Today we formally launch The Cyber Helpline!
It has taken almost two years to get to a public launch. Here is the story of how we started, where we are now and what we think is next.
Why we set up The Cyber Helpline
Not enough is being done to support victims of cybercrime and online security issues in the UK. Too many of us are being targeted by cyber criminals and online scams and are then left on our own to recover and pick up the pieces. We wouldn’t accept this with any other crime, so why do we accept it with online crime?
Don’t get us wrong. Cybercrime is hard. From a different country, with the ability to hide who they are, with almost no set up costs the criminals are able to operate with almost no chance of getting caught and with the ability to make millions. The chance of finding enough evidence to convict - and the criminal being in a jurisdiction where you can make an arrest - is almost zero.
We believe that cybercrime will always exist and so the focus has to be on educating users, increasing global cooperation, more secure technology at the point of release and providing better support when an individual becomes a victim.
During his career in cyber security our founder, Rory Innes, saw these problems first hand.
He had built a unique practice helping the rich and famous when they were hacked, making sure they took the right course of action to minimise damage and then put good security in place. This is where he realised that a) if you aren’t rich you can’t afford expert help, b) if you don’t have a background in IT then you are unlikely to be able to fix the issue yourself, c) there is so little support out there when you need it most and d) that the impact of cybercrime can be huge both financially and emotionally. The safety net for online users just doesn’t exist and thousands pay the price every month.
As a result, in May 2017, Rory started working on a plan to fill the gap in support and the concept for The Cyber Helpline was born. He approached Katy Lips, a digital and innovation expert who he had worked with previously, and they worked together on how to get The Cyber Helpline off the ground.
Our plan was to focus 100% on ensuring that every member if the UK public has access to expert help when they fall victim.
The Early Days
After mapping out an approach for how The Cyber Helpline would work, outlining the key issues it would support with and what the best practice advice was, Rory decided he needed first-hand experience of a functioning helpline and volunteered at a domestic abuse charity in Kent called DAVSS (Domestic Abuse Volunteer Support Service). This gave him vital experience of how a charity works and what needs to be in place to keep both victims and volunteers safe.
At the same time, it was clear that he was going to need more help. Rory approached his former colleague and friend Mark Belgrove and asked if he would like to come on board as Head of Cyber Security. Mark has a wealth of experience leading cyber functions in large organisations, but also running consultancies that help respond to cyber security incidents and put proactive security in place. Mark said yes and the pair started working together immediately.
After being introduced to someone at the Department for Digital, Culture, Media and Sport, The Cyber Helpline was sponsored onto the Cyber 101 scheme, part of the national cyber security strategy, run by Digital Catapult. Mark & Rory attended the sessions which were aimed at helping small cyber security start-ups like ours to grow and become financially viable.
Combining their skills Rory, Katie & Mark built out a basic website, spread the word in their networks that they were offering free help and prepared to take some calls. The first call came on the 24th of May 2018.
The victim had received a text message with a link pretending to be from her bank. She had clicked it, logged in to a scam website that looked exactly like her online banking website and the criminals had stolen a large sum of money from her account. This is called a Smishing attack, part of the wider social engineering family of attacks. Rory & Mark worked with her over the phone and email to provide advice and guidance.
Quickly it was clear that the demand for free, expert help with cybercrime was huge and that we were going to have to find a way to scale our ability to provide advice. After a bit of deliberation, we decided we needed a mix of humans and robots.
Building the Chatbot
People need help 24/7. Individuals work and play on the internet around the clock and with some types of attack there are short deadlines for acting or dealing with an issue. However, we were not in a place to staff the helpline 24/7, so we needed another solution.
We decided to build an intelligent chatbot that could be the front door of our help. The chatbot would listen to the issue, diagnose the type of attack (or attacks) involved and either send the victim to a web guide or raise a case with our volunteers for human help. This would allow us 24/7 coverage, provide immediate support to victims and help us to scale to meet demand.
It took a long time to build, but the chatbot was put into service in November 2018 and it was put through its paces by victims almost immediately. Since launch the chatbot has helped hundreds of victims across a huge range of issues. Amazingly, it managed to deal with around 70 percent of our cases, with the remaining passed through to our team for extra help.
Helping victims of cyber crime & online security issues
From November 2018 to now we have been in soft-launch mode. Operating without any promotion to check that our service works (humans and robots) and that our ‘assisted self-help’ model works. So far so good! To date we have helped hundreds of individuals.
We have also been working hard to recruit, screen and train our volunteers. A large majority of our volunteers have come from the volunteer matching service Do-it, but others from the volunteers’ networks or via the website. We currently have circa 20 volunteers supporting us and have created an online course that our Helpline Responders take to ensure they are prepared to meet the needs of our users.
Focusing on the non-technical side of the case has been an area we are very keen to be conscious of. We needed a way to make sure that we were thinking through the emotional side of the case, but also safeguarding our victims and volunteers. To this end, Anna Trever joined the team as a Director in charge of victim safeguarding. Anna works as a children’s doctor in the NHS and has seen firsthand the role and impact malicious use of the Internet and cyber crime can play in abuse. Anna’s focus at The Cyber Helpline is providing oversight into how we support victims with safety and emotional aspects of dealing with cyber crime.
Outreach has also been a big part of our focus over the last eight months. We have been talking with a wide range of police forces, government departments, government agencies and business to discuss how we can work together to tackle the challenge of helping cybercrime victims.
What is next for The Cyber Helpline?
Now we want to be able to help as many people as we can. Through promotion and awareness raising we hope that victims of cyber crime and online security issues will find their way to us and use our service.
To do this we will need lots more volunteers, funding and support. An incredible amount of work still to do, but we hope in another two years we will be even more proud of the number of people we have helped, the work our volunteers are doing and the general state of cybercrime victim support in the UK.