MPs call for infection detection database


MPs have called on the Government to improve the nation's awareness of cyber crime, asking for an online infection database to be set up so people can tell if malware is installed on their machines.

The Government has already established a hub which industry players can use to share information on threats, but it appears MPs want greater sharing with the public.

MPs on the Science and Technology Select Committee said the Government should "work with ISPs to establish an online database where users can determine whether their machine has been infected with botware and gain information on how to clean the infection from their machine."

The message is still not getting through on data protection: in particular, we cannot rely on individuals knowing how to deal with sensitive data.

They suggested the Get Safe Online website would be a suitable place for such a service.

Overall. Government should be doing more to keep users informed about cyber crime and better awareness campaigns would help, MPs said.

"Knowledge is the best defence against fear and we recommend that government-provided information focuses on how to be safe online rather than warns about the dangers of cyber crime," the committee's report read.

"We also recommend that the Government work with the industry partners announced in the Cyber Security Strategy to promote the equivalent of a 'Plain English' campaign to make the technology easier to understand and use.

"We ask the Government to provide, in response to this report, details of how they intend to engender greater trust in online products and services within the UK population and an assurance that online by default will mean better and more secure, rather than merely cheaper, government services."

The MPs also urged security vendors to work with Government more closely on developing the aforementioned threat hub.

They also recommended punishments for "low-grade" cyber crime, although such a provision would likely stir online freedom activists into action.

"We think it is important that those engaged in low-grade cyber crime can be punished without recourse to courts and that the Government should work hard with the industry to develop effective online sanctions for cyber criminals as indicated in the Cyber Security Strategy," the report recommended.

A much-needed message

From recent evidence, many still do not understand basic security practices, posing a threat to themselves and their employers. This week, the BBC reported on a podiatrist who had an unencrypted laptop stolen, losing data on up to 1,500 people.

"I didn't really know much about encryption and things like that. I'm not very good with computers," the podiatrist, Natasha Townsend, said.

Chris McIntosh, CEO of encryption specialist Viasat UK, suggested the Information Commissioner's Office (ICO) could help with the education issue within businesses.

"The facts of this theft show that the message is still not getting through on data protection: in particular, we cannot rely on individuals knowing how to deal with sensitive data," McIntosh said.

"While it appears that Ms Townsend was genuinely unaware of the need for encryption, the industry needs to do more to meet their obligations to securely handle patient information. Perhaps the ICO might have a role to play in helping organisations within industries such as these where further education is obviously needed."

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.