Asked by: Andrew Rosindell (Conservative - Romford)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what steps he has taken to tackle (a) online scams and (b) other cyber crime.
Answered by Tom Tugendhat - Minister of State (Home Office) (Security)
Fraud is designated a priority offence under the Online Safety Act (OSA), meaning companies will be held to account if they fail to remove illegal content on their platforms. This is expected to have a strong impact on some of the highest harm fraud types, such as online purchase, investment and romance scams, as well as key fraud enablers such as the recruitment and use of money mules.
However, the OSA will take time to come into force. Therefore, the Government has also created the Online Fraud Charter: a voluntary agreement bringing together the largest companies in the tech sector, who have committed to a series of actions aimed at reducing fraud on their platforms and services. The Charter was signed on 30 November, and will deliver a much quicker and more targeted response than regulation: Online Fraud Charter - GOV.UK (www.gov.uk).
Tackling cyber crime is at the heart of the Government’s National Cyber Strategy 2022-25, which is supported by £2.6 billion of investment through the National Cyber Fund.
As part of the Criminal Justice Bill, we are also introducing a new power for law enforcement and other investigative agencies to act to suspend IP addresses and domain names where they are being used for a criminal activity with a link to the UK.
Asked by: Andrew Rosindell (Conservative - Romford)
Question to the Department for Education:
To ask the Secretary of State for Education, whether she has had discussions with Cabinet colleagues on cyber security threats to educational institutions.
Answered by Damian Hinds - Minister of State (Education)
The UK government takes cyber threats to our public institutions very seriously and this threat has been highlighted in both the published Integrated Review and the Government Cyber Security Strategy, which show the cross-government approach the department has to tackling these threats. The Integrated Review is accessible at: https://www.gov.uk/government/collections/the-integrated-review-2021. The Government Cyber Security Strategy is accessible at: https://www.gov.uk/government/publications/government-cyber-security-strategy-2022-to-2030.
The department cyber team continues to work closely with colleagues across government, including those at the National Cyber Security Centre, to manage its cyber risk across educational institutions.
Asked by: Feryal Clark (Labour - Enfield North)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what steps he is taking to help tackle cyber-related crime in (a) Enfield North constituency, (b) the London Borough of Enfield and (c) London.
Answered by Tom Tugendhat - Minister of State (Home Office) (Security)
Tackling cyber crime is at the heart of the Government’s National Cyber Strategy 2022-25, which is supported by £2.6 billion of investment through the National Cyber Fund.
Key to delivery is ensuring that local policing has the resources needed to deal with the cyber threats we face. In 2023/24, the Home Office is receiving £18 million from the National Cyber Fund to provide a range of capabilities and resource to tackle and respond to cyber crime. This funding is supplemented by a further £16 million of Home Office funding through the Police Settlement Programme.
This funding continues to build law enforcement capabilities at the national, regional, and local levels to ensure they have the capacity and expertise to deal with the perpetrators and victims of cyber crime.
There are a wide range of law enforcement and community outreach programmes addressing cyber crime in Greater London and Enfield, which include:
We continue to work with all of society to tackle cyber crime as we recognise it is an issue that requires collaboration from citizens, businesses and the public sector, keenly working with communities in Enfield to educate and inform as to the harms cyber crime can cause.
Asked by: Jo Stevens (Labour - Cardiff Central)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what steps he is taking to help tackle cyber-related crime in (a) Cardiff Central constituency, (b) Cardiff local authority area and (c) Wales.
Answered by Tom Tugendhat - Minister of State (Home Office) (Security)
Tacking cyber crime is at the heart of the Government’s National Cyber Strategy 2022-25, which is supported by £2.6 billion of investment through the National Cyber Fund.
Key to delivery is ensuring that local policing has the resources needed to deal with the cyber threats we face. In 2023/24, the Home Office is receiving £18 million from the National Cyber Fund to provide a range of capabilities and resource to tackle and respond to cyber crime. This funding is supplemented by a further £16 million of Home Office funding through the Police Settlement Programme.
This funding continues to build law enforcement capabilities at the national, regional, and local levels to ensure they have the capacity and expertise to deal with the perpetrators and victims of cyber crime. We directly fund a specialist Cyber Crime Unit at South Wales Police, and more specialist teams at the TARIAN Regional Organised Crime Unit (ROCU). This ROCU team is integral to our response to high-harm, high-impact crimes like cyber extortion, and is a multi-disciplinary team of police officers and police staff seconded from the three forces of South Wales, Gwent and Dyfed-Powys.
TARIAN ROCU works closely with South Wales Police Cyber Crime Unit and work to intervene if people are deemed at risk of becoming involved in cyber offending. This includes working with young and vulnerable individuals offering other intervention and diversion opportunities to young people outside of cyber education, such as life skills, and job interview skills. South Wales Police Cyber Crime Unit engage with all local authorities within the area to ensure effective delivery.
Businesses and organisations based in Wales work closely with ROCUs across the private and public sectors, and at community level. Additionally working collaboratively with the Welsh Government to support the offer of funding to Small and Medium Sized Enterprises (SMEs) for Cyber Essential training, which is a government backed scheme that helps protect organisations against a range of cyber attacks.
We have also rolled out Regional Cyber Resilience Centres in Wales and in each of the other nine policing regions. The Centres are a collaboration between the police, public, private sector and academic partners to provide cyber security advice to SME’s so that they can protect themselves better in a digital age. Details of the Cyber Resilience Centre for Wales can be found at www.wcrcentre.co.uk
All vulnerable victims of fraud and cyber crime in Wales receive contact and PROTECT advice from law enforcement, specifically aimed at helping them to protect themselves in future from revictimization.
Asked by: Lilian Greenwood (Labour - Nottingham South)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Culture, Media and Sport, pursuant to the Answer of 27 November 2023 to Question 2570 on British Library: Cybercrime, which services have already been restored; and what is the planned timetable for the remaining services to be restored.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
The final costs of recovery from the recent cyber-attack on the British Library are not yet confirmed. As it has from the outset, the British Library remains in close and regular contact with the Department on the ongoing work to investigate and assess the impact of the attack and to recover services.
Despite the cyber attack, the British Library’s buildings have remained open and well-used throughout, and it has maintained some key services including reading room access for personal study and some limited collection item ordering, exhibitions, learning events, business support, and onsite retail. In the immediate aftermath essential services such as WiFi and event ticket sales were quickly re-established.
On 15 January, the British Library restored a searchable online version of its main catalogue, comprising records of printed books, journals, maps, music scores and rare books. This will enable a manual process of checking availability and ordering to the Reading Rooms. In addition, it will offer access to an increased range of special collection material such as manuscripts and archives. Taken together, these improvements mean that from this date the majority of physical books and special collections held at its St Pancras site will once again be available for use.
Further updates will be provided as the Library continues to recover from the attack.
Asked by: Lilian Greenwood (Labour - Nottingham South)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Culture, Media and Sport, pursuant to the Answer of 27 November 2023 to Question 2570 on British Library: Cybercrime, what estimate has her Department made of the cost of restoring services following the cyber attack at the British Library.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
The final costs of recovery from the recent cyber-attack on the British Library are not yet confirmed. As it has from the outset, the British Library remains in close and regular contact with the Department on the ongoing work to investigate and assess the impact of the attack and to recover services.
Despite the cyber attack, the British Library’s buildings have remained open and well-used throughout, and it has maintained some key services including reading room access for personal study and some limited collection item ordering, exhibitions, learning events, business support, and onsite retail. In the immediate aftermath essential services such as WiFi and event ticket sales were quickly re-established.
On 15 January, the British Library restored a searchable online version of its main catalogue, comprising records of printed books, journals, maps, music scores and rare books. This will enable a manual process of checking availability and ordering to the Reading Rooms. In addition, it will offer access to an increased range of special collection material such as manuscripts and archives. Taken together, these improvements mean that from this date the majority of physical books and special collections held at its St Pancras site will once again be available for use.
Further updates will be provided as the Library continues to recover from the attack.
Asked by: Julian Knight (Independent - Solihull)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what steps he is taking to tackle cyber-related crime in Solihull constituency.
Answered by Tom Tugendhat - Minister of State (Home Office) (Security)
Tackling cyber crime is at the heart of the Government’s National Cyber Strategy 2022-25, which is supported by £2.6 billion of investment through the National Cyber Fund.
Key to delivery is ensuring that local policing has the resources needed to deal with the cyber threats we face. In 2023/24, the Home Office is receiving £18 million from the National Cyber Fund to provide a range of capabilities and resource to tackle and respond to cyber crime. This funding is supplemented by a further £16 million of Home Office funding through the Police Settlement Programme.
This funding continues to build law enforcement capabilities at the national, regional, and local levels to ensure they have the capacity and expertise to deal with the perpetrators and victims of cyber crime. We directly fund a specialist Cyber Crime Unit at West Midlands Police, which covers Solihull, and another, more specialist team, at the West Midlands Regional Organised Crime Unit (ROCU). This ROCU team is integral to our response to high-harm, high-impact crimes like cyber extortion.
This Regional Cyber Crime Unit for West Midlands (RCCUWM) also works with businesses and organisations based in Solihull, across the private and public sectors, and at community level. Under the Local Resilience Forum, RCCUWM work with Solihull Council, amongst others, to build stronger cyber security and resilience. A key part of RCCUWM’s work is to ensure the integrity of our Critical National Infrastructure providers, and they have a long-standing partnership with NHS Birmingham Solihull (BSOL) Integrated Care System and NHS England.
We have also rolled out Regional Cyber Resilience Centres in London and each of the nine policing regions, including the West Midlands. These are a collaboration between the police, public, private sector and academic partners to provide cyber security advice to Small and Medium Sized Enterprises so that they can protect themselves better in a digital age. Details of the Cyber Resilience Centre for the West Midlands can be found at Cyber Resilience | The Cyber Resilience Centre For The West Midlands (wmcrc.co.uk)
All vulnerable victims of fraud and cyber crime in Solihull receive contact and Protect advice from law enforcement, specifically aimed at helping them to protect themselves in future from revictimization.
The specialist RCCUWM Prevent Team also work to intervene if people are deemed at risk of becoming involved in cyber offending. RCCUWM deliver the National Cyber Choices programme and have delivered multiple initiatives across Solihull, including working with schools to help them identify those at risk. Solihull local police officers support these important safeguarding interventions.
Asked by: Chris Law (Scottish National Party - Dundee West)
Question to the Ministry of Defence:
To ask the Secretary of State for Defence, what assessment he has made of the impact of the cyber attack against Capita in March 2023 on the security of civil servants' pensions data.
Answered by Andrew Murrison - Parliamentary Under-Secretary (Ministry of Defence)
The Integrity and Security of the Civil Service pension scheme is a matter for the Cabinet Office as the lead Department for the scheme. Any assessment of the impact of the reported Capita data breach on the security of civil servant pension data is a matter for the Cabinet Office and should be directed to them.
Asked by: Gregory Campbell (Democratic Unionist Party - East Londonderry)
Question to the Cabinet Office:
To ask the Minister for the Cabinet Office, what risks to (a) employees and (b) the wider population were identified following cyber crimes against Government departments in the last 12 months.
Answered by John Glen - Paymaster General and Minister for the Cabinet Office
This Government is committed to protecting citizens and public services from the ever-evolving cyber threat.
As set out in the 2023 National Risk Register, cyber attacks on the UK’s transport, health and social care, and telecommunications systems were identified amongst the most serious risks currently facing the UK. In addition, in this year’s National Cyber Security Centre (NCSC) Annual Review, data theft - either through ransomware or the exploitation of vulnerabilities in public-facing apps - and cyber-enabled fraud remain some of the most acute cyber threats facing UK businesses and citizens. For example, between September 2022 and August 2023, the NCSC received 297 reports of ransomware activity and 327 incidents involving the exfiltration of data.
The Government takes data protection very seriously and we understand that data breaches are a matter of great concern to those whose data may have been exposed in a cyber attack. It is the responsibility of organisations affected to meet their statutory obligations under the UK General Data Protection Regulation (GDPR) regarding notifying the Information Commissioner’s Office (ICO) and the individuals affected of certain personal data breaches.
It would not be appropriate to comment on specific cyber incidents for national security reasons. However, the Government has already taken significant steps to reduce the risks identified and to strengthen our cyber defences.
The Government Cyber Security Strategy 2022 sets out our plans to significantly harden the Government’s critical functions against cyber attack by 2025, with all organisations across the public sector being resilient to known vulnerabilities by 2030. Alongside this, the National Cyber Strategy 2022 sets out our approach to tackling cyber threats against the wider population, including by better detecting, disrupting and deterring malicious cyber actors and embedding good cyber security practices and protections at national, organisation and citizen level.
Asked by: Lord Freyberg (Crossbench - Excepted Hereditary)
Question to the Department for Digital, Culture, Media & Sport:
To ask His Majesty's Government (1) what steps they will take, and (2) what resources they will deploy, to assist academics dependent on the British Library for their research and scholarly activities after the recent ransomware attack.
Answered by Lord Parkinson of Whitley Bay - Parliamentary Under Secretary of State (Department for Culture, Media and Sport)
Staff at the British Library are working hard to provide researchers, as far as possible, with alternative means to access the material they need during this period of disruption. The Library’s physical sites remain open to the public and are offering a range of services, including access to the reading room for personal study, some limited ordering of items for manual collection, exhibitions, learning events, business support, and on-site retail. Reference services and curatorial staff are working with individual researchers and academics to support specific enquiries as far as possible including, where appropriate, by directing them to other sources of research material held by other libraries and knowledge institutions. Details of what the public can access are available via the British Library’s social media channels.