abused

Issues with the Met's information systems have contributed to failures to protect children at risk of sexual exploitation, according to a report by Her Majesty's Inspectorate of Constabularies (HMIC).

Published today, the 113-page report [PDF] following HMIC's inspection into national child protection, reported how London's Metropolitan Police Service (MPS) has had issues with its IT systems that are contributing to failures to protect vulnerable children.

Police staff told HMIC that information on the Met's Crime Recording Information System (CRIS), which holds data regarding children's circumstances and vulnerability, was “not easy to locate” and “complicated” while the system's usage was “neither universally adhered to nor universally understood”.

This is particularly a concern with regards to the force's risk assessments, according to HMIC, which said that in many incidents the cops failed to reflect the intelligence their systems held or simply made inaccurate assessments.

HMIC reported that some cases were graded as being of only “medium risk of harm on the basis that the children in question were 'streetwise and able to take care of themselves'.”

In one such incident, the report went on to explain, a 13-year-old girl who went missing overnight was assessed as only being at medium risk because she was “streetwise” despite the Met's communications centre receiving a report that the child was “alone and unsafe in a house with three men”.

Connectivity issues with the Met's IT systems meant this information was “in an email inbox in the MPS for 14 hours before the force acted on it.”

HMIC stated that such findings “in relation to the flagging and retrieval from the police computer systems of relevant information about child protection issues are a particular concern.”

IT explained that the difficulty of locating information on the current force IT systems risks cases being dealt with in isolation is leading to potential intelligence gaps.

The report concluded: "The lack of connection between the MPS IT systems, databases and spreadsheets used to record such analyses exacerbates this problem. As a result, much of the information on victims, offenders and risk is kept in isolated pockets across the force. This contrasts sharply with the free movement of people (both victims and offenders) around the capital." ®

Sponsored: 10 Reasons LinuxONE is the best choice for Linux workloads


The Register - Security

A banking trojan targeting Android users is spreading through malicious ads as part of an ongoing campaign.

The scenario by which the malware spreads is all too familiar to long-suffering Windows fans, but may well come as an unpleasant shock to smartphone users.

Worse yet, Android users can get infected by the Svpeng Trojan simply by visiting mainstream websites, as researchers from Kaspersky Lab explain:

By simply viewing their favourite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking Trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q. There you are, minding your own business, reading the news and BOOM! – no additional clicks or following links required. And be careful – it’s still out there!

The malicious code is downloaded via the Google AdSense advertising network. The same tactic was used to spread the Svpeng Android banking trojan via the Meduza news portal last month.

Svpeng intercepts banking-related SMS messages as well as launching phishing Windows on compromised smartphones. In addition, Svpeng siphons off all manner of private information from infected smartphones, including call history, text and multimedia messages, browser bookmarks and contacts. ®

Sponsored: 2016 Cyberthreat defense report


The Register - Security