If you want to communicate confidential information to the police, you better not do it over the internet, as their sites are mostly insecure. This is according to a new report by the Centre for Public Safety (opens in new tab), which says that just 27 per cent of police forces websites achieved 'the best gradings' in their tests, and can be considered 'word class' in terms of security.
The rest, 73 per cent, transmit data in plain, unencrypted text. Out of 71 police and affiliated websites that were scanned, around 10 per cent were found to have 'significant' vulnerabilities in their implementation of a secure connection. The National Crime Agency's Child Exploitation and Online Protection Centre (CEOP) cites, which put great emphasis to the online world, are among these.
“We’re operating in a far more digitally driven world more than ever before with healthcare, finances and education forcing our children and families to transact online, in a bid to improve operations whilst driving down cost and complexity. This is indeed the panacea; the reality however is far from perception,” says Richard Cassidy, UK cyber security evangelist at Alert Logic (opens in new tab).
“Far too many web services still fail to implement even the most basic levels of security capabilities, but it’s not entirely the fault of the business or public sector organisations. Legislation, e-data guidelines and their enforcement, are still far behind where they need to be. As a result, the fight against the new wave of highly organised cyber-criminal and hacker groups is fast becoming an impossibility, as a result of the governments almost glacial propensity to enforce change in areas where it’s most fundamentally required.”