From Flying Squad to Cyber Crime: Charlie McMurdie opens the Cybersecurity Festival

Charlie McMurdie speaking at the Cybersecurity Festival

Image:
Charlie McMurdie speaking at the Cybersecurity Festival

Cybercrime advisor Charlie McMurdie delivers keynote address explaining why data is the gift that keeps on giving for cyber criminals.

The Computing Cybersecurity Festival kicked off yesterday with a keynote from senior cybercrime advisor to PwC and former Head of the Police National Cyber Crime Unit Charlie McMurdie. McMurdie served more than 30 years in the Metropolitan Police where she set up and led the central cybercrime unit after earning her stripes in The Flying Squad.

McMurdie began with some sobering statistics. In particular she drew the audiences attention to the 6.4 billion fake emails sent daily, the fact that on average a UK company is attacked every 46 seconds, and the 500% increase in ransomware since the start of the COVID-19 pandemic. The median number of days an attacker resides within a network prior to detection is 146 days.

McMurdie emphasised the extent to which attack patterns had changed and just how professionalised cyber crime has become.

"Cyber has become far more sophisticated. It used to be a bit like ram raiders where they'd crash into infrastructure, steal what they could get and off they go. Now they'll send out foot soldiers to recce the environment on the ground. They'll do all the open-source intelligence around the target organisation. Who's on holiday? Is there a buyout looming? Are they worried about their share price at the moment? Are they more inclined to pay up? They'll also want to test the tools. They'll attack your neighbour and test the tools before they launch the real attack."

It's also a mistake to assume that the motives of attackers is always cash.

"Sometimes it's about intellectual property and tweaking that intellectual property so it throws doubt on everything else. An early case we dealt with was a university's climate change data and that data was then thrown into question as a result if a breach which then raised on doubts about other data.."

Humans are always the weakest link in cyber and it makes the area a challenging one to work in.

"Every breach ends with a finger being pointed at somebody," said McMurdie. "It's your fault, you're the CISO. Why didn't you pay for this? Or you're the member of staff who didn't follow the appropriate training and clicked on that phishing link. Or we see individuals gaining employment within organisaion purely to facilitate criminality with gangs outside. We've seen that in the financial and legal sectors."

McMurdie also emphasised that, whilst there are more law enforcement resources being focused on cyber crime, we are nowhere the level required. Organisations and individuals need to understand that to all intents and purposes they're on their own.

"There is more cyber crime than any other sort. How many law enforcement people have got the skill set and capability to deal with cyber-crime, it's pretty small in relation to the volume of stuff going on."

As well as touching on the importance of hacktivism in bringing cybercrime to the attention of law enforcement, McMurdie shared some examples of industrial scale fraud and global organised crime groups which her team had discovered. These included factories running 24 hours a day manufacturing fake passports, driving licences, birth certificates etc. which were used for trafficking purposes, Russian gangs working in the UK providing money laundering services for US drug cartels via stolen bank details and a pair of Welsh schoolgirls who had digitised teen shoplifting and ended up significantly boosting local drug related crime rates. McMurdie's team was also involved in the successful prosecution of Tony Colston-Hayter in 2014 for the theft of £1.4 million from Barclays Bank.

The thing that makes cybercrime so difficult to counter is the pace of change, and McMurdle acknowledged the challenges facing the audience.

"I thought nothing could match Flying Squad, but with cyber, the oace, the technology and challenges are such that cyber today will be different to cyber tomorrow. We're hearing about AI later and all that will bring. I'm glad that I'm on this side of the table. Good luck to all of you."