Q&A: Cyber crime — a law enforcement perspective, with Helen Williams

What was your earliest ambition?

I’m not sure that I had a specific ambition when I was younger, but I knew that I wanted to make a difference, to help people and make things better in the world. I always had a strong sense of justice and doing the right thing.  All of the roles I’ve been in have ones where I’ve tried to do something good. As a journalist I produced TV documentaries about issues affecting the Asian community, I worked for an ethical PR agency on projects about housing market renewal and organic food and, now, in this role I’m trying to help people to make themselves more secure online.  I certainly didn’t set out to be in this role, after all the internet didn’t exist when I was at school.

What is your current ambition?

I want to continue to develop my knowledge and understanding of cyber crime.  I love psychology and want to develop my understanding of human behaviour and how to get the people I work with to change how they operate online.  To learn more about how I can help them to understand the risks they face so that I can communicate with them in a clear way and use the right triggers to help them to make changes.

How has cyber crime evolved over the last decade?

With the growth in the number and types of devices connected to the internet, criminals are able to try their hand at getting into more unusual objects. Whether it’s an internet connected fridge or car, there are new opportunities to exploit on a daily basis and it’s a rapidly evolving landscape for us in law enforcement to keep up with. Also the growth in the use of cryptocurrency linked with the development of cyber crime as a service has seen it become almost its own industry with some sophisticated business models in operation.

What is one myth about cyber crime that frustrates you?

I’m not sure this is a myth as such, but there is a definite perception that good cyber security is hard and expensive. It really isn’t. There are so many simple things you can do which are free which make a massive difference. Having a strong password, using two-factor authentication, keeping devices up to date, those few things are part of a really long, but really simple list. Just being aware of how you could be targeted online and keeping up to date with the latest scams can help to keep you one step ahead of the game.

What is one of the biggest challenges your department is facing today?

Getting cyber security advice and guidance out to as many people as possible! There are 3 cyber protect officers in the North West ROCU covering 6 police force areas so it’s not easy for us to get to everyone and deliver our messaging.  That’s why we try and speak to organisations en-masse at large events and conferences – there’s no physical way we could get to every business and individual. But it’s great that we’re part of a growing national network with colleagues in each region and each police force in the country, so that finally the UK is getting consistent advice and information on how to protect themselves.

What are the main cyber threats the UK police has to deal with?

The main threats reported to us for investigation are things like D-Dos attacks, ransomware, creation of malware, and network intrusion. These are pretty common and every type of business could be affected. Our biggest issue isn’t really a type of cyber crime, its under-reporting.  So many companies tell me they’ve been attacked but they didn’t report to Action Fraud — which is very frustrating to hear.  If everyone who had been attacked online made a report, law enforcement would have a much clearer picture of the scale of the issue, a much larger pool of intelligence for investigation and bringing criminals to justice.