRSA is not the same as MRSA strains that can cause healthcare-associated infections and if meat is handled and prepared properly the risk to people is low. Defra and the National Pig Association recommend that pigs imported to Britain are screened for LA-MRSA.

"The government is reviewing options for surveillance, which will be proportionate to the very low health risk posed by livestock-associated MRSA."

Asda said: "Our customers can be assured that we are working closely with industry groups and farmers to make sure that antibiotics are used

responsibly in farm animals." Sainsbury's told the Guardian that MRSA CC398 was "very uncommon" in British pork and that it worked with farmers "to ensure antibiotics are used responsibly and are taking advice from leading industry experts".

The rise of the CC398 variant has been linked to the overuse of antibiotics in factory farming, where often cramped and dirty conditions allow disease to flourish and farmers become dependent on frequent doses of antibiotics.

The threat from imports of live animals has been overlooked, according to experts. When animals are imported, they have to undergo screening for a variety of other diseases, but screening for MRSA CC398 is purely voluntary. As a result, there is no way of knowing how many infected animals may have been brought to Britain.

There have been at least two confirmed cases of the disease found at UK pig farms, one of them in Northern Ireland and the other in eastern England. However, as no systematic tests are carried out on UK farms, it is impossible to know how many may harbour the bug.

Defra does not collate statistics on the number of farm animals imported, but figures from the Danish government show the UK imported more than 3,000 breeding pigs from the country in the past six years, including 916 in 2013, 598 the following year and 283 last year.

In the last three years, the UK food industry has been rocked with revelations from the Guardian of campylobacter in chicken, which can cause serious illness, stronger versions of salmonella with greater resistance, and of drug-resistant forms of E coli, recently found in one in four supermarket chickens, that thwart all but the strongest antibiotics. Most of the problems are thought to be down to the pressure towards factory farms producing the cheapest possible meat.

(1st November 2016)


UK MUST PROTECT EU CRIME PREVENTION LINKS - NCA SAYS
(The Guardian, dated 30th September 2016 author Jamie Grierson)

Full article [Option 1]:

https://www.theguardian.com/uk-news/2016/sep/30/uk-must-protect-eu-prevention-links-nca-says

Law enforcement chiefs have urged the government to ensure cross-border crime prevention measures are not jeopardised by Brexit negotiations, it has emerged.

The director general and deputy director general of the National Crime Agency said they asked ministers to protect Britain's arrangements with Europe, including use of the European arrest warrant and membership of Europol, amid concerns about the impact of leaving the union.

Membership of the EU gives the NCA and UK police forces access to tools which allow them to share intelligence quickly and efficiently with European counterparts.

Lynne Owens, the NCA's director general, said at a briefing on Friday that the agency had approached the Home Office and Brexit department to raise its concerns.

"We've been describing what we need to be in place post-Brexit," she said. "We're absolutely clear the policy decisions are not for us but we need to be spelling out the operational case.

"In bluntest form, we must be able to continue to exchange intelligence and we must be able to understand the movement of criminals and criminal behaviour across international borders. We are supplying that information to the Home Office and it's for them to make the policy negotiation."

Before the 23 June referendum, Owens said a vote to leave the EU could put efforts to fight crime at risk.

Her deputy, David Armond, said on Friday that a "substantial paper" on the current arrangements had been compiled by the NCA, which has a broad remit, to tackle serious and organised crime, cybercrime and child sexual exploitation.

"We're coming up with a strong operational case for why those arrangements are necessary," he said. "Obviously [Brexit] is a concern and we are all over this and contributing quite significantly."

He said the NCA was considering alternatives measures if the UK was no longer able to use those in Europe.

"It won't be easy. But Europeans need us as much as we need them, probably more so."

Armond said he was confident the negotiations would deliver the right outcome. "I cannot envisage a situation where we cannot continue to do business with our European partners," he said. "It's important for all of our security in protecting our citizens."

He said the European arrest warrant, which allows police forces to request the detention and extradition of an offender, would be a particular "tricky" issue.

"If we can't stay in that we've got to negotiate a series of new treaties with overseas territories about what extradition will look like."

Theresa May argued strongly in favour of the European arrest warrant when she was home secretary. Rejoining the warrant, which also allows for swift extradition of foreign offenders in the UK was put to a vote in 2014, ahead of which May said it was a vital tool for keeping Britons safe.

Europol, the EU's law enforcement agency, helps member states fight serious international crime and terrorism. Before the referendum, former security chiefs, including the former head of MI5 Lady Manningham-Buller, and the former head of MI6 Sir John Sawers, said that voting remain was in the best interests of the country's security.

Asked if law enforcement officials did enough before the referendum to argue the case to remain, Owens said there was a concern that security chiefs would be seen as "political animals".

(1st November 2016)


UK's FIRST NATIONAL ANTI-CYBERSECURITY CENTRE TO OPEN WITH 700 STRONG TEAM
(Mail Online, dated 30th September 2016 author Press Association)

Full article [Option 1]:

www.dailymail.co.uk/wires/pa/article-3816285/UKs-national-anti-cybercrime-centre-open-700-strong-team.html

Britain's first national centre for combating cyber criminals is set to open next week, as the threat posed by online attacks continues to increase.

Terrorists, hackers and online gangs will be targeted by intelligence bosses at the new National Cyber Security Centre (NCSC) in central London.

A team of around 700 people are expected to be advancing the Government's war against cybercrime.

It is hoped that the new organisation will both respond to attacks and reduce the risk of future threats, as well as providing leadership in cyber security.

Pooling expertise at the centre will help make the UK "the safest place to live and do business online", its CEO said.

Previously, GCHQ said one of the first tasks will be to work with the Bank of England to produce advice for the financial sector for "managing cyber security effectively".

In the summer of 2015, the listening post was dealing with 200 cyber national security incidents a month, the then chancellor George Osborne said in a speech last year.

But the likelihood of anyone becoming a victim of cybercrime is also on the rise, with crime survey figures suggesting there were some two million computer misuse offences in the year which ended in March.

It fuelled concerns that the face of crime is changing and there were subsequent suggestions that people were more likely to be "mugged" online that in the street.

The centre will be led by Ciaran Martin, who was formerly the director general for cyber security at GCHQ.

Mr Martin said: " Our role is helping to make the UK the safest place to live and do business online. So we're going to tackle the major threats from hostile states and criminal gangs.

"But we're also going to work tirelessly to automatically protect people from those smaller scale and deeply damaging attacks that cause so much disruption and frustration.

"We'll also continue our work helping people and businesses understand better what they need to do to protect themselves."

Ben Gummer, Minister for the Cabinet Office and Paymaster General, said: "London leads the world in so many ways already. It is only right that we establish the country's first Cyber Security Centre in the heart of the capital as Britain continues to lead in tackling this global issue.

"Whilst retaining access to the world leading capabilities, partnerships and people of the intelligence community, this new centre will have an 'open-door' policy which will make it easier for businesses of all sizes to get the best support available for cyber issue."

(1st November 2016)


SEPTEMBER 2016


COMPUTING SECURITY REVIEW - SEPTEMBER 2016

-----------------------

CHINA'S 400,000 CYBERCRIMINALS
(International Business Times, dated 29th September 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/chinas-400000-strong-hacking-community-costing-nation-estimated-15bn-year-1583931

China has become one of the prime targets for hackers, thanks to limited availability of encryption and security resources. The most common perception of Chinese hackers is that of state-backed operatives targeting foreign governments, which in some cases may be accurate. However, both the government as well as businesses in China are plagued by cyberattacks, costing the nation billions of dollars every year.

According to Zheng Bu, a former executive at cybersecurity firm FireEye, there exists a 400,000-strong criminal hacker community in China and its proliferate activities is costing the country around 100 billion yuan ($15bn, £11.5bn) every year.

-----------------------
BT's WIFI EXTENDER WORKS GREAT - AT EXTENDING YOUR PASSWORD TO HACKERS
(The Register, dated 21st September 2016 author John Leyden)

Full article [Option 1]: www.theregister.co.uk/2016/09/21/bt_wifi_booster_fix/

BT is urging folks to patch the firmware in its Wi-Fi Extender following the discovery of multiple security flaws.

Fortunately, upgrading the firmware of the Wi-Fi Extender to version 1.1.8 resolves the problem. In a statement to The Register, BT thanked Pen Test Partners for its help in flagging up the software weaknesses:

We are grateful to Pen Test Partners for alerting us to this issue. We have been working to address this potential weakness and issued an update which corrected the problem in August 2016. We are not aware of any cases where customers have suffered any issues. Customers should ensure they download the firmware update from the BT website.

-----------------------
AUSTRALIA : POLICE WARN OF MALWARE-LADEN USB STICKS DROPPED IN LETTERBOXES
(The Register, dated 21st September 2016 author Simon Sharwood)

Full article [Option 1]: www.theregister.co.uk/2016/09/21/letterbox_usb_police_warning/

uaware note : If it has happened in one country, how long before the scam comes to the UK ?

Police in the Australian State of Victoria have warned citizens not to trust un-marked USB sticks that appear in their letterboxes.

The warning, issued today, says "The USB drives are believed to be extremely harmful and members of the public are urged to avoid plugging them into their computers or other devices."

"Upon inserting the USB drives into their computers victims have experienced fraudulent media streaming service offers, as well as other serious issues."

Only the suburb of Pakenham in Victoria's capital Melbourne has experienced the dodgy stick drop, but Victoria Police nonetheless saw fit to issue a state-wide alert.

-----------------------
LORD BLUNKETT LAUNCHES NEW CYBER SECURITY SCHEME FOR BIG BUSINESS
(The Register, dated 21st September 2016 author John Leyden)

Full article [Option 1]: www.theregister.co.uk/2016/09/21/cyber_highway/

A high-profile project has been launched with the aim of strengthening UK enterprises' IT security.

The Cyber Highway was launched in London on Tuesday by Lord David Blunkett. The resource offers a "user-friendly online portal for large enterprises that want to strengthen the cyber defence of their supply chain."

Corporations will, essentially, be able to monitor in real-time the progress their suppliers are making en route to Cyber Essentials certification.

Cyber Essentials is a UK government scheme that launched in June 2014 and is designed to help organisations protect themselves against hackers and malware infections. It's largely about baseline security controls.

So basically, Cyber Highway ensures that your suppliers are following the Cyber Essentials requirements of good security - which is crucial as more and more Whitehall departments insist on suppliers being Cyber Essentials certified.

------------------------
RESEARCHERS SHOW OFF REMOTE ATTACK AGAINST TESLA MODEL S
(Computer World, dated 20th September 2016 author Lucian Constantin)

Full article [Option 1]:

http://www.computerworld.com/article/3121908/security/researchers-show-off-remote-attack-against-tesla-model-s.html

Tesla Motors is considered one of the most cybersecurity-conscious car manufacturers in the world -- among other things, it has a bug bounty program. But that doesn't mean the software in its cars is free of security flaws.

Researchers from Chinese technology company Tencent found a series of vulnerabilities that, when combined, allowed them to remotely take over a Tesla Model S car and control its sunroof, central display, door locks and even the braking system. The attack allowed the researchers to access the car's controller area network (CAN) bus, which lets the vehicle's specialized computers communicate with each other.

------------------------
CAN BANKS DO BIOMETRIC SECURITY ? WE'D TRUST THEM BEFORE THE GOVERNMENT
(The Register, dated 19th September 2016 author John Leyden)

Full article [Option 1]: www.theregister.co.uk/2016/09/19/british_biometric_survey/

Brits have more faith in their banks than government agencies to roll out authentication technologies based on biometrics, according to a new survey from Visa.

Consumers are nearly twice as likely to trust banks to store and keep their biometric information such as fingerprints and iris scans safe (60 per cent), than they are to trust government agencies (33 per cent).

Nearly two-thirds of consumers (64 per cent) want to use biometrics as a method of payment authentication. The growth in fingerprint authentication for mobile payments via Apple's Touch ID technology and the like is driving increased acceptance of the technology.

Consumers favour fingerprint authentication (88 per cent) as the most secure form of payment ahead of other biometric authentication options such as iris-scanning (83 per cent) and facial recognition (65 per cent).

------------------------
WINDOWS SAFE MODE CAN BE USED TO CONDUCT "UNDETECTABLE" CYBERATTACKS
(International Business Times, dated 17th September 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/windows-safe-mode-can-be-used-conduct-undetectable-cyberattacks-putting-billions-pcs-servers-1581832

Security researchers have uncovered that Windows Safe Mode may not be as safe as it is believed to be, deeming the feature to have a "significant risk". The feature, which is built into all Windows OS (operating systems), both on PCs and servers, can potentially be used by hackers to steal PC login credentials and disable security software "all while remaining undetected", according to research conducted by security firm CyberArk.

CyberArk security researchers have also said that Windows 10 is not immune to such exploits, despite the presence of Microsoft's Virtual Secure Module (VSM).

----------------------
ONE RANSOMWARE GANG RAKED IN OVER $120m IN JUST 6 MONTHS
(International Business Times, dated 17th September 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/one-ransomware-gang-raked-over-120m-just-6-months-says-mcafee-labs-threats-report-1581801

Security researchers have uncovered that a group of cybercriminals or an individual involved in a widespread ransomware delivery operation has earned over $120m (189,813 Bitcoins) in just 6 months. The group still holds $94m in Bitcoin wallets, with the rest likely spent on amassing botnets, servers, other cyber tools and personal costs.

McAfee Labs security researchers noted in their quarterly report that ransomware attacks have grown over 128% "year over year". Additionally, researchers observed that ransomware attacks targeting hospitals have also spiked recently. Such is the propensity and profitability of ransomware that developers have even taken to showing off the functions and abilities of codes on underground forums.
-----------------------
NATIONAL CYBER SECURITY CENTRE TO SHIFT UK TO "ACTIVE" DEFENCE
(The Register, dated 16th September 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/09/16/uk_gov_active_cyber_defence/

The head of the UK's new National Cyber Security Centre (NCSC) has detailed plans to move the UK to "active cyber-defence", to better protect government networks and improve the UK's overall security.

The strategy update by NCSC chief exec Ciaran Martin comes just weeks before the new centre is due to open next month and days after the publication of a damning report by the National Audit Office into the UK government's current approach to digital security.

Martin called for the "development of lawful and carefully governed offensive cyber capabilities to combat and deter the most aggressive threats".

Active cyber defence means hacking back against attackers to disrupt assaults, in US parlance at least. Martin defined the approach more narrowly as "where the government takes specific action with industry to address large-scale, non-sophisticated attacks".

----------------------
GOVERNMENT, CARMAKERS MORE WORRIED THAN EVER ABOUT VEHICLE CYBER ATTACKS
(Computer World, dated 14th September 2016 author Lucas Mearian)

Full article [Option 1]:

http://www.computerworld.com/article/3120390/car-tech/government-carmakers-more-worried-than-ever-about-vehicle-cyber-attacks.html

Automakers and legislators appear to be coming together on the need for greater cybersecurity for vehicles that are increasingly connected to the internet and controlled by ever-more sophisticated computer systems and software.

Volkswagen today announced it will form a cybersecurity company headed by Yuval Diskin, the former head of Israel's security agency. The company, CyMotive Technologies, will be 40% owned by the German automaker and the rest will be controlled by Diskin and two other former leaders in Israel's Shin Bet intelligence agency.

A modern car has dozens of computers with as much as 100 million lines of code -- and for every 1,000 lines there are as many as 15 bugs that are potential doors for would-be hackers.

Last year, Fiat Chrysler Automobiles (FCA), the world's seventh largest automaker, issued a recall for for 1.4 million vehicles to fix a software hole that allowed hackers to wirelessly break into some vehicles and electronically control vital functions.

Last month, the same hackers who proved FCA's Jeep Cherokee could be hacked wirelessly demonstrated at the Black Hat conference in Las Vegas that the vehicle's Controller Area Network (CAN) could also be hacked.

Along with the Jeep Cherokee, the report identified the 2014 Infiniti Q50, the 2015 Cadillac Escalade, the 2010 and 2014 Toyota Prius and the 2014 Ford Fusion as the most hackable.

By 2020, the number of Internet-connected vehicles will reach 150 million, according to Gartner, and 60% to 75% of them will be capable of consuming, creating and sharing Web-based data.

And, by 2035, there will be 21 million autonomous vehicles on roadways, according to research firm IHS Automotive.

----------------------
THIS USB STICK WILL FRY YOUR UNSECURED COMPUTER
(Computer World, dated 8th September 2016 author Lucas Mearian)

Full article [Option 1]:

http://www.computerworld.com/article/3118344/computer-hardware/this-usb-thumb-drive-will-fry-your-unsecured-computer.html

A Hong Kong-based technology manufacturer, USBKill.com, has taken data security to the "Mission Impossible" extreme by creating a USB stick that uses an electrical discharge to fry an unauthorized computer into which it's plugged.

"When the USB Kill stick is plugged in, it rapidly charges its capacitors from the USB power supply, and then discharges -- all in the matter of seconds," the company said in a news release.

To do that, the USB stick discharges 200 volts DC over the data lines of the host device. This charge/discharge cycle is repeated many times per second, until the USB Kill stick is removed.

----------------------
GOOGLE SAFE BROWSING DELIVERS DETAILS TO COMPROMISED WEBSITE OWNERS
(Computer World, dated 7th September 2016 author Lucian Constantin)

Full article [Option 1]:

http://www.computerworld.com/article/3117300/security/google-safe-browsing-delivers-details-to-compromised-website-owners.html

Google is now providing more information to website owners whose online properties are temporarily blocked as unsafe by its Safe Browsing technology as a way to help them fix the identified problems faster.

Google Safe Browsing is a technology used by Google's search engine, the Google Chrome browser, Mozilla Firefox, Apple Safari, and Android to steer users away from websites that host malicious or deceptive content.

On the back-end, Google uses robots to scan the web and build a list of websites that host malware, harmful downloads, or deceptive ads and pages. Software developers can then plug into an API to integrate this list into their own applications.

The problem is that many websites hosting malware or bad ads don't do so intentionally but were hacked by attackers.

---------------------
(1st October 2016)


POLICE BODY CAMERAS LEAD TO 90% DROP IN PUBLIC COMPLAINTS AGAINST OFFICERS, STUDY FINDS
(The Telegraph, dated 29th September 2016 author Telegraph Reporters)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/09/29/police-body-cameras-lead-to-90pc-drop-in-public-complaints-again/

An increase in the use of body cameras by police has led to a huge drop in complaints made against officers, research shows.

A study by the University of Cambridge found a 93 per cent decrease in complaints made against officers clearly wearing the cameras, which record what happens during police incidents, compared to the previous year.

Researchers said the result "assumes that BWCs (body-worn cameras) reduce officer non-compliance with procedures, improve suspects' demeanour, or both".

The study, which involved West Midlands Police, West Yorkshire Police, Cambridgeshire Constabulary and the Police Service of Northern Ireland, suggests that the "observer effect" of the cameras influences the behaviour of both officers and citizens.

Dr Barak Ariel, leading the research, said that the results suggested wide use of BWCs could reduce violence conflicts with officers and mark a significant cultural change in policing.

His report stated: "Cooling-down potentially volatile police-public encounters to the point where official grievances against the police have virtually vanished may well lead to the conclusion that the use of BWCs indeed signals a profound sea change in modern policing."

But the study comes only a few weeks after it was revealed that there is a "complete lack of consistency" in the use of BWCs by officers armed with Tasers.

A survey of the UK's 45 territorial forces showed that many have not completed a full roll-out of the equipment among staff and at least one has said it has no current plan to adopt the cameras.

The issue was highlighted following the death of former football star Dalian Atkinson after he was Tasered in Telford, Shropshire, on August 15.

But the College of Policing said there was "no specific guidance" for issuing armed officers in the UK with bodycams, although it did issue advice on usage in 2014.

Both the Home Office and the National Police Chiefs' Council (NPCC) have said the use of BWCs is an "operational" decision for each force.

During the Cambridge study, conducted across seven sites, researchers found that the number of complaints lodged against officers dropped from 1,539 (which equates to 1.2 per officer) to 113 in 12 months.

But the report pointed out that these results give no evidence of other areas in policing and that the BWCs do not necessarily have a long-term effect on general police "legitimacy".

It said: "Even if BWCs can lead to perfectly executed police procedures ... what happens before or after the encounter might still be perceived as unfair, racist, unprofessional, or malicious."

Commenting on the report, Dr Ariel said: "We couldn't analyse exactly what happened in every police incident involved, but we think the change has more to do with officers' behaviour.

"They are the ones well-trained to deal with these situations and know how to behave, so now there is a tool to make sure they are doing their job.

"But we think the cameras can also reduce frivolous complaints and false allegations that are made even when officers have done nothing wrong. In the study we saw that all complaints went down - in some areas they went down to zero."

He added that the use of cameras by police has become increasingly important as more and more members of the public record police incidents on phones and cameras.

"Everyone is recording the police, except for themselves," he said.

Commenting on the slow take-up of BWCs by some police forces, he said: "It's a question of money, even though the cameras eventually pay for themselves.

"Some forces just don't have the money, so it's time for the Home Office and other authorities to help fund this. But we are about to face a turning point. I think in 25 years all officers will be using a camera."

(1st October 2016)


HUMAN RIGHTS ORGANISATIONS TAKE UK AND USA TO COURT OVER EXCESSIVE SURVEILLANCE
(The Register, dated 29th September 2016 author Alexander J Martin)

Full article [Option 1]: www.theregister.co.uk/2016/09/29/echr_surveillance/

Human rights organisations have today made the most direct legal challenge against the UK and USA's surveillance activities since they were first revealed in 2013.

Despite the outcry against surveillance which followed the outpourings of rogue NSA sysadmin Edward Snowden, and a few successful legal challenges, the utility and lawfulness of bulk interception has been consistently upheld by courts on both sides of the Atlantic.

Ten organisations including Privacy International, Liberty, and Amnesty International, have today filed a direct complaint against the UK and USA to the European Court of Human Rights.

The 115-page complaint is the first to directly challenge programmes such as GCHQ's system Tempora, as well the NSA's Upstream collection programme, on the grounds that they are in breach of Article 8 of the European Convention of Human Rights.

Article 8 provides for a qualified right to privacy, a right that may be abridged if particular conditions are met, including that there are clear legal regimes regulating how governments may engage in surveillance against their populations.

The claimants are concerned that domestic courts and independent oversight mechanisms haven't been able to tackle the bulk interception of transnational data flows, and the sharing of such data between different government agencies, due to "institutional deficiencies" in some cases and "the geographically bounded jurisdiction of these mechanisms" in others.

Caroline Wilson Palow, General Counsel at Privacy International, said:

For years, the UK Government has been secretly intercepting enormous volumes of internet traffic flowing across its borders.
At the same time, it had and still has access to similarly vast troves of information intercepted by the US Government.

The UK court tasked with overseeing the UK intelligence agencies has sanctioned these bulk surveillance practices, normalizing state interception, retention, analysis and dissemination of personal communications and data at this scale.

Palow added: "We call on the European Court of Human Rights to reject this disturbing trend by finding that bulk surveillance is incompatible with the rights to privacy and freedom of expression enshrined in the European Convention on Human Rights."

The applicants are: the American Civil Liberties Union, Amnesty International, Bytes for All, the Canadian Civil Liberties Association, the Egyptian Initiative for Personal Rights, the Hungarian Civil Liberties Union, the Irish Council for Civil Liberties, the Legal Resources Centre, Liberty, and Privacy International.

(1st October 2016)


FINGERPRINT TECHNOLOGY MAKES ATMs SUPER SECURE, SAY BANKS ! REALLY ?
(The Register, dated 29th September 2016 author John Leyden)

Full article [Option 1]: www.theregister.co.uk/2016/09/29/biometric_atm_fraud/

Cybercriminals are hawking their claimed ability to exploit newly introduced biometric-based ATM authentication technologies.

Many banks view biometric-based technologies such as fingerprint recognition to be one of the most promising additions to current authentication methods, if not a complete replacement to chip and PIN.

Crooks, however, regard biometrics as a new opportunity to steal sensitive information, research by Kaspersky Lab shows.

Credit card-related financial fraud against ATMs started many years ago with primitive skimmers - homemade devices attached to an ATM and capable of stealing information from the card's magnetic strip and PIN with help of a fake ATM pin pad or a web camera. This information was subsequently used to make counterfeit cards.

Over many years, the design of such skimmers has been improved to make them less visible. Following the introduction of much harder (but not impossible) to clone chip-and-pin payment cards, the devices evolved into so-called "shimmers". These shimmers added the ability to gather information from the card's chip, giving sufficient information to conduct an online relay attack. The banking industry is responding with new authentication solutions, some of which are based on biometrics.

Crooks have recently begun boasting about the ability to offer next generation ATM skimmers that circumvent these additional biometric-based authentication controls.

According to a Kaspersky Lab investigation into underground cybercrime, there are already at least twelve sellers offering skimmers capable of stealing victims' fingerprints. Moreover, at least three underground sellers are already researching devices that could illegally obtain data from palm vein and iris recognition systems.

Researchers at the Russian security software firm spotted the first wave of biometric skimmers in "presale testing" last September. Evidence collected by Kaspersky Lab researchers since suggests that during this prototype development process, developers discovered several bugs. The main problem was the use of GSM modules for biometric data transfer - they were too slow to transfer the large volume of data obtained. As a result, new versions of skimmers will use other, faster data transfer technologies.

Ongoing discussions in underground communities cover the development of mobile applications based on placing masks over a human face. With such an app, attackers might be able to take a person's photo posted on social media and use it to fool a facial recognition system.

"The problem with biometrics is that, unlike passwords or pin codes which can be easily modified in the event of compromise, it is impossible to change your fingerprint or iris image," said Olga Kochetova, a security expert at Kaspersky. "Thus, if your data is compromised once, it won't be safe to use that authentication method again. That is why it is extremely important to keep such data secure and transmit it in a secure way."

"Biometric data is also recorded in modern passports - called e-passports -- and visas. So, if an attacker steals an e-passport, they don't just possess the document, but also that person's biometric data," she added.

The use of tools capable of compromising biometric data is not the only potential cyber-threat facing ATMs, according to the Kaspersky Lab researchers. Hackers will continue to conduct malware-based attacks, blackbox attacks and network attacks to seize data that can later be used to steal money from banks and their customers.

(1st October 2016)


UK.GOV IS DOING NOTHING TO BREAK £20bn OF LOCKED-IN IT CONTRACTS
(The Register, dated 28th September 2016 author Kat Hall)

Full article [Option 1]: www.theregister.co.uk/2016/09/28/government_20bn_it_contract_lock_in_/

If IT wasn't perceived to be such a boring topic by Joe Public, the amount the government still spends on expensive clunky technology would be viewed as a national scandal.

Across the entire public sector the annual figure has been pegged at around £20bn. No one knows for sure.

As long as Whitehall's money is locked into costly long-term tech contracts, there's little hope of dramatically cutting its ludicrously high IT spend.

The Cabinet Office tactic of stopping expensive projects before they happen has only worked up to a point. Even then, an analysis reveals there has been major push-back from departments since former Cabinet Office minister Francis Maude stepped down.

About £6.3bn was spent with IT suppliers during the year 2014/15 - with 42 per cent going to just three suppliers, according to government data shared with The Register earlier this year.

Sixty-five per cent of the total figure was hoovered up by 10 suppliers, with HP coming top at £1.2bn, followed by Capgemini at £861m, and BT at £561m, according to our analysis of Cabinet Office data from the National Audit Office.

Major contract reform is clearly yet to happen.

Dodging the controls

Many departments have been getting round the Cabinet Office's mandate that no contract should be worth more than £100m by extending their existing deals.

The exceptions to that are: the Department for Transport, which has brought its IT in-house; the Cabinet Office; and HMRC, which has already begun to take a staggered approach to throwing off Fujitsu and Capgemini and bringing in 400 smaller suppliers.

In order to establish how close Whitehall is to throwing off the shackles of its SI overlords, The Register sent a Freedom of Information request to each government department to details its main IT supplier, any extensions from the original start date, and what the total contract value will be by the time they end.

Given each department was asked exactly the same questions, responses wildly varied from not knowing how much spend goes on suppliers, refusing to release the information due to "commercial confidentiality", or seeking clarity on the exact questions.

The genuine responses did not make for encouraging reading.

Total contract spend? Dunno...


The Ministry of Justice named Hewlett Packard Enterprise Services, Sopra Steria, Atos and CGI as its main suppliers, with all of those deals set to run out this year. The CGI contract was first signed in 2006 and was extended for three years.

Incredibly, the department could not say what the total contract value of those deals will be because "it does not hold the information." Neither could it say what its exit strategy is for not signing new contracts worth more than £100m.

The Home Office signed a deal with Fujitsu in 2000, which it extended for five years in 2015 and now expects to expire in the first quarter of 2017. The total contract value of that deal is £640m.

On the topic of what next, it said:

The department has adopted a strategy aligned to the Cabinet Office and Government Digital Service approach of disaggregating large legacy IT contracts into smaller component services, which can be re-competed to capture technical innovation as it emerges, at lowest market cost. The department will be the controlling service integrator, managing a mixed economy of collaborating suppliers and Home Office service provision.

The Department for Work and Pensions would not name its suppliers, contract lengths or give the value of its contracts because it has "many IT service contracts across a scope of technology services".

In a boilerplate statement it said: "The department is currently working towards the DWP 2020 Vision, pursuing flexibility across the breadth of Technology Service contracts to achieve better value for money."

Don't understand the question


Four weeks after the request was submitted, the Ministry of Defence responded it could not answer the question as it needed clarity to know "specifically what you mean by main IT contractor to enable us to provide you with a response."

Perhaps the most transparent response came from the Department for Environment, Food & Rural Affairs (Defra).

The main IT contract for Defra is with IBM and was signed in 2004, said the department. The contract is due to expire in 2018, following an extension in 2010, and is estimated to cost £1.4bn in total.

It even appeared to have the most coherent response for an exit strategy, saying:

Defra has set-up a programme to procure a new set of IT contracts that will replace the current incumbent supplier. The programme business case sets out the strategy and approach and has been shared and communicated with Cabinet Office and received Treasury approval.

In support of Defra's key strategies and wider business benefits including reducing deliverability risk, the exit strategy is to adopt a disaggregated model. This is in line with Government strategy and emerging best practice.

'Must protect supplier'

In contrast, the Department for Business, Energy and Industrial Strategy (BEIS) named its main IT contractor as CGI but refused point blank to provide any more information because "disclosure of this information would weaken CGI UK Limited's ability to participate competitively in a future commercial activity."

That approach is in stark contrast to how other departments responded to the same request, the Cabinet Office's transparency agenda, and the public interest, given the fact this is taxpayers' money which must be traceable.

On how it will split up its CGI deal, BEIS said: "The Department will exit from the current contract to replacement services procured against defined requirements. It is expected that the department will continue the current strategy of disaggregating IT services. It is not expected that any single contract will exceed £100m."

For anybody who would rather tens-of-billions of government spending go on something else (in other words, everyone), it would be in all our interests to hold their feet to the fire and find out what their plan is next.

(1st October 2016)


NUMBER OF MOTORISTS CAUGHT USING MOBILE WHILE DRIVING FALLS BY HALF DESPITE RESEARCH SHOWING THE CRIME IS ON THE RISE
(The Telegraph, dated 28th September 2016 author Telegraph Reporters)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/09/28/number-of-motorists-caught-using-mobile-while-driving-falls-by-h/

The number of motorists caught using a mobile phone behind the wheel has fallen by almost half in four years, it has been reported.

Over two-thirds of police forces across the UK recorded a drop in the number of drivers being stopped for mobile phone use since 2011, with one of England's largest constabularies seeing stops fall by more than 80 per cent.

The figures were revealed after research suggested illegal mobile phone use by drivers is on the rise and ministers agreed to toughen penalties.

Police officer leaders have blamed the fall in those being caught on a reduction of traffic officers as a result of budget cuts, saying the two go "hand in hand".

Of the 43 police forces in England, Scotland, Wales and Northern Ireland who were asked by the BBC to release data on mobile phone stops, 37 responded.

The figures showed there were 178,000 people stopped by police in the UK in 2011-12 for using their phones.

This compared to fewer than 95,000 in 2015-16, a drop of just under Kent Police saw the biggest drop over the period from 4,496 to 723, a fall of 84 per cent, while Wiltshire Police saw its stops fall from 2008 to 412 between 2011-12 and 2015-16 - nearly 80 per cent.

Jane Willetts, from the Police Federation of England and Wales, told the BBC there were now fewer than 4,000 officers policing the roads - half the figure in 2000.

"The two go hand in hand," she said.

Ten police forces - City of London, Gloucestershire, Lancashire, Lincolnshire, Norfolk, Suffolk, Warwickshire, West Mercia, West Midlands, West Yorkshire and Dyfed-Powys - recorded a rise in cases between 2014-15 and 2015-16.

Norfolk Constabulary's figures were the highest for five years, with officers stopping 2,287 drivers in 2015-16 compared to 836 in 2014-15.

Earlier this month, the RAC said a recent survey of more than 1,700 motorists showed almost one-third (31 per cent) of motorists admitted to using a handheld phone behind the wheel compared to just eight per cent in 2014.

The proportion of drivers who confessed to sending a message or posting on social media rose from seven per cent to 19 per cent over the same period.

Some 14 per cent of motorists even owned up to taking photographs or videos with their phone while driving.

The survey prompted an outcry and Transport Secretary Chris Grayling pledged to introduce tougher sanctions for illegal mobile phone use as soon as possible.

Motorists caught using a handheld phone are currently given three penalty points and a minimum fine of £100, but this is set to be increased to six points and £200 under the plans, with tougher penalties for new drivers and drivers of HGVs.

Department for Transport figures show that a driver impaired or distracted by their phone was a contributory factor in 492 accidents in Britain in 2014, including 21 that were fatal and 84 classed as serious.

uaware comment


You do not need to carry out research to discover that the use of mobile phones whilst driving is on the increase. Just observe the school run in the morning and see how many "caring Mums" use their mobiles whilst driving. Could it also be the case that police are turning a blind eye due to the paperwork ? For example, during one school run last week every car I drove past had a driver on their mobile, the vehicle behind me was a police van !

(1st October 2016)


EUROPOL - CYBERCRIMINALS GETTING MORE DEVIOUS
(The Register, dated 28th September 2016 author John Oates)

Full article [Option 1]:

www.theregister.co.uk/2016/09/28/europol_warns_on_cybercrime_trends/

Europol's annual cyber-crime survey warns that the quality of spearphishing and other "CEO fraud" is continuing to improve and "cybercrime-as-a-service" means an ever larger group of fraudsters can easily commit online attacks.

Many threats remain from last year - banking trojan attacks are still an issue for businesses and individuals although this has now been eclipsed by ransomware which is growing more quickly.

The ease of access to cyber-crime tools means that it now exceeds real world crime in terms of value in many European countries.

The report warns that although there is very limited use of these tools by extremist groups, the fact that they're simple to use, and fairly simple to access via the Dark web, means that could quickly change. It notes that such groups make wide use of social media for propaganda and recruitment there is little evidence of use of cyber-attack capabilities beyond website defacement.

Europol is also seeing the first evidence of organised criminal gangs beginning to exploit contactless cards.

It warns of increasing use of booter/stresser tools to run DDos attacks.

It has also seen a marked improvement in the quality and apparent authenticity of spear-phishing attacks - making them ever harder to separate from genuine communications.

Data remains a key target for cybercrims. But they're increasingly using it either to encrypt, for ransom, for direct extortion or to further more complex fraud, not just for immediate gain.

Another change this year is an increase in live streamed child sexual abuse.

Europol said: "The use of end-to-end encrypted platforms for sharing media, coupled with the use of largely anonymous payment systems, is facilitating an escalation in the live streaming of child abuse. Offenders target regions where there are high levels of poverty, limited domestic child protection measures and easy access to children."

Beyond recommending more resources for cyber-crime law enforcement Europol wants more collaboration and intelligence sharing to deal with Darknet investigations and prevent duplication of effort and improve sharing of tools and tactics.

More broadly it calls for a phenomenon-based approach to replace incident response. It notes that successes in combating fraud in the airline industry could be replicated for other industries. Equally operations to target offenders who need to be in a physical location - like car rental - in order to collect the proceeds of cyber-crime.

(1st October 2016)


SEX CRIME IN SCOTLAND SURGES TO 45 YEAR HIGH
(The Telegraph, dated 27th September 2016 author Simon Johnson)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/09/27/sex-crime-in-scotland-surges-to-45-year-high/

Sex crime in Scotland has surged to its highest level in 45 years, according to "extremely alarming" official statistics published yesterday that prompted demands for SNP ministers to toughen up the justice system.

The Scottish Government's annual report on recorded crime showed 10,273 sex offences were committed in 2015/16, seven per cent more than the previous year and a 53 per cent rise from 2006/07.

This is the highest total since 1971, with the total increasing every year since 2008/09, the year after the SNP came to power. In nearly half of cases, 43 per cent, the victim was a child under the age of 18.

The number of attempted rapes increased by 13 per cent last year to a record high. Although the total for rape and attempted rapes fell slightly, it has increased by 60 per cent over the past five years.

Sexual assaults increased by six per cent over the past year and 36 per cent over four years, with one of the main reasons a 56 per cent rise involving "penetration" of a female in 2015/16. The total number of sex assaults in the Highlands also rocketed by an astonishing 56 per cent in a single year.

The number of "other" sex crimes increased 20 per cent from 3,555 to 4,254 in a single year. This category included those with victims aged between 13 and 15, indecent photographs of children, incest and indecent exposure.

Non-sexual violent crime also increased, by seven per cent, with the number of attempted murders and serious assaults surging by 27 per cent.

SNP ministers yesterday hailed figures showing overall crime is down four per cent to the lowest level since 1974. They blamed historic cases for the marked rise in sex offences.

But the Conservatives accused them of "crowing" about the total but said this would be "no comfort" to the increasing number of sex attack victims.

The statistics were published the week after it emerged that some rapists and child-sex offenders have been punished with the SNP's community payback order (CPO) scheme rather than prison.

Douglas Ross, the Scottish Tories' Shadow Justice Minister, said: "Reporting of historic crime may make up part of this, but it's clear there is an extremely alarming trend here.

"These are among the most traumatic crimes that can take place, and we owe it to the public to ensure the levels of these crimes reduce rather than increase." He argued that using CPOs to punish serious sex crimes "sends out the wrong message and has to change as a matter of urgency."

Claire Baker, his Labour counterpart also argued that the 45 per cent rise in sex crimes could not be entirely attributed to more victims coming forward or historic cases. She said: "We need to accept that Scotland has an issue that needs to be seriously addressed."

The figures also showed cases of fire-raising and vandalism went up by four per cent, while instances of stalking rose 15 per cent from 1,251 to 1,435. Meanwhile, illegal importation of drugs soared by a remarkable 148 per cent.

However, crimes of dishonesty fell by nine per cent and the number of instances of handling offensive weapons fell to its lowest level since 1984.

Michael Matheson, the Justice Minister, said the increase in sex crimes was "unacceptable" but said the Scottish Government had taken "tough action" to ensure the culprits are brought to justice.

(1st October 2016)


COUPLE REALISED THEY HAVE BEEN ROBBED ON HOLIDAY AFTER SEEING THIS PHOTO
(The Telegraph, dated 27th September 2016 author Helena Horton)

Full article [Option 1]:
www.telegraph.co.uk/news/2016/09/27/couple-realise-they-have-been-robbed-on-holiday-after-seeing-thi/

A couple on holiday in Thailand got a nasty surprise when they flicked through their pictures following a visit to a temple in Chiang Mai.

They realised they had been ripped off after one of the snaps appeared to show a child stealing the woman's watch.

The man, who posted the image to Reddit, wrote: "Girlfriend in the progress of getting her watch stolen".

Not noticing the child slipping the watch off her wrist, the woman smiled for a photograph at a temple in Chiang Mai, Thailand, as her partner captured the image.

The man wrote under the photograph: "This pic solved the mystery of the missing watch".

People on Reddit were shocked by the age of the thieves.

One person wrote: "Adorable, adorable thieves. I didn't suspect a thing when I saw them."

Others on the thread said they had seen those children on their own travels to Chiang Mai.

One said they must be the "two most popular child thieves in all of Asia", while another commented he dodged a bullet by not getting his photograph taken with them.

People commented on their clever technique - how the children touched the woman in several places so she did not notice the watch being taken.

Someone commenting on the thread said: "Notice how the thief is touching her hand in several places? It's a pickpocket technique so that the mark gets accustomed to being touched by the thief and stops registering all of the touches."

Another wrote: "There are a number of factors that affect the success of a pickpocket. One is a good distraction. The two girls holding her hands will keep her from noticing what is going on.

"The other is that the body tends to recognize the stronger of two forces directed against it. You can demonstrate by hitting your thighs with something small in one hand (matchstick) and with your fist. You will typically, only acknowledge the heavier blow (fist).

"In this case the force of the girl holding her hand/arm far outweighs the force required to unbuckle the watch."

(1st October 2016)


POLICE CRITICISED AS ORGANISED GANGS GAIN CONTROL OF SEX INDUSTRY
(The Guardian, dated 25th October 2016 author Alex Hacillo and Mark Townsend)

Full article [Option 1]:

www.theguardian.com/society/2016/sep/24/organised-crime-behind-uk-sex-trade

Organised crime is far more involved in running Britain's sex trade than previously thought, with more than three-quarters of brothels found to have links to criminal gangs, according to pioneering research. It claims that sex workers' movements were controlled by brothels in a third of cases and criticises police for failing to tackle the criminals who control much of the off-street sex industry.

Published by an independent thinktank, the Police Foundation, the study is the first of its kind to document the links between organised crime and prostitution in a comprehensive way.

Using police data, researchers examined 65 known brothels in Bristol over two years, a figure which is a fraction of the true total, and interviewed more than 100 officials from the police and supporting agencies.

The report criticises the failure of local police to protect vulnerable sex workers, quoting one source saying that organised crime in the sex trade is "too hard [to tackle] for the amount of harm it causes", while admitting that operations against brothel owners are rare.

The findings come shortly after the conviction of Christopher Halliwell for the murder in 2003 of 20-year-old Becky Godden, a Swindon sex worker, a development that has prompted debate about the ability of the police to provide sufficient protection to sex workers.

The cost of tackling trafficking for sexual exploitation in the UK is estimated to be £890m a year, but the study highlights a near absence of proactive police strategies. "Occasional welfare checks were completed at brothels by a local police team and partners, but sex workers rarely came forward," it states.

"Consequently, there were few calls to respond to and little information to direct more proactive policing efforts." It says that police welfare checks at brothels are "sporadic and not core business for any local agency".

Sex workers most vulnerable to trafficking are those at "pop-up brothels", which constitute up to a fifth of the number identified and move location frequently. Almost half of the sex workers identified in Bristol are Romanian.

The combined failure of any agency to take full responsibility for exploitation in the off-street sex trade, the Police Foundation claims, is leaving many sex workers isolated and vulnerable to exploitation by organised criminals.

"The relative impunity with which pimps and traffickers operate, combined with the almost total exclusion of many off-street sex workers - particularly foreign nationals - from mainstream society, requires a radical reconsideration of what the police and other relevant agencies should be doing,"the report adds.

Overall, the Police Foundation recommends a radical overhaul of local police approaches to organised crime in the sex trade. It urges the police, working with other local agencies, to do more to help victims of exploitation to come forward and offer more protection when they do.

The study also outlines a need for police forces to gather more robust intelligence: "The police and other local agencies need to do more to identify the hidden victims exploited in the off-street sex market and facilitate investigations for which no victim comes forward."

Although the buying and selling of sex is legal in Britain, pimping and running brothels are illegal. The International Union of Sex Workers, a trade union affiliated with the GMB, advocates complete decriminalisation as the only way to ensure that sex workers have the full protection of the law.

(1st October 2016)


WHICH - FILES SUPERCOMPLAINT AGAINST BANKS OVER TRANSFER FRAUD
(The Guardian, dated 23rd September 2016 author Rupert Jones)

Full article [Option 1]:

www.theguardian.com/business/2016/sep/23/which-files-supercomplaint-against-banks-over-transfer

UK banks should do more to protect customers tricked into transferring money to fraudsters, according to a consumer body that has lodged a "supercomplaint" with financial regulators. The move by Which? means banks could now face a formal investigation into whether they can continue refusing to reimburse victims.

The organisation submitted its first supercomplaint this year in the same week that official data revealed that fraud in the UK payments industry had soared by 53% as criminals develop increasingly sophisticated tactics to steal bank customers' cash.

Which? said banks should "shoulder more responsibility" when someone is conned into transferring money to another person's account, just as they reimburse customers who lose money due to scams involving debit and credit cards or fraudulent account activity.

Some customers have lost considerable sums. In March this year the Guardian featured the case of Sarah and David Fisher, who were conned out of £25,000 after a fraudster posed as their builder and emailed them a fake invoice that was virtually identical to the one they were expecting.

The explosion in online and mobile banking means UK consumers now make more than 70m bank transfers a month, compared with just over 100m in a whole year just a decade ago. Which? claims that "protections have not kept up".

Using its legal powers, the organisation has submitted a supercomplaint to the Payment Systems Regulator, the watchdog for the UK's £75tn payment systems industry, which must now respond within 90 days.

There are many financial frauds that directly target customers, such as phishing emails and phone- and text-based scams. However, among the biggest growth areas are impersonation and deception scams where fraudsters hack into someone's email account and then pose as the builder, solicitor, landscape gardener or other tradesperson that the consumer has legitimately employed. Typically, the victim receives an invoice via email, which does not rouse suspicion because they were expecting it. It looks authentic and is usually for the correct amount - however, unbeknown to the consumer, the bank account number and sort code have been changed to those of the fraudster.

This is what happened to the Fishers, from north-west London. Last October they received a genuine invoice for building work that was being carried out, then what appeared to be a follow-up email from the same firm with a fresh invoice attached that included "our new banking details". The couple duly paid the requested £25,000, and while it quickly emerged they had been scammed, by the time the bank that operated the account used to accept their money was alerted, the cash had been withdrawn.

Almost a year after the incident, they have yet to recover a penny of their money. Sarah Fisher, a record label manager, told the Guardian this week that the police had identified the fraudster as someone living in Denmark. As a result, the case was "not being progressed" and had effectively come to a halt.

She added: "We took it to the financial ombudsman, who said that Barclays [which operated the account] had not behaved improperly." However, she said their MP, Tulip Siddiq, had said the case raised important issues and intended to pursue the matter in parliament.

Victims conned in this way currently have no legal right to get their money back from their bank, said Which?. Banks typically refuse to refund customers on the basis that they made the payment voluntarily. However, Which? said: "Consumers can only protect themselves so far. People cannot be expected to detect complex scams pressuring them to transfer money immediately, or lookalike bills from their solicitor or builder."

The organisation said banks had invested in security systems to detect and prevent fraud where they were liable to reimburse the victim, but added: "There aren't sufficient checks if someone is tricked into transferring money directly to another person's account."

Which? said it wanted the regulators to formally investigate the scale of bank transfer fraud and how much it was costing consumers, and propose new measures and greater liability for banks to ensure consumers are better protected.

The Payment Systems Regulator confirmed that it had received the supercomplaint and said it would examine the evidence Which? had supplied and gather its own, "to build a clearer picture of the issue and decide a course of action".

Possible outcomes might include regulatory action, a review or a referral of the complaint to another body.

(1st October 2016)


ATTACK ON YAHOO HIT 500 MILLION USERS
(BBC News, dated 22nd September 2016)

Full article : www.bbc.co.uk/news/world-us-canada-37447016

Hackers stole information from about 500 million users from Yahoo, the company has confirmed.

The breach occurred in late 2014 and included swathes of personal identifiable information, as well as "unencrypted security questions and answers".

It did not include any credit card data, the site said, adding it believed the attack was state-sponsored.

In July, Yahoo was sold to US telecoms giant Verizon for $4.8bn (£3.7bn).

It is not yet known if the breach will have an impact on that sale or its valuation.

###'Massive breach'

News of a possible major attack on Yahoo emerged in August when a hacker known as "Peace" was apparently attempting to sell information on 200 million Yahoo accounts.

Yahoo on Thursday confirmed the breach was far bigger than first thought.

It recommended all users should change their passwords if they had not done so since 2014.

"Online intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry," the company said in a statement.

"What is noticeable here is that this breach is massive," said Nikki Parker, vice-president at security company Covata.

"Yahoo is likely to come under intense scrutiny from regulators, the media and public and rightly so. Corporations can't shy away from data breaches and they must hold their hands up and show that they are committed to resolving the problem."

She added: "Let's hope the ink is dry on the contract with Verizon."

The scale of the hack eclipses other recent, major tech breaches - such as MySpace (359 million), Linkedin (159 million) and Adobe (152 million).

---------------------------
BT OPENS INVESTIGATION INTO YAHOO DATA HACK
(London Evening Standard, dated 23rd September 2016 authors Benedict Moore-Bridger and Jamie Nimmo)

Full article [Option 1]:

www.standard.co.uk/business/business-news/yahoo-hacking-scandal-bt-investigating-whether-its-customers-may-be-affected-by-statesponsored-a3352396.html

BT is investigating whether its customers may be affected by the "state-sponsored" hacking of 500?million Yahoo accounts.

Personal data has been stolen from the accounts in a security breach which dates back to 2014 but was discovered only recently.

The stolen data includes names, email addresses, telephone numbers, birth dates, hashed passwords, and the security questions - and answers - used to verify an account holder's identity.

Last month, the technology site Motherboard reported that a hacker who uses the name Peace boasted he had account information belonging to 200?million Yahoo users and was trying to sell the data on the web.

BT, which has used email services provided by Yahoo, said: "BT is currently investigating the Yahoo data breach. As a precaution for the minority of our customers who use Yahoo mail, we are advising those who haven't changed their passwords post-December 2014 to change them."

Sky, whose email service is powered by Yahoo, told customers: "We advise that you change your passwords online and follow good password management practices."

Customers have attacked Yahoo for not discovering the hack in 2014 and failing to tell them about it until yesterday. They also called on boss Marissa Mayer to quit.

News of the security lapse could also damage Yahoo as it tries to sell its digital operations to Verizon Communications for £3.7?billion.

Yahoo said the attack was committed by a "state-sponsored actor". A spokesman added: "Yahoo is working closely with law enforcement on this matter."

(1st October 2016)


THE "FREE TRIALS" THAT ARE ANYTHING BUT FREE
(BBC Watchdog, dated 21st September 2016)

Full article [Option 1]:

www.bbc.co.uk/bbcthree/item/b4205c76-9989-4069-9b0a-7c2933ea428b

Ever been tempted to sign up to an online 'free trial' of miracle face cream, quick fix diet pills or muscle growth supplements?

Before you do, it's worth remembering that only rarely is anything on the internet actually free. One way or another, it's gonna cost you.

Julian Simms from Castleford, West Yorkshire, saw an advert pop up on his phone for a 'free trial' for some face cream. He paid £3.95 for postage and packaging and it arrived the next day. But two weeks later he noticed that his bank balance was significantly lower than it should have been. He checked his account and noticed two payments, one of £59 and another of £69, had been debited from his account. Julian says, "When I saw the amounts of money that had been taken from my account I just panicked. I was scared that hundreds of pounds was going to get taken out".

Julian says he found it very difficult to track the company down. When he finally found their contact details he called them and complained. He managed to get one payment refunded and the other stopped, after speaking to his bank. Unbeknown to Julian, he had inadvertently set up a Continuous Payment Authority (CPA).

He tells Watchdog, "I'd never heard of a Continuous Payment Authority before, let alone how to set one up. I should have read through the terms and conditions properly".

What's a Continuous Payment Authority when it's at home?

A CPA, also known as a 'recurring payment', is a regular payment linked to your credit or debit card. The company can take payment on whatever day they want for whatever amount they choose. A typical payment is around £80. They can be set up in person, online or over the phone and often there's no written record of them. They are often used for magazine subscriptions, gym memberships and payday loans.

Watchdog also spoke to Caroline Acheson who fell foul of the same scam, albeit a different product. She ended up nearly £250 out of pocket after seeing an Ad pop up on Facebook for a free trial of health supplements. She says "I fell into a trap and there was nothing I could do about it. That feeling of helplessness was just awful".

How it works

In order to get the 'free trial' you're asked to fill out your name, address and credit or debit card details to cover the cost of postage and packaging - usually a minimal amount. At this point you may, or may not, be able to read the small print and see what you're signing up to. But, by handing over your details you unwittingly sign up to a 'Continuous Payment Authority'.

They don't need your account number or sort code, just your card details. If you're someone who doesn't regularly check your bank statement you could end up hundreds of pounds out of pocket before you realise what's happened. Last year, 4 out of 5 people who had a problem with an unwanted recurring payment didn't realise they'd signed up to the payments until money was taken from their account. Cancelling them can be quite tricky as many people struggle to track down the company taking the money and speak to them. During 2015, over two million people had problems cancelling recurring payments.

Citizens Advice Chief Executive Gillian Guy says, '"People are trapped into losing hundreds of pounds because they can't cancel payments. All too often card companies and sellers are standing in the way of people ending recurring payments because they wrongly refuse to cancel. In some cases misleading advertising has meant people didn't know they had signed up to payments which were buried in the small print".

How can I cancel the payment?

You have a legal right to cancel a Continuous Payment Authority. Your first port of call is to contact the company and cancel with them directly. If that doesn't work, speak to your bank or credit card company. The bank/card provider MUST cancel it. Don't let them tell you any different. Also, if you are still being charged after you have tried to cancel you have a legal right to get that money refunded to you by the bank or card provider. As a last resort - if you don't have any joy with your bank - contact the Financial Ombudsman Service, they can usually sort out the problem quite quickly. Click here for more information.

The Financial Ombudsman Service tells Watchdog, "Many consumers don't realise they have the right to cancel a CPA directly with their bank, and while it is advisable to get in contact with the business that's debiting them, it's not necessary if they find they are difficult to deal with. The rules that allow the bank to cancel the payment have been in place since 2009. If someone finds their bank won't cancel the CPA they can get in touch with the Financial Ombudsman Service".

Top tips to avoid getting caught out

- Before signing up to a trial read the small print VERY carefully, it could save you a lot of agro in the long run
- If there are no terms and conditions - walk away
- Check your bank statement regularly to spot any unexpected charges
- Remember - almost nothing is free on the internet

(1st October 2016)


RINGLEADER OF GANG RESPONSIBLE FOR £113m FRAUD JAILED FOR 11 YEARS
(The Guardian, dated 21st September 2016 author Jamie Grierson)

Full article [Option 1]:

www.theguardian.com/uk-news/2016/sep/21/feezan-hameed-fraud-gang-jailed-11-years-southwark-crown-court

The head of a fraud ring has been sentenced to 11 years in prison for his part in a £113m scam, which funded purchases including a fleet of customised Porsches and shopping sprees at Harrods.

Feezan Hameed, 23, partied with pop stars while splashing out on Rolex watches, jewellery and trips to Dubai, London's Southwark crown court heard.

The Glasgow-based criminal, known as Fizzy, owned several luxury cars including a Bentley and a Lamborghini, paid for from the takings of a £3m-a-month fraud, which involved duping victims over the phone into thinking they were having a conversation with their bank.

He was eventually caught after targeting 750 RBS customers in the biggest cyberfraud the Metropolitan police had seen.

It can be revealed that he was jailed for 11 years last week at Southwark crown court after restrictions were lifted. He admitted conspiracy to defraud and conspiracy to convert and transfer criminal property.

Hameed flew people 8,000 miles from Scotland to Pakistan to polish his fleet of Porsche Cayennes outside his villa in Lahore, the court heard.

Michael Shorrock QC, prosecuting, described the fraud as "a nationwide conspiracy to defraud companies and businesses by hacking into their bank accounts and stealing large sums of money" between January 2013 and October 2015.

"Literally within a blink of an eye, this money was being moved from one account to another," he said. "The fraudsters were able to interfere with the telephone system of the bank customers, so the customer was unable to receive calls while the fraud was taking place."

Pitman Blackstock Solicitors were fleeced out of £2,260,625.89 after getting a call from someone called "Peter", who claimed that he was from the security department of Lloyds Bank.

In another instance, £750,000 was transferred in seconds.

Hameed used aliases including "Simon Hughes" and "Matthew Fraser" and would tell unwitting customers that they had been hacked by "someone in Aberdeen called Stevenson or King".

He was the "leader and prime mover" and made almost all the calls, the court heard, making sure that they appeared to be coming from a location that would not arise suspicion.

Hameed would claim to be a member of the bank fraud department when he called customers, before persuading them to reveal their internet banking details in a "very persuasive, very articulate" manner, Scotland Yard said.

While Hameed kept victims talking, his associates would gain access to their bank accounts and empty them. The fraudsters used a "network of money mules" to disperse the cash, before it was laundered to Dubai and Pakistan.

Between January 2013 and October 2015, the gang took £113m from victims, of which £47m has been recovered. The outstanding amount is believed to have been laundered from the UK.

The scam was brought to an end in a series of police raids in Glasgow and the West Midlands last year.

Hameed took £500,000-£1.5m a month, prosecutors said. He spent time with the Pakistani singer Bilal Saeed and claimed to have been producing a music video for him, the court heard.

Hameed was arrested after trying to board a flight from Paris to Pakistan with a fake passport last November. He was then returned to the UK to face trial.

DCI Andrew Gould said: "When they were at their height, when they'd really got the hang of this, they were probably making £1m-£2m a week.

"It was a Monday-to-Friday, nine-to-five operation, and when they were busy and active, they were just smashing victims all day, every day, running their criminal business like a proper business."

The gang were extremely sophisticated in their techniques, displaying false telephone numbers on the phones of victims and disposing of prepaid phones and dongles once they had completed a hit.

Hameed kept clear of the cash and was treated with "respect and deference" by the rest of the group, despite only being in his twenties.

"He is very much the controlling guy, totally in charge," Gould said. "The kind of guy that when he flies to Dubai for a weekend shopping with his chums, they all fly economy, he flies first class."

DC Neil O'Sullivan of the Metropolitan police's Falcon (online crime and fraud) unit said: "This was the largest covert proactive operation the Met has ever undertaken against cyber-enabled crime."

Other members of the gang were also sentenced. Hameed's brother Nouman Choudhary, 22, acted as the accountant, investing money in properties in Scotland and Pakistan. Nouman was sentenced to three-and-a-half years in prison for conspiracy to launder money. A confiscation hearing is set for 3 May 2017.

Abdul Iqbal, 23, of Edinburgh, was sentenced to 21 months for conspiracy to money launder. Hameed treated him as a butler or servant, but he received a £3,500 watch from the scheme and was present at Harrods when £70,000 was spent.

Syed Ali Amish, 24, of Luton, Bedfordshire, was sentenced to 32 months for conspiracy to launder money. Mohammed Mehtab, 35, of Watford, Hertfordshire, was given an eight-month suspended prison sentence after pleading guilty to conspiracy to launder money. He allowed more than £9,000 to go through his account. Syed Haider, 31, of Slough, Berkshire, and Bilal Ahmed, 26, of Ilford, east London, are due to be sentenced later. They have pleaded guilty to conspiracy to launder money.

(1st October 2016)


NUMBER OF FEMALE VICTIMS OF YOUTH VIOLENCE IN LONDON SOARS BY 58% IN FOUR YEARS
(London Evening Standard, dated 21st September 2016 author Justin Davenport)

Full article [Option 1]:

www.standard.co.uk/news/crime/number-of-female-victims-of-youth-violence-in-london-soars-by-58-in-four-years-a3350306.html

The number of young women and girls becoming victims of serious youth violence in London has soared in the past four years, a report reveals today.

Last year, there were 6,287 young victims of violence including stabbings and serious assaults. These included 1,509 girls and young women under the age of 19 - a rise of four per cent on the year before but an increase of 58 per cent compared with four years ago.

The report, by the London Assembly's police and crime committee, says this rise is due to a greater awareness and reporting of domestic violence. But it also shows the number of young women facing prosecution for serious violence has doubled in recent years, adding that they are increasingly involved in "working with drugs and holding knives".

Although youth violence is often seen as a gang issue, data from the Met shows a gang element was identified in just five per cent of incidents of serious youth violence in 2015/16, the study reveals.

It concludes that while there is some under-reporting of gang activity, youth violence is a broader issue. The study, which comes after a mass brawl involving about 100 youths in Erith on Monday, says there has been a 20 per cent rise in the number of victims since 2012/13 - bringing youth violence close to the levels seen during the 2011 riots.

The Met says one reason for the rise is a change in recording practices. But some experts blame a changing "criminal economy" in which young people are more involved in serious crimes such as drugs. Other possible causes include rising tensions in different communities and the greater willingness of young people to carry knives.

Committee chairman Steve O'Connell, a London Assembly Tory member, said: "One of the report's findings was that young people are afraid and leave home with knives to defend themselves. We need to understand why."

A spokesperson for Sadiq Khan said: "The Mayor is working with communities, partner organisations, local authorities, and schools to understand the causes and do more to stop young people falling victim to this way of life. We will carefully consider the findings of this report as we develop the Mayor's Police and Crime Plan, and next month the Mayor will be hosting a knife crime summit to help inform his decisions."

(1st October 2016)


BT's WIFI EXTENDER WORKS GREAT - AT EXTENDING YOUR PASSWORD TO HACKERS
(The Register, dated 21st September 2016 author John Leyden)

Full article [Option 1]: www.theregister.co.uk/2016/09/21/bt_wifi_booster_fix/

BT is urging folks to patch the firmware in its Wi-Fi Extender following the discovery of multiple security flaws.

Security researchers at Pen Test Partners discovered vulnerabilities with the consumer-grade kit, including cross-site scripting and the ability to change a password without knowing it.

Pen Test Partners found it was possible to combine these flaws and exploit them to snatch a victim's WPA wireless network passphrase after tricking them into visiting a maliciously constructed webpage while connected to their home network.

"Authentication bypass is not good. Together with the XSS and some poor UI design, this means I can steal your Wi-Fi password," Pen Test Partners warns.

Fortunately, upgrading the firmware of the Wi-Fi Extender to version 1.1.8 resolves the problem. In a statement to El Reg, BT thanked Pen Test Partners for its help in flagging up the software weaknesses:

We are grateful to Pen Test Partners for alerting us to this issue. We have been working to address this potential weakness and issued an update which corrected the problem in August 2016. We are not aware of any cases where customers have suffered any issues. Customers should ensure they download the firmware update from the BT website.

The bugs - the latest in a long line of vulnerabilities in SOHOpeless networking kit - is explained in a blog post by Pen Test Partners :

https://www.pentestpartners.com/blog/bt-wi-fi-extender-multiple-security-issues-upgrade-asap/

BT information

Check out the BT website and confirm the model number of your equipment matches the ones requiring updating. Make these checks BEFORE updating the firmware.

Hardware version: V1.0.2

Firmware version: V1.1.5 (the upgraded versions is 1.1.8 - available here :

http://bt.custhelp.com/app/answers/detail/a_id/54345)

(1st October 2016)


MARGARET HODGE'S BOOK OUTLINES "MIND BOGGLING" UK PUBLIC SECTOR WASTE
(The Register, dated 20th September 2016 author Kat Hall)

Full article [Option 1]:

www.theregister.co.uk/2016/09/20/margaret_hodge_details_mind_boggling_public_sector_waste/

It's impossible to read former b*******-in-chief Margaret Hodge's account of being chair of the government's spending watchdog without repeatedly banging your head against the wall.

Hodge presided over the House of Commons' Public Accounts Committee between 2010-2015, during the coalition government's austerity programme. From that bird's eye perspective, she witnessed "mind-boggling waste of taxpayers' money right across government," which she documents in her new book Called to Account: How Corporate Bad Behaviour and Government Waste Combine to Cost us Millions.

Sadly for those who triumph hope over experience, there is little to suggest the situation has materially improved.

"We identified an alarming and deep-rooted culture where all too often the responsible officials displayed a nonchalant attitude to spending the hard-earned money we entrust them when we pay our taxes," she writes.

"They felt no sense of personal responsibility because it was not their own money."

In what can only be described as a shit-show of waste, Hodge singles out the Ministry of Defence for being "unbelievably awful".

"I recall one memorable hearing, when during around two hours of taking evidence we uncovered £8bn of wasted expenditure, where taxpayers' money had been spent with absolutely no benefit for the armed services in terms of new equipment and support."

She adds: "It was as if the MoD tore up £8bn worth of banknotes and tossed them into the air, as though they were a shower of confetti."

IT delivered on time? Don't make us laugh


And of course IT disasters received a special mention. "[If] any official mentioned a new IT project in their evidence to the committee, we would laugh at the idea that this might be introduced on time, within budget and save money."

During the last 25 years the committee produced 75 reports on IT procurement, Hodge notes three for being particularly abysmal.

Unsurprisingly Labour's £11.4bn National Programme for IT, which was originally costed at £2.3bn, gets top billing.

The government said it was axing that programme in September 2011 but "in reality, they have remained tied into the contracts with both BT and CSC, contracts that are delivering far less functionality to far fewer sites."

She also remains sceptical of plans in 2015 to hand the NHS another £1bn for new technology to produce and support integrated care records by 2020. "I simply observe that the ambition has not been moderated and the political and electoral imperatives have dictated the timeframe. It seems like a case of plus ça change."

The second IT programme to attract her teacherly ire were two big Home Office IT projects in 2010, which were subsequently cancelled at a cost of £1bn.

One was for immigration casework system, intended to overhaul the paper-based applications work - much of which is still done by hand. In August 2013 that project was canned at a cost of £347m. "The Home Office has now decided to spend a further £200m on incremental improvements to their IT capability, abandoning the big bang approach. I have no doubt that sum will creep up over time."

The so-called e-Borders was the second botched Home Office contract, commissioned by the Labour government and cancelled by the coalition after £260m had already been spent. In the process the Home Office had to settle to pay £150m with the supplier Raytheon and £35m on legal fees.

The BBC's disastrous Digital Media Initiative in 2011, which was written off two years later at a cost of £100m also gets a special mention.

Groundhog Day

Unfortunately Hodge is no less optimistic about a number of "in-flight" projects.

She notes that even if the coalition government's Universal Credit programme under Iain Duncan Smith finally succeeds, the Department for Work and Pension still have to write off most of the £344m early investment in IT, a figure she says may even rise to around £600m.

But it wasn't entirely a Sisyphean struggle. She perceives the PAC's successes to include its work on tax avoidance, which she believes helped put the subject on the map; stopping government from using premium phone lines; and halting off-payroll arrangements. She reckons 88 per cent of the committee's recommendations were implemented.

"But we had some defeats. We failed to convince the Department for Culture Media and Sport that they should not give BT all of the £2bn of public subsidy for the rollout of broadband to rural areas, which we thought represented extremely poor value for money for the taxpayer. We did not persuade the government to think again about the Work Programme or Universal Credit. We have not stopped PFI.

"Taxpayers' money continues to be wasted on ill-conceived and badly planned capital projects, IT investments and major reform programmes. We have not secured the reforms to the Civil Service that we thought were necessary to achieve better value."

###Stephen Kelly:'the human Ken doll'

And what of the major players behind IT reform during this period? Former chief operating officer of the Cabinet Office Stephen Kelly and current Sage chief executive gets a mention, as does Francis Maude.

"[Kelly] was known as the 'human Ken doll' by my office and others knew him to be the 'best friend of Francis Maude, the Minster for the Cabinet Office - one of the few minsters really hated by the Civil Service, perhaps because he was so strongly committed to reform."

Former head of the Government Digital Service Mike Bracken is named only in passing and former chief technology officer and current digital tsar Liam Maxwell is not mentioned at all.

Of former Cabinet Office minister and current digital policy at the Department for Culture, Media and Sport Matt Hancock - who previously sat on the PAC - Hodge sniffs: "Matt Hancock was not universally popular with his Conservative colleagues on the PAC, but because of his close links with the Conservative Party leadership, he was feared and one could always sense the atmosphere when he entered the room."

Her prescription is a heavy dose of transparency, accountability and training.

"The civil service continues to lack the appropriate skills and expertise required for modern government." Commercial and IT expertise are particularly wanting as there are "simply not enough civil servants with those skills."

Hodge's book lays bare the case for why waste within the public sector badly needs addressing. Unfortunately the evidence suggests it still has a long way to go.

(1st October 2016)


NUMBER OF STUN GUNS SEIZED AT UK BORDERS RISE 70% IN FOUR YEARS
(The Guardian, dated 15th September 2016 author Press Association)

Full article [Option 1]:

www.theguardian.com/world/2016/sep/15/number-of-stun-guns-seized-at-uk-borders-rises-70-in-four-years

The number of stun weapons seized at UK borders has soared by more than 70% in four years, official figures show.

Stun guns deliver powerful electric shocks that can be deadly and are illegal in the UK.

Border officials confiscated 729 of the weapons in the financial year of 2015/16 - up from 604 the year before and 633 in in 2013/14, according to Home Office figures. And the number of seized stun guns has increased by 71% from 2012/13, when 425 of the weapons were found.

The numbers were released by the Home Office in answer to a parliamentary question from Kerry McCarthy, the Labour MP for Bristol.

Stun guns are increasingly the weapon of choice for criminals and gangs who find it hard to get real guns in the UK.

Nathan Matthews took a kidnap kit, which included stun guns disguised as torches, when he went to the home of his teenage stepsister Becky Watts and murdered her last year.

The 16-year-old suffered 40 injuries as she tried to fight off Matthews and his girlfriend, Shauna Hoare, during the attack. The pair, who are both serving lengthy jail terms, then dismembered her body, wrapped the parts in cling film and stashed them in a garden shed.

McCarthy told the Press Association: "The use of disguised stun guns seems to be a growing problem in this country, including among organised crime gangs. I was deeply troubled by their connection to the tragic murder of Becky Watts, which was how I was first made aware of the issue.

"I hope that border staff are taking this problem seriously in order to prevent these weapons from getting into the hands of criminals in this country."

Stun guns have been used in armed robberies, aggravated burglaries and in rows between drug dealers, and those in possession of them face a maximum sentence of 10 years in prison.

But while some people are purposely buying the weapons, there are concerns Britons are unwittingly purchasing stun guns disguised as torches or mobile phones abroad and accidentally bringing them into the UK.

In January last year the Crown Prosecution Service (CPS) warned that some Britons buying "silly novelty" souvenirs could face jail.

Baljit Ubhey, chief crown prosecutor for CPS London, said: "This is an issue that holidaymakers must be aware of and they need to make sure they know what they are bringing back in their suitcases."

He added: "What can seem like a silly novelty object can result in a criminal conviction and even imprisonment and I would urge all holidaymakers to make sure they know what they are buying when shopping for souvenirs abroad."

(1st October 2016)


ILLEGAL MOBILE PHONE USE BY MOTORISTS IS INCREASING, SAYS RAC
(The Guardian, datd 15th September 2016 author Press Association)

Full article [Option 1]:

www.theguardian.com/world/2016/sep/15/illegal-mobile-phone-use-by-motorists-is-increasing-says-rac

Illegal mobile phone use by drivers is rising, according to new research that found 31% of motorists admitted to using a handheld phone behind the wheel compared with 8% in 2014.

The survey by the RAC found that the proportion of drivers who confessed to sending a message or posting on social media rose from 7% to 19% over the same period, while 14% of motorists have taken photographs or videos with their phone while driving.

The RAC believes a 27% fall in the number of full-time dedicated roads policing officers in England and Wales (excluding London) between 2010 and 2015 has left drivers with no fear that they will be caught for offences which are not detected by automatic cameras.

The survey of 1,714 UK motorists for the RAC's annual Report on Motoring found that 7% of those who admitted using a mobile while driving said they did it because they knew they would get away with it.

Almost a quarter (23%) claimed it was an emergency, 21% said they needed information for their journey and 12% replied it was something they were in the habit of doing.

Department for Transport (DfT) figures show that a driver impaired or distracted by their phone was a contributory factor in 492 accidents in Britain in 2014, including 21 that were fatal and 84 classed as serious.

RAC road safety spokesman Pete Williams said: "There is clear evidence that the illegal use of handheld phones by drivers to talk, text, tweet, post, browse and even video call is, if anything, on the increase.

"It is alarming to see that some drivers have clearly relaxed their attitudes to the risks associated with this behaviour but more worrying is the increase in the percentage of motorists who actually admit to using a handheld device when driving.

"The fact that drivers have little or no confidence that they will be caught when breaking these laws is a likely contributor to the problem and it is sadly the case that every day most road users see other drivers brazenly using their handheld phones when in control of a vehicle - a sight which should be a thing of the past.

"The use of handheld mobile phones is the biggest road safety concern among motorists today."

The government is due to publish the results of a consultation that proposed introducing tougher punishments for illegal mobile use by drivers.

For non-HGV drivers, the minimum fine is expected to rise from £100 to £150 while penalty points are set to increase from three to four.

(1st October 2016)


POLISH POLICE DEPLOYED TO HARLOW AFTER ARKADIUSZ JOZWICK MURDER
(International Business Times, dated 15th September 2016 author Paul Wright)

Full article [Option 1]:

www.ibtimes.co.uk/polish-police-deployed-harlow-after-arkadiusz-jozwiks-murder-reassure-community-1581505

Two Polish police officers are patrolling the streets of Harlow in Essex to allay fears following the killing of a Polish man and a rise in hate crime in the area. The death of Arkadiusz Jozwik, 40, at the hands of a gang of teenagers is said to have left the town's sizeable Polish community "scared and worried", with Essex Police treating the attack on 27 August as possibly racially aggravated.

Three other Poles have also been attacked in separate incidents in the town.

Essex police took up an offer by the Polish state police to deploy two officers in Harlow to help reassure the community. Second lieutenant Bartosz Czernicki and chief sergeant Dariusz Tybura started work on Wednesday (14 September) and will initially be on patrol for a week.

It is understood that the officers will not have police powers but will be there in a community support role.

The town's district commander said their arrival had split opinion among the Polish community in the town, with some saying they do not trust the police.

Chief Inspector Alan Ray said: "The Polish government made the offer to Essex Police to send Polish officers to Harlow to help with community engagement and we thought that was a good idea.

"We welcomed them with open arms and they're now policing the town, not using any powers as such, but just on the community engagement side, to meet and greet the public and to reassure the community."

Asked if there has been any feedback from the Polish community, he said: "We've had mixed messages from the Polish community. Some are saying to us that, 'We don't trust police officers and that's from our experience from Poland'. Others are saying, 'We welcome these Polish police officers in'.

"And the experiences we've had on the street with the Polish police officers have all been positive. They've been welcomed by the community."

The presence of the Polish officers is "about reassurance in all communities", Ray said, pointing out that over the last year only 2% of victims in Harlow were Polish nationals.

The deployment comes as European Commission President Jean-Claude Juncker used a speech to the European Parliament to condemn attacks on Polish people in the UK.

"We Europeans can never accept, never, Polish workers being harassed, beaten up or even murdered in the streets of Essex," Juncker said at his state of the EU address on Wednesday. He added: "The free movement of workers is as much a common European value as our fight against discrimination and racism."

Critics accused Juncker of unfairly linking Jozwik's death to Brexit, with Nigel Farage saying: "I don't actually think that it's ever very wise to pick any one incident against an individual and to use it for political ends."

Harlow MP and Minister of State for Education Robert Halfon added: "The vast majority of people in Harlow and Essex are the kindest and most decent people and Harlow is one of the most community-minded towns in Britain.

"It's very important that people like Juncker don't give the opposite impression, having never been to Harlow." He invited the European Commission boss to visit the town.

A surge in hate crime was recorded in England, Wales and Northern Ireland in the wake of the EU referendum vote and, although incident numbers have since dipped, they still remain higher than at the same time last year.

The National Police Chiefs' Council's figures show a 49% rise in incidents to 1,863 in the last week of July compared with the same time the previous year. The week after the vote saw a 58% increase in incidents to 1,787.

Meanwhile, between August 5 and 18, forces in England, Wales and Northern Ireland logged 2,778 hate crimes, a fall of 479 on the previous fortnight, but a 14% increase on the equivalent period last year.

One incident last week saw a Polish man attacked and beaten by a group of up to 20 teenagers in a suspected racially-aggravated assault in Leeds.

Responding to Juncker's comments, Prime Minister Theresa May's official spokeswoman said "we need to let the police investigations take their course", adding: "The Prime Minister has herself already expressed concern about hate crime in this country.

"That's why the government has set out an action plan. As we said last week, the Prime Minister has spoken to the Polish prime minister about some of the incidents we have seen.

"Of course, we need to let the police investigations take their course, but the Prime Minister is absolutely clear about the values that make this country great - we are a tolerant nation and we should continue to be one."

Six teenagers, aged 15 and 16, have been arrested, and released on bail, in connection with Jozwik's death.

(1st October 2016)


UK GOVERNMENT INFORMATION SECURITY IN 2015 - "CHAOTIC", COSTS £300m AND HAS 9,000 DATA BREACHES
(The Register, dated 14th September 2016 author Alexander J Martin)

Full article [Option 1]:

www.theregister.co.uk/2016/09/14/cabinet_office_failing_to_coordinate_ukgovs_infosec_practices_says_national_audit_office/

The Cabinet Office is failing to coordinate the UK's government departments' efforts to protect their information according to a damning report by the National Audit Office.

The NAO found that the Cabinet Office failed in its duty and ambition to coordinate and lead government departments' efforts in protecting such information.

The Cabinet Office has "tried to take a more strategic role in offering support and guidance to central government departments," the NAO report found. "However, senior-level governance remains complex and unclear and, until recently, a wide array of central teams have been involved in information assurance and protecting information, sometimes offering overlapping and contradictory advice."

Reporting personal data breaches is chaotic, with different mechanisms making departmental comparisons meaningless. In addition, the Cabinet Office does not have access to robust expenditure and benefits data from departments, in part because they do not always collect or share such data. The Cabinet Office has recently collected some data on security costs, though it believes that actual costs are "several times" the reported figure of £300 million.

As a result, NAO stated that GCHQ dealt with 200 "cyber national security incidents" per month in 2015, double the number of attacks it had addressed in 2014, though the result of these attacks has not been reported.

The report certainly suggests that departments need to get their own houses in order before they start opening up access to even more of citizens' data, as per the porn-blocking Digital Economy Bill, with 8,995 data breaches in the 17 largest government departments in 2014-15.

Government departments are being challenged by the increasing need to share data with other public bodies, with delivery partners, service users, and citizens. According to the NAO, recent years' "cuts to departmental budgets and staff numbers, and increasing demands form citizens for online public services, have changed the way government collects, stores and manages information".

At the same time "the threat of electronic data loss from cyber crime, espionage and accidental disclosure has risen considerably. Alongside this new challenge, reporting to the Information Commissioner's Office (ICO) by public bodies shows that the loss of paper records remains significant."

Efforts have complicated by the lack of coordination by the 12 separate teams and organisations which play a role in governmental infosec, including: GDS; GCHQ; CESG, CERT-UK; and the UK National Authority for Counter Eavesdropping (UKNACE).

That this work hasn't been coordinated "has meant that a large number of bodies continue to have overlapping mandates and activities" according to the NAO, which noted how last November the then-Chancellor of the Exchequer noted this acronym-heavy problem and the need to "address the alphabet soup of agencies involved in protecting Britain in cyberspace."

As part of that address, Osborne announced the launch of a new National Cyber Security Centre (NCSC) which will act as a hub for sharing best practices in security between public and private sectors, and will tackle cyber incident response.

Speaking to The Register earlier this month, the former head of GCHQ Sir David Omand said: "Next month, the new National Cyber Security Centre starts its work, under the Director of GCHQ, drawing on the technical expertise of GCHQ staff in operating in cyberspace, a further major development in harnessing the skills of the intelligence community in protecting the public."

NAO's head, Amyas Morse, said: "Protecting information while re-designing public services and introducing the technology necessary to support them is an increasingly complex challenge. To achieve this, the Cabinet Office, departments and the wider public sector need a new approach, in which the centre of government provides clear principles and guidance and departments increase their capacity to make informed decisions about the risks involved."

(1st October 2016)


GCHQ PLANS "GREAT BRITISH FIREWALL" TO PROTECT UK AGAINST HACKERS
(International Business Times, dated 14th September 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/gchq-plans-great-british-firewall-protect-uk-against-hackers-1581299

The Government Communications Headquarters (GCHQ), the UK's secretive signals intelligence agency, is developing 'automated defence' tools - already dubbed the 'Great British Firewall' - to help combat a spike in cyberattacks over the past year.

The scheme, which is still in the early planning stages, would see major UK service providers working alongside GCHQ in a voluntary capacity to help filter malicious website domains that could potentially be used by hackers or state-sponsored rivals to infect computer systems.

The main base for the operation is likely to be the agency's upcoming National Cyber Security Centre (NCSC), set to launch later this year, which will bring together experts from MI5, Cert, local law enforcement and private industry to help fight the threat of hacking.

"We know automated defences work on the internet," Ciaran Martin, GCHQ's director-general for cyber security, said during a conference in Washington DC on 13 September.

"It's possible to filter unwanted content or spam. It's possible to filter offensive content. It's possible to block malicious content. So why aren't we doing more of it? Well, in the UK now, we're really trying.

"We're exploring a flagship project on scaling up DNS [domain name system] filtering," he continued. "What better way of providing automated defences at scale than by the major private providers effectively blocking their customers from coming into contact with known malware and bad addresses?"

This blocking system, which will reportedly be opt-out for any privacy-conscious citizens, will have to be heralded by the private sector firms like BT, Virgin Media and Sky, Martin said. "The government does not own or operate the internet," he asserted. "Consumers [must] have a choice."

The GCHQ cyber chief said the agency is already testing a number of 'automated defence' methods on government networks and domains. "Whoever was sending 58,000 malicious emails per day from the delightfully named taxrefund@gov.uk isn't doing it anymore," Martin told the conference.

Additionally, the agency is piloting a number of ways of sending "automated takedown requests" to registrars and other websites hosting malicious domains.

"We're starting to see real, measurable results," Martin said, adding "looking at phishing attacks against UK government brands, the median time the phishing site is up has dropped from 49 hours to 5 hours. A clear, verifiable improvement."

From GCHQ's perspective, the need for strong digital defences is required more than ever. According to the government, one eighth of the UK's GDP comes from the digital economy and the nation's digital industries grew two-and-a-half times more quickly than the economy as a whole between 2003 and 2013.

Furthermore, critical infrastructure is turning to the internet, with electricity, gas and power grids increasingly relying on an internet connection to operate effectively.

Meanwhile, the amounts of external threats faced is quickly rising. According to Martin, GCHQ detected 200 national security level cyberattacks a month last year, double the figure recorded the year previous. From rival nations like Russia and China to UK criminal gangs, the UK agency is fighting cybercrime on all fronts - despite typically being a foreign intelligence gathering operation.

Major attack is coming

"Unlike some of our allies, there has not yet been a single stand-out incident of hostile foreign cyberattack that's resonated as a first-order national crisis with the public and media," the cyber chief said. "But I expect - frankly I know - that we will face one, and we prepare on that basis."

It remains to be seen how civil liberties and privacy rights groups will react to the notion of DNS filtering or increased automation scanning of the internet. As noted by the Financial Times, the same technical ideas are the basis of China's 'Great Firewall', routinely used to censor the web.

Martin, who will also head up the NCSC when it launches, did not make a reference to who would be in charge of deciding what exactly is blocked and how such algorithms would be programmed. GCHQ, when contacted by IBTimesUK, declined to comment further.

Yet for Martin, and one suspects British Intelligence as a whole, protecting national security remains the ultimate priority. "The majority of successful cyberattacks are not sophisticated," he said. They can be defended against, but they're doing serious damage and we're not yet as well we want to against them.

"[As] security officials we're sometimes accused of wishing this new world away and seeking to thwart or slow the onset of the technology that underpins this revolution," he said. "I emphatically reject this."

(1st October 2016)


UK GOVERNMENT PLANS TO CRACK DOWN ON WHITE COLLAR CRIME ON COMPANY BOARDS
(International Business Times, dated 12th September 2016 author Brendan Cole)

Full article [Option 1]:

www.ibtimes.co.uk/uk-government-plans-crack-down-white-collar-crime-company-boards-1580789

Company boards will become criminally liable if they do not stop their staff from committing fraud under plans being considered by ministers.

A new criminal finance bill will make employers responsible for preventing money-laundering, false accounting and fraud, which would bring Britain more into line with the tough approach to white-collar crime in the United States.

In measures that will shake up corporate criminal law, the prime minister Theresa May will announce putting workers' representatives on boards and restricting executive pay.

Currently companies are liable only for a failure to stop bribery and the new legislation would mean in future British businesses could be prosecuted for crimes such as the Libor manipulation.

The move would mean an end to a board distancing itself from a company's operations and an offence of failure to prevent economic crime would give prosecutors more powers to hold a company to account.

The attorney-general Jeremy Wright said at a symposium in Cambridge on economic crime that ministers would consult on the plans with a view to introducing legislation.

A government source told the Times that a consultation document would soon be released, with Barry Vitou, partner in fraud and white-collar crime at Pinsent Masons, telling the paper that the new law would be the biggest change in corporate criminal law.

"The present regime makes it practically impossible to hold corporate boards to account for corporate misconduct because evidence of that misconduct must be found at the highest level. In practice the evidence trail usually dries much lower down the corporate tree.

"There is no responsibility for the damage caused by failing to prevent economic crime nor incentives offered which motivate people to do the wrong thing," he said.

However David Kirk, a fraud lawyer at McGuireWoods told the paper it would still be difficult to assess the adequacy of procedures adopted by a company to prevent wrongdoing.

(1st October 2016)


THE WORST TUBE STATIONS FOR PICKPOCKETING
(London Evening Standard, dated 12th September 2016 author Martin Bentham)

Full article [Option 1]:

www.standard.co.uk/news/transport/revealed-the-worst-tube-stations-for-pickpocketing-a3342606.html

King's Cross St Pancras has emerged as the worst Tube station for pickpocketing in figures which show that passengers in London have suffered nearly 4,000 thefts in a year.

The statistics, obtained from the Met under the Freedom of Information Act, show 215 pickpocketing crimes at the station between the start of February 2015 and the end of January this year. That puts it just ahead of Oxford Circus, which saw 195 thefts, as the station with the most thefts.

Other badly affected stations include Victoria, Liverpool Street and Stratford - which each saw more than 100 thefts during the period - followed by Bank/Monument, Leicester Square and Holborn.

The figures also reveal that the most pickpocket-plagued line was the Central line, where there were 632 occasions on which passengers had items stolen during the year. The total number of thefts at Tube stations was 3,926, an average of 275 crimes per month.

Purses, wallets, credit cards, foreign identity cards and travel cards were the items most frequently stolen and accounted for three quarters of all the thefts.

Pickpockets also took phones, laptops, tablets and cameras, as well as entire handbags.

The average value of the thefts was £426.85 per crime and the total value of the items taken was £1.47 million.

The figures cover crimes committed while victims were on trains and when they were within a station.

Methods used by thieves included distraction tactics, in which they try to divert a person's attention so that items can be stolen, and the exploitation of crowded situations to get close to a victim without it appearing unusual.

Adam Powell, the head of operations at insurance company Policy Expert, which obtained the figures from British Transport Police, said travellers should be alert on the Tube.

"It's important to ensure you're not a target for opportunistic thieves when swept up in the crowds," he added. "Keep an eye on your bags and any other valuables and be vigilant around other passengers."

A British Transport Police spokesman said that officers sought to identify offenders and prevent crimes, but urged passengers to take precautions to minimise the risk of being targeted by a pickpocket.

"Thefts on the network are very rarely opportunistic; they are committed by determined thieves whose sole intention is to steal from other passengers," he said.

"Always remember to keep your belongings close by and check on them regularly and don't allow yourself to be distracted. Keep your valuables hidden and be aware of your surroundings when you board a train or Tube. Always zip up any hand- or shoulder bags."

He added that the public could also help by installing tracker applications on smart phones that would make it easier for police to locate stolen devices, but said police were determined to protect passengers.

"Officers use a range of tactics to create a really difficult environment for criminals to operate within, including intelligence-led patrols by uniformed officers and plainclothes theft squad officers," he said.

The most common age for pickpocketing victims was 25 to 31 (accounting for 963 victims) followed by 18- to 24-year-olds and those aged 32 to 38.

The day of the week with the highest number of thefts was Friday, when 650 crimes took place during the year. Women were more likely to fall victim to the crime than men.

This is thought to be because women often carry their valuables in a handbag, rather than in pockets which are difficult for a thief to access.

'Gang surrounded me and stole my wallet'

Tom Foreman, 22, was a recent arrival in London when he was surrounded by a gang of pickpockets who stole his wallet at King's Cross.

The recruitment consultant, who lives in Bounds Green, was on his way to the gym when he was targeted by the group in April.

He said: "I was talking to my friend, minding my own business, when a group of people gathered around us.

"My friend saw someone waiting behind me sneak my wallet out of my pocket. I noticed straight away, but there were so many people around us the guy slipped into the crowd.

"I was devastated as it had practically everything I owned and my whole month's wages. It felt so invasive - I had to ring around my family and ask for money to get me through the month."

He called for more police at the station to deter pickpocket gangs: "There are just not enough officers for the sheer amount of people. The police I spoke to said it pretty much happens all the time and informed TfL staff but they don't have the resources to investigate."

He added: "I've definitely become more aware of these types of crimes. I never carry cash any more.

"I definitely feel more cautious around King's Cross."


Top 20 incidents of theft per station


1. King's Cross St Pancras : 215
2. Oxford Circus : 195
3. Victoria : 160
4. Liverpool Street : 107
5. Stratford: 107
6. Bank/Monument complex : 99
7. Leicester Square : 93
8. Holborn : 92
9. Green Park : 88
10. Euston : 84
11. Waterloo : 80
12. Piccadilly Circus : 77
13. London Bridge : 69
14. Paddington : 59
15. Mile End : 52
16. Baker Street : 51
17. Finsbury Park : 47
18. Bond Street : 46
19. South Kensington : 44
20. Hammersmith : 43

(1st October 2016)


NHS HOSPITALS TOLD TO SWALLOW STRONGER ANTI-RANSOMWARE MEDICATION
(The Register, dated 9th September 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/09/09/nhs_cyber_security_expansion/

NHS Digital is set to start expanding the range of cybersecurity services available to UK hospitals and clinics.

CareCERT (Care Computer Emergency Response Team) launched in November 2015, offering a national service that helps health and care organisations to improve their cybersecurity defences by providing proactive advice and guidance about the latest threats and security best practices.

A service that initially focused on pushing out alerts about threats will be expanded to include three new services, each of which begins testing this month:

- CareCERT Knowledge - a new e-learning portal to help all health and care organisations train their staff in cybersecurity basics.
- CareCERT Assure - a service to help organisations assess their local cybersecurity measures against industry standards, including recommendations on how to reduce vulnerabilities.
- CareCERT React - advice on reducing the impact of a data security incident.

Public health and innovation minister Nicola Blackwood announced the expansion at the Health and Care Innovation Expo on Thursday. The rollouts come at a time of increasing security threats to UK hospitals and clinics, particularly from file-encrypting ransomware.

Almost half (47 per cent) of NHS trusts have been subject to a ransomware attack in the past year, according to figures from a freedom of information (FOI) request published last month. NCC Group's FOI is based on requests to 60 trusts, 28 of which confirmed they had been victims of ransomware.

Independent infosec consultant Brian Honan, the founder and head of Ireland's CERT, told El Reg that the increase in security services ought to be considered as a move to drive security improvements in UK hospitals in general, rather than a specific response to the ransomware threat.

"I do not see this as a reaction to ransomware as a recent FOI request submitted by Channel 4 showed that out of 152 NHS Trusts 39 were affected by ransomware," Honan explained. "However, with the rising number of threats against computer systems this is a welcome and prudent move to enhance the security of the data, computers, systems, and networks the NHS increasingly relies on to provide its services."

(1st October 2016)


NHS HEALTH APPS PROJECT PLAN : POWERED BY YOUR MEDICAL RECORDS
(The Register, dated 9th September 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/09/09/nhs_health_apps_concerns/

UK health secretary Jeremy Hunt plans for NHS-approved health apps to play a role in patient records and healthcare have already spawned a rash of privacy concerns.

The NHS.UK site will have a new collection of NHS-approved health apps to guide patient choice. Data from health apps and wearable activity trackers such as Fitbits will feed directly into people's personal health records.

NHS England will approve a library of apps so people can have confidence in the technology that they are using to manage their healthcare, as explained in a Department of Heath statement. The decision last year to shelve the NHS' Apps Library amidst security and more general criticisms of the software on offer hardly inspires confidence on this front. Health ministers - unbowed by this set-back - are determined to prescribe more technology.

"We are going to make very big moves in the next 12 months into apps and wearables," Hunt said, as the BBC reports.

"I wear a Fitbit; many people use apps. What is going to change with apps is the way that these apps link directly into our own medical records. And by March next year NHS England are going to publish a library of approved apps in areas like mental health and chronic conditions like diabetes," said the Health Secretary.

Infosec experts responded cautiously to the development, pointing out the potential security and privacy problems that might lie ahead.

"Creating a truly digital NHS requires both investment in the latest apps and wearables alongside a rigorous security policy to give patients and healthcare professionals complete assurance that their data is secure," said Paul Farrington, EMEA solution architects manager at Application security specialists Veracode.

"This is a bold initiative from our world class health service and one which will undoubtedly provide more personalised and efficient healthcare to millions, but there are inevitable risks around privacy and security which must be tackled from the outset."

"With apps becoming ubiquitous in our daily lives, hackers are increasingly seeking to exploit coding vulnerabilities to steal identities and personal information. That's why it's vital that our NHS ensures approved apps for both patients and professionals are thoroughly tested and secure to enable confidence in the service's digital journey."

Going digital


The relaunched NHS Choices website will allow patients to book appointments, views medical records and order prescriptions as part of longs standing and delayed plans to move towards a paperless NHS. The services, which will be available from the end of next year (2017). The existing NHS 111 non-emergency phone line service will be expanded to include a new online 'triage' service for less serious health problems. Patients will be able to enter their symptoms online and get tailored advice or a call-back from a healthcare professional.

Tony Pickering, professional services director of Ricoh UK, said: "Providing patients with instant access to healthcare records through approved apps and wearables is a positive step towards a paperless NHS. But this initiative must be supported by a wider strategy designed to improve the management of health records, safely and securely.

"Accelerating the digitisation of paper-based records, designing improved sharing processes and new ways of working should all be top of the health secretary's to do list," he added.

More on the UK government's plans to improve healthcare using data and technology can be found in a post by Professor John Newton, interim chair of the National Information Board :

https://www.gov.uk/government/speeches/progress-on-improving-healthcare-using-data-and-technology

(1st October 2016)



HEALTHCARE AND LOCAL GOVERNMENT ARE MOST LIKELY BODIES TO SUFFER INFORMATION SECURITY BREACHES
(The Register, dated 1st September 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/09/01/data_breaches_doubled_uk_12_months/

The number of security incidents reported to UK data privacy watchdogs nearly doubled in the past year, with organisations increasingly becoming overwhelmed with security problems.

Data disclosed in error and security breaches were the two primary reasons for an 88 per cent rise in self-reported data protection breaches between 2014-15 and 2015-16, according to a Freedom of Information request by security tools firm Huntsman Security.

The number of security breaches reported to the Information Commissioner's Office (ICO) rose from 1,089 between April 2014 and March 2015 to 2,048 over the 12 months ending March 2016. This was driven primarily by those disclosing data in error (i.e. accidentally emailing a customer database to the wrong recipient, as in the extreme case of WHSmith) and incidents where hackers broke through organisational defences.

Healthcare and local government organisations reported the highest volume of incidents to the ICO, with 941 and 202 recorded breaches respectively. Despite a reputation in previous years for poor performance, local government shows some signs of improvement compared to many other sectors, with the number of security breaches rising by only 14 per cent.

Financial firms are most at risk of costly fines, attracting over a third of all penalties levied by the ICO, despite only being accountable for 6 per cent of all reported breaches.

The ICO took no action over 1,544 of the 2,048 cases reported to it in 2015-16. Data Controller action was required in 381 of the remaining cases while an improvement action plan was put in place in response to 50 incidents. Undertakings to improve security practices were extracted in 26 cases.

UK utilities firms reported just two breaches to the ICO over the past 12 months, but given the high value of these firms as targets, it seems unlikely this is the full picture. Huntsman Security warns that many breaches go unreported, or worse still, undetected.

"Unfortunately, this is not the full story. The average organisation is subject to multiple breaches, of which only some will be detected, so the figures reported to the IOC are likely to be understated," said Peter Woollacott, chief exec of Huntsman Security. "The root of the problem is that organisations are under such an intense barrage of cyber activity that threat alerts; many of which turn out to be benign are overwhelming cyber security teams. There is simply too much data to analyse and verify manually."

(1st October 2016)


POLICE IN ENGLAND AND WALES CONSIDER MAKING MISOGYNY A HATE CRIME
(The Guardian, dated 10th September 2016 author Mark Townsend)

Full article [Option 1]:

www.theguardian.com/society/2016/sep/10/misogyny-hate-crime-nottingham-police-crackdown

Police forces across England and Wales are considering expanding their definition of hate crime to include misogyny after an experiment in one city that saw more than 20 investigations launched in two months.

The initial success of Nottingham's crackdown against sexist abuse has drawn national interest after the city's police revealed that they investigated a case of misogyny every three days during July and August, the first months to see specially trained officers targeting behaviour ranging from street harassment to unwanted physical approaches.

Several other forces have confirmed they are sending representatives to Nottingham this month to discuss the introduction of misogyny as a hate crime.

Police and campaigners said the initial figures were broadly in line with other categories of hate crime such as Islamophobia and antisemitism but were likely to rise significantly as awareness increased.

Dave Alton, the hate crime manager for Nottingham police, said: "The number of reports we are receiving is comparable with other, more established, categories of hate crime. We have received numerous reports and have been able to provide a service to women in Nottinghamshire who perhaps wouldn't have approached us six months ago. The reality is that all of the reports so far have required some form of police action."

Incidents reported by Nottingham women ranged from verbal harassment to sexual assault. Initial claims from sections of the media that wolf-whistling would be reported by women have proved unfounded. So far, two men have been arrested for public order offences and actual bodily harm in incidents classified as misogynist.

Melanie Jeffs, the manager of Nottingham Women's Centre, said: "Women are groped, or groups of lads shout abuse or very sexualised comments at them. We have incidents of sexual touching, women being grabbed and men trying to get women into a car with them."

Loretta Trickett, a criminologist at Nottingham Trent University, predicted that the number of reports of misogyny in the city would increase after much of the large student population - more than 60,000 attend its two universities - arrived later this month. In 10 days' time, Nottinghamshire police will release a film featuring first-hand accounts of street harassment victims to encourage more women to report incidents.

Jeffs said: "We know it's a big issue that happens on a daily basis - it's part of the everyday wallpaper of women's lives. This is about raising awareness, making women feel that they don't have to put up with it - and that's very empowering. Already women are ringing through to the police saying: 'I want this to be recorded as a misogynistic hate crime'."

Other forces understood to be interested include Devon and Cornwall, Durham and Lincolnshire, which are all sending officers to Nottingham to discuss the experiment.

Alton said: "There has been quite a lot of interest in the action we have taken. Both our chief constable and our commissioner have been contacted by forces and commissioners nationally to discuss how we have made the changes and what the impact has been so far."

The force defines misogyny hate crime as "incidents against women that are motivated by an attitude of a man towards a woman and includes behaviour targeted towards a woman by men simply because they are a woman".

The new classification means women can report incidents that might not be considered a crime and the police will investigate.

Last week it was revealed that prosecutions relating to violence against women and girls in England and Wales have reached record levels amid warnings that the increasing use of social media is fuelling the rise. Campaigners believe misogyny is spilling over from the virtual world of the internet into the real world.

Trickett said: "Street harassment is at the root of a lot of the sexualised violence that we see - the idea that women are sexual commodities. It's also linked to online abuse. A lot of it has gone unchallenged for so long that it has almost become normalised."

Campaigners in the city said the reaction to the classification of misogyny as a hate crime had been overwhelmingly positive, with many men also registering their approval.

"We've had women say how proud they are to be from this city, and that this makes them feel like they're walking 10 feet taller," said Jeffs.

One issue that has concerned campaigners is street harassment aimed at schoolchildren, with Trickett saying that sexist abuse could be aimed at youngsters as young as eight.

uaware information - Definition of Mysogny


Noun :

- dislike of women,
- contempt for women
- ingrained prejudice against women
- hatred of women
- mistrust of women

Misogyny can be manifested in numerous ways :

- including social exclusion
- sex discrimination
- hostility
- male privilege ideas
- belittling of women
- violence against women
- sexual objectification of women

Sources : Oxford English Dictionary and Wikipedia

(10th September 2016)


SMARTPHONE APP LETS WOMEN REPORT AREAS WERE THEY FEEL UNSAFE
(Euronews, dated 8th September 2016)

Full article [Option 1]:

www.euronews.com/2016/09/09/smartphone-app-lets-women-report-areas-where-they-feel-unsafe

Dark alleyways and empty spaces can often mean danger and a sense of anxiety for the most vulnerable members of society.

Now in a bid to improve safety, the Australian capital of Canberra has come up with a new interactive website where people can give their feedback about where they feel unsafe and why.

For some people certain areas at night are a 'no go', once it gets dark.

Frances McNair is one of many people using the Safety Mapping Tool.

"There are so many places in Canberra where the lighting is just so insufficient, it's so dark and you kind of, you just don't feel comfortable," she says.

The site is designed and managed by the Women's Centre for Health Matters (WCHM) and is funded by the Australian Capital Territory (ACT) government.

"Over the years we know that women often tell us that they find it hard sometimes to be feel safe in public so we've designed a digital tool to try and be able to collect some of that information from women," says Marcia Williams from the Women's Centre for Health Matters.

The WCHM site is accessed via an app or website.

Frances McNair demonstrates how the program works.

"So you've got three selections, you can either choose the rectangle, circle or just the drop pin. And how do you feel? I'm going to say unsafe and why do I feel this way, there's a lack of lighting on the bike paths," she says.

Having the map online makes it accessible and portable.

"If I'm sitting somewhere and I feel really good about the place or I'm not feeling too great, I can take out my phone and I can put in all the information and it gets collected then and there." says McNair.

Like most things on the web, the map is open to comments but the centre says it has safeguards in place to prevent abusive or troll-like behaviour.

"We've deliberately designed the system so the information that's put in isn't available to everyone and we'll be able to sort through that data," says Marcia.

By bringing the feedback together, the site will be able to pass on useful information to government and planning bodies about what works and what doesn't.

"If we can get that information through an interactive portal then we can look at ways that we can make the city feel safer and be more usable for everybody," says ACT Minister for Women Yvette Berry.

Technology giving a voice to the most vulnerable in the community.

(10th September 2016)


I AM SICK OF LIVING IN A CULTURE THAT TOLERATES VIOLENCE AGAINST WOMEN
(The Guardian, dated 6th September 2016 author Joan Smith)

Full article [Option 1]:

https://www.theguardian.com/commentisfree/2016/sep/06/violence-against-women-epidemic-female-equality

It's always there, isn't it? Most of us don't like it, but what can we actually do about gender-based violence? Sure, the figures are terrible - violent crimes against women in England and Wales reached record levels last year - but they've been going up for ages. Rape and domestic violence are the new poor, always with us no matter how much we wish it were otherwise.

If that sounds cynical, it's because I'm sick of a glaring disconnect at the heart of our culture. The criminal justice system is struggling to cope with the number of women coming forward with terrible stories of rape, beatings and - a relatively new one, this - online forms of abuse such as revenge porn.

The annual report of the director of public prosecutions, Alison Saunders, told exactly this story when it was published earlier this week. Offences against women, including domestic abuse, rape and sexual assault, rose by almost 10% in 2015-16. Stalking prosecutions were up by 7.1%, child sex prosecutions by 15.4% and there were a record number (4,643) of rape prosecutions.

Cue a great deal of hand-wringing and a weary sense that perhaps violence against women, while regrettable, is inevitable. Just think of all the training, initiatives and public awareness work that's been done in recent years, yet the picture just keeps on getting worse. Is there really anything that someone - police, prosecutors, legislators - hasn't already thought of and tried?

There is, but it requires a dramatic shift in public attitudes. How many times have you heard people express sympathy with a man on trial for rape, asking why the victim had had so much to drink or agreed to go back to his hotel room? Public understanding of the law relating to consent is woefully lacking, and there is a persistent tendency to view women's behaviour much more critically than that of the men who commit even violent assaults.

The same unthinking callousness is shown to victims of domestic abuse, who are often criticised for staying with violent partners even when they have nowhere else to live. There are nothing like enough safe places for victims, a situation that's going to get even worse when a housing benefit cap hits refuges in 2018.

If we are to change the dire situation revealed in annual crime statistics, there has to be an end to a culture of suspicion, denial and victim-blaming. Sometimes I think we're making progress but every apparent advance is quickly followed by a return to the status quo. Three months ago, after the horrific killing of the Labour MP Jo Cox, there was an outpouring of shock and sympathy. That consensus didn't last long. When other female Labour MPs talked publicly about receiving rape and death threats, some people went on social networking sites to mock them. They even laughed at Jess Phillips when she posted photographs of a locksmith fixing stronger locks at the home she shares with her children.

The attitude that being threatened with sexual violence is just another hazard of the job seems to be widely held, with the Labour leader, Jeremy Corbyn, telling his female colleagues to ignore it. When even the leader of the opposition cannot correctly identify a gender-specific form of abuse, we have reached a startling level of denial.

But that is exactly where we are, as I was reminded on the Sunday morning after Cox's killing part in a BBC TV programme that began by discussing the attack on Cox and then moved on to a call by several public figures, including Sir Cliff Richard, for anonymity for men accused of serious sexual offences. Another of the guests immediately began to talk about false rape accusations, as though the biggest problem we face is the number of men being wrongly accused.

This claim was debunked by research published by Keir Starmer, Saunders's predecessor as DPP. Yet in no time at all we had moved from talking about women as victims of horrendous violence to the idea that they make untrustworthy witnesses. There is nothing unusual about that, sadly, but such assumptions cannot be ignored when we look at the shockingly low rate of convictions in rape cases.

According to the DPP's latest report, just over half of rape prosecutions ended in a conviction last year. That means that fewer than 3,000 men were found guilty in the whole of England and Wales, yet almost 6,000 women reported rapes to the police in London alone. The vast majority are telling the truth but few will ever see their attacker in a courtroom.

Violence against women is at epidemic proportions. Some of it is driven by technology but the biggest problem by far is tolerance. A society genuinely committed to gender equality wouldn't put up with this situation for a moment.

(10th September 2016)



REVENGE PORN PROSECUTIONS TOP MORE THAT 200 AS OFFENCES AGAINST WOMEN SOAR
(London Evening Standard, dated 6th September 2016 author Francesca Gillett)

Full article [Option 1]:

www.standard.co.uk/news/crime/revenge-porn-prosecutions-top-more-than-200-as-offences-against-women-soar-a3337696.html

The number of prosecutions for rape in 2015-16 was the highest ever recorded at 4,643. Out of them, nearly 58 per cent of defendants were convicted of either rape or an alternative or lesser offence.

Britain's top prosecutor Alison Saunders warned of a "growing trend" of offences carried out on or through social media.

Child sexual abuse convictions increased by almost 17 per cent in the period.

The number of people prosecuted for revenge porn has topped more than 200 as crimes against women soar.

Violent offences against women including rape and domestic abuse rose by 10 per cent in the last year, new figures from the Crown Prosecution Service have shown.

New laws to tackle revenge porn - which is when private sexual images of an ex-partner are put on the internet without their consent - came into force in April last year.

Since then there have been 206 cases against people accused of the crime, which carries a maximum sentence of two years in prison.

The figures come from the CPS' annual Violence against Women and Girls report and also showed prosecutions and convictions for sexual offences against women were at record levels.

Rape, domestic abuse and sex offences make up nearly a fifth of the CPS's total workload, this year's report showed.

The number of prosecutions for rape in 2015-16 was the highest ever recorded at 4,643. Out of them, nearly 58 per cent of defendants were convicted of either rape or an alternative or lesser offence.

Britain's top prosecutor Alison Saunders warned of a "growing trend" of offences carried out on or through social media.

Child sexual abuse convictions increased by almost 17 per cent in the period.

(10th September 2016)


HOPE FOR BANK FRAUD VICTIMS
(The Telegraph, dated 3rd September 2016 author Amelia Murray)

Full article [Option 1]:

www.telegraph.co.uk/money/consumer-affairs/hope-for-bank-fraud-victims-we-were-robbed-of-47000--but-the-omb/

In what could be a breakthrough ruling for victims of banking fraud, the financial ombudsman is to order a high street bank to repay an elderly couple who lost tens of thousands of pounds in a conveyancing scam.

The ombudsman, which settles disputes between customers and financial services firms, will tell Lloyds Bank to repay £47,508 plus interest to Donald Kelly, a retired professor, and his wife, Patricia.

Its decision was based on what Lloyds knew about the fraudsters.

Banks are supposed to check the credentials of all customers when they open an account and to be especially vigilant when large sums are paid into or taken out of new accounts.

Prof Kelly, 83 and Mrs Kelly, 82, are just two of many victims who have contacted Telegraph Money after being swindled out of life-changing amounts of money while in the process of buying a property.

Like other victims, the Kellys received a convincing-looking email from a criminal who pretended to be their solicitor and requested payment into an alternative account.

The Kellys believed they were paying a deposit of £47,508 to their solicitor on September 2 last year, just over a month before moving from Wirral, Merseyside, to their new home in a retirement village in Exeter. In fact, the fraudsters received the money.

Prof Kelly said: "The email looked no different except that two letters in the solicitor's name had been swapped around."

The Kellys said they were not aware that they had been victims until October 5, the day before they were due to move, when Ford Simey, their solicitor, called them to say their payment had not been received.

Luckily the couple were able to borrow the missing funds and move as planned.

The next day they visited the local branch of their bank, NatWest, to report the scam.

However, the fraudsters' account had been cleared in five transactions on the day the payment was made - a month previously.

The couple complained to both banks and then took their case to the ombudsman.

In an email to the Kellys with her provisional findings, Sandra Quinn, the ombudsman for banking and credit, said: "As you know this account was newly opened.

"I can review whether the payment coming into the account was consistent with what [Lloyds] knew and whether it could have done anything.

"I believe [Lloyds] had time to be alerted and take some action and there's no evidence it did."

Prof Kelly said the ombudsman had told him that this decision had been confirmed in its final ruling, although the ombudsman declined to comment, saying it had not yet sent a letter with its final decision.

Prof Kelly reported the fraud to Action Fraud, the UK's cybercrime and fraud reporting centre, in October. He was not contacted by Surrey Police until January. The crime is currently under investigation.

Lloyds said: "We would like to apologise for the inconvenience caused to Prof Kelly. We will accept the decision from the ombudsman once it is received and will offer him compensation in line with the ombudsman's findings."

David Williams, managing director of Ford Simey, said the firm had conducted an investigation as soon as it became aware of the scam and had found no evidence that its systems had been compromised.

What the Kellys' case means for other fraud victims

The couple's success will give hope to other victims that they have grounds to demand compensation from banks that allow fraudsters to open accounts.

Banks are supposed to carry out checks on new customers to ensure that they are who they say they are.

Andrew Goodwill, founder of the Goodwill group, which fights fraud, said: "The ombudsman's ruling, while it will not set a formal precedent, suggests there was a flaw in the due diligence that Lloyds should have carried out when the fraudsters' account was opened."

He said that although the ombudsman could comment on banks' processes, it did not have the power to enforce changes. But he said the ruling showed it was worth reporting disputes to the ombudsman.

"It's nice that a member of the public has taken on the banks and won, as it hardly ever happens," Mr Goodwill said.

Prof Kelly said: "It was only when the ombudsman began to investigate Lloyds that we started getting information from the bank."

(10th September 2016)


AUGUST 2016


COMPUTER SECURITY REVIEW - AUGUST 2016

-----------------------
DOING BUSINESS WITH ASIA ? THEN WORRY MORE ABOUT SECURITY
(The Register, dated 25th August 2016 author Darren Pauli)

Full article [Option 1]:

www.theregister.co.uk/2016/08/25/wtf_is_lateral_pivot_asia_pac_orgs_suck_at_security_mandiant_finds/

Organisations across the Asia Pacific are terrible at information security, a Mandiant report contests.

While businesses in the United States will detect a hacker in their networks within four months, in line with the global average, it takes 17 months for those in the Asia Pacific region to notice their intruder.

The region is diverse, with some countries faring better than others, Rob Van Der Ende, Asia Pacific vice president of Mandiant parent firm FireEye tells Vulture South.

Van Der Ende points to a focus of regional businesses in perimeter defence rather than the modern best practice approach of hardening network internals in a bid to minimise the damage from breaches.

There are dozens of persistent attack groups in the Asia Pacific willing plunder organisations on their own turf. The capabilities of these bold groups coupled with a lack of awareness of internal network hardening makes for a potential storm of breaches of which many the public may be unaware of, Van Der Ende agrees.

-----------------------
A QUARTER OF BANKS DATA BREACHES ARE DOWN TO LOST PHONES AND LAPTOPS
(The Register, dated 25th August 2016 author John Leyden)

Full article [Option 1]: www.theregister.co.uk/2016/08/25/us_bank_breaches_survey/

One in four breaches (25.3 per cent) in the US financial services sector over recent years were due to lost or stolen devices, according to a new study.

More than 60 financial sector organisations suffered recurring breaches in the last decade, including most major banks.

While hacking accounted for a disproportionate number of the individuals affected by financial services breaches, only one in five leaks were caused by hacking. Other breaches were the result of unintended disclosures (14 per cent), malicious insiders (13 per cent), and lost paper records.

JP Morgan Chase, the US's largest bank, has suffered several recurring breaches since 2007. The largest breach event, the result of a cyber-attack in 2014 affected an estimated 76 million US households. Other breaches at JPMorgan stemmed from lost devices, unintended disclosures, and payment card fraud.
-----------------------
POOR SECURITY "AIDED" ASHLEY MADISON HACK
(BBC News, dated 23rd August 2016)

Full article : www.bbc.co.uk/news/technology-37170542

The Ashley Madison dating site had "inadequate" security systems and used fake icons to make people think it was safe, reveals a report.

The Toronto-based firm's security systems were investigated by privacy watchdogs in Canada and Australia.

The attack on Ashley Madison in July 2015 took data on millions of users.

Avid Life Media, which owns Ashley Madison, has already said it will abide by the report's findings to improve the way it handles data.

Canada's Office of the Privacy Commissioner (COPC) and the Office of the Australian Information Commissioner started an investigation into how Avid Life Media handled customer data soon after the attack.

The report released this week revealed that Avid Life violated privacy laws in both countries thanks to the lax way it oversaw data that users surrendered to it when they signed up.

-----------------------
TELECOMS INDUSTRY "TOP TARGET" FOR CYBERATTACKS
(International Business Times, dated 23rd August 2016 author India Ashok)
Full article [Option 1]:

www.ibtimes.co.uk/telecom-industry-top-target-cyberattacks-by-hackers-luring-insiders-gain-access-systems-1577519

Hackers are increasingly targeting employees, in efforts to launch cyberattacks against businesses. Security researchers have found that the telecommunications industry is particularly vulnerable to such threats and is a "top target" for cyberattacks. Hackers are now luring insiders via underground channels, either paying or blackmailing them, as part of their malicious "toolset" to help breach telecom providers' security and conduct attacks.

According to Kaspersky Lab, telecom providers are attractive targets for cybercriminals and state-sponsored hackers as they collectively oversee global networks, voice and data transmission and store colossal amounts of sensitive data. Researchers also noted that "28% of all cyberattacks, and 38% of targeted attacks now involve malicious activity by insiders".

-----------------------
SWIFT "AWARE OF HACKING THREAT FOR YEARS BUT FAILED TO ACT" SAYS FORMER CEO
(International Business Times, dated 19th August 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/swift-aware-hacking-threat-years-failed-act-says-former-ceo-1576968

Nb : Also see full article in News 2016 section.

Top officials in charge of Swift, the financial messaging and transfer system used by over 10,000 banks around the world, had suspected cybersecurity vulnerabilities in customer terminals 'for years' but failed to address concerns.

That's the accusation made by over a dozen current and former senior managers and board members of the Belgium-based organisation, who spoke to Reuters in the wake of a number of high-profile, and highly damaging, cyberattacks on banks using Swift mechanisms to transfer funds.

------------------------
HACKERS ONLY NEED 5 MINUTES TO FORGE A PHISHING SCAM AND 25 MINUTES TO BREAK INTO SYSTEMS
(International Business Times, dated 17th August 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/hackers-only-need-5-minutes-forge-phishing-scam-25-minutes-break-into-systems-report-1576554

How long do you think it may take cybercriminals to hack into your computer? According to a new report by cloud-based cybersecurity firm Duo Security, it may take less than half an hour for hackers using phishing email campaigns to access systems and steal sensitive information.

Duo Security collected data from 400 organisations using its free web-based tool Duo Insight, which allows internal IT teams to test employee response by sending out phishing campaign simulations. The firm said that of the 11,542 users who received such phishing emails, 31% clicked on links that could have potentially compromised systems via malware or virus attacks.

The phishing simulation links sent out by Duo did not install malware, instead it prompted users to enter their login credentials. Alarmingly, 17% of users ended up providing their usernames and passwords "giving an attacker in a real-world scenario the keys to corporate data".

------------------------
PHARMACEUTICAL AND MANUFACTURING FIRMS HIT BY "OPERATION GHOUL" HACK ATTACK
(International Business Times, dated 17th August 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/pharmaceutical-manufacturing-firms-hit-by-operation-ghoul-hack-attack-1576601

A sophisticated cybercrime operation targeting industrial and engineering firms in over 30 countries across the world with the aim of stealing financial data has been exposed by security researchers at Kaspersky Lab.

The cybercriminals behind the campaign, dubbed Operation Ghoul, have reportedly attacked over 130 businesses so far using email phishing tactics to spoof letters from banks in an attempt to get unsuspecting recipients to hand over sensitive corporate information.

The fake emails are most frequently made to look like payment documents, and often include Zip files loaded with malware, Kaspersky said. Additionally, the hackers have been known to use phishing links - which are still shockingly effective to the untrained eye.

-----------------------
HYATT, MARRIOTT AND OTHER HEI - OPERATED HOTELS HIT BY MALWARE ATTACK
(International Business Times, dated 15th August 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/hyatt-starwood-other-hei-operated-hotels-hit-by-malware-attack-customer-data-feared-stolen-1576037

Hackers have attacked 20 hotels run by HEI Hotels and Resorts, including Hyatt, Marriott, Starwood and Intercontinental with a targeted malware. The cyberattack may likely have resulted in personal and financial information of thousands of customers being stolen and leaked.

Privately-owned HEI, which is headquartered in Norwalk, Connecticut, confirmed that the data breach was first discovered in June this year and was found to be targeting PoS (point-of-sale) systems. The firm also said that the malware was specifically designed to steal card data used by customers to make payments.

HEI said that the malware was active from 1 March 2015 to 21 June 2016 and affected 12 Starwood hotels, six Marriott International Inc hotels, one Hyatt hotel and one other Intercontinental hotel

-----------------
THIEVES CAN WIRELESSLY UNLOCK UP TO 100 MILLION VOLKSWAGENS, EACH AT THE PRESS OF A BUTTON
(The Register, dated 11th August 2016 author John Leyden)

Full article [Option 1]: www.theregister.co.uk/2016/08/11/car_lock_hack/

Security researchers will demonstrate how crooks can break into cars at will using wireless signals that can unlock millions of vulnerable vehicles.

The eggheads, led by University of Birmingham computer scientist Flavio Garcia alongside colleagues from German engineering firm Kasper & Oswald, have managed to clone a VW Group remote control key fob after eavesdropping on the gizmos' radio transmissions.

The hack can be used by thieves to wirelessly unlock as many as 100 million VW cars, each at the press of a button. Almost every vehicle the Volkswagen group has sold for the past 20 years - including cars badged under the Audi and Skoda brands - is potentially vulnerable, say the researchers. The problem stems from VW's reliance on a "few, global master keys."

-----------------
ANDROID BUG FEAR IN 900 MILLION PHONES
(BBC News, datd 8th August 2016 author Mark Ward)

Full article [Option 1]:

www.bbc.co.uk/news/technology-37005226

Serious security flaws that could give attackers complete access to a phone's data have been found in software used on tens of millions of Android devices.

The bugs were uncovered by Checkpoint researchers looking at software running on chipsets made by US firm Qualcomm. Qualcomm processors are found in about 900 million Android phones, the company said.

Affected devices included:
- BlackBerry Priv
- Blackphone 1 and Blackphone 2
- Google Nexus 5X, Nexus 6 and Nexus 6P
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- New Moto X by Motorola
- OnePlus One, OnePlus 2 and OnePlus 3
- US versions of the Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
-----------------------
HACKERS UNLEASH SMART TWITTER PHISHING TOOL THAT CATCHES TWO USERS IN THREE
(The Register, dated 5th August 2016 author Darren Pauli)

Full article [Option 1]:

www.theregister.co.uk/2016/08/05/hackers_unleash_smart_twitter_phishing_tool_that_snags_two_in_three_users/

Don't Click on dodgy short URLs.
Twitter scammers have a new weapon with the release of an effective spear phishing tool that lands a victim almost two thirds of the time, dwarfing the usual five-to-fifteen-per-cent-open-rate for spam tweets.
It sifts through a user's previous tweets using its machine learning capabilities to craft tweets relevant to a target's interests.

------------------------
200 MILLION YAHOO ACCOUNTS MAY BE UP FOR SALE ON BLACK MARKET
(Computer World, dated 2nd August 2016 author Michael Kan)

Full article [Option 1]:

www.computerworld.com/article/3102916/security/200m-yahoo-accounts-go-up-for-sale-on-black-market.html

Yahoo users might want to reset their passwords. A hacker claims to have stolen the login information for 200 million Yahoo accounts and is selling them on the black market.

Writing a resume means knowing your audience. If you try to please everyone, you'll only wind up with

The stolen records are up for sale on TheRealDeal, a darknet marketplace that offers illegal goods. For 3 bitcoins, or $1,824, anyone can buy them.

The hacker, known as peace_of_mind, has claimed to have previously sold login credentials for LinkedIn and Tumblr users.

In a brief message, peace_of_mind said the Yahoo database came from a Russian group that breached LinkedIn and Tumblr, in addition to MySpace.
-----------------------
FBI TO LEAD NATION'S CYBERATTACK RESPONSES
(Computer World, dated 26th July 2016 author Patrick Thibodeau)

Full article [option 1]:

www.computerworld.com/article/3100625/security/fbi-to-lead-nations-cyberattack-responses.html

President Barack Obama issued a policy directive Tuesday putting the FBI in charge of cyberattack responses. For businesses, this means the FBI should be in the speed dial if help is needed.

The intent of the directive is to improve management of the U.S. response to "significant" cyberattacks.

Analysts say this action was needed because it was never clear just what agency was taking the lead in response to a cybe attack -- the U.S. Secret Service, an agency within the Department of Homeland Security (DHS) or some other federal agency.

The decision to put the FBI in charge "was essential," said Alan Paller, president of the Sans Technology Institute and director of research. "The FBI is the only non-DoD agency with a very high concentration of ninjas on staff -- people with the advanced forensics skills needed to find out what happened."

The FBI will now "take the lead in coordinating the response to the immediate threat," said Lisa Monaco, assistant to the president for Homeland Security and Counterterrorism, in a speech today at a security conference in New York.

----------------------

(1st September 2016)


UK HOSPITALS TARGETED BY RANSOMWARE BUT NHS DID NOT PAY UP
(International Business Times, dated 31st August 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/uk-hospitals-targeted-by-ransomware-nhs-did-not-pay-1578832

Ransomware is increasingly becoming the go-to cybercrime exploit used by hackers to make a quick buck. In particular, targeted attacks against hospitals across the globe have escalated in the recent past. UK hospitals have also been targeted and successfully infiltrated by hackers via ransomware attacks. However, unlike some victims, NHS has not paid up hackers when struck by ransomware.

According to information gleaned by Motherboard from Freedom of Information requests, UK hospitals, despite having been successfully penetrated by ransomware, are not paying hackers any ransom. According to Motherboard's report numerous NHS trusts had been hacked, since as far back as 2012. However, the attacks allegedly appeared to be small scale, infecting only a limited amount of systems. Additionally, all of the NHS hospitals contacted confirmed they had been infected but not paid the hackers.

This, however, in no way mitigates the security implications of such attacks. According to cybersecurity firm NCC Group, which researched 60 NHS Trusts, nearly 50% of them were infected by ransomware in 2015. However, with ransomware, successful ransom payments are considered to be more important than successful infections. Reports speculate that if victims of ransomware, especially hospitals, do not pay up, then there is a possibility that they may have been able to protect or recover sensitive data, making payment unnecessary.

The East and North Hertfordshire NHS Trust said it was twice successfully infected by Crypto Locker, a particular strain of ransomware. "In both cases for the Trust, we did not pay the ransom, we simply recovered the data from an internal backup," Freedom of Information Officer Jude Archer wrote in her response. "We back up all Trust data each and every day. I can confirm that there is no evidence the data that was encrypted [by the ransomware] was copied or moved off site at any time."

Officials at The Health and Social Care Information Centre (HSCIC) also followed a similar approach when struck by ransomware attacks.

"According to records HSCIC has been infected with ransomware on 3 occasions since January 2012, in every instance HSCIC has been prepared for this eventuality and has been able to contain and eradicated the ransomware infection and restore all affected systems and files from full backups, without any breaches to patient data or disruptions to the delivery of patient care," said Information Governance Advisor Graeme Holmes.

Ransomware boom

Ransomware attacks against hospitals are becoming increasingly common. Hospitals in the US, Japan and South Korea were recently targeted by a massive Locky ransomware attack. Security researchers noted that hackers are constantly evolving their techniques in order to target more victims and avoid security detection. This is evidenced by the rapid evolution of the Cerber ransomware. Security firm Check Point had released a decryption key for the ransomware, which was available for a day before Cerber's developers modified the ransomware to render Check Point's decryption key ineffective.

Symantec also recently released a report that highlighted how hackers have more than doubled the amount of ransom demanded from victims. "The perfection of the ransomware business model has created a gold-rush mentality among attackers, as growing numbers seek to cash in," Symantec said.

(1st September 2016)


EIGHT OUT OF 10 PEOPLE HAPPY WITH POLICING, WATCHDOG FINDS
(The Guardian, dated 31st August 2016 author Amelia Hill)

Full article [Option 1]:

www.theguardian.com/uk-news/2016/aug/31/eight-out-of-10-people-happy-with-policing-watchdog-finds

uaware note : article has many links to further sources of information.

Almost eight in 10 people are satisfied with policing, according to a report published by the police watchdog.

The survey of 26,000 people also found that the majority of the population felt that crime and antisocial behaviour was not much of a problem (62%), while a further one in 10 did not consider it a problem at all (10%).

The study, conducted last summer but published for the first time on Wednesday, was carried out by Ipsos Mori on behalf of Her Majesty's Inspectorate of Constabulary to monitor public views of policing. It is the first time the study has been done.

The findings reveal that 76% of people are happy with policing in their area despite 36% not having seen a police officer on patrol over a period of 12 months. Another 23% said they had seen police on foot only once or twice over a year. Those living in the most deprived neighbourhoods, however, are more likely to report having seen a uniformed police presence on foot.

But the survey also found a quarter of respondents believed that crime and antisocial behaviour was a big problem in their local area (25%). Age appears to have an impact on feelings of safety with 33% of 16 to 24-year-olds feeling unsafe, compared with 21% of those aged 65 and over.

The study questioned people aged over 16 across the 43 police forces in England and Wales, between 15 July and 6 August 2015.

Last October, the chair of the National Police Chiefs' Council, Sara Thornton, and Craig Mackey, deputy commissioner of the Metropolitan police, said the era of routine patrols by "bobbies on the beat" had come to an end.

They also said funding cuts would lead to a transformation in investigating crime, but the Home Office said at the time police reform was working and crime was falling.

Police budgets in England and Wales were protected in real terms in the former chancellor George Osborne's spending review last November.

People's overall contentment with policing appears to reflect the national picture of falling crime rates, as recorded by the latest Crime Survey for England and Wales (CSEW). The CSEW shows overall crime has been falling since a peak in 1995, with some fluctuations from year to year. The latest survey ending March 2016 showed a 6% fall in the number of incidents against adults aged 16 to 59. There were 6.3m incidents, compared with 6.8m in the previous survey year.

Improved crime rates, however, do not reliably result in people feeling safer. The same ONS survey showed that around 6 out of 10 adults (61%) perceived crime in the country as a whole to have risen over the past few years. Fewer people, however, perceived that crime had risen in their local area (32%). Instead, when asked about the level of crime in their local area, compared with the level nationally, only a small proportion (9%) thought crime in their local area was above average and 55% felt it was below average.

News programmes on TV and radio are most often cited as the main source of information influencing people's perceptions of national crime levels (cited by 67% of people).

The 2013-14 survey found 12% of adults classified as having a high level of worry about violent crime. Almost one in five adults (19%) thought it was either "very" or "fairly likely" that they would be a victim of crime within the next 12 months. All of these measures were at a similar level to the previous year and the general trend has been flat for a number of years.

(1st September 2016)


LONDON POLICE CHIEF SAYS ACTION FRAUD GETS 40,000 REPORTS EVERY MONTH
(International Business Times, dated 29th August 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/london-police-chief-says-action-fraud-gets-40000-reports-every-month-1578552#

Despite budget cuts and a steadily rising cybercrime rate, the London police force, led by the commissioner, Ian Dyson, continues to battle the menace even enlisting the help of tech giants like Google and Microsoft.

According to Dyson, almost half of all cybercrimes reported to Action Fraud, Britain's national fraud reporting service, comes from overseas attackers located as close as Russia and Ukraine or as far off as India. Dyson said that among the emerging crimes is "CEO fraud", referring to scam phishing emails distributed to junior employees in a firm. The scam emails sent out by hackers, generally pose as being sent from a senior company official and involve prompting the receivers to divulge sensitive information.

"Every month Action Fraud receives 40,000 reports, half a million a year, and we know from the ONS stats that's only a small percentage of what is going on. There were 3.8 million frauds and two million cyber offences. You cannot enforce your way out of this. It's physically impossible," Dyson told the Guardian.

The reports received by Action Fraud are first analysed to determine which of them have "actionable leads", after which they are passed along to either the National Crime Agency (NCA), the Serious Fraud Office or the 43 other police forces spread across the UK, while the remaining are dealt with by the City of London police.

"There are 700 cases the City of London police are investigating at the moment. That's me rather than ones disseminated to other forces. In the top 10 there is about half a billion pounds worth of fraud being investigated," Dyson said. "The public have to shift their mindset around crime. The public have to understand we cannot enforce our way out of this, [given] the volume of crime, the fact that it is global and happening so fast, and that money can be moved so quickly. It has to be about prevention and protection."

"Policing has taken a 20% hit in its budget so I've got to do what I can with what I've got," Dyson said, adding that almost every public sector organisation faces similar cuts. "You have to be realistic with the volumes [of crimes] you've got, [and] about the global nature of the crime issue. I cannot possibly sit here and say I am going to investigate every crime. You can't. But policing has never investigated every crime."

Dyson also said that the a pilot project is in the works, which would involve hiring private law firms to help seize the money involved in a crime, which would then be used to repay victims. "We're an innovative police force," he added. "The investment in the last 10 years was in neighbourhood policing and the visibility of police officers. We are shifting, in fairness, policing is shifting to deal with online."

Disruption is key

According to Dyson, disruption or public reporting of crimes is a major source of intelligence, which can be used by the police force to fight cybercrime. "Last year 180,000 websites, phonelines and bank accounts involved in fraud were closed down following police intelligence. So disruption is a big thing... Your report, combined with hundreds of others could lead us to close down that website and prevent people from becoming victims of fraud. While you might not get your money back, it will go at least some way to stopping others [from being a victim]," he said.

(1st September 2016)


HUNDREDS OF POKEMON GO INCIDENTS LOGGED BY POLICE
(BBC News, dated 29th August 2016 author Tom Mullen)

Full article : www.bbc.co.uk/news/uk-england-37183161

Pokemon Go players have been involved in hundreds of police incidents since the gaming app phenomenon launched, the BBC has learned.

Robberies, thefts, assaults and driving offences were among 290 incidents recorded across England and Wales throughout July.

Lancashire Constabulary logged 39 incidents - the highest figure from 29 forces that provided data.

The force has reiterated safety advice for fans of the monster-hunting game.

A spokesman for Pokemon Go developers Niantic also urged people playing the game to "abide by local laws".

Data released to the BBC under the Freedom of Information Act revealed officers have dealt with complaints ranging from the disturbing to the bizarre.

In some cases Pokemon players have been victims of crime, while others have been accused of committing offences or being involved in antisocial behaviour.

Surrey Police attended reports of 30 people fighting after a Pokemon hunt turned into a brawl.

Officers in north Wales discovered a man had invited children back to his home "as he had lots of Pokemon at his address".

In Cheshire, concerns were raised about children walking over graves in a cemetery as they took part in the augmented reality craze.

Both Greater Manchester Police and the Met noted incidents of Pokemon "lures" being set up, as robbers used the game to distract victims before snatching their mobile phones.

British Transport Police recorded two incidents of children trespassing on railways while playing the game, while several drivers have been spotted playing the game behind the wheel.

Other incidents were less clear. West Midlands Police referred to someone being "offered sexual favours" but provided no further detail.

West Mercia Police recorded a "road accident while playing Pokemon" but declined to elaborate.

A woman contacted West Yorkshire Police concerned that Pokemon characters were trying to "get into her home".

Cumbria Police received a complaint regarding a picture posted on Facebook, in which "the image had been altered to depict the person as a Pokemon character".

In another traffic-related incident, officers in Surrey discovered nine cars "parked across a junction" while looking for Pokemon.

Police in Devon were called to reports of a motorist driving down one-way streets and "stopping in the middle of the road playing Pokemon".

South Yorkshire Police said a Pokemon player had been punched and had their phone taken by three "unknown assailants".

West Mercia Police recorded 32 incidents, the second highest total, while the forces with the joint lowest were Thames Valley and North Yorkshire, which each logged two incidents.

The majority of forces declined to specify how many arrests had been made, with several citing ongoing investigations.

Sgt Neil Dewson-Smyth, of Cheshire Police, said the figures were "worrying".

"It was out in America first and there seemed to have been a few problems there. Nationally and internationally I'm well aware of quite a few circumstances that have come up," he said.

"But for me the key message is do not play it while driving. It's a fun game, but play safe and don't put lives at risk."

'Avoid dangerous locations'

A spokesman for Niantic said the company takes the issue of "player safety" seriously.

"We encourage all people to be aware of their surroundings and to play alongside friends or family, especially when you're exploring unfamiliar places," he added.

"Please remember to be safe and alert at all times, don't drive and play, abide by local laws and respect the locations you visit."

Lancashire Constabulary said Pokemon players should never trespass on private land or put themselves in any sort of risk for the sake of the game.

"People should avoid potentially dangerous locations that could make you vulnerable to injury or become a victim of crime," a force spokesman said.

"Never enter any body of water. Pokemon do not appear beyond the safety of the shoreline. And don't enter derelict structures, unlit footpaths or alleyways."

(1st September 2016)


MORE THAN 1,000 RAPES AND SEX ASSAULTS IN LONDON SCHOOLS IN JUST FOUR YEARS
(London Evening Standard, dated 28th August 2016 author Hannah Al-Othman)

Full article [Option 1]:

www.standard.co.uk/news/crime/revealed-more-than-1000-rapes-and-sex-assaults-at-london-schools-in-just-four-years-a3330726.html

More than 1,000 rapes and sexual assaults have taken place at schools and nurseries across London in the past four years, it can be revealed.

Figures obtained under the Freedom of Information Act show 83 rapes alleged to have taken place in schools or nurseries in London were reported to police.

This was coupled with 921 other sexual assaults that were also reported as taking place in schools and nurseries - meaning 1,004 sex attacks in total were recorded by police.

Of the rape allegations, more than 15 per cent were reported in the borough of Croydon, where 13 rapes were recorded.

There were also eight rapes reported in Haringey and a further seven in Lewisham over the period spanning four school years.

A Metropolitan Police spokesman stressed that although the crimes had taken place in schools, the victims were not neccessarily pupils.

They could also be parents, teachers, caretakers, or even trespassers, police said.

The spokesman added that some crimes that happened just outside a school building, or within the vicinity of a school, could also be included in the data.

Police said they were unable to break the information down by school year, or provide any information on the age or gender of the victims, as this may lead to victims being identified.

As well as the 83 rapes, police received reports of more than 900 other sexual assaults at London schools and nurseries.

Of these, the highest number was Lewisham, where 50 assaults took place, followed by Greenwich, which saw 46 reports, and Newham and Lambeth where there were 45 apiece.

In response to the figures, an NSPCC spokesman said: "Schools should be safe places where pupils can fulfil their potential, so it's disturbing that so many children have been victims of sexual crimes.

"These figures should be a wake up call to all schools to review their safeguarding procedures and ensure all pupils feel able to speak out and seek help whenever they need it.

"And all children need to be educated about what sexual abuse is and how to get help immediately if they or someone they know has suffered an attack at school."

A Department for Education spokesman said that sexual offences take into account a large range of incidents, including things like sexting.

He added: "Incidents of crime in schools are very rare. Any offence, however, must be reported to the police. No young person should feel unsafe or suffer harassment in any circumstance.

"We regularly issue safeguarding guidance to schools and Ofsted checks that schools have robust procedures in place to ensure the safety of children as part of its inspections."

###Sexual offences recorded at schools and nurseries

Rapes and other sexual offences recorded by the Metropolitan Police between 2012 and 2016
: n = Rapes recorded (n) = Recorded other sexual offences

Barnet : 6 (26)
Barking and Dagenham : 2 (26)
Brent : 4 (25)
Bexley : 2 (33)
Bromley : 0 (32)
Camden : 3 (19)
City of London : ?
Croydon : 13 (44)
Ealing : 1 (30)
Enfield : 2 (52)
Greenwich : 1 (46)
Hackney : 4 (23)
Hammersmith and Fulham : 1 (23)
Haringey : 8 (34)
Harrow : 2 (26)
Havering : 3 (30)
Hillingdon : 2 (26)
Hounslow : 0 (23)
Islington : 2 (23)
Kensington and Chelsea : 2 (7)
Kingston upon Thames : 0 (5)
Lambeth : 3 (45)
Lewisham : 7 (50)
Merton : 1 (11)
Newham : 3 (45)
Redbridge : 1 (31)
Richmond upon Thames : 0 (5)
Southwark : 0 (36)
Sutton : 1 (28)
Tower Hamlets : 1 (26)
Waltham Forest : 2 (36)
Wandsworth : 4 (34)
Westminster : 2 (21)

(1st September 2016)


THE LONDON BOROUGHS WITH THE MOST CRIME-RIDDEN BUS ROUTES
(London Evening Standard, dated 27th August 2016 author Hatty Collier)

Full article [Option 1]:

www.standard.co.uk/news/crime/revealed-the-london-boroughs-with-the-highest-levels-of-bus-crime-a3330706.html

Bus passengers are most at risk of becoming a victim of crime when travelling through Westminster, it can be revealed.

Figures obtained from Transport for London showed 1,424 crimes recorded on buses in the borough over a 12-month period.

Lambeth had the second highest rate of crimes on buses with 1,065 crimes reported from July 2015 to June 2016, according to the statistics obtained by the Standard under the Freedom of Information Act .

Southwark was the third most dangerous borough with 911 incidents and Hackney fourth with 817.

Transport for London said it was working hard alongside police to tackle all forms of crimes on London's bus services.

In contrast, Sutton had the lowest numbers of crimes on buses with 189 incidents over the 12-month period.

Richmond, Bexley and Kingston also had low bus crime rate with 211, 246 and 212 incidents reported respectively.

Some 17,468 crimes were reported across London's bus network over the year.

The figures included reported crimes of theft, violence against a person, sex offences, criminal damage, robbery and harassment.

The number of incidents for City of London were not available.

Steve Burton, TfL's Director of Enforcement and On-Street Operations, said: "The bus network is a safe, low-crime environment with very few people ever experiencing or witnessing crime.

"During 2015/16 there were around 7.5 crimes for every million passenger journeys and the vast majority of these were low-level.

"However, one crime is one too many and we are working closely with the Metropolitan Police Service to further improve the safety and security of those using London's buses."

A Met Police spokesman said: "The MPS works with Transport for London to ensure a very safe and secure travelling environment for the public on the bus network - thoroughly investigating any crimes or incidents, targeting offenders and supporting victims.

"In an emergency always call 999. For all other police related enquiries call our non-emergency
101 or Crimestoppers on 0800 555 111."

###Crime on the buses

Crimes recorded by Transport for London between July 1, 2015 and June 30, 2016

Barnet : 559
Barking and Dagenham : 329
Brent : 625
Bexley : 246
Bromley : 351
Camden : 725
City of London : ?
Croydon : 561
Ealing : 616
Enfield : 500
Greenwich : 491
Hackney : 817
Hammersmith and Fulham : 624
Haringey : 794
Harrow : 282
Havering : 380
Hillingdon : 485
Hounslow : 434
Islington : 781
Kensington and Chelsea : 293
Kingston upon Thames : 212
Lambeth : 1065
Lewisham : 634
Merton : 313
Newham : 721
Redbridge : 356
Richmond upon Thames : 211
Southwark : 911
Sutton : 189
Tower Hamlets : 496
Waltham Forest : 514
Wandsworth : 529
Westminster : 1424

(1st September 2016)


NHS SLAPS PRIVATE FIRM HEALTH IQ FOR MOVING BRITS' DATA OFFSHORE
(The Register, dated 26th August 2016 author Kat Hall)

Full article [Option 1]:

www.theregister.co.uk/2016/08/26/health_iq_rapped_by_nhs_digital_data_security/

Health insurance and financial data management biz Health IQ is the latest outfit to have its wrists slapped by NHS Digital in the UK for failing to comply with data processing rules.

A technical audit of Health IQ concluded the company had breached its Data Sharing Agreement with the NHS "by holding and processing data outside of the UK," according to a report by the recently-rebranded NHS Digital, formerly known as the Health and Social Care Information Centre.

The audit (PDF) said: "As a result of this breach Health IQ had been required to delete NHS Digital data from the non-UK systems and to cease processing data in its London office. As a result of the incident, Health IQ has moved some of its infrastructure to a UK data centre."

It is not the first company to be take to task by NHS Digital in its regular audits and follow-up visit to companies to ensure they meet the obligations in their Data Sharing Contracts and Data Sharing Agreements.

"This helps to ensure that organisations abide by the terms and conditions we set and data is kept safe and secure," said NHS Digital.

The audits were put in place followinga review by Sir Nick Partridge , which disclosed that 588 data sharing packages were sold to "a range of private sector organisations, typically for the purpose of analytics, benchmarking and research" between April 2005 and March last year.

The spot checks apply to companies, charities, universities and government bodies that have received medical records after an investigation uncovered "significant lapses" in protecting patient confidentiality.

Phil Booth, coordinator of pressure group medConfidential, questioned why private companies are continue to break the rules around data sharing.

"We get told that there are rules in place to protect the privacy of patients. But yet again they've been ignored without penalty." He added that the errors are often basic and avoidable.

The sharing of patient records remains a highly contentious issue, with the government having officially canned its Care.data scheme.

The Register has contacted Health IQ for a comment.

(1st September 2016)


GREATER MANCHESTER POLICE FAIL TO RECORD 38,000 REPORTED CRIMES
(The Guardian, dated 25th August 2016 author Press Association)

Full article [Option 1]:

www.theguardian.com/uk-news/2016/aug/25/greater-manchester-police-fail-to-record-38000-reported-crimes

One of the biggest police forces in the country fails to record more than 38,000 reported crimes each year, including a quarter of violent offences.

Greater Manchester police (GMP) were graded "inadequate" at recording crime, and a watchdog found officers were also wrongly cancelling recorded violence, robbery and sex offences.

Her Majesty's Inspectorate of Constabulary (HMIC) said GMP recorded about 85% of crimes that were reported, but that the force was under-recording some serious offences. A quarter of violent crimes, equivalent to more than 16,800 offences, went unrecorded in a year.

Dru Sharpling from HMIC said: "Despite making some progress following our 2014 inspection, the force is failing some victims of crime. We estimate that the force fails to record over 38,000 reported crimes each year. The reported crimes that go unrecorded include serious crimes, such as violence and sexual offences.

"The failings are often a consequence of a lack of knowledge on the part of the officers and staff as to their responsibilities for crime-recording, including the cancellation of recorded crime records."

In samples of cancelled recorded crimes, 18 out of 20 rapes were found to have been correctly dropped, and 17 out of 21 other sexual offences.

But only 10 out of 20 violent crimes and 15 out of 22 robberies that were audited had been correctly cancelled.

GMP said recording levels had risen from 68% to 85% in the past two years, and that further progress would be made once a new IT system had been introduced.

Deputy Ch Con Ian Pilling said: "Many victims of crime are satisfied with the service they receive, even when the crime is not recorded properly and the report doesn't highlight this.

"Whilst there are some unacceptable crime recording failings, many are simply administrative issues and do not mean we have failed the victim. A significant amount of activity has taken place to address these administrative problems and we will continue to work hard to address this."

He also stressed that the majority of unrecorded violent crimes were "in the less serious categories".

Another force, Staffordshire police, was graded as "requires improvement" when recording crime. HMIC said that 91% of reported crimes were recorded, including every rape, but that the force was under-recording offences including violence, sex offences and modern slavery.

Wendy Williams from the watchdog said: "The force is still not recording a large number of crimes each year properly - approximately 6,700 crimes, including some serious crimes, such as violence and sexual offences. There is a lack of knowledge amongst officers and staff about their responsibilities to record crime."

Meanwhile, Sussex police were judged to be "good" at recording crime, with a rate of nearly 95%, although 5,300 offences were going unrecorded, including some serious allegations.

Ch Con Giles York said: "Some victims may not have had their crimes recorded entirely accurately and if they have felt let down by that, then I am really sorry.

"We will need to keep working hard to maintain and improve this very high standard for recording crime to ensure that victims get the services they need."

(1st September 2016)



POKEMON GO - SAFETY TIPS FOR PARENTS
(BT News, dated 25th August 2016 author Hannah Bouckley)

Full article [Option 1]:

http://home.bt.com/tech-gadgets/internet/pokemon-go-safety-tips-for-parents-11364081820971

The 1990's gaming phenomenon Pokémon is back with Pokémon Go - but the game, which takes players outside to hunt the critters, throws up safety issues parents need to be aware of.

With over 100 million downloads, Pokémon Go has become a global phenomenon and its popularity has sent maker Nintendo's share price rising.

Unlike most smartphone games, Pokémon Go is a bit different in that it encourages activity, requiring players to go outside and interact with other people. Yes, it gets the kids off the sofa, but it also brings up safety issues parents need to be aware of. Here's everything a parent needs to know about Pokémon Go.

What is Pokémon Go?

In Pokémon Go you are trainer bidding to catch Pokémon - a menagerie of weird and wonderful creatures - but instead of catching them in a game-based make believe world, you catch them in real-world locations.

The game uses your phone's GPS to pinpoint your location and create a map of the world around you, which you can travel around to find the Pokémon. Find one, tap it and you can then try to capture it using Poké Balls.

The game incorporates Augmented Reality, which uses the phone's camera to overlay the Pokémon on the streets and buildings that appear on your screen.

Pokéstops are typically close to landmarks and allow players to capture Poké Balls, while trainers can battle each other at Pokémon Gyms.

Pokémon appear close to their natural habitat, so water Pokémon will live near rivers and lakes, for example.

Pokémon Go safety tips

The action in Pokémon Go predominantly takes place outside, so is great way for your child to keep active, but brings up some safety issues.

Tip 1: Don't talk to strangers

People of all ages are playing Pokémon Go, which means adults as well children are searching for Pokémon Gyms and Pokéstops. As a result, there is a risk your child may interact with strangers, some of whom might have dangerous intentions.

If you have young children, play Pokémon Go together, and if your child is older, it's really important to talk to them about the dangers of talking to strangers and remind them that they should never meet up in real life with someone they've met online. Find out where your child is going to play Pokémon Go and what time they'll be back.

Internet Matters has useful advice on online grooming

If your child uses an iPhone to play Pokémon Go, make sure they use your iCloud account. As long as the phone has power, by logging into iCloud.com and clicking Find iPhone you'll be able to see where they are.

Tip 2: Be careful with your phone

Smartphones are a target for thieves - three students were robbed in Manchester playing Pokémon Go one evening.

Encourage your child to avoid taking their phone out in busy areas and to use it discreetly.

They should be aware of what's going on, which leads to our next tip…

Tip 3: Pay attention to surroundings

People have been getting distracted when playing Pokémon Go, such as the pair who fell off a cliff in the US while hunting Pokémon.

UK police have issued warnings to players to be aware of hazards such as cars and busy roads, so warn your child about the importance of paying attention to risks around them.

Pokémon Go has a vibrate option. Activate this and dim the screen and it will vibrate when a Pokémon is nearby, allowing them to continue playing while concentrating on the world around them.

Tip 4: Don't trespass


Some Pokémon Gyms are located on private property and not everyone wants to join in: some businesses have already put signs up warning players not to enter. You do not need to enter buildings to access a gym, and the Pokémon user agreement prohibits people entering private property without permission.

Ensure your child knows it's illegal to trespass, even if the game suggests they are free to do so.

Tip 5: Battery issues

Heavy Pokémon Go use drains smartphone batteries, which means your child may not be able to communicate with you if their battery runs out.

Make use of the 'battey saver' option in the settings of the app and consider buying a battery pack,

Tip 6: Watch out for hidden costs

Pokémon Go is free to download for Android and Apple devices, but once you load the game, it is possible to buy Pokécoins (the game's currency) as in-app purchases. You can use these to buy items to make the game easier to play, but they don't come cheap: 100 Pokécoins cost 70p, but 14,500 costs £79.99.

Your child may order these without realising the cost, so avoid bill shock and restrict in-app purchases by following guides for iphone and Android phones linked within the full article.

Full article [Option 1]:

http://home.bt.com/tech-gadgets/internet/pokemon-go-safety-tips-for-parents-11364081820971

Pokémon Go uses mobile data, so if your child plays a lot, it could eat up their data allowance and be expensive if they are on a contract. Contact your network to see if you can set a spend cap, or if they are on PAYG, regulate how much they use the game.


ABOUT - INTERNET MATTERS

Internet Matters.org was founded by BT, Sky, TalkTalk and Virgin Media and helps parents to ensure their children learn, create, share and have fun online whilst staying safe.

Research conducted by Internet Matters revealed that 74% of parents want more information and advice about online safety. To meet this demand, Internetmatters.org has been created as a one-stop hub, directing parents to valuable help and advice from the leading experts at organisations and charities in the child internet safety field.

https://www.internetmatters.org

(1st September 2016)


#NOTGUILTY CAMPAIGN - MY OPEN LETTER SPARKED A GLOBAL MOVEMENT
(London Evening Standard, dated 24th August 2016 author Ione Wells)

Full Article [Option 1]:

www.standard.co.uk/lifestyle/london-life/notguilty-campaign-how-ione-wells-open-letter-sparked-a-global-movement-a3328206.html

It has been 18 months since I wrote an open letter to the man who assaulted me. It was published in Oxford University's student newspaper and at the end of the letter I encouraged others to write in with their experiences under the hashtag #NotGuilty.

I hoped to reach out to other students who might have gone through something similar and felt unable to talk about it or get help. Little did I anticipate that, almost overnight, the published piece would go viral. Soon my letter was all over the national press. My words were translated into several other languages and the hashtag became a global campaign.

The response was overwhelming. Since last April hundreds of people around the world have shared their stories with the Not Guilty campaign. My letter was the spark that fired up a movement which aims to break the taboo of talking about sexual assault.

We want to send a clear message to perpetrators that "we will not tolerate this", and to victims that "we are with you". The good news is that it seems to be working.

One woman wrote to us after being assaulted by someone she had trusted and cared about, and said: "I have read many of the stories posted on here, and feel more hopeful that if so many women can move forward then I can too."

Another contributor, who was assaulted on public transport in London, said: "I am so proud to be part of #NotGuilty, for why should we suffer this form of abuse?"

A woman who attended one of our workshops later told me that writing about her experience that day had finally allowed her to tell her family about the impact the attack had on her. She also wrote a letter to her assailant, "although they may never understand, I showed them that I can survive this unimaginable ordeal, and that empowers me".

Working on the campaign has taught me a great deal, primarily that sexual assault is an issue everyone needs to talk about - not just those who have experienced it. As one recent contributor says, "If you have been made to feel uncomfortable or damaged by a sexual encounter... there are millions of women and men who have felt like you feel and who want to help you."

Open discussion about sexual assault is crucial for education, not only about the nuances of consent but also about how and where to get help if you, or somebody you know, is assaulted - I certainly didn't know about the support structures that existed until it happened to me. One woman told me that after she was assaulted she "Googled 'what to do if you've been raped'".

The key, as with anything, is to begin as early as possible. This year I ran #NotGuilty workshops in schools covering issues from "sexting" to dispelling myths about assault and talking about the appropriate ways to support a friend who has experienced abuse.

Consent workshops have become more common at campuses and schools across the world and have been the cause of controversy. One Warwick student condemned them in an article for student website The Tab as being a "smug, righteous, self-congratulatory intervention". But in my experience their importance is demonstrated by the huge grey areas I have witnessed in people's understandings of what constitutes consent - particularly when alcohol or close relationships are involved - and I have no doubt a large part of that is down to a lack of adequate sex education.

Talking with students gave me a real buzz, so I began to think about ways we could bring our online community together. Given that I had personally found it an incredibly restorative process, I decided to hold writing workshops for survivors.

In collaboration with Pavan Amara and My Body Back, which works to help women to reclaim their body image and sexuality after abuse, we held a workshop that allowed writers to address either their perpetrator or anyone else they thought they needed to get through to. Despite one of the ground rules being "you can tear what you write up at any time, this is primarily for you, not anyone else" by the end every attendee wanted to read theirs to the group.

But I'm also passionate about the need to involve everyone in these conversations. Speaking at events such as the Clear Lines Festival, where I talked about enjoying sex again after assault, made me realise that we need to get creative if we are to avoid preaching to the converted and attract audiences who aren't already invested in the issue.

I ran an arts festival this year in Oxford called We Need to Talk, for example, featuring three plays and a drama workshop that all incorporated themes of sexual violence - with the aim of engaging people with the issue through mediums they are perhaps more likely to approach off their own accord.

One play we put on was a one-man show by Tanaka Mhishi called This is How it Happens, which traces the struggles of a male rape survivor - many audience members commented on how didn't realise how much the issue affected men too.

Seeing the response that some of the more harrowing plays we showcased was moving. People were shocked to see the manifestations of trauma performed, and many told me they had "never quite realised the impact of it" before - which is exactly what I had hoped to change.

Though the campaign has given me a way to transform a negative experience into something I can feel hugely positive about and encouraged by, I can't pretend it has been an easy process to get here.

Dealing with the repercussions of sexual assault is a difficult, hugely up-and-down process for anyone, and going through this process in the public sphere was additionally overwhelming.But when people ask me how I have changed 18 months on as a result, as well as the campaign,

I think it is important to stress that, despite the media attention last year, I'm still much like I was 18 months ago. I'm still a normal student, still plagued with the bugbears of essay deadlines and overdrafts, still enjoying the glorious freedoms and relative lack of responsibilities as one should in their twenties. Part of normalising discussion about sexual abuse is also normalising the individuals and lives affected by it. We need to emphasise that, just like the victims of any other crime, we shouldn't be defined by something that happened to us, we aren't just statistics or news stories - but individuals just like everybody else.

(1st September 2016)


UK WILL KEEP ACCESS TO EU TERROR DATA
(London Evening Standard, dated 23rd August 2016 author Joe Murphy)

Full article [Option 1]:

www.standard.co.uk/news/uk/uk-will-keep-access-to-eu-terror-data-a3327246.html

Counter-terror chiefs in Europe have pledged to maintain intelligence co-operation during Brexit, a minister has said.

The assurances will help allay fears stoked during the referendum campaign that MI5 and the police faced being frozen out from access to vital data and policing tools after the UK leaves the EU.

Security minister Ben Wallace told an MP that "key partners have confirmed their commitment to continue to work closely in an area where the UK has played a key role in advancing European capability".

Government sources had insisted that there was no blanket assurance for the post-Brexit era because of the EU's refusal to hold formal negotiations talks until after Britain starts its formal exit procedures.

Keith Vaz, the chairman of the powerful Home Affairs Committee, said Mr Wallace's words were "in total contrast" to dire warnings given by the David Cameron before the referendum, but warned that "key questions" remained.

"I welcome the minister's positive statement of co-operation with EU partners on security and policing issues," he said. "This is in total contrast with what the then-home secretary and her ministers said to us before Brexit, namely that we would be cut adrift on these issues if we voted out, and we would need to negotiate 27 separate arrangements.

"The key questions remain: will we have still have special access to Europol and will we still be part the European arrest warrant?"

In April, former home secretary Theresa May concluded in a keynote speech that, on balance, Britain would be more secure within the EU.

"Outside the EU, we would have no access to the European arrest warrant, which has allowed us to extradite more than 5,000 people to Europe in the last five years," she said.

(1st September 2016)


GERMAN MINISTER SEEKS FACIAL RECOGNITION AT AIRPORTS AND TRAIN STATIONS
(The Register, dated 22nd August 2016 author Darren Pauli)

Full article [Option 1]:

www.theregister.co.uk/2016/08/2/german_minister_seeks_facial_recognition_at_airports_train_stations/

Germany's interior minister Thomas de Maiziere wants facial recognition systems in the country's airports and train stations to identify terror suspects.

Europe has experienced a wave of attacks, many terror-related, over recent months, which has in turn triggered a heightened state of security.

De Maiziere told the German Sunday newspaper Bild am Sonntag he wants a system to match against intelligence databases of known terror suspects, something the country has resisted.

"There are opportunity for individuals to photograph someone and use facial recognition software on the internet to find out if they have seen a celebrity or a politician," De Maiziere says.

"I want to use such face recognition software on video cameras at airports and train stations.

"Then the system will show if a suspect is detected."

De Maiziere cites video surveillance systems in place in German airports that detect luggage unclaimed after a set time.

"The authorities must use technology they are legally allowed to use," he says.

The Interior Minister also told the newspaper he is in favour of a ban on backpacks at some festivals. Authorities have already banned backpacks at Munich's upcoming Oktoberfest beer bash, implementing regular ID and security checks and extra fencing.

De Maiziere says the controls restrict personal freedoms less than cancelling public events for security reasons.

(1st September 2016)


CALLOUS THEFT OF DISABLED DRIVERS BLUE BADGES TREBLES
(London Evening Standard, dated 20th August 2016 author Sebastian Mann)

Full article [Option 1]:

www.standard.co.uk/news/crime/callous-theft-of-disabled-drivers-blue-badges-trebles-a3325351.html

Thousands of people are stealing disabled drivers' blue badges, with the number of cases trebling in the past three years.

The badges enable disabled people to park for free in pay and display bays and for up to three hours on yellow lines.

In London they exempt holders from having to pay the congestion charge.

There were 2,056 instances of blue badge theft in the UK in 2015, according to an analysis of Department for Transport data by the Local Government Association.

The figure represents a 17 per cent increase on the 1,756 instances recorded in 2014.

In 2013, the number of recorded blue badge thefts stood at 656.

The LGA, which represents more than 370 councils across England and Wales, said the increase has been accompanied by a rise in the number of people prosecuted by councils for using stolen or lost badges to park for free dishonestly.

The number of people caught abusing the scheme has almost trebled in five years with 985 successful council prosecutions in 2015 compared with 330 in 2010.

But the LGA is calling on people to help councils to further crack down on the problem.

Councillor Martin Tett, the LGA's transport spokesman, said: "The theft of blue badges is clearly a crime on the rise and it is alarming that incidents have trebled in just three years.

"Illegally using a blue badge is not a victimless crime. For disabled people, blue badges are a vital lifeline that helps them get out and about to visit shops or family and friends.

"Callous thieves and unscrupulous fraudsters using them illegally are robbing disabled people of this independence."

(1st September 2016)


FBI RELEASES NEW BANK ROBBERS MOBILE APP
(FBI Website, dated 19th August 2016)

Full Article [Option 1]:

https://www.fbi.gov/news/stories/fbi-releases-new-bank-robbers-mobile-app

uaware note : FBI = Federal Bureau of Investigation (USA)

Back in December 2012, the FBI launched its Bank Robbers website featuring a gallery of unknown bank robbery suspects wanted by the Bureau. Because the FBI, in its own bank robbery investigations, focuses on the most violent and/or the most prolific serial offenders who often cross jurisdictions, the suspects included on BankRobbers.fbi.gov are a dangerous lot and public assistance in identifying them plays a crucial role in our efforts to apprehend them.

Today, we're enhancing our efforts to publicize these dangerous criminals by launching our mobile Bank Robbers application for iPhones (plus iPads and iPods) and Android smartphones, which should make it even easier for the public-as well as financial institutions, law enforcement agencies, and others-to view photos and information about bank robberies in different geographic areas of the country. The app, which works with BankRobbers.fbi.gov, can be downloaded for free from Apple's app store or Google Play.

Using the app, bank robberies can be sorted by the date they occurred, the category they fall under (i.e., armed serial bank robber), the FBI field office working the case, or the state where the robbery occurred. If the location services on your device are enabled, you can view a map that shows the relevant bank robberies that took place in your geographic area. You also access surveillance photos, physical description information, robbery details, and the FBI's wanted poster for each suspect. Users can also select push notifications to be informed when a bank robbery has taken place near their location.

The app also provides quick access to a link directly to the FBI online tips page so users can contact us immediately if they have information on any of the robberies or suspects.

Some of the unknown bank robbers currently being sought by the FBI include the following:

- A suspect, wanted for nine bank robberies in Maryland, Virginia, and West Virginia, displayed at various times handguns and even a sawed-off shotgun during eight of those robberies. Details

- Another suspect, wanted in connection with 11 bank robberies in Pennsylvania, either carried or wore a semi-automatic handgun while verbally demanding money.

- In California, a suspect who reportedly wears various disguises has committed four robberies at California banks while displaying a handgun.

- And in Phoenix, this subject entered a bank, pushed an elderly woman out of his way, and pointed a handgun at bank employees and customers demanding money.

According to the FBI's bank crime statistics for 2015, there were 4,091 robberies, burglaries, and larcenies committed under the federal bank robbery statute in a variety of financial institutions-including commercial banks, savings and loan associations, credit unions, and armored carrier companies. Demand notes were a favorite tool used by bank robbers (2,416 times), but actual firearms were used 877 times, the threat of weapons was used 1,762 times, and explosive devices used or threatened occurred 108 times.



That's certainly proof that these crimes-and these criminals-can be extremely dangerous. And during 2015, actual acts of violence-from discharging a firearm to setting off explosives to committing assaults-were committed in 137 of the 4,091 incidents. Unfortunately, these violent acts led to 57 injuries, nine deaths, and 66 people being taken hostage.

The FBI continues to provide assistance to state and local partners investigating bank robberies, according to Gregory Adams, chief of the FBI's Violent Crimes Unit in Washington, D.C. "But we focus our investigative resources on those suspects who pose the greatest safety threats to the public" he explained, "and our new Bank Robbers mobile app is another tool we can use to help mitigate those threats."



Bank Robbers Website Success Story

The FBI's Bank Robbers website-and the new Bank Robbers mobile app-were created to help publicize unknown violent and/or serial bank robbery suspects who are wanted by the Bureau. The publicity works and really does help to get dangerous criminals off the streets.

Here's a BankRobbers.fbi.gov example:

After the website featured a suspect believed to have been responsible for 11 armed takeover style robberies in Delaware and Pennsylvania, local police received a tip in the mail which broke the case open-a printed page from the Bank Robbers website featuring the unknown suspect believed responsible for the robberies. Across the piece of paper was a handwritten name. A subsequent investigation led to the positive identification of the suspect as well as charges being filed against him in both states. That suspect is currently awaiting trial.

The FBI has always depended on the assistance and the support of the public in carrying out its mission, beginning back in its early days when some of our wanted criminal posters were tacked up onto post office walls. But today's technology-like websites and apps-can work as force multipliers and allow us to ask for and receive assistance from larger segments of the public.

(1st September 2016)


BEWARE OF THE CYBER-ATTACKERS
(London Evening Standard, dated 18th August 2016 author David Williams)

Full article [Option 1]:

How connected is your car? A new report by TNS and BearingPoint says that by 2020, eight in 10 cars will be 'plugged in' via wireless, enabling features such as engine updates or diagnostics, emergency roadside assistance, in-car entertainment and so on all to be controlled and manipulated - by remote control.

Already, Ford SYNC Connect technology, for instance, lets you remotely start your vehicle, unlock the doors and check the fuel level, all from your smartphone.
But there is a flip side to these advances as I discovered when I met Alex Moiseev, managing director for Europe of software security specialists Kaspersky Lab. He says that the rush by the car industry to improve connectivity could also leave motorists vulnerable to cyber crime, perhaps with malicious ransomware - or worse. "It already happens with desk computers - it's just a question of time before the bad guys move into cars too," he told me.
Kaspersky has direct experience. It's contracted by Ferrari F1 which relies on hundreds of sensors to provide thousands of data points at race events on factors such as tyre pressure, fuel burn efficiency and brake force - all sent wirelessly to engineers' laptops. It's Moiseev's job to ensure this valuable data remains under lock and key.
It wasn't until last year - when US hackers remotely took control of a Chrysler Jeep's vital functions including brakes, wipers and engine during a filmed stunt (bit.ly/1UgED6f) - that the apparent ease with which car computers can be hijacked came to light. It's the kind of incident that Kaspersky - and security firm SQS - are being hired by manufacturers to avoid.
Head of security services at SQS, Stephen Morrow, says: "As we start putting software in cars connected by the internet, we are getting to the point where computer security intersects with public safety. Manufacturers need to get on top of things."
Moiseev says that for years, car firms bought open source codes which run the computers now controlling vital functions in the average car, rather than creating their own, bespoke systems. "Who vetted the people who wrote the codes?"asks Moiseev. "What bugs already lie dormant inside our vehicles, just waiting to be manipulated?"
According to the Society of Motor Manufacturers and Traders, more than 1.5 million UK motorists a year now leave showrooms in cars featuring self-activating safety systems, controlled by computers. Asked if it was doing enough to fight cyber crime, the SMMT said: "Manufacturers are always striving to stay one step ahead of organised criminals, and constantly monitor for potential breaches."

(1st September 2016)


SWIFT "AWARE OF HACKING THREAT FOR YEARS BUT FAILED TO ACT" SAYS FORMER CEO
(International Business Times, dated 19th August 2016 author Jason Murdock)

Full article [Option 1]:

Top officials in charge of Swift, the financial messaging and transfer system used by over 10,000 banks around the world, had suspected cybersecurity vulnerabilities in customer terminals 'for years' but failed to address concerns.
That's the accusation made by over a dozen current and former senior managers and board members of the Belgium-based organisation, who spoke to Reuters in the wake of a number of high-profile, and highly damaging, cyberattacks on banks using Swift mechanisms to transfer funds.
In a series of shockingly candid admissions, the executives claimed that Swift had not regarded the security of customer terminals as a priority until the February attack against the Bangladesh central bank, which successfully compromised $81m (£56m).
The managers claimed they did not receive vital information about hacking attempts but also admitted their own liability in failing to recognise the malicious intrusions.
Leonard Schrank, chief executive of Swift from 1992 to 2007, told Reuters: "The board took their eye off the ball. They were focusing on other things, and not about the fundamental, sacred role of Swift, which is the security and reliability of the system." Schrank said he was "broadly aware" of the security issues but failed to act. "I am partially responsible," he admitted.
The senior bosses said that Swift failed to track live security incidents and consistently failed to monitor the extent of how its smaller banks were handling security. As a likely result of this, millions of dollars remain missing from the Bangladesh central bank, while a slew of other institutions - including in Vietnam, Ecuador and Ukraine - also having reported hacking attempts.
Arthur Cousins, another former board member, said the organisation believed it was banking regulators around the world that were responsible for protecting smaller banks against hacking and fraud attempts, not Swift.
Meanwhile, a spokesperson for Swift has defended the organisation against the board members' claims, saying: "Swift and its board have prioritised security, continually monitoring the landscape and responding by adapting the specific security focuses as threats have evolved.
"Today's security threats are not the same threats the industry faced five or ten years ago - or even a year ago - and like any other responsible organisation we adapt as the threat changes."
As control of Swift still remains firmly under the control of large banks like Citibank, Deutsche Bank and PJ Morgan, most senior officials believed security was already taken of. However, many failed to take into account the thousands of institutions joining from emerging markets.
Alessandro Lanteri, who served on Swift's board between 1995 and 2000, indicated this was when the problems really started to take hold. He said: "The difficulty is always to keep the security system very effective when you deal with little banks and emerging countries. There, it is very difficult to be sure that all the procedures of security are managed in the correct way."
The assertion is backed up the numerous reports claiming the Bangladeshi bank, at the time of the hack, was using no firewall on its computer network and cheap routers to connect to the Swift network. However, it has also emerged that large organisations - including the New York Federal Reserve - may have also missed a number of 'red flags' in the run-up to what is now considered the largest financial cybercrime operation in history.

uaware note : SWIFT is similar in concept to the BACS bank clearing system used within the UK. 

(1st September 2016)



BUS DRIVER AMONG GANG OF FRAUDSTERS JAILED FOR CHARGING £2,500 TO TAKE TESTS
(International Business Times, dated 18th August 2016 author Paul Wright)

Full article [Option 1]:

A gang of fraudsters who charged £2,500 to take people's driving tests on their behalf has been jailed for a total of three years.
The group, headed by Belgian national Dzemail Trstena, offered to take both theory and practical driving tests for provisional license holders at centres across the Home Counties and West Midlands.
Police say the scam allowed an unknown number of potentially "dangerous and unskilled" drivers on UK roads.
One fraudster, Bulgarian national Emil Petkov, was caught on CCTV being turned away from more than 30 theory test centres between 2010 and 2014 when the photo ID he presented was discovered not to be his. Others were caught taking practical tests.
Spencer Barnett, of the Met Police's Organised Crime Partnership, said: "We will never know how many tests they successfully cheated, but they were brazen and persistent in their repeated attempts. I have no doubt that they would have kept going had we not stopped them when we did."
A court heard how Trstena, 45, would ferry fake candidates to test centres around the country while claiming to be their driving instructor.
One member of the gang, Musa Matluma, aged 34, from Macedonia, was arrested in June 2014 while caught fraudulently sitting a theory test.
A 42-year-old British bus driver, Colin Julian, and Trstena were then arrested at their homes the following month after fraudulently taking practical driving tests at a centre in Kettering. The final member of the gang, Petkov, 31, handed himself in to Leytonstone Police Station on the same day.
The group was sentenced at Blackfriars Crown Court on Friday (12 August).
Searches by National Crime Agency (NCA) and Met Police officers had found the gang to be in possession of a large number of provisional licences and theory test booking documents.
The find led to seven provisional licence holders also being prosecuted, with detectives saying their main motive for not wanting to take the tests was difficulty reading or speaking English. They were given between four and eight-month prison sentences, except one defendant who was handed a suspended sentence.
Andy Rice, head of Counter-Fraud and Investigations at the Driver and Vehicle Standards Agency (DVSA), said: "Although instances of impersonation fraud are rare in relation to over 3m theory and practical driving tests which are taken each year, DVSA continues to take them seriously, and work closely with the police and NCA to bring offenders to justice.
"Impersonators taking tests on behalf of others allow untested and unqualified drivers onto our roads. These unqualified individuals pose a real risk to other road users and pedestrians as they have never been tested to ensure that they meet the minimum standards for driving and are unsafe."
"This sentence sends out a clear message that those who put road users and the public at risk by cheating the driving test process, will be pursued and prosecuted."

Impersonators convicted

Dzemail Trstena (Belgium)
Address: Hainault, Ilford, Redbridge
Sentenced to 15 months in prison for conspiring to commit fraud by false representation.

Emil Petkov, 31 (Bulgaria)
Address: Wanstead, London
Sentenced to 12 months in prison for conspiring to commit fraud by false representation.

Colin Julian, 42 (UK)
Address: Holloway, London
Sentenced to 9 months in prison for conspiring to commit fraud by false representation.

Musa Matluma, 34 (Macedonia)
Address: Battersea, London
Sentenced to eight months in prison for conspiring to commit fraud by false representation.

Provisional licence holders convicted

Pershaw Yawar Saeed, 22 (Iraq)
Address: Enfield, London
Given a four month sentence suspended for 12 months for conspiring to commit fraud by false representation.

Pajtim Demaj, 30 (Kosovo)
Address: Palmers Green, London
Sentenced to four months in prison for conspiring to commit fraud by false representation.

Gentian Mamica, 36 (Kosovo)
Address: Corby, Northamptonshire
Sentenced to four months in prison for conspiring to commit fraud by false representation.

Petrica Mazilu, 51
Address: Cranbrook, Ilford
Sentenced to four months in prison for conspiring to commit fraud by false representation.

Yasar Kaygun, 44
Address: Morecambe, Lancashire
Sentenced to eight months in prison for conspiring to commit fraud by false representation.

Cornel Mihai, 31
Address: Edgeware, London
Sentenced to eight months in prison for conspiring to commit fraud by false representation

Flamir Kortoci, 33
Address: Ilford, Redbridge
Sentenced to four and a half months in prison for conspiring to commit fraud by false representation.

(1st September 2016)


"ZOMBIE KNIVES" BAN TO COME INTO FORCE
(BBC News, dated 15th August 2016)

Full article [Option 1]: www.bbc.co.uk/news/uk-37080682

A ban on the sale of so-called "zombie knives" is set to come into force in England and Wales later this week.
Inspired by horror films, the curved blades with serrated edges are often sold as collectors' items, but police say they are increasingly being carried by criminals.
Last year a north London teenager was killed with one of the weapons.
Safeguarding minister Sarah Newton said the ban would "keep communities safe".
Sold under brand names like "head splitter" and "zombie killer", the weapons can be bought on the internet for as little as £8.
Product descriptions suggest they are for use in horror-film situations like "defending oneself from the undead", or as part of an "apocalypse kit".
The new legislation, banning the sale, manufacture, rental or importation of zombie knives will take effect on Thursday. Anyone caught breaking the law will face up to four years in prison.
In April, 17-year-old Blaise Lewinson was convicted of manslaughter after stabbing teenager Stefan Appleton to death with a zombie knife in Islington, north London.

Following the conviction the Metropolitan Police issued guidance about "zombie" knives:

- There is no specific shape or style, but they are very ornate and intended to shock
- In varying lengths and often with a serrated edge, the knives carry logos or words that glamorise and promote violence
- They can cause greater damage due to their size
- They are being sold as collectors' items online and in some shops

Ms Newton said "zombie killer knives" glamorise violence, cause devastating damage and have "no place whatsoever in our society".
Alf Hitchcock, lead on knife crime at the National Police Chiefs' Council, said police were pleased that legislation had been introduced "early" to tackle the "growing problem" of zombie knives.
He said the "vast majority" of knife crimes involved kitchen knives, but zombie knives had "suddenly become very popular as a sign of bravado in gangs".
"In weapons sweeps we've been finding these weapons on the street, hidden in places for use," he said.
"When we've seen gang videos being uploaded on to the internet they've been bragging about having these knives."
Yvonne Lawson, whose son Godwin was stabbed to death in north London in 2010, welcomed the ban.
Her son was not killed with a zombie knife, but she said she was "terrified" when she first saw one, and said young people could "easily" buy them online.

'Responsible sale'

Morris Bright, of the Local Government Association, said the ban would "help reduce the number of lethal blades in society and stop online retailers unwittingly fuelling criminal activity".
"An industry-backed code of practice on the naming, promotion and packaging of all knives also needs to be created - similar to that of the alcoholic drinks industry - which would promote their responsible sale," he added.
Carrying a knife in public without good reason is already illegal across the UK.
The legal change in England and Wales will outlaw selling, manufacturing, renting or importing zombie knives.
In Northern Ireland, Justice Minister Claire Sugden has said action is being taken to ban zombie knives.
A Scottish government spokeswoman said: "While we are not aware of any specific incidents in Scotland of 'zombie knives' being carried or used, we do keep the law in relation to knives under review and will consider carefully whether further steps are necessary in this area."
She said zombie knives were covered by existing laws on possessing weapons in public and restrictions on selling "any knife in such a way which suggests it can be used in combat or violent behaviour".

Knife crime statistics

There has been a 12% decrease in crimes involving knives in the last five years, according to police figures for England and Wales.
However, police recorded 28,664 such offences in 2015-16 - a 10% rise on the previous 12 months.
There were 214 suspected homicides in England and Wales where a knife or sharp instrument was used in 2015-16. The number of deaths has varied between 187 and 237 in the past five years.

Crime in England and Wales: year ending Mar 2016 :

(1st September 2016)


ACCOUNTANCY SOFTWARE FIRM SAGE BREACHED IN APPARENT INSIDER ATTACK
(The Register, dated 15th August 2016 author Richard Chirgin)

Full article [Option 1]:

Accounting software outfit Sage Group has been hit by a data breach affecting between 200 and 300 of its customers.
The company told Reuters the breach was a misuse of an employee login. This post by Richard De Vere at "The AntiSocial Engineer" claims an employee was behind the breach.
Sage says it doesn't know how much data leaked, if any, or if whoever logged in just had a look around.
De Vere's post says most customers were notified with a phone call, warning them to watch out for suspicious activity on their accounts.
The breach may have let attackers get access to employee information from Sage's customers, including bank account details and salary information, according to the Financial Times.
The company has been moving its business from license sales to subscriptions and the cloud, with only moderate success in the latter.
Sage isn't clear exactly when the breach happened, beyond saying it was in "the last few weeks". It's called in the police and the UK's Information Commissioner's Office which enforces the Data Protection Act.
-----------------------

SAGE EMPLOYEE ARRESTED AT HEATHROW AIRPORT FOR "INSIDER THREAT" DATA BREACH
(International Business Times, dated 18th August 2016 author Jason Murdock)

Full article [Option 1]:

Police in the City of London have arrested an employee of UK technology firm Sage in connection with an ongoing investigation into a recent data breach believed to have impacted between 200 and 300 of its customers.
The arrest of the 32-year-old woman, who remains unnamed at the time of writing, comes only days after the finance and accounting software firm admitted it had suffered "unauthorised access" on its computer systems that left data at risk.
The suspect was apprehended at Heathrow Airport on suspicion of conspiracy to defraud, police confirmed to the BBC, adding the arrest was a result of its data breach probe. The woman has since been released on bail.
Sage, a software company based in Newcastle, previously said it had informed all businesses that were impacted by the breach - which reportedly took place after the employee used an internal login credential to access a large amount of customer data without permission.
At the time of the incident, Sage, which provides accounting and payroll services in 23 countries globally, did not specify what data was accessed. However, one person close to the situation, who spoke anonymously, told the Financial Times the employees' details were used to access to data on "between 200 and 300 companies."
"We continue to work closely with the authorities to investigate the situation," the firm said in an updated statement on its UK website. It added: "Our customers are always our first priority so we continue to communicate directly with those who may be affected and give guidance on measures they can take to protect their security."
Following the breach, shares in Sage fell as much as 4%, however they have since re-balanced.
Commenting on the incident, Johnathan Sander, vice president of product strategy at Lieberman Software, said: "The breach is a reminder that despite all the headlines about bad guys trying to break in there is an ever-present danger from within, too.
"Often firms spend tons of money protecting against outsiders getting in, but fall into the 'we trust our people' tap when it comes to insider threat. The trouble with trusting staff is that they're likely worthy of that trust until the moment they become disgruntled - and there's no way to see that moment happen."

(1st September 2016)


MET TO LAUNCH £1.7M TROLL-HUNTER SQUAD AFTER STEEP RISE IN ONLINE THREATS AND ABUSE
(The Telegraph, dated 14th August 2016 author Nicola Harley

Full article [Option 1]:

Scotland Yard has created a new unit to police Facebook and Twitter by investigating offensive comments.
A team of volunteers will search out material they deem inappropriate on social networks and report it to the unit. The allegations will then be investigated and the culprits prosecuted, if caught.
Dubbed the "Twitter squad", the unit is costing the Metropolitan Police £1.7 million to create and will be staffed by five detectives. The Home Office is also said to be pouring £452,756 into the Online Hate Crime Hub, which is due to run for two years.
It comes after a number of incidents of online trolls making racist and sexual threats. In 2014, a troll threatened to rape Stella Creasy, MP for Walthamstow, and branded her a "witch", after she supported a campaign for author Jane Austen to become the new face of the £10 bank note. Peter Nunn, 33, from Bristol, was jailed for 18 weeks after he retweeted the "menacing" posts.
In the same year, Robert Riley, from Port Talbot, was jailed after he made comments about the fatal stabbing of Leeds teacher Ann Maguire claiming he would have killed all the teachers at her school.
However, civil liberties campaigners have raised fears that the new unit could stop people expressing opinions for fear of arrest. It follows cases where people have faced court action after making light-hearted statements.
In 2010 Paul Chambers was taken to court and fined after posting a tweet joking he would blow up an airport if it was closed by snowfall. The conviction was quashed two years later Tim Farron, the Liberal Democrat leader, told the Mail on Sunday: "Online bullying is an increasingly serious problem but police should not be proactively seeking cases like these and turning themselves into chatroom moderators. With such measures, even if well intentioned, there is a real danger of undermining our very precious freedom of speech".
Andrew Allison, from the Freedom Association libertarian group, added: "There's a risk of online vigilantism, where people who are offended by the least thing will have a licence to report it to the police."
The paper says Twitter and Facebook will be asked to help fund a "community" element to the unit, in which volunteers "skilled in the use of social media" will "identify, report and challenge online hate material", it reports. The detectives' role will be "identifying the location of the crime" when online abuse is reported, and refer it to "the appropriate force area and social media providers".
It follows a 42 per cent rise in reports of hate crimes in the wake of the EU referendum.
An offence of malicious communication carries a prison sentence of up to two years.
Last month serial offender John Nimmo was told he faces jail for telling Jewish MP Luciana Berger she would be killed like her fellow Labour MP Jo Cox.

(1st September 2016)


ELECTION FRAUD REPORT CALLS FOR STRINGENT ID CHECKS

(The Guardian, dated 12th August 2016 author Heather Stewart)

Full article [Option 1]:

Voters could face more stringent identity checks and police cordons around polling stations, as part of a crackdown on electoral fraud recommended by Eric Pickles in a government-commissioned report.
The former communities secretary was asked by David Cameron last year to examine how safeguards could be toughened up, after revelations of electoral malpractice in Tower Hamlets, east London, led to the removal of the mayor, Lutfur Rahman.
In his report, presented to Theresa May, who has retained him as "anti-corruption champion", Pickles warns that unless the government makes it harder to fiddle the system, Britain's reputation for democracy could be undermined.
"Our nation has a proud heritage as the 'mother of parliaments', yet the worrying and covert spread of electoral fraud and state of denial by some bodies threatens that good reputation. It is time to take action to take on the electoral crooks and defend Britain's free and fair elections."
As communities secretary, Pickles sent commissioners into Tower Hamlets when the allegations of fraud emerged. His report makes 50 recommendations, including calling for pilot schemes under which voters would be asked to bring identification with them to polling stations.
"A driving licence, passport or utility bills would not seem unreasonable to establish identity. The government may wish to pilot different methods. But the present system is unsatisfactory; perfection must not get in the way of a practical solution," it says.
With intimidation of the public on their way to cast their votes one of the issues identified in Tower Hamlets, Pickles also says returning officers, who oversee elections, and the police, should be given powers to establish cordons sanitaires around polling stations where particular problems are identified.
He argues that rules on the use of postal votes, which have previously been identified as ripe for fraud, should be toughened up - with party activists no longer allowed to handle them, for example, and an end to the possibility of applying for a permanent postal vote.
Rahman was found guilty of multiple charges of corruption and kicked out of office last year. He and his allies were found to have used vote-rigging and religious intimidation through local imams to return him to power.
Backers of the Bangladeshi-born Rahman initially dismissed the claims against him as racism; and Pickles says in future, concerns about damaging community relations must not be an excuse for failing to investigate allegations of fraud.
"There are sometimes challenging issues over divisive community politics, but this is no excuse for failing to enforce British law and protect the integrity of our democratic process. The law must be applied equally and fairly to everyone," he said.
The report cites evidence that pressure was put on vulnerable members of some minority ethnic communities to vote in accordance with the will of elders. "There were concerns that influence and intimidation within households may not be reported, and that state institutions had turned a blind eye to such behaviour because of 'politically correct' over-sensitivities about ethnicity and religion," it says.
Pickles would like to see the National Crime Agency, which looks at organised crime, be given a remit to examine complex cases of electoral fraud.
The report also condemns the Electoral Commission, the government-backed body that scrutinises polls, for straying beyond its remit. "The Electoral Commission continues to act as a commentator and lobbyist on both policy and law. Yet government should not be lobbying government. It would be clearer for electoral law and electoral policy to be determined by the Cabinet Office, subject to parliamentary scrutiny and approval."

(1st September 2016)


TOP ST JOHNS AMBULANCE STAFF TRIED TO DISTANCE THEMSELVES FROM ABUSE CASE
(The Telegraph, dated 11th August 2016 author John Bingham)

The St John Ambulance service has apologised after it emerged that senior figures tried to distance themselves from dealing with allegations of abuse of young volunteers in the 1990s.
Legal papers from the case of one former cadet who was sexually abused by a leader in the north of England show how senior figures asked not to be involved in dealing with the fallout.
One memo seen by the Telegraph shows how officials openly discussed fears that any involvement by the organisation's headquarters in handling media inquiries about the case might "insinuate" the organisation had a "serious problem".
The leader in question, a local superintendent, was jailed in the late 1990s after admitting sex offences against two boys in his group.
But the papers reveal that senior staff knew at the time of the suspicions that there could have been up to 10 victims.
Details of their strategy emerged in legal papers disclosed to one of the two victims, now in his mid-30s, who was of primary school age when the abuse began.
He has received an out-of-court settlement from the organisation for failing in its duty of care.
The current chief executive, Sue Killen, wrote a carefully worded apology for the handling of his case.
She expressed "deep regret" about the abuse he had "reported suffering" and apologised "that you feel this was inappropriately dealt with".
Documents disclosed as part of the case include a memo written when the abuser was first arrested.
It reads: "Spoke twice, faxed through guidelines and draft statement. Commander has expressed view that NHQ [National Headquarters] should not be involved as it may insinuate that there is a serious problem (!)
"I stated that in view of the current climate …NHQ must be involved. I also said this needn't involve anything more than being informed of media inquiries as and when they occur and overseeing the preparation of media statements."
A further memo dated a few days earlier, before the arrest, notes: "Telephone call with further details on case.
"Could now involve up to 10 cadets from the division."
The man, who cannot be identified, described the apology as a "cop out" and a "face-saving exercise".
He acknowledged that the size of the charity could have made it more difficult to deal with the case he brought as an adult quickly and more effectively.
"But that doesn't negate the fact that they've got a moral responsibility when things go wrong to say 'sorry' and 'how can we put it right?'," he said.
"That shouldn't take two years of lawyers and an out of court settlement.
"It's a cop out and it's still a face saving exercise."
His lawyer, Thomas Beale, a senior associate at AO Advocates, said: "Given that the primary function of St John Ambulance is to care for others it is alarming that they failed so egregiously to safeguard their own young cadets."
A spokesman for St John Ambulance said: "We have expressed our sincere regret to the victim regarding the abuse that he suffered.
"We also regret that he feels we did not support him appropriately at the time and for that we can only apologise.
"Processes in the past did not always involve escalating issues to our national headquarters, as individual counties were run separately and autonomously by their own commanders."

(1st September 2016)


TWO ARRESTS OVER PLOT TO SELL HEATROW AIRPORT SECURITY PASSES

(London Evening Standard, dated 10th August 2016 author Hatty Collier)

Full article [Option 1]:

Two women have been arrested by Scotland Yard detectives over an alleged scam involving airside security passes at Heathrow.
The two women, aged 20 and 24, are both thought to work at the airport and were held after police investigating fraud uncovered the suspected misuse of the passes.
Scotland Yard declined to give further details but Heathrow said that it had taken "appropriate action".
The Department of Transport said that it was also "aware of this issue" and that airport security was kept constantly under review to protect the public.
The incident, revealed by Sky News, is not thought to involve the illegal sale or cloning of passes, but will inevitably raise concerns that any weaknesses could be exploited by terrorists or other criminals.
The alleged scam was discovered after a fraud investigation was launched at the airport two weeks ago. The two women were arrested on suspicion of fraud and money laundering.
Airside passes are issued to many of Heathrow's 70,000 workers and can give access to areas of the airport where luggage and cargo is loaded onto planes as well as other sensitive security areas.
Those given the passes are forced to undergo strict vetting and include flight crews, shop and restaurant staff, baggage handlers and those working with cargo or in aircraft hangers.
Scotland Yard confirmed the arrests and said that the two women had been released on bail until November.
A spokesman added: "They have been arrested in relation to an allegation that money has been fraudulently taken from a bank account. Other matters have come to light during the enquiries and form part of the ongoing investigation."
Heathrow said it was unable to comment on the specifics but had taken "appropriate action" while the police probe continued.
The Department for Transport said: "We are aware of this issue. Safety and security of passengers is our priority
"We keep aviation security under constant review, but as this matter is the subject of an ongoing police investigation we are unable to comment further at this time."

-----------------------

300 HEATHROW STAFF HAVE PASSES SUSPENDED AMID SECURITY SCAM PROBE
(London Evening Standard, dated 11th August 2016 author Hannah Al-Othman)

Full article [Option 1]:

Scotland Yard has launched an investigation into a scam involving airside security passes at Healthrow Airport.
Three hundred staff working for Sodexo, which supplies airline lounge services have had their passes suspended, Sky News reports.
Those affected as said to mostly work as cleaners or caterers.
The police investigation was launched following the arrest of two women at the airport over alleged fraud.
The pair, who are aged 20 and 24 and from Surrey, were held on suspicion of money laundering and fraud on August 3 after money was taken from a bank account.
The bank account involved belongs to a private individual rather than a business, police said.
It is understood that the fraud investigation then triggered an inquiry into airside passes.
Scotland Yard stressed that there is no counter-terrorism link and that there is no evidence that staff airside passes have been sold.
A Metropolitan Police spokesman said: "Officers from the Met's Aviation Policing Command are investigating an allegation of fraud, reported to them on July 28.
"Detectives arrested two women from Surrey, aged 24 and 20, on suspicion of fraud and money laundering on August 3.
"They have been arrested in relation to an allegation that money has been fraudulently taken from a bank account.
"Other matters have come to light during the inquiries and form part of the ongoing investigation."
Scotland Yard said the women have been released on bail until late November.
A spokesman for Heathrow Airport said: "Our top priority is the security and safety of our passengers and colleagues and we have taken appropriate action until the investigation is completed."

(1st September 2016)


THAILAND - FOREIGN TOURISTS MAY SOON BE REQUIRED TO USE LOCATION TRACKING SIM CARDS IN MOBILE PHONES
(International Business Times, dated 9th August 2016 author Rachel Middleton)

Full article [Option 1]:

Thailand is considering forcing all foreign tourists to have location-tracking SIM cards on their mobile phones in a move to crack down on over stayers and those who commit crimes. The country's National Broadcasting and Telecommunications Commission (NBTC) has, in principle, approved the requirement that foreigners use the special SIM cards to ensure that they can be tracked by the authorities.

Takorn Tantasith, the Secretary General of the NBTC, said that the move was in the interest of national security, according to a report by the Bangkok Post. The commission will discuss the proposal with mobile phone operators, the Customs Department and other related state agencies, including tour operators, tourism authorities and the police.
Takorn explained that mobile operators can preset some technical features on SIM cards to ensure that the users can be located at all times. The feature would not be able be turned off by the mobile phone user, he also said.

At a news conference in Bangkok on Tuesday 9 August, Takorn said: "It is not to limit tourists' rights. Instead it is to locate them which will help if there are some tourists who overstay or run away [from the police]."
AFP noted that there were little details given. Takorn did not say if tourists would have to buy the SIM cards or if they would be issued free of charge. He did not give details about the plan's cost or when it will be implemented.

The Ministry of Social Development and Human Security is also backing the plan. Its official spokesman, Pongsathorn Chansri, said: "It will be helpful if any foreigner comes and commit crimes because in the past they have been able to flee or it can be difficult to find them."
Foreigners working in Thailand would be spared the new requirement as they would have already registered their details with the authorities in line with existing laws. Around 32 million foreign tourists are expected to descent in Thailand in 2016. The tourism industry accounts for one-tenth of the country's economy.

(1st September 2016)


POLICE FAIL TO SOLVE NEARLY A QUARTER OF KILLINGS
(Daily Mail, dated 7th August 2016 author Keiligh Baker)

Full article [Option 1]:

Police forces in England and Wales have failed to solve almost a quarter of all killings and have nearly 1,600 unsolved cases on their books, an investigation has found.
An investigation by The Sunday Times found there are currently 1,583 unsolved cases - most of them 'cold cases' where no one has even been brought to justice.
While the UK population has risen, the number of homicides in England and Wales has been steadily falling since 2002.
But despite huge technological advances in forensic science the number of unsolved murder cases has risen from 13 per cent in 1995 to 1996 to 23 per cent in 2014 to 2015 - leading some to suggest that government cuts to police budgets could be to blame.
Data from the Home Office homicide index shows more than 17 per cent of killings from the past 20 years have not resulted in a conviction.
The Home Office Homicide Index also showed there were 518 homicides - consisting of murder, manslaughter and infanticide - in the year ending March 2015 in England and Wales - the lowest since 1983.
Of the 518 homicides in that year, 99 cases remain unsolved and no one has been convicted of them.
Among the most high profile homicide cases which remain unsolved in the UK today are the 1999 shooting of TV presenter Jill Dando, the 1978 disappearance of Genette Tate and the 1997 murder of Billie-Jo Jenkins.
Former detective Mark Williams-Thomas told The Sunday Times: 'No police force wants to have unsolved murders, but sadly with the ever increasing reductions to policing staff this does impact on the quality and time that can be given to some cases.'
The figures were revealed after a possible breakthrough in a 40-year-old murder case.
Police have launched a renewed appeal to solve the murder of a 'sweet-natured' nurse 40 years ago after obtaining the killer's DNA profile.
Mother-of-one Susan Donoghue, 44, was sexually assaulted and battered to death in her basement flat in Sneyd Park, Bristol, on August 5, 1976.
She had taken the night off from work at a psychiatric hospital because of a cold and was found dead in her bed by her fiance when he returned to the flat at 7.15am.
Ms Donoghue, who was described as 'sweet and considerate', was bludgeoned with a truncheon.
The bloodied weapon was found at the scene together with a pair of gloves.
There was also a footprint on the inside sill of a half-opened window in the room next to her bedroom.
A major investigation was launched involving more than 80 officers and lasting over a year. Several men were arrested but eliminated.
In 1995 there was a review of the case and DNA from semen recovered at the scene was put on the National DNA Database but there was no match.
A further review in 1997/98 also drew a blank and there was a mass screening of potential suspects identified from the original investigation.
In 2005 the DNA profile was upgraded thanks to advances in technology. Familial DNA screening was carried out and again in 2009 but still without a hit.
But last week detectives announced that due to advances in DNA technology they now have a full DNA profile of the offender - and are confident of getting their man.
DCI Julie MacKay, who led the cold case team which recently cracked the 1984 murder of Melanie Road in nearby Bath, is heading up the investigation.
She said: 'As we saw with the Melanie Road case, the passage of time since a murder is no longer an obstacle in securing justice for these victims.
'The technology used in DNA forensics has come a long way since Susan was murdered and we now have a full DNA profile of the man who sexually abused and murdered her.
'Similarly to the Melanie Road murder investigation, the key to solving this horrific crime is in the painstaking and methodical work my team is undertaking to make sure all the information we have is on the right systems.'
She added: 'I am convinced that someone out there has information on what happened that August night in 1976.
'I would appeal directly to them, or the killer himself, to come forward now and bring an end to the 40 years of heartache Susan's family and friends have had to endure.
'Susan was a well-liked and respected woman who was brutally murdered in her own home and I am determined to bring her killer to justice.'
Anyone with information is asked to call 101 now and quote Operation Radar. Alternatively, information can be left anonymously with Crimestoppers on 0800 555 111.

-----------------------------------------------
ARTICLE FROM 9 YEARS AGO, UNDER A LABOUR REGIME
-----------------------------------------------

RATE OF UNSOLVED MURDERS DOUBLE IN A DECADE
(The Telegraph, dated 2nd September 2007 author Tom Harper)

Full article [Option 1]:

Unsolved murders have doubled over the past decade, raising fears that police and courts are unable to tackle violent crime.
Last year, an average of one murder a week was committed only to remain unsolved. In 1997, the number was almost one a fortnight.
There have been 564 unsolved murders across the country in the past 10 years, with the majority occurring in urban areas The Metropolitan Police Force area covering London accounts for 269. Greater Manchester Police is next with 41 unsolved murders, followed by the West Midlands with 30 and West Yorkshire with 20.
Alan Gordon, the vice-chairman of the Police Federation said: "These figures are very disturbing and bring into question the amount of police resources being directed at serious crime. With the advances in forensics, I would have thought that the police service would have an improved rate and this is a matter of concern. The service needs to take stock and find out why there has been this failure."
David Davis, the shadow home secretary, said: "This is a direct outcome of police being overwhelmed with red tape, bureaucracy and government targets that distract officers from protecting the public."
Under the Freedom of Information Act, The Sunday Telegraph requested the number of unsolved murders year-on-year from all 43 police forces in England and Wales.
Extrapolating the data of the 38 forces that responded to cover the whole country, it means that 564 murders over the past decade remain unsolved. Merseyside Police Force was the only major metropolitan force to withhold the figures.
In 1997, there were 30 unsolved murders but by last year, the number had almost doubled to 52.
London, while having the highest population in the country, also had the greatest proportion of unsolved murders, with one for every 28,000 people. The next largest totals over the decade were in Greater Manchester, West Midlands and West Yorkshire, followed by Surrey and the Thames Valley.
But when the population of each force is taken into account, some of the rural squads, who traditionally enjoy lower rates of crime, also feature prominently in the league table.
Norfolk Constabulary, which polices just over 500,000 people, had seven unsolved murders over the past decade, giving a rate of one per 72,217. Gloucestershire, which polices fewer than 600,000 people, has also suffered seven, giving a rate of one per 81,827. West Mercia, Staffordshire, Bedfordshire, Dyfed-Powys, Gwent, Humberside and South Wales all claim to have solved every murder in their area in the past decade.
Richard Garside, director of the Centre for Crime and Justice Studies at King's College London, said: "These figures suggest the rate of unsolved murders has risen quicker than the number of murders, raising important questions about the police and courts' ability to deal with serious violent crime. But they can only deal with murders after the event - the challenge is to the government to implement policies that reduce the likelihood of a murder being committed."
Norman Brennan, director of the Victims of Crime Trust, said: "One unsolved murder over any period of time is unacceptable. To discover one is happening every week is deeply worrying."

------------------------
uaware information - Further articles

Police fail to solve three in four crimes
(The Telegraph, dated 21st July 2012 author Tom Whitehead)
Full article [Option 1]:
---------------------
---------------------

(1st September 2016)


INSURER WON'T PAY

(The Sunday Times Magazine, Car Clinic, dated 7th August 2016 author Nick Freeman)
www.thetimes.co.uk [Option 1]

Question from a reader (SD, London) : My car was hit by a driver who admits responsibility but says he "blacked out". His insurer won't pay and is checking for an undisclosed health problem, which would make the policy void. What can I do ?

Response : Issue proceedings against three defendent's : the driver, the insurer and the Motor Insurers' Bureau (mib.org.uk). The driver is likely to be found liable. You can then claim against the insurer.
If the insurer succeeds in arguing the policy is void, damages can be claimed against the driver. If he cannot afford to pay in full, the MIB will meet the shortfall. All car premiums include a payment to the MIB to enable it to settle claims against uninsured drivers.

(1st September 2016)


NEW MET POLICE FIGURES REVEAL THE SCALE OF DOGNAPPING IN LONDON
(London Evening Standard, dated 6th August 2016 author Hannah Al-Othman)

Full article [Option 1]:

More than 200 pet dogs were stolen across London last year, new figures from Scotland Yard have revealed.
The figures, which are the latest available and cover January 2015 to April 2016, have exposed the extent of dognapping in the capital, with 276 hounds taken overall.
The data shows that by far the most popular breed for dognappers is a Staffordshire Bull Terrier, with 54 of them pinched across the capital, as well as 35 Staffie cross breeds, making up a third of dog thefts in total.
Chihuahuas were the second most popular choice for dog thieves, with 27 taken from across London.
Yorkshire Terriers and Jack Russels also proved popular with criminals, with 19 and 12 taken respectively.
The London borough with the most dog thefts was Wandsworth, where 18 were taken, while Harrow had the least, with just two.
In some cases several dogs were stolen at once, including six chihuahuas that were taken in Richmond upon Thames, and three English bulldgs that were stolen from Brent.
Stolen pets are often sold on on the black market.
There have been several dog thefts in the capital in recent weeks, including an incident in Streaham where four animals were allegedly stolen when a dog walker's van was driven off.
Angela Norton, owner of Complete Pet Care, had parked the vehicle outside an owner's house on Glennie Road on July 13 when a thief allegedly drove off with the van with five dogs inside, before dumping the male dog in Sydenham.
Tracie McGrory, Pet Bereavement Support Manager at Blue Cross said: "A pet is an integral part of so many families who are absolutely devastated if they are stolen.
"Not only are they missing their pet they are also desperately worried about what is happening to them."
The charity has offered a number of tips for protecting pets including thinking twice before leaving a dog alone in the car or tied outside a shop; taking clear photographs of your pet from different angles to help prove ownership if needed; training your dog to come back to you when called; being wary of strangers asking questions about a dog; and ensuring pets are micro-chipped.
Becky Thwaites, Blue Cross Public Affairs Officer, added: "The effect of having your pet stolen can be absolutely devastating for owners.
"This is why we want the Government to do more to deal with this increasing problem.
"Penalties need to be tougher for those committing these crimes to act as deterrent to others.
"We also believe that police forces need to ensure they deal with these cases in a sensitive manner and highlight where owners can go for further support."
An RSPCA spokewoman added: "We would strongly urge pet owners to ensure their animals are micro-chipped and the details on the log are kept up-to-date so that if in the sad event that their pet is stolen then there is a higher chance they can be reunited."

(1st September 2016)


O2 HANDS OUT FREE WINDOWS VIRUS WITH USB PEN
(The Register, dated 8th August 2016 author Kat Hall)

Full article [Option 1]:

www.theregister.co.uk/2016/08/08/o2_sent_customers_a_windows_virus_on_usb_pens/

A marketing campaign by O2 that sent customers USB-embedded pens backfired last week - after it transpired a number of devices contained a "Windows-specific virus."

The UK cellphone network sent out the USB pens to its business customers followed by a marketing email encouraging them to download a free eBook. That was then followed by another email warning that the USB drive inside the pen contained malware.

The email titled "Urgent: Information about potential virus" warned that some of the promotional USB embedded pens had a Windows-specific virus, that "may not be picked up by out-of-date Anti-Virus software."

The message, seen by The Register, warned that for anyone using their computer as a web server, the virus would also attack anyone who visits their website.

"The virus has the ability to install new programs onto your system including updated versions of itself and programs that might grant the virus's author remote control over your computer."

The mobile network said the majority of the USBs were not infected and blamed the gaffe on a supplier issue, adding it had "notified the relevant organisations."

"If you have already and your antivirus has flagged a risk, please follow the instructions your antivirus software gives you and then remove and dispose of the USB," said the email.

The virus infects program files and web files on computers running the following systems: Windows 2000, Windows 95, Windows 98, Windows ME, Windows NT,Windows Server 2003, Windows Vista, Windows XP.

An O2 spokesman said the business had contacted all customers who received the USB and advised them to discard it.

He said: "For any customers that have already used the USB or are concerned, we have a specialist team on hand to support them and guide them through any action they may need to take. We apologise for any inconvenience."

(11th August 2016)


FORGET CARD SKIMMERS - ATM CHIP-CARD SHIMMERS WILL BE YOUR NEXT NIGHTMARE
(The Register, dated 3rd August 2016 author Iain Thomson)

Full article [Option 1]:

www.theregister.co.uk/2016/08/03/card_shimmers_wave_of_the_future/

America's belated move to EMV (Europay, MasterCard and Visa) chip-equipped cards won't be the panacea some had hoped. As it turns out, the cards are just as easy to clone as their magnetic stripe predecessors.

At the Black Hat 2016 security conference in Las Vegas this week, engineers from Rapid7 demonstrated how a few small pieces of electronics could be used to stage a man-in-the-middle attack against an ATM.

The shimmer device is so named because it is inserted in the card slot like a shim, and it then takes a snapshot of the transaction data as a request for cash is processed.

Tod Beardsley, security research manager at Rapid7, told The Register that the equipment needed was tiny - it's basically RaspBerry-Pi-powered - and could be installed quickly without access to the internals of the cash machine. The PIN typed into the keypad is obtained via a passive man-in-the-middle attack - all the technical details are in the presentation's slides, here [PDF].

Once retrieved, he was able to use the information to set up fraudulent accounts and potentially start siphoning money.

Shimming systems have already started cropping up, particularly in areas of South America where tourists congregate, he said. With the introduction of chipped cards in the US you can expect shimmers to spread north, and he predicted that petrol pump card readers would be a likely target, since they are easily accessible and in frequent use.

The move to chipped cards isn't all gloom and doom, however. Data stolen from a magstripe card is easy to sell online and reuse on cloned cards for long periods after it's stolen. With chip cards, the window of opportunity to sell the information is much smaller. Beardsley said that banks had gotten much better at spotting likely cases of fraud using the technique, and blocking access to accounts.

Rapid7 has contacted vendors of ATMs to tell them about the research, and praised the pioneering work of the late Barnaby Jack for making this possible without lawsuit threats. Jack's ATM hacking nearly got him arrested, but these days manufacturers recognize that white-hat hackers can do them a lot of good.

(11th August 2016)


MASTERCARD ARMOURS ITS CONTACTLESS CARDS AGAINST RELAY ATTACKS
(The Register, dated 4th August 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/08/04/contactless_cards_relay_attack_mastercard/

Elements of the payment card industry have introduced a new contactless payment card security feature, designed to defend against relay attacks.

Relay attacks were first demonstrated nine years ago by a team of computer scientists Saar Drimer and Steven Murdoch.

The pair also suggested how the security flaw can be mitigated using a technique called distance bounding). Mastercard has taken up this defence, meaning its cards (at least) are protected.

"Finally the banks are now implementing this defence, though only for contactless cards (as they are more vulnerable than the contact Chip and PIN cards that were available in 2007), and so far only for MasterCard cards," Murdoch told El Reg.

Murdoch says that although the relay attack is real it's unclear whether or not fraud based on the security weakness has actually taken place.

"I'm not aware of any confirmed cases, other than academic experiments. However, unless this were a widespread fraud, I don't think I would have heard about it even if it had happened," Murdoch explained.

"There have been bank customers who have come to me or colleagues to say that they have been refused a refund for a Chip and PIN transaction that they said did not take place. In some of these cases it might have been a relay attack, but in almost every case it is never established what happened."

"The banks have taken the position that a relay attack is unlikely and since the decision of whether a bank refunds the customer is based on the most likely explanation, the bank always presents another scenario as being the most likely (normally customer negligence)," he added.

Murdoch only found out that MasterCard had moved to defend against the relay attack because he regularly looks at the EMVCo specifications and noticed this change.

"While the new feature is far from a secret, I don't think MasterCard are drawing attention to it," he explained. "Now that the MasterCard specification is out I am sure the other card schemes have considered what they will do, but I have no indication of a decision."

The security researcher has put together an article on Mastercard's move and relay attacks more generally for the University College London information security group's Bentham's Gaze blog, which can be found here.

(11th August 2016)


BBC TO DEPLOY DETECTION VANS TO SNOOP ON INTERNET USERS
(The Telegraph, dated 6th August 2016 author Patrick Foster)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/08/05/bbc-to-deploy-detection-vans-to-snoop-on-internet-users/

The BBC is to spy on internet users in their homes by deploying a new generation of Wi-Fi detection vans to identify those illicitly watching its programmes online.

The Telegraph can disclose that from next month, the BBC vans will fan out across the country capturing information from private Wi-Fi networks in homes to "sniff out" those who have not paid the licence fee.

The corporation has been given legal dispensation to use the new technology, which is typically only available to crime-fighting agencies, to enforce the new requirement that people watching BBC programmes via the iPlayer must have a TV licence.

The disclosure will lead to fears about invasion of privacy and follows years of concern over the heavy-handed approach of the BBC towards those suspected of not paying the licence fee. However, the BBC insists that its inspectors will not be able to spy on other internet browsing habits of viewers.

The existence of the new strategy emerged in a report carried out by the National Audit Office (NAO).

It shows that TV Licensing, the corporation's licence-fee collection arm, has developed techniques to track those watching television on laptops, tablets, and mobile phones.

The disclosure of the controversial new snooping technique will lay to rest the persistent claims that detector vans are no more than an urban myth designed to intimidate the public into paying the licence fee.

Sir Amyas Morse, the comptroller and auditor general of the NAO, writes in the report: "Detection vans can identify viewing on a non-TV device in the same way that they can detect viewing on a television set.

"BBC staff were able to demonstrate this to my staff in controlled conditions sufficient for us to be confident that they could detect viewing on a range of non-TV devices."

Currently, anyone who watches or records live programming - online or on television - needs to buy a £145.50 licence. But from September 1, those who use the iPlayer only for catch-up viewing will also need to pay the fee, after the BBC successfully lobbied the Government to change the law.

Under the Regulation of Investigatory Powers Act, the corporation is entitled to carry out surveillance of suspected licence-fee dodgers.

The BBC confirmed that its newly developed detection techniques had been authorised under the legislation.

While the corporation would not disclose how the new technology works, the report states that the BBC has ruled out combing its own records of computers that have logged into the iPlayer website to hunt down non-paying viewers.

Sir Amyas writes in the document: "The BBC rightly acknowledges that this would be an inappropriate invasion of privacy."

Instead, electrical engineering experts said that the most likely explanation for how the BBC would carry out its surveillance was a technique known as "packet sniffing", which involves watching traffic passing over a wireless internet network without hacking into the connection or breaking its encryption.

Researchers at University College London disclosed that they had used a laptop running freely available software to identify Skype internet phone calls passing over encrypted Wi-Fi, without needing to crack the network password.

Dr Miguel Rio, a computer network expert who helped to oversee the doctoral thesis, said that licence-fee inspectors could sit outside a property and view encrypted "packets" of data - such as their size and the frequency with which they are emitted over the network - travelling over a home Wi-Fi network.

This would allow them to establish if devices at homes without television licences were indeed accessing BBC
programmes online.

Dr Rio said: "They actually don't need to decrypt traffic, because they can already see the packets. They have control over the iPlayer, so they could ensure that it sends packets at a specific size, and match them up. They could also use directional antennae to ensure they are viewing the Wi-Fi operating within your property."

Privacy campaigners described the developments as "creepy and worrying".

A spokesman for Privacy International, the human rights watchdog, said: "While TV Licensing have long been able to examine the electromagnetic spectrum to watch for and investigate incorrect usage of their services, the revelation that they are potentially developing technology to monitor home Wi-Fi networks is startlingly invasive."

A spokesman for TV Licensing said: "We've caught people watching on a range of devices, but don't give details of detection as we would not want to reveal information helpful to evaders.

"Our use of detection is regularly inspected by independent regulators."

The broadcaster included the NAO report in a list of documents that it claimed to have published alongside its annual report last month, but never distributed the review or uploaded it to its website. It has now been placed online by the public spending watchdog.

(11th August 2016)


SELF SERVICE CHECKOUTS TURN HONEST SHOPPERS INTO THIEVES, WARN CRIMINOLOGISTS
(The Telegraph, dated 2nd August 2016 author Sarah Knapton)

Full article [Option 1]:

www.telegraph.co.uk/science/2016/08/02/self-service-checkouts-turn-honest-shoppers-into-thieves-warn-cr/

Self-service tills are criminalising 'normally-honest' shoppers who resort to theft because it is so easy and the technology so frustrating, a report by University of Leicester has found.

Although shops may think they are saving money by ditching staff in favour of automated systems, in fact, the amount of money lost through theft rockets after the introduction of self-checkouts.

Leicester criminologists found that the cost of stolen items more than doubles after the introduction of self-scanning.

And it is not just criminals taking advantage of the lax security. The report found that people who are usually honest resort to theft simply because they can, and do not feel it is as wrong when there is no human interaction.

The frustrations many people feel at the self-service till may also lead shoppers to feel justified in stealing, the report found, while technology gives offenders 'ready-made excuses' for failing to scan items.

Self-checkouts were found to provoke aggressive behaviour particularly when products would not scan correctly, or when staff had to intervene to over-ride faults or check age verifications.

Giving customers the freedom to self-scan also gives them the opportunity to blame faulty technology, problems with the product barcodes or claim that they are not technically proficient as reasons for non-scanning, said the report.

Professor Adrian Beck, of the Department of Criminology, said: "Both loved and loathed by consumers, with the phrase 'unexpected item in the bagging area' striking dread into many a shopper, self-scan technologies are growing in use and likely to become even more prominent as we begin to be encouraged to use our own mobile devices to both scan and pay for products in the stores we visit.

"From the retailers' perspective, the benefits seem obvious - less investment required in staff and checkout technologies, with the former being the biggest expense they face.

"For the shopper it could mean the end of checkout queues as product scanning and payment can in theory be performed anywhere in the store at their convenience. To borrow a well-warn phrase, 'what could possibly go wrong'?

"Well, our research found that quite a bit could and does go wrong, with some potentially rather worrying long term consequences."

The study involved data from nearly 12 million shopping trips from four major British retailers as well others in the US, Belgium and Holland between 2013 and 2015

The researchers found that introducing self-checkouts raised the rate of loss by 122 per cent to an average of 3.9 per cent of turnover.

It is also difficult for retailers to identify whether a customer wilfully took items without scanning or were simply absentminded. The report found that prosecutions were a 'legal and customer relations minefield' with one company admitting it never prosecuted because a shoplifting charge could never be proved in court.

The study concluded that retailers have made theft so easy that customers who would 'normally and happily pay' are tempted to commit crime and may start to see it as a normal part of shopping.

Scanning items using hand-held devices or mobile phones was also fund to lead to errors. At the end of one shopping trip in a large supermarket researchers found that 10 per cent cent of items in a basket had not been scanned through genuine error caused by distraction because the 'shopper is being asked to do too many things at once."

Co-author Dr Matt Hopkins said: "All innovations in retailing are a business choice - hopefully done to make the shopper happier and the business more profitable.

"But those same choices can also produce negative outcomes as well, such as increased opportunities for losses to occur.

"Retailers are becoming aware of these problems and introducing ways of 'amplifying' risk in the mobile scan and pay environment, trying to ensure that all that ends up in the basket also makes it onto the receipt."

Some supermarkets now carry out random audit checks and technology is being developed to tag items so that they set off alarms if they have not been scanned.

(11th August 2016)



YAHOO PROBING POTENTIAL DATA BREACH AS 200 MILLION USER ACCOUNTS APPEAR ON DARK WEB
(International Business Times, dated 2nd August 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/yahoo-probing-potential-data-breach-200-million-user-accounts-appear-dark-web-1573716

A hacker using the pseudonym "Peace" has uploaded what purports to be a data dump of 200 million Yahoo accounts to an underground marketplace called The Real Deal. The technology giant, which has not yet confirmed the authenticity of the data, admitted it was "aware" of the potential leak.

The suspected leak comes in the wake of other "mega breaches" at Myspace and LinkedIn that each compromised millions of customer records and were both uploaded by the same cybercriminal. Like prior hacks, usernames, hashed passwords and date of births appear to have been compromised.

Alongside the listing, which was uploaded with a sample of the data, Peace wrote the credentials were "most likely" from 2012 and that passwords in the data dump were hashed with an MD5 algorithm.

At the time of writing, the credentials are being sold for three bitcoins, a form of cryptocurrency that is equivalent to £1,395 ($1,838). Based on the sample, a number of the records correspond with real accounts, while others do not - to be expected for a dataset containing older information.

A Yahoo spokesperson told IBTimes UK via email: "We are aware of a claim. We are committed to protecting the security of our users' information and we take any such claim very seriously. Our security team is working to determine the facts.

"Yahoo works hard to keep our users safe, and we always encourage our users to create strong passwords, or give up passwords altogether by using Yahoo Account Key, and use different passwords for different platforms."

As noted by Vice Motherboard, which first reported news of the potential breach, the firm did not confirm nor deny the data was legitimate. IBTimes UK contacted Peace for comment via The Real Deal however did not receive a response by the time of publication. It remains unclear if Peace hacked Yahoo to get access to the credentials, whether the data was obtained from a secondary source or even if it is simply made up from records taken from other major hacks.

Little is known about the individual - or group - behind the Peace persona. However, in one interview given to Wired, he or she claimed to once have been part of a Russian hacking group that targeted major technology firms.

Once the group reportedly split, data dumps from 2012/13 that were previously only shared with an "inner circle" started to appear online. These included 160 million accounts from LinkedIn, 100 million from Russian social media platform VK.com and 360 million from Myspace.

uaware comment

Yahoo operates some of the email platform for BT. If you don't regularly change your email password, you may want to consider it now.

(11th August 2016)


LONDONERS TOLD TO "RUN AWAY AS FAST AS POSSIBLE" IF ISIS TARGETS THE CAPITAL
(London Evening Standard, dated 1st August 2016 author Martin Bentham)

Full article [Option 1]:

www.standard.co.uk/news/london/londoners-told-to-run-away-as-fast-as-possible-if-isis-targets-the-capital-a3308836.html

Londoners were today told to "run away as far as possible" if Islamic State terrorists hit the capital as Britain's most senior counter-terror officer made an unprecedented appeal to the public to prepare for an attack.

Scotland Yard Assistant Commissioner Mark Rowley said people should also hide once they were unable to flee any further and call the police.

He said that by learning the "basic" rules people could save their own lives and help to reduce the death toll if IS terrorists began a mass casualty attack.

"It may seem blindingly obvious, but some people don't run, they will duck down where they are, do all sorts of different things in the panic," Mr Rowley told the Standard.

"So let's be really clear - run as far away as possible and when you can't run any further, hide, and then tell - call the police because we've got the people, the resources, the firearms to deal with it. It's very straightforward."

Mr Rowley also called on workers across London "from Canary Wharf to local high streets" to help police foil terror plots by looking out for "suspicious" individuals who might be carrying out reconnaissance in a shopping centre or buying a vehicle to use as a weapon.

His appeal to the public to prepare for terrorists to hit London follows the recent spate of attacks in France and Germany and a warning from Met Commissioner Sir Bernard Hogan-Howe that it is a matter of "when, not if" an IS outrage is carried out in Britain.

Mr Rowley, the police national head of counter-terrorism, said that officers were currently carrying out "hundreds of investigations" into terror suspects and facing a "steady flow" of plots by stay-at-home jihadis inspired online.

He said that more armed officers were already being deployed across London in response and that the number of "high calibre" firearms specialists would rise further over the coming weeks.

But he insisted that no individual attack was inevitable and that public vigilance could be crucial in foiling plots.

Appealing for the public to follow police advice on how to cope with the terrorist threat, Mr Rowley added: "Every Londoner can help the fight against terrorism, whether it's being more prepared personally or at work or if you are suspicious about something or someone - if you see someone acting suspiciously near where you work then straight away contacting us, whether you are working in Canary Wharf or the local high street.

"That person who's suspicious may be someone doing reconnaissance because they want to attack a shopping centre or it may be someone who is preparing in a different way, hiring a car or a lorry, it could be all sorts of ways, but we say to the public, trust your instincts and pick up the phone to us.

"We the police aren't being defeatist, we are arresting more and more people, we are bringing more firearms officers on patrol, we're putting more on foot patrol in crowded places, doing everything we can to flex our resources to protect the public and what we are saying is we aren't being defeatist, it's important the public aren't defeatist as well.

We need more help, more preparedness from the public. We are asking the public to roll the sleeves up and help us."

On the advice to "run, hide, tell", which is set out in full in a "Stay Safe" online film published by police, Mr Rowley added:

"We should all do everything possible to stop attacks happening, but when we look at the events of the past few months in Europe it would be foolish if we were not to put out advice saying if you get caught in something here are some simple rules about what to do and give yourself a better chance of survival.

"This is based on what's happened in attacks across the world. If you get a chance, run to get away, hide and call us.

"I know the case of somebody who had seen the video who was a British citizen who was caught up in the attack in Tunisia in Sousse and she would say that it changed what she did and saved her life.

"She went to her bedroom on the fifth floor, buried herself in that and locked the door. It's basics but it's really important."

Funding for an extra 600 firearms officers was announced by the government last year following the Paris attacks. Mr Rowley said they were still being trained, but that by working overtime and "other methods" police were putting more armed patrols on the streets.

"The critical point is that this 24/7, specialist officers with the weaponry and equipment to confront a terrorist. This is high calibre, highly trained specialist people.

"They are on patrol in vehicles across London, sometimes they will be on foot, and based on intelligence, based on disrupting terrorism, they will vary between shopping centres, places like Oxford Street, sometimes sporting events, religious premises.

"We will have a much bigger, stronger capability to deal with anything that hits us in London."

On the scale of the threat, Mr Rowley added: "What we see reflects what's going on across Europe.

"Most of them aren't people who have travelled to Syria, but they are being inspired, trying to pick up weapons, to plan an attack here. That's what we've been wrestling with most of all. We've had a steady flow of people thinking about that sort of attack.

"The second thing that we've got to guard against is … people returning from Syria more determined, more deadly, more highly skilled in weaponry. If those people were to reach the UK that would be a major concern.

"We have got hundreds of investigations ranging from extremists right on the periphery through to small numbers of the highest risk operations of people who are looking to do an attack.

"We've got large numbers of people we have got degrees of concern about, we've got high risk individuals, the highest-risk operations, and that's one of the reasons that public information helps us.

"We are constantly trying to sift who are the highest risk individuals on our radar, and a member of the public might spot something about someone we think is low priority that we haven't."

Mr Rowley also confirmed that counter terror officers are helping Norfolk Police investigate the attempted kidnap of an airman outside RAF Marham earlier this month, but that the motive for the crime was still unclear.

Safety Video

An official "Stay Safe" video on what to do in a terror attack can be viewed at :

www.npcc.police.uk/NPCCBusinessAreas/WeaponAttacksStaySafe.aspx

(11th August 2016)


JULY 2016


COMPUTER SECURITY REVIEW - JULY 2016

-----------------------
MALWARE FOUND IN 75% OF TOP 20 COMMERCIAL BANKS IN THE US
(International Business Times, dated 2nd August 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/malware-found-75-top-20-commercial-banks-us-says-security-scorecard-1573769

US financial organisations are at increased risk of falling victim to cyberattacks, according to a new report by cybersecurity rating and continuous risk monitoring firm Security Scorecard. The firm's research revealed that 75% of the top 20 commercial banks in the US were infected by malware.

Several malware families, including Ponyloader, Vertexnext and Keybase were detected among many of the top 20 banks. "Over 422 malware events over the past year were detected in just one of the commercial banks. A total of 788 malware events were detected in all 20 commercial banks over the past 365 days," Security Scorecard said in its report.

-----------------------
POEKMON GO : ISREALI ARMY BANS SOLDIERS FROM PLAYING SMARTPHONE APPLICATION AMID CYBERSECURITY FEARS
(International Business Times, dated 2nd August 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/pokemon-go-israeli-army-bans-soldiers-playing-smartphone-application-amid-cybersecurity-fears-1573861

The Israeli military has reportedly banned its soldiers from playing Pokémon Go amid fears the popular smartphone application could be a cybersecurity risk.

According to the Associated Press, the Israel Defense Force (IDF) has officially instructed its troops and officers the augmented reality game, which relies on location services and phone cameras to operate, could leak sensitive information on its secretive bases.

The military said it is also concerned soldiers could fall victim to one of the many malicious Pokémon Go applications available online. "The game is a source for gathering information!" states the warning issued by the IDF's Information Security Department. "The game cannot be used on an army base!"

------------------------
MALVERTISING CAMPAIGN ADGHOLAS TARGETED 1 MILLION VICTIMS PER DAY
(International Business Times, dated 29th July 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/malvertising-campaign-adgholas-targeted-1-million-victims-per-day-1573135

A malvertising campaign dubbed AdGholas has been found to have targeted one million victims, successfully infecting thousands, everyday. The campaign was active for a year before being shut down by security researchers. Cybercriminals used a complex combination of "sophisticated filtering and steganography" to evade detection and reach as many targets as possible.

A collaborative effort by security researchers from Proofpoint and Trend Micro revealed that the malvertising campaign has been active since October 2015. The two firms also uncovered that while not all AdGholas campaigns worked in the same way, they, however, shared the same "multi-layered filtering and obfuscation" in efforts to evade detection.

------------------------
RUSSIA BASED WEBSITE IDENTIFIED AS CYBERCRIME HUB LINKED TO HACKER BEHIND LINKEDIN BREACH
(International Business Times, dated 28th July 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/russia-based-deer-io-identified-cybercrime-hub-linked-hacker-behind-linkedin-breach-1573040

A new Russia-based online business hub has been uncovered, which has been identified by security researchers as a one-stop shop for cybercriminals. Deer.io, a website development platform, is estimated to be hosting over 1,000 shops, most of which were found to sell stolen products from compromised accounts.

Deer.io, which claims to offer "technical hosting including anonymity and security, payment handling, website design and distributed denial of service (DDoS) protection", was also found to be hosting darkside.global - the online shop linked to the pseudonymous hacker Tessa88, who was found to have been behind the high-profile database breach sustained by various social networking sites, including LinkedIn and MySpace.

------------------------
O2 DENIES HACKING BREACH AS CUSTOMER DATA EMERGES ON THE DARK WEB
(International Business Times, dated 26th July 2016 author India Ashok)

Full article [Option 1]:

www.ibtimes.co.uk/hackers-gain-access-o2-customer-data-put-it-sale-dark-web-1572533

Hackers have listed purported O2 customer data for sale on the dark web. The data was reportedly first
stolen from a gaming site in November 2013, which was later used by the hackers to access O2 customer data.
The personal data on sale on the dark web includes names, phone numbers, date of birth, emails and
passwords.

An O2 statement said: "We have not suffered a data breach. We have reported all the details passed to us
about the seller to law enforcement and we continue to help with their investigations."

------------------------
WHAT PRIVACY ? YAHOO STILL RETAINS A COPY OF YOUR EMAILS AFTER THEY ARE DELETED FROM YOUR INBOX
(International Business Times, dated 25th July 2016 author Mary-Ann Russon)

Full article [Option 1]:

http://www.ibtimes.co.uk/what-privacy-yahoo-still-retains-copy-your-emails-after-they-are-deleted-your-inbox-1572381

Yahoo is in hot water over giving UK police and the FBI access to six months' worth of deleted emails as
part of a transatlantic drug trafficking investigation, which might possibly be illegal.

A US judge has granted a motion forcing Yahoo to explain how exactly it is able to recover emails that
have been deleted from a user's inbox, when its privacy policy on dealing with law enforcement explicitly
declares that "Yahoo is not able to search for or produce deleted emails".

The motion has been granted as part of a convicted UK drug trafficker's appeal to try to get evidence
against him thrown out of court by arguing that the information was illegally obtained by Yahoo.
------------------------
FLAWS FOUND IN SECURITY PRODUCTS FROM AVG, SYMANTEC AND MCAFEE
(The Register, dated 20th July 2016 author Darren Pauli)

Full article [Option 1]:

www.theregister.co.uk/2016/07/20/hooks_cooked_hackers_crack_tonnes_of_security_apps_for_new_cloak_yoke/

Hundreds of security products may not be up to the job, researchers say, thanks to flawed uses of code hooking.

The research is the handiwork of EnSilo duo Udi Yavo and Tommer Bitton, who disclosed the bugs in anti-virus and Windows security tools ahead of their presentation at the Black Hat Las Vegas conference next month.

The pair says 15 products including those from AVG, Symantec, and McAfee are affected. Scores more may be vulnerable thanks to their use of Microsoft's Detours, code Redmond says is used for "re-routing Win32 APIs underneath applications [and] is licensed by over 100 ISVs and used within nearly every product team at Microsoft."

The researchers did not specify if Microsoft's enhanced mitigation experience toolkit (EMET) is affected.

Attackers would already need access to a system to reap the benefits of the vulnerabilities and neuter the security platforms running on the target system.

"We found six different common security issues that stem from incorrect implementation of code hooking and injections techniques," the pair say.

-----------------------

GOOGLE'S NEXII STAND TALL AMONG ANDROID'S INSECURE SWILL
The Register, dated 15th July 2016 author Darren Pauli)

Full article [Option 1]:

www.theregister.co.uk/2016/07/15/android_security/

Nexus devices are, unsurprisingly, the most secure Androids, says security outfit Duo.

The devices are regarded as Google's flagship Android device on account of its operating system running the stock Android open source project (AOSP).

Android phones from other manufacturers nearly always add custom modifications and are slow to update AOSP updates, when mobe-makers bother to do so.

Duo Labs security intern Olabode Anise (@justsayo) says in analysis that Nexus users are the most secure on account of the rapid provision and application of updates.

"Google's publicity around the stronger security model of Nexus phones, combined with the fast update rollout, has clearly resulted in safer users," Anise says.

"Tech-savvy users might frequently upgrade mobile phones, and so they benefit from the stronger security that gets baked into each newer model, but that's not the norm.

-----------------------

HACKERS STEAL MILLIONS FROM ATMs USING JUST THEIR SMARTPHONES
(The Register, dated 15th July 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/07/15/taiwan_atm_hack/

Authorities in Taiwan are trying to work out how hackers managed to trick a network of bank ATMs into spitting out millions.

Police suspect that two Russian nationals wearing masks cashed out dozens of ATMs operated by Taiwan's First Bank on Sunday and left the country the following day. The crooks stole an estimated T$70m ($2.2m) hours after a typhoon battered the region around Taipei, the Taiwanese capital.

The two (or perhaps at least three) crooks behind the theft didn't use bank cards, judging from security camera footage. Instead, the cybercriminals appeared to gain control of the machines with a "connected device," possibly a smartphone, according to police.

Targeted ATMs were made by German manufacturer Wincor Nixdorf, which admits some of its machines in Taiwan were hacked as part of a "premeditated attack." Three different (unspecified) strains of malware were found on the compromised machines.

First Bank and other Taiwanese banks suspended withdrawals from their ATMs as a precaution following the attack, pending inspections to determine whether any cyber-tampering took place.

-----------------------
TOP BANKS IN TAIWAN ON HIGH ALERT AS THIEVES USE ATM MALWARE TO STEAL MILLIONS
(International Business Times, dated 12th July 2016 author Jason Murdock)

Full article [Option 1]:

www.ibtimes.co.uk/banks-across-taiwan-high-alert-suspected-russian-criminals-use-atm-malware-steal-millions-1570185

The top eight banks in Taiwan have been forced to shut down activity on hundreds of ATMs after a coordinated group of thieves used malware to steal NT$70 million ($2.17m, £1.64m, €1.9m) in cash.

Bank of Taiwan, Chang Hwa Bank, First Bank and five other institutions have reportedly suspended transactions on 900 cash machines following a major theft by three suspects on 9-10 July across 20 branches of the First Commercial Bank in Taipei and Taichung.

-----------------------

OMNI - SHAMBLES ! CARD STEALING MALWARE CHECKS INTO HOTEL CHAIN
(The Register, dated 11th July 2016 author Shaun Nichols)

Full article [Option 1]:

www.theregister.co.uk/2016/07/11/strike_omni_from_list_of_safe_hotels/

Yet another US hotel chain has admitted malware infected its computer systems and stole guests' bank card information.

Omni Hotels said today an attacker managed to infiltrate its IT network and inject a software nasty into its payment terminals that siphoned off copies of people's credit and debit cards.

The malware was present on Omni sales kit between December 23, 2015 and June 14 of this year. Information lifted from credit and debit cards included cardholder name, card number, expiration date, and security code.

The hotel did not say which of its 52 North America locations were infected with the card-stealing malware.

-----------------------
HACKERS CAN EXPLOIT SMATWATCHES, FITNESS TRACKERS TO STEAL YOUR ATM PIN
(Computer World, dated 7th July 2016 author Darlene Storm)

Full article [Option 1]:

http://www.computerworld.com/article/3092407/security/hackers-can-exploit-smartwatches-fitness-trackers-to-steal-your-atm-pin.html

If you don't trust wearable devices, then you weren't being paranoid as new research proved how smartwatches and fitness trackers, which are recording your movements, can be exploited by attackers to steal your ATM PIN or password.

Yan Wang, an assistant professor of computer science at the Thomas J. Watson School of Engineering and Applied Science at Binghamton University, won't wear a smart watch. "It knows too much," he told IEEE Spectrum.

Wang should know as he was one of five researchers who developed a technique which combined data from embedded sensors in wearables with an algorithm; it could crack PINS and passwords with an 80% accuracy in just one try. After three tries, they achieved a 90% accuracy.

He admitted, "At the beginning, I thought this would be science fiction, but it can actually be done. There are just so many sensors on these wearable devices. It provides sufficient information of your hand movements."

-----------------------
ANTIVIRUS MERGER
(Computer World, dated 7th July 2016 author Peter Sayer)

Full article [Option 1]:

www.computerworld.com/article/3092501/security/antivirus-merger-avast-to-buy-avg-for-13-billion.html

Antivirus vendor Avast Software has agreed to buy rival AVG Technologies for $1.3 billion in cash.

The deal will give Avast access to more than 400 million "endpoints," or devices running its and AVG's software, 160 million of them phones or tablets, the company said Thursday.

Avast hopes the deal will make the combined company more efficient, as well as allowing it to take advantage of new growth opportunities such as securing the internet of things.

"This combination is great for our users. We will have over 250 million PC/Mac users enabling us to gather even more threat data to improve the protection to our users," Avast CEO Vincent Stickler wrote on the company blog.

-----------------------

PROBLEMS FOR SMALL BUSINESSES USING SYMANTEC ANTI-VIRUS
(The Register, dated 6th July 2016 author Iain Thomson)

Full article [Option 1]:

www.theregister.co.uk/2016/07/06/symantecs_unfixed_zeroday_flaws/

If you're using Symantec's Endpoint Protection Small Business Edition (SEP SBE) then you can forget about security for a week or so, as the company won't be patching the "as bad as it gets" security holes in its software for a while.

A Register reader who wishes to remain anonymous received an email from Symantec confirming users of the cloud SEP SBE package will be getting patched in the next few days. But the workstation version patches won't be pushed out until the middle of the month, and the Mac version by the end of July.

Meanwhile, if you're still using the older SEP SBE (on-premises) product, then you can forget about it - the system isn't going to get a fix for the problems that allow an attacker full run of a Symantec system without the need for a user to be involved in any way.

"Symantec has released antivirus definitions to detect and block exploitation," the company told us in an emailed statement. "In addition, updates to Symantec Endpoint Protection Small Business Edition will be available by mid-July. We recommend that customers apply these updates as soon as they are available."

------------------------

EU E1.8bn IN CYBERSECURITY INVESTMENT
(The Register, dated 5th July 2016 author John Leyden)

Full article [Option 1]:

www.theregister.co.uk/2016/07/05/eu_cybersecurity_investment_plan/

The EU Commission has launched a public-private partnership on cybersecurity that is expected to trigger €1.8bn ($2bn) of investment by 2020. The EU is promising to invest €450m ($502m) in a bid to spur innovation in cybersecurity with the remainder coming from the private sector.

Some security commentators reckon the Brexit vote means that British organisations are set to lose out on the benefits of this investment. However given the uncertain political climate in the UK - which remains a full member of the EU for a t least two years and possibly longer - a UK lockout is far from definite.

UAWARE : See full article with main section for July 2016.

------------------------
GET READY FOR MANDATORY PORN SITE AGE CHECKS
(The Register, dated 5th July 2016 author Kat Hall)

Full article [Option 1]:

www.theregister.co.uk/2016/07/05/digital_economy_bill_age_verification_smut_sites/

The UK government is to lay its digital bill before Parliament today, which, among other things, is intended to create a legal right for every household to access 10Mbps broadband.

Age verification will also be required for people browsing pornographic websites, supposedly for the protection of children from online porn.

The Digital Economy Bill was first announced in the Queen's Speech earlier this year. It has the lofty aim of "mak[ing] the United Kingdom a world leader in the digital economy" via legislation.

The Bill also contains contentious plans to allow government departments to better share citizens' information between themselves. However, those proposals have been criticised for being too hastily introduced - despite a lengthy consultation process around the initial proposals.

------------------------
WHY BREXIT VOTE TO LEAVE THE EU WIL HAVE LITTLE EFFECT ON ITS DATA PROTECTION RULES
(Computer World, dated 24th June 2016 author Peter Sayer)

Full article [Option 1]:

www.computerworld.com/article/3088313/cloud-computing/why-the-uks-vote-to-leave-the-eu-will-have-little-effect-on-its-data-protection-rules.html

With the haircut that the sterling-euro exchange rate has taken in the wake of the U.K.'s vote to leave the European Union, the U.K. has suddenly become a low-cost country for companies wishing to host or process the personal information of EU citizens.

As for U.K. businesses hoping for more relaxed data protection rules in the wake of the referendum vote, they will have to wait -- perhaps for a very long while.

That's because many of the rules that the 51.9 percent who voted to leave the EU hoped to escape are, in fact, firmly part of U.K. law, and will only go away if the U.K. Parliament votes to repeal them.

And it can't do that until it has negotiated its exit from the EU, which is a matter of international treaty and not the will of the people.

------------------------

(3rd August 2016)


NEW DATA REVEALS SCAM HOTSPOTS - DO YOU LIVE IN ONE ?
(Love Money / BT News, dated 31st July 2016)

Full article [Option 1]:

http://home.bt.com/lifestyle/money/money-tips/new-data-reveals-scam-hotspots-do-you-live-in-one-11364076353910

Here's a round-up of the 20 towns in England and Wales where victims lose the biggest sums of cash.

Scam victims tend to lose an average of £2,500, according to new research.

Citizen's Advice found that Hemel Hempstead, Hertfordshire, is the area people were likely to lose the largest sums, with the typical victim losing £9,036.

This is followed by Exeter, where losses were around £5,736 per person.

Llandudno, which saw each victim lose an average of £5,501 is third, followed by Lincoln with £4,567.

Citizen's Advice gathered its data by examining 5,000 calls from victims across England and Wales.

Types of scams

The most common scam methods identified were up-front payments - where people were asked to pay for a service that never materialised - and fake services, including scammers telling victims their computer has a virus, which they can fix remotely.

Others were targeted with vishing scams, where scammers cold-call and attempt to get people's bank details.

The findings were revealed as part of Scams Awareness month, a national campaign run by Citizen's Advice and Trading Standards to help people avoid falling prey to scams.

Commenting on the findings, Gillian Guy, chief executive of Citizen's Advice, said con-artists are using different tricks to rob people up and down the country.

"Some areas are suffering a blight of cold-calls about computer viruses, while others are bombarded with letters about lottery winnings which actually cost the victim money," she said.

"If you think you may have lost money to a fraudster, seek advice straight away so you can try and get your money back. Reporting scams is the only way to stop scams from spreading, and get them closed down for good."


How to protect yourself

Here are some tips on how to avoid this being conned out of your money through a phone scam:

- Be wary of unsolicited phone calls and especially cold callers who suggest you hang up and call them back. Fraudsters can keep your phone line open by not putting down the receiver at their end.

- If you feel something is suspicious, hang up, wait five minutes to clear the line, or where possible use a different phone line to call your bank or card issuer on their advertised number.

- If you don't have another telephone to use, call someone you know first to make sure the telephone line is free.

- Remember your bank will never ask you to check the number showing on your telephone display matches their registered telephone number. The display can't be trusted.

- Bear in mind criminals may already have basic information about you, like your name, address and account details, so don't assume a caller is genuine based on these.

- Never tell anyone, including the bank or police, your four-digit PIN, your password or online banking codes and any personal detail unless you are sure who you are talking to.

It's also important to remember that your bank and the police will never:

- Ask for your four-digit card PIN or online banking password, even by tapping them into the telephone keypad.

- Ask you to withdraw money to hand over for safekeeping.

- Ask you to transfer money to a new account for fraud reasons, even if they say it is in your name.

- Send someone to collect your cash, PIN, payment card or cheque book if you are a victim of fraud.

- Ask you to purchase goods using your card and then hand them over for safe-keeping

If you fall victim to fraud or even if you're unsure contact your bank and tell them what has happened. You should report the crime to the police through Action Fraud by calling 0300 123 2040.

###Average loss per person in the top 20 biggest scam hotspots

1. Hemel Hempstead : £9,036
2. Exeter : £5,736
3. Llandudno : £5,501
4. Lincoln : £4,576
5. Chester : £3,642
6. Gloucester : £3,508
7. Coventry : £2,678
8. Swansea : £2,285
9. Norwich : £1,814
10. Tonbridge : £1,447
11. York : £1,414
12. Torquay : £1,226
13. Brighton : £974
14. Rochester : £734
15. Telford : £695
16. Salisbury : £537
17. Bournemouth : £469
18. Redhill : £336
19. Lancaster : ? (not shown in article)
20. Dorchester : ? (not shown in article)

(1st August 2016)


POLICE FIND 30 MILLION IMAGES OF CHILD ABUSE IN MAJOR ANTI-PAEDOPHILE OPERATION
(The Telegraph, dated 29th July 2016 author Martin Evans)

Full article [Option 1]:

www.telegraph.co.uk/news/2016/07/29/police-find-300-million-images-of-child-abuse-in-major-anti-paed/

Police in Scotland have recovered more than 30 million images of child sex abuse and have identified more than 500 victims, it has been announced.

In the first major operation of its kind in Scotland, detectives arrested 77 people on suspicion of a range of offences involving the abuse of youngsters as young as three-years-old.

Dubbed Operation Lattise, the investigation focused on the distribution of indecent images, online grooming and the live streaming of abuse on webcams.

Police said much of the work to identify culprits was still ongoing but charges including rape sharing indecent images, bestiality and drug offences had already been executed.

Police Scotland Assistant Chief Constable Malcolm Graham, said: "Online child sexual abuse is a national threat - the reality is it is happening now, not only in Scotland but across the world, to children of all ages, from infants to teenagers.

"Operation Lattise was about shining a light on the scale of this issue - it was focused activity to tackle the many forms of online child sexual abuse by identifying those who pose a risk to children online and, more importantly, identifying victims of online sexual abuse and exploitation, as well as preventing more youngsters becoming victims.

"Let me make it clear - child sexual abuse and exploitation, which can range from sharing images depicting the rape, sexual torture or assault of a child to grooming or sexually extorting a child takes place solely because of decisions made on the part of the abuser.

"Online child sexual abuse is not a victimless crime: children, from toddlers to teenagers, are being sexually abused and exploited now in Scotland and when an image or video clip is shared or viewed, they are being re-victimised.

"Police Scotland is committed to Keeping Children Safe and the protection of children was absolutely at the heart of Operation LATTISE. All children have a right to protection against abuse, exploitation, neglect and violence.

"We will continue to work with our partners to protect and promote the wellbeing of all children. Our commitment to tackling this horrific threat will continue."

Joanna Barrett, NSPCC Scotland Policy and Public Affairs Manager, said: "We are increasingly concerned about the harm caused to children through online activity. Too many children are exposed to dangerous and harmful content through the internet, or are subjected to online harassment, grooming, and sexual exploitation.

"We recently highlighted how the internet is playing an increasing role in the sexual abuse of younger children in Scotland, with a 60 per cent rise recorded over a year in the number of indecent communications offences carried out by adults against children aged under 13.

"It is vital we learn more about the nature and scale of this offending in Scotland and its impact on children and young people. Everyone has a responsibility to ensure that children are protected online and we welcome the work carried out by Police Scotland and others to tackle online abuse and help keep children safe from abuse."

(1st August 2016)


DON'T USE A VIRTUAL PRIVATE NETWORK (VPN) IN UNITED ARAB EMIRATES
(The Register, dated 28th July 2016 author Iain Thomson)

Full article [Option 1]:

A royal edict from the president of the United Arab Emirates (UAE) may have effectively made it illegal for anyone in the country to use a VPN or secure proxy service.
Those caught could face jail time and fines of between 500,000 and 2,000,000 UAE dirham (US$136,130 and $544,521). The change was announced this week by the UAE President His Highness Sheikh Khalifa bin Zayed Al Nahyan in a proclamation that amended federal laws.
The wording is ambiguous and technologically illiterate. Essentially, it seems, you are not allowed to use systems that hide the fact that you're committing a crime or covering one up. If you're routing your network traffic through a secure VPN or proxy server, you could be evading the eyes of the state while breaking a law, and that's now a big no-no.
You could claim you were using the VPN or proxy for legit reasons, and that no criminal activity was being committed or concealed, but since your packets were encrypted, you may have a hard time proving your innocence.
------------------------
The tweaked law now reads as follows:
Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery, shall be punished by temporary imprisonment and a fine of no less than Dhs 500,000 and not exceeding Dhs 2,000,000, or either of these two penalties.
-------------------------
Less than 15 per cent of the desert kingdom's inhabitants are locals, with the rest of the population made up of expatriates, many of whom want to access private corporate networks and the internet at large without being limited by the filtering systems the country has set up. The state telco blocks anything seen as being against UAE values, any Israeli domains, and pornography sites, as well as many VoIP services for calling home.
There are two state-sanctioned VoIP services, Etisalat and Du, but they are relatively expensive. Skype was outlawed in the kingdom, but that ban was lifted in April after Microsoft and business leaders complained that the blockade was discouraging businesses from coming to the country.
In the meantime, if you're visiting the UAE, using a VPN or proxy server may be problematic. The new law is now in effect, and you may get a knock on the door by the police if you try using one of those services.

(1st August 2016)


LIE DETECTOR TESTS FOR SEX OFFENDERS
(The Telegraph, dated 27th July 2016 author Cristina Criddle)

Full article [Option 1]:

A convicted sex offender had admitted reoffending after police asked him to take a lie detector
test when concerns were raised about his behaviour.
Essex Police said the man, who had previous convictions for indecent exposure, was tested
following a referral from detectives.
He consented to the test and, when questioned about his results, admitted reoffending.
The man in question was not on probation, Essex Police confirmed.
Officers then secured a sexual harm prevention order through the courts, which included a
condition that he must submit to a polygraph test when requested by police.
If he refuses it will be a breach of the order and he will be arrested, interviewed and could
face the courts.
Essex Police now plans to extend the scheme to test previous offenders.

Detective Chief Inspector Jim Sandford said: "We use the polygraph test to get information
about whether or not a sex offender is reoffending, so that we can assess the risk they pose
to the public and ensure they are complying with sexual harm prevention orders imposed by the
courts.
"We can't force people to take part unless it forms part of a court order and the results of
a polygraph test can't be used as evidence in court.
"But the benefits are that it shows they are willing to engage and co-operate with the
authorities, and it can prevent us relying on more intrusive methods of monitoring."
The test is carried out in three stages, with an interview, followed by the polygraph test
and a post-test discussion.

Last year it emerged 63 sex offenders were sent back to prison after probation officers
used lie detector tests while they were on early release.
"We have seen some participants tell us about reoffending during the pre-test interview and
others make admissions after undergoing the polygraph," Mr Sandford added. "We have had
occasions where offenders have admitted further offences or breaches of preventative orders,
which have triggered investigations that are ongoing.
"We have also seen some admit that they may have potential contact with children, which has
allowed us to directly intervene and keep people safe."
Essex Police is one of just four forces in the country to use polygraph testing to manage the
risk posed by convicted sex offenders.

Two officers have completed a course to become trained polygraph examiners. Select police
officers from Hertfordshire, Kent and South Yorkshire have also undertaken training.
Officers from Northumbria and Manchester police forces are also understood to be taking
an 11-week course in the autumn.

(1st August 2016)


"UNMARKED POLICE" CARS WARNING TO ESSEX DRIVERS AFTER VANS STOLEN

(BBC News, dated 27th July 2016)

Drivers are being warned not to stop if an unmarked police car tries to get them to pull over after two vans were stolen by fake officers.
Essex Police issued the warning after the vehicles were stopped on the M11 and the M25 recently and stolen.
The thieves, dressed in police uniforms and, in one incident, carrying a handgun, used blue flashing lights.
Officers have been told they should not pull people over when in unmarked cars unless it is an emergency.
Det Ch Insp Stuart Smith said: "We have taken this decision to safeguard motorists in Essex while these offenders remain outstanding.
"Our victims have told us that the suspects are purporting to be police officers and are wearing body armour to further enhance this deception in order to steal these vans.
"Anyone who is signalled at to stop by someone in a car which may appear to be an unmarked police is asked not to stop but to call 999 immediately to verify whether the vehicle and its occupants are genuine."

(1st August 2016)


POLICE SET UP UK's FIRST eBAY HANDOVER ZONE IN MANCHESTER AS THOUSANDS FALL VICTIM TO FRAUD AND ROBBERIES
ONLINE
(Daily Mail, dated 26th July 2016 author Alex Matthews)

Full article [Option 1]:

The area has been dubbed the 'internet purchase exchange location' and while it is the pilot - there are
hopes that more sites will be announced.
eBay and Gumtree customers will be the first allowed to use the new area but GMP hope other companies will follow suit.
Consumers can both buy and sell on the site and officers believe that it will help the battle against
online crime.
Chief Superintendent Wasim Chaudhry, Head of the City of Manchester Policing team, said: 'We are always looking for ways to keep up with the times, and make our policing reflective of the people who make up our communities.
'As the number of people using online sites to do their shopping continues to rise, so does the need for such safety and crime prevention schemes.
'People who live alone, or who perhaps do not feel comfortable giving their home address to a stranger on the internet, can now arrange to meet outside our North Manchester HQ safe in the knowledge that help is close by if they need it.
'As well as providing that immediate sense of security, this will hopefully double up as a useful crime prevention tool, as those criminals who use internet sites to defraud their victims with false goods or empty boxes will think twice of doing so in full view of CCTV cameras outside a busy police station.'
-------------------------
GREATER MANCHESTER POLICE TO TRIAL INNOVATIVE INTERNET SHOPPING SAFETY SCHEME
(GMP website, dated 25th July 2016)

Greater Manchester Police have become the first force in the UK to launch an innovative new scheme to prevent crime and keep people safe in an increasingly digital age.
Today, Monday 25 July 2016, GMP launched their 'Internet Purchase Exchange Location' scheme, a place where people who are trading goods online can meet potential buyers or sellers in a safe environment.
The concept is simple, with an 'Internet Purchase Exchange Location' being a designated area outside a public building or police station where people can meet to exchange money and goods following purchases on internet sites such as Ebay, Craigslist and Gumtree.
The idea is currently being trialled in North Manchester and the first sign of its type is already in
place outside the North Manchester Headquarters, where it will be under CCTV surveillance.
As the number of people making purchases online increases exponentially year on year, so too does the number of crimes reported to police forces which are related to such activity.
An 'Internet Purchase Exchange Location', however, reduces the risk to individuals by removing the
need for people to divulge their home addresses and by providing neutral ground in close proximity
to police officers for people to make exchanges.
The location of the trial site can be found immediately outside GMP North Manchester Headquarters, Northampton Road, M40 5BP, and GMP hope that as the scheme is rolled out across Greater Manchester, more and more sites will become available for the public to use.
Chief Superintendent Wasim Chaudhry, Head of the City of Manchester Policing team, said: "We are always looking for ways to keep up with the times, and make our policing reflective of the people
who make up our communities.
"As the number of people using online sites to do their shopping continues to rise, so does the
need for such safety and crime prevention schemes.
"People who live alone, or who perhaps do not feel comfortable giving their home address to a
stranger on the internet, can now arrange to meet outside our North Manchester HQ safe in the
knowledge that help is close by if they need it.
"As well as providing that immediate sense of security, this will hopefully double up as a useful
crime prevention tool, as those criminals who use internet sites to defraud their victims with
false goods or empty boxes will think twice of doing so in full view of CCTV cameras outside a
busy police station."

(1st August 2016)


PUBLIC WARNED OF FRAUD RISK FROM RISE IN BOGUS LAW FIRMS

(The Times, dated 26th July 2016 author Frances Gibb)
www.thetimes.co.uk [Option 1]

Bogus law firms set up by fraudsters who clone a genuine one to harvest money have doubled in number to more than 700, the solicitors' watchdog said yesterday.
Almost half of all reports of fake law firms involved the identity theft of a firm or solicitor, often involving the cloning of a genuine firm's website with a view to persuading members of the public to send money or information.
The Solicitors Regulation Authority (SRA) said there had been a doubling of bogus law firms since 2012. It said that genuine law firms were being targeted by cybercriminals, and in one in ten cases money had been stolen.
One of the newest tricks is "CEO fraud", where senior figures in law firms are impersonated and the accounts team is ordered by email to transfer money to pay an invoice. This is often don on a Friday to give the criminals more time to avoid detection.
The SRA's Risk Outlook report urges the public and law firms alike to be vigilant. The regulator also noted an increase in fraudsters sending bulk emails and confidential information. This is of particular concern, it says, because victims of bogus activity are not covered by protections that apply when dealing with a regulated firm, such as access to the solicitors' compensation fund.
As for law firms, the key risk is reputational damage from being cloned by a bogus firm, the report adds. "This may lead to the loss of future clients and income. There is also the possibility that firms may be held liable for losses attributed to having dealt with a bogus firm."
The SRA warns law firms and consumers to watch out for potential signs of bogus firms. These may include the firm, branch office or individual not being recorded on the Law Society's "find a solicitor" web page; unsolicited correspondence or correspondence containing error of spelling, grammar or terminology, inconsistencies in the spelling the name of the firm and firm using only telephone numbers or email addresses.
Paul Philip, SRA chief executive, said: "We want to see firms proactively making sure their clients are also aware of the risks in this area. For instance, we would recommend that people avoid sharing bank details over email of transferring money before confirming the source of any request".
The report suggests that firms make regular internet searches to check if anyone is using their name or those of their partners and staff without authorisation.
It adds: "The increasing presence of bogus firms in the legal services market may be due to ineffective systems and controls in genuine firms and the general rise in cybercrime across the UK".

(1st August 2016)


COURT CRACKDOWN PLEDGED TO STEM POST-BREXIT HATE CRIME SURGE

(London Evening Standard, dated 26th July 2016 author Nicholas Cecil)

Full article [Option 1]:

England's top prosecutor today signalled that more people spewing out hate-filled attacks will be brought to court following a surge in such cases after the Brexit vote.
Quizzed on the rate of hate crime offenders being charged, director of public prosecutions Alison Saunders told ITV's Good Morning Britain: "We would like to see it higher because I do think that these cases are not reported enough."
Prosecutions for these offences, she said, were already going up which suggested some victims were more "confident" of coming forward.
However, she added that new documents would be released later this year to explain to the public what is a hate crime and to encourage people to tell police about such abusive behaviour.
Tougher sentences were also be issued by the courts for offenders whose crimes involved racial or
religious prejudice, she stressed.
The police watchdog, Her Majesty's Inspectorate of Constabulary, is to assess how forces are responding to the recent spike in hate crimes.
Home Secretary Amber Rudd also announced that levels of anti-Muslim, anti-Semitic, homophobic and racist bullying in schools will be examined under the Government's hate crime action plan.
Teachers and parents will be encouraged to report incidents to the police and steps taken to prevent such offences on public transport.
The moves come after police figures indicated that young people were the victims of 10 per cent of faith hate crime and eight per cent of race hate crime for the three-week period between June 16 and July 7.
A £2.4 million fund will also be set up for security measures and equipment at synagogues, mosques,
churches and other places of worship that need increased protection.
Ms Rudd said: "Hatred has no place whatsoever in a 21st century Great Britain that works for everyone.
"We are Great Britain because we are united by values such as democracy, free speech, mutual respect and opportunity for all.
"We are the sum of all our parts - a proud, diverse society. Hatred does not get a seat at the table,
and we will do everything we can to stamp it out."
A spate of reports after the EU referendum sparked fears of a new wave of xenophobic and racial abuse.
Figures released last week showed more than 6,000 alleged hate crimes and incidents were reported to police in England, Wales and Northern Ireland in four weeks from the middle of last month.
The daily rate peaked at 289 reports on June 25 - the day after the referendum result was announced.
The main type of offence reported was "violence against the person", which includes harassment and
common assault as well as verbal abuse, spitting and "barging".
Public order offences and criminal damage were the second and third most common incidents respectively.
Abusive messages have also been put on Twitter and other social media.

(1st August 2016)


GOVERNMENT ANNOUNCES "HATE CRIME ACTION PLAN" AS OFFENCES SOAR FOLLOWING BREXIT VOTE
(International Business Time, dated 24th July 2016 author Mark Piggott)

Full article [Option 1]:

Home secretary Amber Rudd has announced the creation of a new task force to tackle hate crime, which has become a significant problem since the UK voted to leave the European Union. Violent crime, public disorder and criminal damage against people because of their religion, race and nationality have risen sharply in the month since the Brexit vote, with 289 hate crimes recorded the day after the result was announced (25 June) and more than 6,000 in the following month.

The government also announced it will set up a fund to protect mosques, synagogues and other religious buildings at a cost of £2.4m ($3.1m). Crimes against Muslim women on public transport and antisemitism will be prioritised with prosecutors issued with fresh guidance in a bid to crack down on the problem. The hate crime action plan will be published by the Home Office at the end of July.

"Hatred directed against any community, race or religion has no place whatsoever in our diverse society  and it needs to be kicked to the kerb," said Rudd. "We are Great Britain because we are united by values like democracy, free speech, mutual respect and opportunity for all."
Rudd continued: "At a time of increased concerns about a climate of hostility towards people who have come to live in our country, let me be absolutely clear that it is completely unacceptable for people to suffer abuse or attacks because of their nationality, ethnic background or colour of their skin.  We will not stand for it."
Of 6,000 alleged hate crimes in the last month, the most common complaint was "violence against the person",which includes spitting, shoving, assault and verbal abuse. Public order offences came second and criminal damage third. Immediately after the Brexit vote, there were a number of incidents including graffiti on a Polish community centre and the vandalism of German cars. In Huntingdon members of the Polish community received laminated cards printed with the message: "Leave the EU - no more Polish vermin."

The Crown Prosecution Service (CPS) prosecuted 15,442 hate crimes in 2015/16, a rise of 4.8% on the previous year. This resulted in 13,032 convictions - a conviction rate of 83.8%.

(1st August 2016)


CYBERCRIME FIGURES PROMPT POLICE CALL FOR AWARENESS CAMPAIGN

(The Guardian, dated 21st July 2016 author Alan Travis)

Full article [Option 1]:

Police chiefs have called for a national campaign against online fraud and other cybercrime on the scale of last century's seatbelt and drink-driving campaigns in the wake of figures showing that one in 10 adults have been victims of such offences in the past year.
Chris Greany, the City of London police's economic command head, said that with around 1m cases reported to Action Fraud in the last year alone, it was not possible for all cases to be investigated.
On Thursday the Office for National Statistics said there had been more than 5.8m incidents of cybercrime in the past year, far more than previously thought and enough to nearly double the headline crime rate in England and Wales.
The first official estimate of the true scale of online shopping scams, virus attacks, thefts of bank details and other online offences was much higher than an initial ONS estimate in October last year, which put the annual figure at 3.8m, or 40% of all crimes.

Greany said fraud now cost an estimated £193bn a year and with half of all crimes against people in the UK being committed from abroad, it was becoming more challenging for police to tackle.
"Law enforcement agencies are becoming increasingly successful at targeting the most serious offenders; however, the scale of the challenge is such that prevention, and helping businesses and individuals protect themselves, is the only long-term way of combating the escalating threat," he said. "That includes all industries taking proper steps to protect their customers from becoming victims of fraud."
Greany endorsed a call for a national fraud and cybercrime campaign on a par with the seatbelt and drink-drive campaigns of the 1980s and 90s to create a more internet-savvy society.
Deputy chief constable Peter Goodman, the National Police Chiefs' Council lead on cybercrime, said such offending was no longer a curiosity or a new specialism in policing. "The priorities for law enforcement are to make the UK a hostile place for cybercriminals to operate, improve the response to victims and develop capabilities in local forces. Transforming our response to these crimes is a challenge but it is a priority for investment in policing," he said.
In March the Metropolitan police commissioner, Sir Bernard Hogan-Howe, was criticised for suggesting bank customers who were victims of online fraud should not be refunded by banks if they had failed to protect themselves from cybercrime.
The ONS said one in 10 adults had been victims of cybercrime in the past year. The chance of being a victim was the same regardless of social class or whether someone lived in a deprived or affluent, urban or rural area.
The 5.8m offences were made up of 3.8m fraud offences, including 2.5m incidents of bank and credit card fraud, and 2m computer misuse offences, including 1.4m virus attacks. The remaining 600,000 estimated offences related to unauthorised access to personal information, such as hacking of email, social media or other online accounts.

The latest overall figures, excluding online crime, in the 12 months to March 2015 showed there were an estimated 6.3m offences - 6% fewer than in the previous year.
Police crime figures showed that the murder rate rose by 34 to 571, the highest in five years. This is still far below the peak in 2002-03, when 1,047 homicides were recorded, but the recent rise is one of the more authoritative indicators that Britain is experiencing an increase in violence. The 96 deaths at Hillsborough in 1989 will be added to the official homicide figures and included in the next set of crime figures after the inquests finished in April.
Knife crime offences rose by 10% in the past year and gun crime increased by 4% over the same period.
Incidents of harassment, including new categories of offence such as malicious communications online, social media abuse and revenge porn, had risen 90%, from 82,000 to 156,000.
The police figures also showed a 27% rise in offences against the person and a 21% increase in sexual offences. Those figures include a 22% increase in reported rapes from 29,300 to 35,798. By contrast, the crime survey showed no significant change in the proportion of adults who said they had been a victim of sexual assault in the past year. The ONS said the 21% increase in sexual offences reflected both an improvement in police recording of the offences and a greater willingness of victims to come forward.

But the overall picture of all crime - excluding the 5.8m online offences - according to the crime survey of England and Wales, which is regarded as the best measure of crime trends, showed a 6% fall to 6.3m offences involving adult victims in the 12 months to March 2016.
The long-term trends in "traditional" crimes such as burglary, car thefts and criminal damage showed that the fall in crime since its 1995 peak had slowed down since 2005. The crime survey found there had been no change in the overall level of violent crime compared with the previous year.
The online crime numbers give the first official snapshot of the scale of the threat from online attacks and scams. However, ONS statisticians said it would be "misleading to conclude that this means actual crime levels have doubled, since the survey previously did not cover these offences".
The first estimate is based on a 9,000-strong sample size from six months of interviews from the crime survey. Only when the ONS has 12 months of data in January will the online crime figures be incorporated into the headline crime rate.
Separate Home Office figures for police officer numbers show they fell by a further 3,126 last year to 124,000 - the lowest level since 2003.
Andy Burnham, the shadow home secretary, said: "At long last, we have the true picture of crime in England and Wales and it puts the former home secretary's record in a new light.
"Our new PM [Theresa May] was fond of saying that crime is falling but, as people can see, crime has moved online and until now the official statistics haven't shown that. Her complacent claims do not read well alongside these worrying increases in violent crime, sexual crime and homicide.
"The only conclusion that can be drawn is that it is the wrong time to be cutting the police. The PM promised real-terms protection but has failed to deliver it. Now that decision is entirely within her hands, she must honour the promise that she made and protect frontline policing," he said.
The policing minister, Brandon Lewis, said: "As crime falls, we know that it is also changing. Fraud and cyber-offences are not a new threat and the government has been working to get ahead of the game, committing to spend £1.9bn on cybersecurity and cybercrime over the next five years. We have also established the joint fraud taskforce, bringing together law enforcement and the banking sector, while Action Fraud, the National Fraud Intelligence Bureau and the National Crime Agency are working to improve our response.
"We welcome today's experimental ONS figures on fraud and cybercrime - offences which we have always known were happening but were previously unable to quantify. Having an accurate national picture will be crucial to inform future action."

(1st August 2016)


HACKER SHOWS THE REGISTER HOW ONE LEAKED HOME ADDRESS CAN LEAD TO RUIN
(The Register, dated 20th July 2016 author Darren Pauli)

Full article [Option 1]:

It takes nothing more than a home address for hacker "Nixxer" to find enough information to ruin your life.
Nixxer is one of Australia's most skilled good-guy social engineers and at a recent event, and in subsequent chats with The Reg, demonstrated the potential damage rather than actually ruining a life. But the arsenal he showed - a mix of open source intelligence, custom tools, a knack for correlation and experience in how to siphon personal information - show how identity theft and worse are not hard to accomplish. And also how the most locked-down Facebook accounts leak like sieves.
Nixxer himself is a ghost. He doesn't use his real name and his real-self can't be found online.
His hacker identity is, however, used in public at events like the Unrestcon security confab in Melbourne, where he demonstrated how he can find enough information to access bank accounts.

To the gallows

On this occasion, Nixxer targeted an address that will lead to a family man in Kansas, US. Nixxer selected the address through a random search of online clipboard Pastebin for the keyword "dox" - the name given to private personal information made public.
Those records did not yield a name and Nixxer did not know if the street address was even real.
But it didn't take long to verify the address, through Google's and Microsoft's online mapping services, and in geospatial databases. Along the way he found not only details of the man he sought but also the previous owners of the property. Checks against other public databases revealed how much the house cost, allowing the social engineer to make estimates on the household income necessary to purchase the home. He reckoned the combined income was about US$120,000.
Photos of the house on mapping services revealed a car parked in the driveway. Although the license plates were blurred, it was enough for the hacker to learn of the make, model, and US state in which the car was registered. "You can see they are Kansas plates because of the colour, the way they are shaped, and how many letters and numbers it has," Nixxer says.
A well-loved playground in the house's back yard points to at least some young children in the home. A football field visible behind the house is also useful information.
"There is a local school in town, and a local gridiron team, and that's information you could use to help craft phishing attacks," Nixxer says.

Noose tightening

Online identification services are the scourge of privacy advocates. One service widely-regarded as a notorious treasure trove by social engineers is Salesforce web property data.com which allows tit-for-tat trading of personal information and encourages professionals to upload their contacts in order to access the same number of identities stored within its servers.
The site's impact on privacy can be severe: one of your correspondent's previous home addresses was captured by the site and offered to anyone willing to share their own contacts or open their wallets, despite my efforts to keep it concealed.
And data.com is just one such service among many: the likes of Wayin boast that they hold data on one in 14 humans.
Nixxer used such sites to look up the address from the original Pastebin document and retrieved names for current and former residents of the Kansas property. Armed with this target's name he then established the man's previous addresses, personal and work email addresses, and date of birth from the service.
"These sites are everywhere," Nixxer says with disdain. "You just pay a dollar or something and you get access to whatever you want, it's all there. It's scary."
Facebook is poison to those who take privacy seriously, and it is unsurprising that Nixxer has resisted the temptations to join the online watercooler. Not even with an alias.
He has better reason than most. The hacker has cooked up some nightmarish tools that lay waste to Facebook's non-default privacy controls that Zuckerland offers as an token effort to entice and retain the tin-foil hat community.
The tools, custom-built during Nixxer's government agency engagements, can spin up fake profiles to help capture associations and familiar links to a target who has ratcheted up Facebook privacy settings to its fullest effect.
None of the seven fake profiles he loads into the tools need to be accepted as a friend by the target in order for Facebook's privacy controls to be neutered.
At this point in Nixxer's demo, he had learned the identities of his target's brothers and sisters, parents, and cousins thanks to Facebook and LinkedIn. He also had a pile of personal photographs and information that confirmed all previous findings.
Each of the target's siblings and children worked at what Nixxer now learned was a family-run company.
"Facebook is a spider web of people who can be leveraged," Nixxer says. "You can use fake profiles to triangulate a target's movements using nothing more than Facebook."
Nixxer switches targets to the man's business and learns that his victim is the director.
"I have enough information at this point to open and close his bank accounts, or do whatever I want," he says.
With his noose of personal information tied, Nixxer's next step is infiltrate the website of his victim's business. That site is powered by an un-patched instance of Linux. Nixxer quickly gains access to the web server with root privileges. "It worked just like that," Nixxer says, clicking his fingers. With a malicious site in place, all sorts of other attacks become possible.

Cutting the rope

Can you avoid attacks like that Nixxer outlined above? The hacker thinks you can, with the first step being to avoid Facebook.
"There is no reason to write down where you actually grew up, who your real brothers and sisters are, or where you went to buy clothes yesterday," he advises.
Yet locking down accounts still will not stop Nixxer and the growing army of skilled social engineers across the world from gaining sufficient information on users to bring them ruin.
He recommends users use fake online personas and deploying a handful of tools including web browser tools such as uBlock Origin, AdBlock Plus, and script blockers.

(1st August 2016)


TfL AND POLICE LAUNCH #WESTANDTOGETHER ANTI-HATE CRIME CAMPAIGN
(London Evening Standard, dated 20th July 2016 author Ross Lydall)

Full article [Option 1]:

Police and Tube staff today launched a campaign to encourage passengers to report hate crime, including incidents sparked by the Brexit vote.
They vowed to investigate all incidents as part of the #WeStandTogether campaign to provide reassurance that the Underground is safe for all passengers.
Transport for London was unable to say whether the UK's decision to leave the EU had resulted in increased attacks.
One woman passenger said she was the victim of an incident two days ago at Covent Garden station when her head scarf was pulled by a man who pulled "monkey faces". She said: "I was not harmed but I was very upset."
Today's launch at King's Cross was the first in a number of events planned across London over the coming months.
Mayor Sadiq Khan, said: "I am proud of the incredible diversity of our city and I will not tolerate hate crimes of any form, anywhere in London. We must stand together and anyone who sees or is targeted by abusive behaviour should report it to the police immediately."
The initiative, involving the Met police, British Transport Police and TfL, runs alongside the Mayor's #LondonIsOpen campaign. Launched earlier this week, it aims to reassure the one million foreign nationals who live in London.
British Transport Police divisional commander Martin Fry said: "People can report an incident to us discreetly by texting 61016 from a mobile phone and of course, in an emergency, 999."

(1st August 2016)


MILLIONS OF CALLS TO POLICE 101 NUMBER GOING UNANSWERED
(The Telegraph, dated 16th July 2016 author Sam Blewett)

Full article [Option 1]:

Almost three-and-a-half million calls to 101, the police's non-emergency number, went unanswered in the last four years, according to new figures.
Some callers to the number, designed to deal with reports of crime such as drug dealing and theft, waited for more than two hours before they either gave up or were answered.
The number of abandoned calls between 2012 and May this year is 3,469,984, according to Freedom of Information requests by the Daily Mail that were answered by the Daily Mail that were answered by 36 out of 43 UK police forces.
The figures were branded "utterly unacceptable" by Liberal Democrat Leader Tim Farron.
"This research shows that people are being left hanging on the phone for hours or putting the phone down because they can't get someone to pick up," he told the newspaper.
"This is utterly unacceptable and makes a mockery of the 101 idea.
"Millions of calls are going unanswered and millions of crimes are going unreported".
The number is designed to relieve some of stress from 999 and to replace individual police station numbers.
The worst offender was Lancashire Constabulary, with 486,284 out of 3,552,756 calls ended before someone answered them.
Derbyshire Constabulary came in second with 356,222 unanswered calls and Hampshire followed with 306,749.
The longest wait for someone to answer a witness or victim's call was two hours and two minutes and came within the last 13 months, according to the Lib Dem research.
Inspector Matt Johnson, of Cambridgeshire Police, told a public meeting last year that "life was too short" to use the service.
The service was first introduced by Labour in 2006 but was scrapped because of vast costs and its failure to reduce emergency calls.
It was reintroduced throughout 2011 and 2012 costing 15p regardless of the call duration.

(1st August 2016)


FRANCE'S SAIP EMERGENCY SMARTPHONE APP FAILED DURING NICE ATTACK
(The Guardian, dated 16th July 2016 author Angelique Chrisafis)

Full article [Option 1]:

The French government has vowed to overhaul its emergency smartphone app designed to alert the public to an ongoing terror attack after it malfunctioned during the attack on Nice.
The government's instant alert app, created after last November's terrorist attacks across Paris and launched last month just before the Euro 2016 football tournament, is supposed to send instant warnings, information and advice directly to people's phones if a bombing, shooting or other terrorist incident happens near them.
But when a truck driver drove at full speed into crowds on the Nice seafront during the Bastille Day fireworks display, killing 80 people and injuring hundreds more, it took almost three hours for the instant alert to be issued by the app.
The attack began just before 11pm, but the first so-called instant warning was not issued until almost three hours later, arriving on users' smartphones at 1.34am.
The app, known as Saip (Système d'alerte et d'information des populations), is supposed to turn the smartphone screen red and gives advice such as where to take cover. It is is also seen by the government as an official counterpoint to possible inaccurate speculation on social media.
Several rumours spread amid confusion on the night of attack, with some fearing there was a shooting or hostage-taking incident.
The French interior ministry said the information had been sent out too late by the app and summoned the contractors for talks on what went wrong. A ministry statement said there would be a swift action plan to ensure it never happened again.

(1st August 2016)


PHONE SCAMS : A CRIMINAL CONVINCED ME HE WAS FROM TALKTAK AND STOLE £13,600
(The Telegraph, dated 15th July 2016 author Amelia Murray)

Full article [Option 1]:

When Jacqueline Klag, a 77-year-old reader from Newquay in Cornwall, received a telephone call from a man who claimed to be from TalkTalk, she was convinced he was a genuine employee of the company because he knew details about her subscription and that she had upgraded her TV package the week before.
By gaining her trust in this way, he was able to drain almost £14,000 from her bank account.
The man, who gave his name as "Jonathan Marsalin", telephoned Ms Klag at 9am one day in October last year. He told her that her computer system had been compromised and he needed to clean it up.
After he kept Ms Klag on the phone for three hours, he persuaded her to give him access to her computer using a remote desktop connection, supposedly to install security software. But once connected, he was able to take control of her computer and access her information.
By midday, Ms Klag told him she was exhausted and asked if she could disconnect the call. But "Jonathan" insisted she remain on the line to speak to another engineer about her router.
Apparently sensing her fatigue, he then persuaded Ms Klag to hand over her bank details with an offer of £200 compensation "for the inconvenience". Next he claimed that he had accidentally paid £5,000 into her account and asked Ms Klag to transfer £4,800 back, which she did via online banking.
The next morning Ms Klag discovered that £13,600 had been taken out of her Santander account in three separate transactions, presumably because the fraudster had been able to access Ms Klag's internet banking from his remote connection.
Ms Klag called Santander that morning. It contacted the recipient bank to see if any funds were remaining in the fraudster's account. It later recovered £4,023 before closing the case.
She also notified Action Fraud, the cybercrime reporting service. Her case was assessed by the National Fraud Intelligence Bureau, but because there were judged to be insufficient lines of inquiry it was not passed to police for further investigation.
When Ms Klag contacted TalkTalk, the company was unsympathetic. It said: "In these circumstances we do not believe we have a responsibility to reimburse you for the money stolen since that theft would not have occurred if you had not allowed the scammers to have access to your PC and provided them with certain aspects of your banking details."
Santander said it could not accept any responsibility for the losses on the account as Ms Klag authorised the initial payment.
A spokesman said: "While we are very sympathetic to Mr Klag's situation and the distress caused by being the victim of a scam, Ms Klag initiated and used a 'one-time passcode' to validate and authorise the transfer, a security measure we put in place to protect customers against fraud, and confirmed the payment as genuine when we called to check."
Ms Klag said she was disappointed by the responses. She said: "Surely someone must be able to help me get my money back?"
But victims of crimes such as these often have no hope of seeing their savings again. Banks will insist that they simply obeyed the customer's instructions.
However, Martyn James, from the Financial Ombudsman Service, said victims might be able to get their money back if their own bank or the recipient bank did not act correctly once the fraud was reported. The police are also unlikely to investigate. Action Fraud passes only 30pc of fraud cases on to the police.
Even then, some are likely to be dropped.

'Treat every phone call as a scam'

The kind of fraud that deceived Ms Klag is the "equivalent of criminals conning their way into your house", said David Emm, principal security researcher at Kaspersky Lab, the online security group.
He said: "The flexibility of the internet is what we love about it. But we forget that people are hiding in the cracks."
Tony Neate, the head of Get Safe Online, a cybercrime initiative, advised people to "treat every phone call as a scam". Research by his organisation found that British people were now more likely to receive a landline phone call from a criminal then from friends and family.
Mr Neate said an organisation such as a bank, the police or HMRC was highly unlikely to call you and ask for payment details over the phone.
He suggested keeping a list of questions by the phone to reel off if you are unsure about the identity of a caller.

The questions include:
- What business are you calling from?
- What is your phone number?
- What is the email address?
- What is the website address?

Make a note of what you are told and hang up, then call the organisation using genuine contact details found online and let it know that you have been contacted. The organisation should then be able to tell you whether the caller was genuine or not. If you suspect a scam, report it to Action Fraud.

Mr Neate said fraudsters knew that we were particularly worried about being defrauded online and might not be as vigilant over the phone.
He said: "Criminals are coming at us at all angles and they are especially convincing on the phone. These scams require intelligence and empathy. The fraudsters are highly trained individuals."
Telephone scams, sometimes called "vishing", are one element of "social engineering" - where criminals psychologically manipulate people, convincing them to disclose confidential information such as bank details or make a payment to a "safe account".
They often claim to be from trusted bodies such as a bank, government organisation or even the police and may reference personal details gleaned from social media or other sources to appear more credible.

(1st August 2016)


FAKE POKEMON GO GAME LOCKS PHONE,THEN SECRETLY DRIVES PORN AD
(Computer World, dated 15th July 2016 author Michael Kan)

Full article [Option 1]:

A newly discovered fake Pokemon Go game will actually lock your phone and then secretly run in the background, clicking on porn ads.
Security firm ESET found it on Google Play and its called Pokemon Go Ultimate. However, once downloaded, the app itself doesn't even pretend to offer anything remotely like the hit game.
Instead, it simply appears as an app called "PI Network." Once it runs, the app will then freeze the phone with a screen lock of a Pokemon Go image, forcing the user to restart the device, ESET said on a blog post on Friday.
Following a restart, the PI Network icon will disappear from the phone, but the malicious app is actually still running in the background. It will then go online, secretly clicking on porn ads to generate revenue for the app's developers.
Fortunately, users can easily delete it, by going into app section of the phone's settings, and manually uninstalling.
Google Play has also removed the Pokemon Go Ultimate app. ESET said the fake game was only available for a short time and generated between 500 and 1,000 downloads.
Some users, however, may still be tempted to download knock-offs of Pokemon Go. That's because, outside of the U.S., the official game isn't available in many parts of the world.
This week, it launched in five European countries, including the U.K., Germany, and Italy, but there's still no word on when it might arrive Asia.
Security experts have warned that fake versions of the game could contain malware. In addition, shady developers have been trying to take advantage of the Pokemon Go craze, by coming out with unofficial apps that offer cheats, tips, and music from the game.
However, these products are also hungry for personal data and can collect sensitive information from users' phones including contact lists and login info to social media accounts. RiskIQ, a firm that tracks mobile malware, has detected dozens of these questionable apps.
On Friday, ESET also warned that these unofficial Pokemon Go apps could also contain scareware. It found two other apps that when installed will display fraudulent pop-up ads that will claim the user's phone is infected with a virus.
"Of course, the app promises to clean up the device, which could cause the user to unwillingly send a subscription SMS to bogus - yet expensive - services," ESET said.
The two apps, "Guide and Cheats for Pokemon Go" and "Install Pokemongo," have both been removed from Google Play.

(1st August 2016)


NOTTINGHAMSHIRE POLICE TO COUNT WOLF-WHISTLING IN STREET AS HATE CRIME
(The Guardian, dated 13th July 2016 author Nadia Khomami and Agency)

Full article [Option 1]:

Uninvited sexual advances and unwanted verbal contact with a woman, including catcalling or wolf-whistling in the street, are to be recorded as a hate crimes in a new effort to tackle sexist abuse.
Nottinghamshire police has expanded its categories of hate crime to include misogynistic incidents, characterised as behaviour targeted towards a victim simply because they are a woman.
This means incidents ranging from street harassment to unwanted physical approaches can be reported to and investigated by the police, and support put in place for victims.
The force is the first in the country to adopt the separate misogyny hate crime category, and has provided specific training to selected officers in the past three months.
Commenting on the new procedures, introduced in partnership with Nottingham Women's Centre, Ch Con Sue Fish said: "I'm delighted that we are leading the way towards tackling misogyny in all its forms.
"It's a very important aspect of the overall hate crime work being conducted and one that will make Nottinghamshire a safer place for all women. What women face, often on a daily basis, is absolutely unacceptable and can be extremely distressing."
Work on the change began in June 2014 after a research project, which led on to a conference at which women gave examples of harassment they had faced.
Fish encouraged anyone affected by misogynistic hate crime to contact police without hesitation. "The work we are doing with Nottingham Women's Centre is so valuable and I am looking forward to continuing that work," she added.
Melanie Jeffs, the manager at the centre, said: "We're pleased to see Nottinghamshire police recognise the breadth of violence and intimidation that women experience on a daily basis in our communities.
"Understanding this as a hate crime will help people to see the seriousness of these incidents and hopefully encourage more women to come forward and report offences."
The Nottinghamshire force defines a hate crime as "any incident which may or may not be deemed as a criminal offence, which is perceived by the victim or any other person, as being motivated by prejudice or hatred".
Domestic abuse is not included within the scope of misogyny hate crime as it is dealt with under its own procedures.

Misogyny hate crime is classed under the new policy as "incidents against women that are motivated by an attitude of a man towards a woman, and includes behaviour targeted towards a woman by men simply because they are a woman".
Examples of such incidents may include unwanted or uninvited sexual advances, physical or verbal assault, unwanted or uninvited physical or verbal contact or engagement, and use of mobile phones to send unwanted or uninvited messages or take photographs without consent.
Last year, a building firm was investigated by police after a 23-year-old woman, Poppy Smart, reported men wolf-whistling at her in the street.
While the matter was dropped when dropped Smart was satisfied it had been handled internally by the firm, it was believed to be the first time police had investigated wolf-whistling as a potential crime.
Rachel Krys, co-director of the End Violence Against Women Coalition, said: "It is great that police in Nottingham will be capturing the way a lot of harassment in public spaces is targeted at women and girls. In a recent poll we found that 85% of women aged 18-24 have experienced unwanted sexual attention in public places and 45% have experienced unwanted sexual touching, which can amount to sexual assault.
"This level of harassment is having an enormous impact on women's freedom to move about in the public space as it makes women feel a lot less safe. The women we spoke to do a lot of work to feel safer, including avoiding parts of the city they live in, taking taxis and leaving events in groups."
Krys said recording such incidents would give police and policymakers a much clearer grasp on the levels of harassment women and girls are subjected to, and better understand measures which could reduce it.
"It should also challenge the idea that women and girls in public or online spaces are 'fair game'," she added. "We know that ignoring harassment and sexist bullying creates the impression that other types of violence against women will be tolerated so we welcome any action which counters this."

(1st August 2016)


BARKING NEW SCHEME SEES COUNCIL USE DNA FROM DOG MESS TO CREATE "PUGSHOTS" OF WORST OFFENDERS
(The Telegraph, dated 13th July 2016 author Lexi Finnigan)

Full article [Option 1]:

In a drive to reduce dog mess, people who fail to clean up after their pets will see them shamed with canine photofits, or "pugshots", put up in public places and published in a council newsletter.
DNA taken from samples of dog faeces will be issued to create a computer-generated image of the offenders.
Key information taken from the samples will include gender, coat texture, length and colour and nose and eye colour.
Details of face type - whether the animal has a flat face or a projecting nose - will also be revealed.
The use of DNA technology to cut down on dog mess in parks and gardens is being pioneered by the borough of Barking and Dagenham.
The council has already announced plans to require owners to have their dogs' DNA tested and registered and those with unregistered dogs could face fines of £80, issued by an enforcement officer.
The council hopes that in publishing photofits of offending dogs on "wanted" style posters in parks will shame owners into cleaning up mess.
The council's online newsletter, which is sent to 70,000 residents, will also feature the images.
Darren Rodwell, the council's Labour leader said the newsletter would feature a "crime wall of shame".
He told The Times: ""People with dogs are the first to complain about irresponsible owners because they give all dog owners a bad name."
"Millions of pounds have been invested in upgrading our parks and we want to protect them."
The council has spent £5,000 informing residents about the scheme, which is expected to fund itself as owners must pay to have their dogs DNA registered.
Mr Rodwell said that any proceeds from the £80 fines would be used to subsidise DNA registration for vulnerable households and to provide dog ownership classes.
Mr Rodwell decided to introduce DNA testing of dog faeces after reading about a service called PooPrints being offered in Britain.

(1st August 2016)


BRITISH TRANSPORT SYSTEM HAD FOUR CYBERATTACKS IN ONE YEAR
(International Business Times, dated 12th July 2016 author Jason Murdock)

Full article [Option 1]:

Four major cyberattacks have been reported on UK railway computer networks over the past year, according to new statistics revealed by UK-based security firm Darktrace, which is employed to guard much of the UK's rail network from attack.
While detail about the full extent of the hacks remains unknown, experts indicate that such breaches are typically "exploratory" rather than disruptive.
Speaking with Sky News, Sergey Gordeychik, cybersecurity researcher at Russian firm Kaspersky Lab, said access to UK rail could give hackers control over everything from online information boards to the computer systems that manage signals, internal messages and even the trains themselves.
"If they have enough knowledge, then they can create real disaster related to train safety," he said. "We see at the moment that state-sponsored attackers are already inside critical infrastructure."
Gordeychik continued: "So they have access, they monitor, they collect intelligence but they don't try to create a disaster. Why? I believe that they don't have the order at the moment. But in case of any maybe warfare, it can be an option to use cyber weapon against civil infrastructure. This is scary."
In response to the figures, Network Rail, the main authority responsible for the UK's railway network, stressed that Britain has "the safest major railway in Europe."
It added: "Cybersecurity is a key part of our plan for introducing digital train control technology. Safety is our top priority, which is why we work closely with government, the security services, our partners and suppliers in the rail industry and security specialists to combat cyber threats."
With more critical infrastructure - from nuclear power stations to electrical grids - increasingly moving online, the threat from hackers and nation-state infiltrators has never been greater.
In one major example from December last year, security experts believe that Russian hackers were responsible for a widespread power grid outage in Ukraine. In the most recent case, US cybersecurity experts named the nation as the culprit in the hack at the Democratic National Committee (DNC).
"Hackers will target anything they can [and] it's no surprise the attacks are happening," Mark James, security specialist with security firm ESET told IBTimes UK via email.
"Some companies will still be using older operating systems or running bespoke applications that will be a logistical nightmare to upgrade. Although at first glance [UK Rail] may seem an insignificant target, the stakes are high when we have large volumes of users in flimsy metal containers passing, sharing lines and travelling at high speeds."

(1st August 2016)


CRIMINALS ARE BEING GIVEN UP TO 10 SUSPENDED SENTENCES BEFORE BEING SENT TO PRISON
(The Telegraph, dated 11th July 2016 author Telegraph Reporters)

Full article [Option 1]:

Criminals are being handed up to 10 suspended sentences at a time before they are finally put in prison, according to new figures .
The numbers have prompted concerns that career criminals are being left to walk the streets of Britain.
Police national computer records show that criminals appearing before crown courts, which hear the most serious cases, had received up to eight suspended sentences before being put behind bars.
And in the magistrates' courts, which usually hear less serious matters, criminals had up to 10 suspended sentences without being put in prison, according to figures up to the end of last year that were released by the Ministry of Justice.
Philip Hollobone, the Conservative MP for Kettering and a former special constable with British Transport Police, said: "I think most people would be horrified that a criminal needs to get so many suspended sentences before they actually end up in jail.
"The way to crack down on crime is to ensure that career criminals are put in prison as early as possible, not as late as possible, because they will then be unable to commit further crimes whilst inside."
The figures emerged in a parliamentary question asked by Philip Davies, a Tory MP who sits on the Commons justice committee.
Justice minister Dominic Raab, in his reply, told Mr Davies: "Where the court imposes a custodial sentence of two years or less it may suspend the sentence, for up to two years, and also impose one or more community requirements.
"This is a decision for the independent judiciary.
"If the offender breaches a suspended sentence order, there is a statutory presumption that the custodial sentence will be given effect, unless it would be unjust to do so in view of all of the circumstances
"The highest number of suspended sentences received by one person who has not also received an immediate custodial sentence, as recorded on the Police National Computer (PNC) up to 31 December 2015, and the latest sentencing occasion being (a) in a magistrates' court was 10 and (b) in the Crown Court was six.
"The highest number of suspended sentences received by one person, as recorded on the PNC up to December 2015, before receiving an immediate custodial sentence in; (a) a magistrates' court was nine and (b) the Crown Court was eight."

(1st August 2016)


WOMEN'S INSTITUTE IS THE "BIGGEST ORGANISED CRIME GROUP", POLICE SERGEANT SAYS
(The Telegraph, dated 11th July 2016 author Telegraph Reporters)

Full article [Option 1]:

They may be the very heart of middle England, with their famed jam and Jerusalem, a century of campaigning and membership including the Queen.
But it seems the genteel façade of the Women's Institute may in fact be the masking a hotbed of crime.
A police officer has described none other than the WI of being the "biggest organised crime group" the UK faces, thanks to their network of members picking wild berries to sell at fetes.
Sergeant Colin Norden of Cambridgeshire Police said making a profit on the berries is technically breaking the law.
Speaking at a public council meeting, he reassured members that the police did not intend to prosecute, as WI joked they had been "slow to react" with the organisation recently celebrating its 100th anniversary.
Sgt Norden appeared at a Cambridge City Council committee meeting as part of a discussion into why police do not always prosecute people for anti-social behaviour, illustrating his point with the example of the venerable Women's Institute.
"The WI are the biggest organised crime group," he said. "That would be quite a controversial thing to say but they pick wild berries with the intent to sell them at a fete. That's a crime."
His comments, filmed at the meeting by a resident, sparked laughter from his amused audience.
Cambridgeshire Police confirmed the offence is classed as theft and falls under the Wildlife and Countryside Act 1981 and Theft Act 1968, under which it is illegal to pick flowers, fruit or foliage for commercial purposes without authorisation.
The maximum sentence for anyone prosecuted over this offence is seven years imprisonment.
WI members were quick to point out police failure to enforce the law for over a century.
Sally Kingman, chairman of Cambridge Federation of Women's Institutes, said: "I think it shows that WI ladies are very sensible and resourceful especially as one of our recent campaigns is entitled "Love Food Hate Waste"!
"The WI members probably consider that it is much better to pick fruit off the public hedgerows and turn it into delicious pies, tarts and puddings rather than leave it to rot and go to waste on the trees and bushes.
"What a treat it is to end a meal with a homemade blackberry fruit crumble; even better if washed down with a glass of homemade elderberry wine!
"If Cambridgeshire Police think that the WI are the biggest organised crime group then they have been slow to react as the WI movement was 100 years old last year!"
Richard Taylor, a Cambridge resident who filmed the meeting as part of a campaign for openness and accountability, said: "It is about the discretion the police have. We put them in quite difficult positions sometimes.
We make something illegal but as a society it would be terrible if they used it against the WI. "It was just a joke but the context of that was important."
He added: "It is nice to see the police being human and having a joke like that with councillors and the public.
"He was highlighting an issue about policing in this country. We give constables the ability to use their discretion."

Britains strangest laws
- The 1313 Statute Forbidding Bearing of Armour means no one can take weapons into Prime Minister's Questions.
- The Library Offences Act of 1898 means it is still illegal to use your local reading room as a casino.
- It is legal for a male to urinate in public, as long as it is on the rear wheel of his motor vehicle and his right hand is on the vehicle.
- It is illegal for a lady to eat chocolates on a public conveyance.
- It is illegal to beat or shake any carpet rug or mat or erect washing lines in any street in London.
- A licence is required to keep a 'lunatic'.

(1st August 2016)


HOW TO SECURE YOUR ROUTER AND HOME NETWORK
(Computer World, dated 8th July 2016 author Lucian Constantin)

Full article [Option 1]:

Many computer users don't realize it, but for most people their internet router is the most important electronic device in their home. It links most of their other devices together and to the world, so it has a highly privileged position that hackers can exploit.
Unfortunately, many consumer and small-business routers come with insecure default configurations, have undocumented backdoor accounts, expose legacy services and have firmware that is riddled with basic flaws. Some of these problems can't be fixed by users, but there are many actions that can be taken to at least protect these devices from large-scale, automated attacks.
Don't let your router be a low-hanging fruit for hackers.

Basic actions

- Avoid using routers supplied by ISPs. These routers are typically less secure than those sold by manufacturers to consumers. They often have hard-coded remote support credentials that users can't change and patches for their customized firmware versions lag behind patches for the same flaws released by router manufacturers.

- Change the default admin password. Many routers come with default administrator passwords and attackers constantly try to break into devices using these publicly known credentials. After you connect to the router's management interface for the first time through your browser - the address should be the router's default IP address found on its bottom sticker or found in the set-up guide - make sure the first thing you do is change the password.

- The router's web-based management interface should not be reachable from the internet. For most users, managing the router from outside the LAN (local area network) is not necessary. If remote management is needed, consider using a VPN (virtual private network) solution to establish a secure channel to the local network first and then access the router's interface.

- Even inside the LAN, it's good to restrict which IP (Internet Protocol) addresses can manage the router. If this option is available, it's best to allow access from a single IP address that is not part of the pool of IP addresses assigned to computers via DHCP (Dynamic Host Configuration Protocol). For example, configure the router's DHCP server to assign IP addresses from 192.168.0.1 to 192.168.0.50 and then configure the web interface to only allow access from 192.168.0.53. The computer should be manually configured to use this address only when you need to connect to the router.

- Turn on HTTPS access to the router interface, if available, and always log out when done. Use the browser in incognito or private mode when working with the router so that no session cookies are left behind and never allow the browser to save the router's username and password.

- Change the router's LAN IP address if possible. Most of the time, routers will be assigned the first address in a predefined netblock, for example 192.168.0.1. If offered the option, change this to 192.168.0.99 or something else that's easy to remember and is not part of the DHCP pool. The entire netblock used by the router can also be changed to one of those reserved for private networks. Doing this will protect against cross-site request forgery (CSRF) attacks that try to access routers through users' browsers by using the default IP addresses commonly assigned to such devices.

- Choose a complex Wi-Fi password and a strong security protocol. WPA2 (Wi-Fi Protected Access II) should be the option of choice, as the older WPA and WEP are susceptible to brute-force attacks. If the router offers the option, create a guest wireless network, also protected with WPA2 and a strong password. Let visitors or friends use this isolated guest network instead of your main one. They might not have malicious intentions, but their devices might be compromised or infected with malware.

- Disable WPS (Wi-Fi Protected Setup). This is a rarely used feature designed to help users set up Wi-Fi networks easily by using a PIN printed on a sticker. However, a serious vulnerability was found in many vendor implementations of WPS a few years ago that allows hackers to break into networks. Because it's hard to determine which specific router models and firmware versions are vulnerable, it's best to simply turn off this feature on routers that allow it. Instead, you can connect to the router via a wired connection and access its web-based management interface and, for example, configure Wi-Fi with WPA2 and a custom password (no WPS needed).

- The fewer services your router has exposed to the internet, the better. This is especially true if you haven't enabled those services yourself and don't know what they do. Services like Telnet, UPnP (Universal Plug and Play), SSH (Secure Shell), and HNAP (Home Network Administration Protocol) should not be reachable from the internet as they can pose serious security risks. They should also be turned off on the local network if they're not needed. Online services like Shields UP by Gibson Research Corporation (GRC), can scan your router's public IP address for open ports. Shields Up can also scan for UPnP separately.

- Keep your router's firmware up to date. Some routers allow checking for firmware updates directly from the interface while others even have an automatic update feature. Sometimes these checks might be broken due to changes to the manufacturer's servers over the years. It's a good idea to regularly check the manufacturer's support website manually for firmware updates for your router model.

(1st August 2016)


GERMANY PASSES "NO MEANS NO" RAPE LAW
(The Telegraph, dated 7th July 2016 author Justin Huggler)

Full article [Option 1]:

Germany passed a "no means no" rape law on Thursday, making any form of non-consensual sex punishable and helping authorities deport migrants and refugees who commit sex crimes.
The new law, partly inspired by the New Year sex attacks in Cologne, came as the first perpetrators in the Cologne sex attacks were convicted.
Two asylum-seekers, from Iraq and Algeria, were found guilty of taking part in the assaults.
But there was anger after they were both given suspended jail sentences and released.
The German parliament voted overwhelmingly in favour of a reform popularly known as the "No means no" statute.
The measure was passed by 601 votes, with none against and only a handful of abstentions.
Under the new law, any case where sexual contact is forced on a victim who withholds consent will now be punishable as a crime. Previously, only cases where a victim physically resisted were punishable under German law.
"In the past there were cases where women were raped but the perpetrators couldn't be punished," Manuela Schwesig, the minister for women, said.
"The change in the law will help increase the number of victims who choose to press charges, reduce the number of criminal prosecutions that have to be shelved and ensure sexual assaults are properly punished."
Currently only one in ten rapes are believed to be reported in Germany, and only eight per cent of rape trials result in convictions, according to the justice ministry.
The new law includes provisions for cases where victims are unable to withhold consent because they are inebriated or unconscious. But critics say it does not make allowance for cases where victims may feel unable to withhold consent for other reasons.
Calls to reform the law attracted huge support after the Cologne sex attacks, when hundreds of women trying to celebrate the New Year were groped and molested in the area around the city's main train station.
A 21-year-old Iraqi named only as Hussein A under German privacy laws became the first person to be convicted of sexual assault over the Cologne attacks on Thursday.
He was found guilty of trying to kiss a woman and licking her face.
A 26-year-old named only as Hassan T was convicted as an accessory to sexual assault.
Both men were part of a group of 15 to 20 who surrounded women and harrassed them. One of the women was groped, though it was not clear which of the men was responsible.
Both men were handed one year suspended jail sentences. Hussein A was also sentenced to 80 hours' community service.
There was anger after Hassan T was pictured smiling as he left the courtroom. "I've done nothing wrong," he claimed.
An earlier case against another man over the Cologne attacks collapsed when it became clear witnesses could not clearly identify him as a perpetrator.
One man has been jailed over similar attacks which took place at the same time in the neighbouring city of Düsseldorf.
The new law includes a controversial measure making it easier to deport foreign nationals convicted of rape or sexual assault.
It is the latest in a series of measures by Angela Merkel's government to strip foreign citizens convicted of crimes of residence rights in Germany.
Most of the perpetrators in the Cologne attacks are believed to have been asylum-seekers or illegal immigrants.

(1st August 2016)


BT AND KPMG RESEARCH FINDS CYBERCRIME HAS NOW BECOME AN INDUSTRY

(International Business Times, dated 6th July 2016 author India Ashok)

Full article [Option 1]:

The increase in cyberattacks against businesses indicates that the age-old perception of cybercriminals being lone hackers conducting attacks may no longer be valid. A recent report suggests that cybercriminals are now part of an organised crime enterprise driven by demands on the dark web and the marketplace.
According to a collaborative research report by BT and KPMG, cybercriminals now function similar to businesses, conducting extensive research on victims and launching successful large-scale attacks by blackmailing and/or bribing employees to gain access to sensitive information.
Mark Hughes, CEO Security, BT, said: "The industry is now in an arms race with professional criminal gangs and state entities with sophisticated tradecraft. The twenty-first century cybercriminal is a ruthless and efficient entrepreneur, supported by a highly developed and rapidly evolving black market. Businesses need to not only defend against cyber-attacks, but also disrupt the criminal organisations that launch those attacks. They should certainly work closer with law enforcement as well as partners in the cyber security marketplace."
Paul Taylor, UK Head of Cyber Security, KPMG, said: "It's time to think differently about cyber risk - ditching the talk of hackers - and recognising that our businesses are being targeted by ruthless criminal entrepreneurs with business plans and extensive resources - intent on fraud, extortion or theft of hard won intellectual property."
According to the report, "digital crime currently costs the world in the region of $400bn every year". It adds that while new malware and malicious campaigns are created and launched "every second", existing and old malicious tools also remain functional, adding more weapons to cybercriminals' arsenal.

Organised cybercrime syndicate

The report sheds light on instances where international police cooperation was necessitated in order to apprehend cybercriminals running massive scam operations. "In December 2015, an Interpol operation that took down call centres in China, Hong Kong, Korea and Vietnam involved law enforcement from more than 23 countries. Fifteen call centres were taken down and 500 people arrested. This not only indicates the scale of the criminal operation but also the effort needed to take effective action," the report states.
Researchers also found that 99% of malware is used only "under one minute" before the codes are changed, in efforts to evade detection. It was also found that recent "botnet takedowns" have put cybercriminals on the offensive, who are now improving their own security and "developing new modus operandi".
Highlighting the need for businesses to not only be aware of existing cybercriminal exploits but also fight back against malicious entities, the report points out: "On a pay-per-use basis,