Central cybercrime agency wants to employ more officers overseas

The National Crime Agency’s cybercrime division is looking to deepen ties with Russia’s neighbours and put more officers on the ground across Europe.

The NCA’s National Cyber Crime Unit (NCCU) currently has a total of five officers located outside the UK: one at based at Europol in The Hague; one with Interpol in Singapore; and three with various US intelligence and law-enforcement entities. 

Mike Hulett, head of operations at the NCCU, told PublicTechnology: “All cybercrime is international in nature – cyber knows no boundaries, and no borders. Pretty much everything we do has an international flavour, so having officers embedded overseas is incredibly helpful to us.”

Over the coming months, the NCCU “putting more people into Europe, Hulett says – with a particular focus on the east of the continent.

“In an ideal world, we would have a liaison officer in Moscow, but realistically the diplomatic and political situation between ourselves and Russia isn’t going to change anytime soon,” Hulett said. “Instead, part of our strategy is to gain influence and capability in surrounding states, so places like Ukraine, Romania and the Baltic states are ones that we work closely with on a number of different issues.”

Related content

• National Crime Agency flags up need for more big data skills
• ‘They should have planned it on Google Earth’ – UK cybercrime chief on the Hatton Garden heist’s folly and why WannaCry is a watershed moment
• UK and US authorities unite to ‘hold Russia to account’ for sustained cyber offensive

Although there are a number of “significant and active” cybercriminals in the UK, Hulett says that the majority of cases investigated by the NCCU “have some kind of nexus back to Russia or Russian-speaking countries”.

To help combat this threat, the NCA has already undertaken a number of initiatives to support allies in eastern Europe.

“We have done quite a lot of capability building [such as] training programmes in different countries,” Hulett says. “We can’t have vast amounts of people out there, but if we can have someone out there for a couple of weeks, we can teach them a particular technique that they can then cascade to their own [agencies]. We have done quite a few multi-country exercises as well, where test out how different countries would interact with each other in times of a critical cyber incident.”

The cybercrime operations chief said that working together brings benefits for both countries in dealing with a common threat.

“[Those countries] do not want to see their systems, their banks, or their companies attacked by Russian criminals any more than we do,” Hulett said. “If they can share [information], and if they can utilise some of our knowledge and expertise – and some [from] other countries as well – then they will happily do so, and in return there is a benefit to us in having stronger allies that are less easily seen as… low-hanging fruit for Russian cybercriminals.”

The NCCU is responsible for leading UK law enforcement’s response to cybercrime, and works with 12 regional units that cumulatively cover the whole of the country. The NCCU currently employs 300 staff, most of whom are based in its London headquarters, with 40 workers also located in Warrington and a handful based in the East Midlands.

Look out in the coming days for a full write-up of PublicTechnology’s discussion with Hulett, including the cybercrime chief’s thoughts on the current threat landscape, the need to increase cyber skills in law enforcement, and the potential impact of Brexit.