A force to be reckoned with: keeping police data safe

Data is the core of modern-day policing in many ways. With easy, fast and ethical access to important information, police forces can improve their operational efficiencies, and get the outcomes they want and that the public expect. However, this efficiency has to be balanced with the strongest possible security.

That’s because police forces naturally possess and have access to large amounts of data that is highly sensitive, such as DNA and fingerprint records. And as a result, the police are considered a prime target for cybercriminals, who are growing in resources, sophistication and confidence all the time. After a fall last year, the number of payments being made to ransomware attackers has risen again in 2023; indeed, cyberattacks worldwide are up 7% in the first quarter of this year compared to the same period in 2022.

So while every police force understands the threat of cybercrime, no stone should be left unturned in keeping data, systems and applications safe.

This is particularly relevant in police forces, as they often store sensitive data related to public safety and active criminal cases, where a security breach could have wide reaching repercussions not just to the police force, but the general public.

Regardless of whether the data is stored in the cloud, on premise, or in a hybrid environment, responsibility for the security of this data lies with the Police force, and it is crucial to ensure that the latest technologies and techniques are being used to protect it.

Unfortunately, when it comes to cybersecurity and the police, direct ransomware attacks are only part of the story. Forces work with so many other partner organisations, both in the public and private sectors, that there are whole supply chains that hackers can also choose to target.

For example, a force may have a partner organisation which supplies it with IT services and software. Instead of attacking a force’s systems directly, hackers can attack the third party organisation, in the hope that security provision might be weaker, therefore improving the attack’s chances of succeeding. Once they’ve successfully infiltrated one system, they can potentially work their way further through the supply chain to wreak further havoc, including accessing police data and applications ‘through the back door’.

In October 2021, the Russian hacking group Clop gained access to millions of records in the police national computer, after using phishing emails to target a private IT firm with PNC access. As the firm refused to pay the ransom, some of these records were published on the ‘dark web’, including Automatic Number Plate Recognition images where drivers’ faces were clearly visible.

Prior to this in March 2019, the Police Federation was hit by a ransomware attack at its headquarters in Surrey, where many of its databases and email systems were encrypted by the attackers. Backup data on their systems was also deleted, causing substantial disruption to their activities supporting police officers around the country.

These are just a couple of the countless incidents where the security of police-related information has been compromised. According to VPN overview’s research, the average police force suffered 299 data breaches in the period between 2016 and 2021 (so around one a week on average); the same research found that Lancashire Constabulary suffered 594 breaches in 2020 alone. It should be remembered, however, that not all of these breaches may have been down to cybercrime: staff error and malicious internal activity can also potentially cause major disruption, too.

But what can you do to mitigate these very serious risks posed to police forces every single day?

One of the most high-profile ransomware attacks in history had the NHS squarely in its centre. In 2017, the Wannacry outbreak hit almost a hundred countries, targeting both public and private sector organisations. The news pictures showed computer screens and even the screens used to show information in hospitals locked, with a message screen demanding a ransom in Bitcoin to restore functionality and allow access to data again.

The impact on the NHS and healthcare services was particularly severe. Hundreds of thousands of appointments were cancelled, emergency care services almost halted, and NHS staff had to resort to using telephones and pen and paper to keep services up and running.

The reason the Wannacry attack was so damaging was down to a very simple issue related to certain NHS systems running unpatched versions of Windows 7. The attack spread throughout the N3 centralised NHS networking, affecting almost everything but the NHSMail email system.

Wannacry was the biggest and most damaging ransomware attack the NHS has faced, but subsequent, smaller-scale attacks can add up to a much bigger cost than single incident. For example, in 2022, a relatively underreported ransomware attack on the NHS 111 service caused issues that took weeks to fix and meant that non-urgent and out-of-hours services were severely impacted.

Unfortunately, with attacks becoming more sophisticated and more regular, dealing with ransomware is becoming ‘business as usual’ for many NHS IT departments.

The best response to the growing threat of cybercrime and malicious activity comes through a combination of Veritas security technology and SCC’s IT expertise. At a time when 86% of UK business leaders aren’t aware of the fact that legal responsibility for cloud data is often shared, we can take over this burden on your behalf to minimise your risk.

Together, we can connect you to leading Veritas solutions that can improve the security posture of your force, and ensure that data, applications and systems are all kept as safe as they possibly can be. These solutions include:

● Data visibility: complete data observability, capture and archiving, enabled through continuous monitoring and infrastructure awareness that delivers a single comprehensive view

● Zero-trust posture: proven data and infrastructure protection across all your sources, ensuring that nobody who shouldn’t have access – whether internal or external – can do so

● Immutable storage: quickly recover from any attacks with the 3-2-1+1 approach to backups: three copies of your data, across at least two different types of medium, with one offsite and at least one on immutable storage

● AI tools: monitoring and scanning of all your critical data to identify any abnormalities or potential issues before they can have any effect, and get immediate alert if you and your team need to take action

This comprehensive set of tools and measures is vital for keeping data safe and operational efficiency maximised. By working with SCC, we can help you deploy these solutions in ways that perfectly complement your priorities, data types and existing infrastructure.

Talk to our team today to find out more and to discuss your specifics, and explore the Veritas solutions in more detail here.

How we might use your information

We may contact you by phone or email, if you have not opted out, or where we are otherwise permitted by law, to provide you with marketing communications about similar goods and services, the legal basis that allows us to use your information is ‘legitimate interests’. If you’d prefer not to hear from us you can unsubscribe here. More information about how we use your personal data can be found in our Privacy Policy.