‘They should have planned it on Google Earth’ – UK cybercrime chief on the Hatton Garden heist’s folly and why WannaCry is a watershed moment
Cybercrime lead at National Crime Agency lays out his three objectives
"One of the reasons they got caught is that they were very old school," cybercrime chief Mike Hulett said Credit: PA
“Those guys did a fantastic job – right up until the time they got caught,” Mike Hulett, head of operations at the National Cyber Crime Unit (NCCU), said of the perpetrators of the multimillion-pound Hatton Garden safety deposit box burglary in 2015.
“And one of the reasons they got caught is that they were very old school; when they were in their planning phase, they actually sat outside the premises,” Hulett said. “I don’t know if you’ve been to Hatton Garden, but there’s a lot of security cameras around. They could have done most of that sat at home on Google Earth – if they had had the wherewithal to do it.”
He added: “You can make far more money sat at home with a keyboard and a mouse than going out with a balaclava and a shotgun.”
The chief of the NCCU, which forms part of the National Crime Agency, said that he himself has a touch of the old school, having come from a “guns and drugs background” – in investigative terms. But the playing field has shifted to the extent that, according to figures published last year by the Office for National Statistics, some 47.5% of all crime in the UK is now either enabled by or wholly perpetrated on the internet.
“If you factor in under-reporting, well over half of crime is cyber,” Hulett said.
He added that “previously law enforcement were perceived – if I’m honest, quite fairly so – as not caring” about cybercrime. But now that investigators did treat online crime with the solemnity and rigour it deserved, it was, perhaps, the public that needed to take it more seriously.
Ensuring that victims of cybercrime report offences as a matter of course – as they likely would with a physical burglary – was of crucial importance, Hulett said.
He added: “The reason why I would encourage people to report things when they happen is… We know burglars rarely get caught because of evidence from one particular crime scene. There might be a bit of evidence left at one scene, and another bit at another. It is the same with cybercrime – people have signatures, and they leave clues.”
No longer 'a victimless crime'
Encouragingly, the recent WannaCry ransomware attack, which caused major disruption to the NHS, seems to have provoked a sea change in attitudes towards cybercrime, the NCCU leader said.
“WannaCry is a [watershed] moment – it has brought cybercrime into the public consciousness; it has made people realise that there can be that kinetic effect coming from cybercrime,” he said.
“Previously it has been seen as something of a victimless crime; for businesses it is [seen as] a cost of doing business, and, if it is a bank, [people think] ‘they can afford it’.”
Hulett broke the cybercrime landscape into a three-layered pyramid, with an annual total of 2.5 million low-level "volume" crimes at the bottom. Above that are relatively common ‘high-profile’ attacks, such as the 2016 breaches affecting Tesco Bank and The National Lottery. At the very top are a cabal of about 150-20 "elite" cybercriminals perpetrating the biggest and most sophisticated attacks.
To combat all forms of cybercrime, the NCCU has “three key objectives”, Hulett said.
“First of all we will try and reduce gains – we will try and limit the opportunities for domestic and international cybercriminals to exploit UK companies,” he said.
“[Second], we want to raise the risk; cyber is seen as a low-risk activity. There needs to be some consequences related to law enforcement being involved. [Third] is raising the cost – we cannot sustain this situation where someone can buy a £10 tool and cause havoc.”
Hulett was speaking at the Cyber Security Summit, held in London this week by PublicTechnology's parent company Dods.
Nesta creates 10-strong list of principles it believes should define how government uses artificial intelligence and algorithms
Devices are designed to check against national criminal and immigration databases and return results in under a minute
National Cyber Security Centre claims public is not at risk after malicious code for generating cryptocurrency added to Browsealoud text-to-speech tool
First-ever holder of GCSO post discusses how to remove barriers, break down siloes, and ‘deliver much more consistency’ in security strategy