Insecure networks exploited by paedophiles

The head of the UK's National Hi-Tech Crime Unit (NHTCU) has warned that UK companies with poor IT security could unknowingly be hosting child pornography on their servers.

Speaking at Britain's first e-crime congress in London on Monday, detective chief superintendent Len Hynds said paedophilia is one of the four key areas his organisation is focused on. According to Hynds, companies who haven't made their systems secure could actually be helping the groups make child pornography available online.

"Several paedophile groups are using hacking techniques to break into corporate IT systems and secretly storing their material on their servers," Hynds said. "The companies are unaware that they are, in some cases, hosting pay-per-view pornography," he added.

Hynds declined to go into further details, citing "operational" reasons. But it is likely to be companies where there is a lack of ownership of web servers and no clear security policy for issues such as patch updates and the monitoring of web traffic across the network, that are most at risk from this kind of threat.

The online activities of paedophiles are not the only focus of the NHTCU, added Hynds. Extortionists and fraudsters, drug dealers and malicious hackers - such as those who perpetrate denial of service attacks - are also targeted.

On Monday the NHTCU launched a new policy on cybercrime. Its Confidentiality Charter, which Hynds said has "a commitment to early consultation at its heart," aims to encourage more companies to report attacks on their computer systems.

The NHTCU believes that many firms never report cybercrimes perpetrated against them because they are worried about how any resulting investigation will affect their work.

"While 'damage to reputation and brand' continue to be cited as a major barrier to collaborative working, our own experience indicates that concern about business continuity is the most prominent factor when developing outreach initiatives to combat cybercrime," Hynds told the e-crime congress. For this reason, the NHTCU is committed to working closely with the business community to raise the level of trust between the two parties, Hynds explained.

Graeme Wearden writes for ZDNet UK