UK Proposal to Centralize Cybercrime Policing via a National Police Service
The UK government published proposals to overhaul policing by creating a National Police Service—positioned as an “FBI-like” body—to centralize investigations into cybercrime, fraud, and other internet-enabled offenses that increasingly cross local and national boundaries. The plan would shift responsibility for serious, non-local crimes away from the current model of dozens of territorial forces in England and Wales and would reportedly merge the National Crime Agency (NCA) into the new structure; ministers argue the existing system is no longer fit for purpose as crime becomes more digitally enabled.
Officials cited the scale of the problem—claiming roughly 90% of crime now has a digital element and that fraud accounts for about 44% of recorded offenses—and framed the proposal as the most significant reform of British policing in nearly 200 years, with a multi-year transition rather than an immediate reorganization. Separately, UK national security leaders warned in Parliament that resilience alone may be insufficient against state-backed cyber and hybrid threats (including critical infrastructure sabotage and disinformation), arguing the UK needs credible offensive deterrence to impose costs on hostile actors, alongside defensive investment and clearer accounting of NATO-aligned security spending commitments.
Sources
Related Stories
Governments Expand Anti-Scam Measures and Shift Responsibility to Industry
The UK government unveiled a new national fraud strategy aimed at reducing the country’s most common crime by shifting more responsibility for scam prevention onto **telecom providers, technology platforms, and financial firms**. The plan follows criticism that fraud—estimated at roughly **40% of recorded crime** in England and Wales, with a majority **cyber-enabled**—has not received a commensurate law-enforcement response. UK authorities are also restructuring fraud intake and analysis through *Report Fraud*, a new national reporting system intended to replace *Action Fraud* and improve pattern detection and alerting, with stakeholders warning that outcomes will depend on the quality and reliability of submitted data. In parallel, other governments are rolling out more aggressive anti-scam initiatives. Dutch national police launched the **“Game Over?!”** campaign, threatening to publicly identify 100 scam suspects unless they surrender, as part of a broader effort to curb impersonation fraud such as **fake police officer** and **fake bank employee** scams that have surged in recent years. In the US, an executive order directed multiple agencies to produce a 120-day action plan to **prevent, disrupt, investigate, and dismantle** transnational cybercrime organizations (including scam-center operators) and proposed a **Victim Restoration Program** to return seized or forfeited funds to victims of cyber-enabled fraud, supported by a new operational unit to improve interagency coordination and information sharing, with private-sector threat intelligence used “when appropriate.”
6 days ago
UK Government Admits Cybersecurity Failures and Launches Major Public Sector Overhaul
The UK government has publicly acknowledged that its longstanding cybersecurity policies for the public sector have failed, leaving critical services and departments vulnerable to cyberattacks. In response, officials have announced a sweeping reset with the introduction of the Government Cyber Action Plan, backed by over £210 million in new funding. The plan establishes a dedicated Government Cyber Unit, sets minimum security standards, and mandates robust incident response capabilities across all departments. This overhaul comes after years of fragmented accountability and recurring cyber incidents, including high-profile attacks on agencies such as the Legal Aid Agency (LAA), which suffered a major breach that went undetected for months despite significant prior investment in security improvements. The Public Accounts Committee has criticized the Ministry of Justice for its handling of the LAA cyberattack, revealing that despite £50 million spent on security, the agency failed to detect the intrusion for four months and delayed taking affected servers offline. The government’s new strategy aims to address these systemic weaknesses by improving risk visibility, enforcing stricter standards, and banning ransom payments by public-sector organizations. The action plan is positioned as a radical shift to protect essential services, restore public trust, and prevent future incidents that could disrupt healthcare, legal, and other critical infrastructure.
2 months ago
Irish and UK Government Digital Policy Moves: Expanded Surveillance Powers and In-House Digital ID Build
Ireland is considering legislation to expand law enforcement digital surveillance authorities, including stronger powers to intercept communications (explicitly including **encrypted messages**) and to create a clearer legal basis for police use of **spyware**. The proposal signals a shift toward more formalized state capabilities for communications interception and device compromise, with direct implications for privacy, lawful access, and the security expectations of end-to-end encrypted services. In the UK, the government indicated that a new **digital identity** program is expected to be **designed, built, and run by in-house government teams** rather than outsourced to external suppliers, while declining to provide firm cost estimates ahead of a planned consultation. Ministers stated costs would be met within existing spending settlements, and the government pushed back on an external estimate (reported as **£1.8B**) pending consultation outcomes—raising governance, delivery-risk, and security-assurance questions for a large-scale identity platform even as detailed technical and budgetary specifics remain limited.
1 months ago