Cyber Law Enforcement in Wales

About Cyber Law Enforcement in Wales

The 2015 National Security Strategy (NSS) reaffirmed the cyber threat as one of the most significant risks to UK interests. It sets out the Government’s determination to address cyber threats and put in place tough and innovative measures as a world leader in cyber security.

To deliver on that commitment, on 1st November 2016 the Government published the 2016-2021 National Cyber Security Strategy which lays out three objectives to ensure the UK is secure and resilient to cyber threats as well as prosperous and confident in the digital world - DEFEND, DETER and DEVELOP.

Organisations such as the National Cyber Security Centre (part of GCHQ), law enforcement agencies and our military have the means to defend the UK against evolving cyber threats and to respond effectively to incidents.

Cyber Wales is committed to propagating the policies and guidance of the NCSC, working closely with the Welsh Police Cyber Crime Units and proactively supporting the Armed Forces in Wales.

A National Approach to Cybercrime

The Regional Cyber Crime Units (RCCUs) are specialist teams working within the 10 Regional Organised Crime Units (ROCUs) forming a critical part of the national policing network. There are two ROCUs covering Wales: The Southern Wales Unit (TARIAN) and the North West Unit (TITAN) who both work hard to build close relationships with cyber businesses and cyber teams within organisations in their Regions.

An example of a National Cybercrime Initiative

Police CyberAlarm is a free tool to help members understand and monitor malicious cyber activity. This service is made up of two parts; monitoring and vulnerability scanning.

Police CyberAlarm acts as a “CCTV camera” monitoring the traffic seen by a member’s connection to the internet. It will detect and provide regular reports of suspected malicious activity, enabling organisations to minimise their vulnerabilities. The data collected by the system does not contain any content of the traffic. The system is designed to protect personal data, trade secrets and intellectual property.

Members of Police CyberAlarm will become part of the wider UK cyber defence network, sharing collected data with Police for analysis at local, regional and national levels to identify trends, react to emerging threats and identify, pursue and prosecute cyber criminals.

Vulnerability Scanning can be added and used to scan an organisations website and external IP addresses, providing regular reports of all known vulnerabilities.

Police CyberAlarm members install a CyberAlarm Virtual Server on their premises which will be used to collect and process traffic logs from their firewall/internet gateway. Police CyberAlarm Virtual Server is easy to install using the downloadable virtual appliance, offering one-click installation.

Once a CyberAlarm Virtual Server has been installed it will securely collect, analyse and feed data back to the Police CyberAlarm Server. The data sent only includes metadata (logs) from internet facing gateways and devices such as External Firewalls.

Data received by the Police CyberAlarm Server is then used to create regular reports on potential malicious activity seen by individual members as well as reports containing threat trends seen across the member network. Members can then use this reported intelligence to update their defences to better protect themselves from cyber threats.

Finally, this data is also used by the Police Cybercrime Units to enhance the UK cyber crime threat picture, enabling them to identify, pursue and prosecute cyber criminals.

A Local Approach to Cybercrime

There are four Police Forces in Wales: South Wales Police, Gwent Police, Dyfed Powys Police and North Wales Police. Each Force has a local cyber crime capability appropriate to their area and will work with the Cyber Crime Units in the ROCUs as well as refer people to Get Safe Online for advice and to Action Fraud to report cyber crimes.

An example of a Local Cybercrime Initiative

The Cyber Resilience Centre network works closely with police partnerships to bridge the gap between public and private sectors for tackling cybersecurity. To do this, it is essential to harness the experience and expertise of people within policing, like Nick Bell, detective superintendent and national policing director for Cyber Resilience Centres.

‘Trust and confidence is so important for business within cybersecurity.’ He said. ‘For me the ‘not for profit’ partnership delivers so many benefits and where SME’s can have that trust and confidence and where all profits are put back in for the greater good. I have worked with numerous partnerships previously and working with universities and the best student talent brings fresh energy and ideas.’

He explained why the partnership of CRCs, business, academia and police is such a strong proposition when it comes to tackling cybercrime:

‘This is a unique partnership with centres that are independently led but supported by policing. Working with private sector partners provides the opportunity to share knowledge and experience to gain a better understanding of the threat picture and the needs of the business community and how we can provide a better service to support their needs. The development of the CRCs allows future opportunities, for example to tackle the threat against OT which is equally vulnerable to attack.’

Join Now

Ready to get involved? Sign up FREE to become a member of the Cyber Wales Ecosystem.