Asked by: Lord Mendelsohn (Labour - Life peer)
Question to the Home Office:
To ask Her Majesty's Government what assessment they have made of the extent to which British companies are paying ransoms to cyber criminals in order to regain access to their data; and what guidance they have made available to support businesses in such circumstances.
Answered by Baroness Williams of Trafford - Shadow Chief Whip (Lords)
The Government continues to see a significant increase in the scale and severity of malicious cyber activity globally. This is why the National Cyber Security Strategy 2016-2021 is supported by £1.9billion of transformational investment. Part of GCHQ, the National Cyber Security Centre (NCSC), is at the heart of this strategy. The Centre provides a single, central body for cyber security at a national level, and has helped over a million organisations become more secure.
Ransomware attacks are increasingly common globally, the Government continues to provide support to British businesses and organisations to try to mitigate the threat. The NCSC continually reviews its advice and guidance to reflect new trends and how companies can protect themselves, as well as providing swift support to organisations which fall victim to ransomware. Additionally, the National Crime Agency’s National Cyber Crime Unit (NCCU) provides the focus for our national response to combating serious cyber criminals. It is using its increased operational resources to deliver arrests and disruption, using the NCA’s enhanced intelligence picture to target criminals where they are most vulnerable. Our priority working alongside the police and the National Cyber Security Centre (NCSC) is to do all we can to mitigate any harm to the UK.
The legal decision of whether or not to pay the ransom is ultimately a matter for the individuals or organisations concerned. We encourage victims of ransom demands to contact the authorities for support. Organisations are increasingly being targeted by ransomware attacks rather than individuals; this is because criminals can demand more money, and victims are more likely to pay due to reputational damage and desire to maintain the viability of their business for the future.
Information Commissioner’s Office (ICO) statistics indicate that in the last financial year for 2019/20 there were 160 recorded ransomware-related breaches, accounting for 6.8% of all cyber-related breaches. The Government currently does not hold any official data on the total cost of ransomware demands.
Asked by: Lord Mendelsohn (Labour - Life peer)
Question to the Home Office:
To ask Her Majesty's Government what assessment they have made of the origin of ransom cyber attacks against British businesses.
Answered by Baroness Williams of Trafford - Shadow Chief Whip (Lords)
Ransomware attacks are increasingly common globally with international and domestic cyber criminals increasingly viewing UK-based businesses and private individuals as attractive targets. Cyber criminals targeting the UK include international serious organised crime groups as well as smaller-scale, mostly domestic, criminals and hacktivists. While a small number of elite cyber criminals conduct the most serious cyber crimes, cyber crime is highly accessible and the availability of tools and services has lowered the entry level.
The ransomware landscape has changed in recent years, the number of attacks has decreased; however, the attacks appear to be more targeted and demand bigger ransoms. The NCSC and NCA continue to monitor the cyber threat with the UK being a global leader in understanding the threat from cyber crime. NCSC assesses the threat actors behind most large ransomware attacks are Russian speaking cyber criminals.
Asked by: Lord Mendelsohn (Labour - Life peer)
Question to the Home Office:
To ask Her Majesty's Government what assessment they have made of the impact of COVID-19 on cybercrime rates; and what plans they have to address any rise in cybercrime linked to COVID-19.
Answered by Baroness Williams of Trafford - Shadow Chief Whip (Lords)
The Home Office and its operational partners continue to monitor and respond to the cyber crime threat during the COVID-19 pandemic. Current assessments have not indicated an increase in reporting linked to COVID-19. However, cyber criminals are exploiting COVID-19 as an unparalleled opportunity to conduct criminal activity using social engineering, capitalising on people’s anxieties about the pandemic.
On 21 April, the Government launched a revised Cyber Aware campaign to coincide with the launch of the NCSC’s new Suspicious Email Reporting service. The NCA have also launched an advertorial on the popular Games Radar website to deliver PREVENT messaging during the COVID-19 pandemic as the public spend more time online. The advert is designed to deter young people away from becoming involved in cyber-criminality.
We have also recently launched a gov.uk page on coronavirus-related fraud and cybercrime. The page includes easy-to-follow steps for people to better protect themselves and signposts other relevant advice and tips. It can be found here: https://www.gov.uk/government/publications/coronavirus-covid-19-fraud-and-cyber-crime.
Asked by: Lord Mendelsohn (Labour - Life peer)
Question to the Home Office:
To ask Her Majesty's Government what assessment they have made of the causes of the 49 per cent rise in vehicle thefts in the four years to 2017–18; what plans they have to address that rise; what discussions they have had with the automotive industry about improving vehicle security, including the security of keyless entry and start systems; and what regulations are in place to ensure minimum standards of security for newly made vehicles in the UK.
Answered by Baroness Williams of Trafford - Shadow Chief Whip (Lords)
On 15 January the Minister for Policing and the Fire Service chaired the first meeting of the Vehicle Theft Taskforce, which brings together the automotive industry, insurers, the police, Government departments and others to help ensure that the collective response to vehicle theft in England and Wales is as robust as it can be.
In addition to developing further our understanding about the threat, the work of the Taskforce will cover vehicle security, which includes looking at preventing the compromise of electronic vehicle security.
The majority of new cars and small commercial vehicles must meet the requirements of the United Nations Economic Commission for Europe Regulation 97 and Regulation 116 covering Vehicle Alarm Systems and Protection of Motor Vehicles Against Unauthorised Use.
Asked by: Lord Mendelsohn (Labour - Life peer)
Question to the Home Office:
To ask Her Majesty's Government, further to the Written Answer by Baroness Williams of Trafford on 25 July (HL689), and in the light of the requirement under the Regulatory Reform (Fire Safety) Order 2005 that "the responsible person must make a suitable and sufficient assessment of the risks", whether they amended that Order to allow a person other than the responsible person to "undertake the risk assessment on their behalf"; and if so, through what mechanism.
Answered by Baroness Williams of Trafford - Shadow Chief Whip (Lords)
Article 18 of the Regulatory Reform (Fire Safety) Order 2005 sets out that the responsible person must appoint one or more competent persons to assist them in undertaking the preventive and protective measures, unless they have the sufficient training and experience or knowledge to do so themselves. The Fire Safety Order has therefore not been amended in this way.
Asked by: Lord Mendelsohn (Labour - Life peer)
Question to the Home Office:
Her Majesty's Government, further to the Written Answer by Baroness Williams of Trafford on 5 July (HL 50), what skills or accreditation must be held by the person responsible for fire risk assessments in houses or flats offering short–term accommodation to paying guests through platforms such as Airbnb; and what fire safety guidance or training in available for such responsible persons.
Answered by Baroness Williams of Trafford - Shadow Chief Whip (Lords)
It is the responsibility of each fire and rescue authority to manage its prevention, protection and operational resources to address effectively risks within their communities. This includes determining which premises to audit to ensure compliance with the provisions of the Fire Safety Order. When carrying out an audit, including for short-term accommodation let through Airbnb or similar platforms, it is for the individual fire and rescue authority to determine how they assess whether the fire risk assessment carried out by the responsible person and the fire precautions in place are adequate and appropriate for a particular premises. No two premises are the same. What may represent a proportionate approach to improved fire safety management in one building, will not necessarily apply in another.
The level of competency required for individual premises will vary according to their nature and complexity.
The Government issued guidance to assist enforcing authorities in their enforcement responsibilities under the Fire Safety Order, which is available here - https://www.gov.uk/government/publications/regulatory-reform-fire-safety-order-2005-guidance-note-enforcement. In addition, the Chief Fire Officers Association, now the National Fire Chiefs Council, produced a standardised audit form to ensure consistency of audits.
The person responsible for complying with the Fire Safety Order (usually the owner, employer, landlord or managing agent) may decide that they are competent to carry out the risk assessment themselves or they may choose to appoint a competent person to undertake the risk assessment on their behalf. A decision on this may be made in conjunction with their insurers.
The requirements for a competent person are set out in the Fire Safety Order. A person is to be regarded as competent for the purposes of making a fire risk assessment if they have sufficient training and experience or knowledge and other qualities to enable them properly to assist in undertaking the preventative and protective measures. To help those responsible for ensuring that the risk from fire in their premises has been accurately assessed, the fire sector has produced guidance on how to choose a competent fire risk assessor. This is available on www.cfoa.org.uk/19532.
In addition, fire safety risk assessment guidance produced by the Government and by the Local Government Association also provides advice and guidance to those responsible for fire safety compliance to help them to accurately assess the risks from fire and implement adequate and appropriate fire safety measures. This is available here: https://www.gov.uk/workplace-fire-safety-your-responsibilities/fire-risk-assessments.
The Government will consider the ongoing suitability of the Fire Safety Order as part of the wider work underway following the horrific fire at Grenfell Tower.
Asked by: Lord Mendelsohn (Labour - Life peer)
Question to the Home Office:
Her Majesty's Government, further to the Written Answer by Baroness Williams of Trafford on 5 July (HL 50), what assessement they have made of the application and enforcement of the Regulatory Reform (Fire Safety) Order 2005 in relations to houses or flats provided as short–term accommodation to paying guests through platforms such as Airbnb; whether they have any plans to review or update the Order; and, if so, what is their planned timescale for review.
Answered by Baroness Williams of Trafford - Shadow Chief Whip (Lords)
It is the responsibility of each fire and rescue authority to manage its prevention, protection and operational resources to address effectively risks within their communities. This includes determining which premises to audit to ensure compliance with the provisions of the Fire Safety Order. When carrying out an audit, including for short-term accommodation let through Airbnb or similar platforms, it is for the individual fire and rescue authority to determine how they assess whether the fire risk assessment carried out by the responsible person and the fire precautions in place are adequate and appropriate for a particular premises. No two premises are the same. What may represent a proportionate approach to improved fire safety management in one building, will not necessarily apply in another.
The level of competency required for individual premises will vary according to their nature and complexity.
The Government issued guidance to assist enforcing authorities in their enforcement responsibilities under the Fire Safety Order, which is available here - https://www.gov.uk/government/publications/regulatory-reform-fire-safety-order-2005-guidance-note-enforcement. In addition, the Chief Fire Officers Association, now the National Fire Chiefs Council, produced a standardised audit form to ensure consistency of audits.
The person responsible for complying with the Fire Safety Order (usually the owner, employer, landlord or managing agent) may decide that they are competent to carry out the risk assessment themselves or they may choose to appoint a competent person to undertake the risk assessment on their behalf. A decision on this may be made in conjunction with their insurers.
The requirements for a competent person are set out in the Fire Safety Order. A person is to be regarded as competent for the purposes of making a fire risk assessment if they have sufficient training and experience or knowledge and other qualities to enable them properly to assist in undertaking the preventative and protective measures. To help those responsible for ensuring that the risk from fire in their premises has been accurately assessed, the fire sector has produced guidance on how to choose a competent fire risk assessor. This is available on www.cfoa.org.uk/19532.
In addition, fire safety risk assessment guidance produced by the Government and by the Local Government Association also provides advice and guidance to those responsible for fire safety compliance to help them to accurately assess the risks from fire and implement adequate and appropriate fire safety measures. This is available here: https://www.gov.uk/workplace-fire-safety-your-responsibilities/fire-risk-assessments.
The Government will consider the ongoing suitability of the Fire Safety Order as part of the wider work underway following the horrific fire at Grenfell Tower.
Asked by: Lord Mendelsohn (Labour - Life peer)
Question to the Home Office:
Her Majesty's Government, further to the Written Answer by Baroness Williams of Trafford on 5 July (HL 50), what criteria fire and rescue authorities use to determine whether fire safety precautions are "adequate" and "appropriate" for the management of fire hazards in houses or flats offering accomodation to paying guests, such as through Airbnb.
Answered by Baroness Williams of Trafford - Shadow Chief Whip (Lords)
It is the responsibility of each fire and rescue authority to manage its prevention, protection and operational resources to address effectively risks within their communities. This includes determining which premises to audit to ensure compliance with the provisions of the Fire Safety Order. When carrying out an audit, including for short-term accommodation let through Airbnb or similar platforms, it is for the individual fire and rescue authority to determine how they assess whether the fire risk assessment carried out by the responsible person and the fire precautions in place are adequate and appropriate for a particular premises. No two premises are the same. What may represent a proportionate approach to improved fire safety management in one building, will not necessarily apply in another.
The level of competency required for individual premises will vary according to their nature and complexity.
The Government issued guidance to assist enforcing authorities in their enforcement responsibilities under the Fire Safety Order, which is available here - https://www.gov.uk/government/publications/regulatory-reform-fire-safety-order-2005-guidance-note-enforcement. In addition, the Chief Fire Officers Association, now the National Fire Chiefs Council, produced a standardised audit form to ensure consistency of audits.
The person responsible for complying with the Fire Safety Order (usually the owner, employer, landlord or managing agent) may decide that they are competent to carry out the risk assessment themselves or they may choose to appoint a competent person to undertake the risk assessment on their behalf. A decision on this may be made in conjunction with their insurers.
The requirements for a competent person are set out in the Fire Safety Order. A person is to be regarded as competent for the purposes of making a fire risk assessment if they have sufficient training and experience or knowledge and other qualities to enable them properly to assist in undertaking the preventative and protective measures. To help those responsible for ensuring that the risk from fire in their premises has been accurately assessed, the fire sector has produced guidance on how to choose a competent fire risk assessor. This is available on www.cfoa.org.uk/19532.
In addition, fire safety risk assessment guidance produced by the Government and by the Local Government Association also provides advice and guidance to those responsible for fire safety compliance to help them to accurately assess the risks from fire and implement adequate and appropriate fire safety measures. This is available here: https://www.gov.uk/workplace-fire-safety-your-responsibilities/fire-risk-assessments.
The Government will consider the ongoing suitability of the Fire Safety Order as part of the wider work underway following the horrific fire at Grenfell Tower.
Asked by: Lord Mendelsohn (Labour - Life peer)
Question to the Home Office:
Her Majesty's Government, further to the Written Answer by Baroness Williams of Trafford on 5 July (HL 50), how many inspections of houses or flats offering short–term accommodation to paying guests were carried out by each fire and rescue authority in each year since 2010; and how many of those inspections were found to be (1) satisfactory and (2) unsatisfactory.
Answered by Baroness Williams of Trafford - Shadow Chief Whip (Lords)
The Home Office does not centrally collect information on the number of inspections of houses or flats offering short-term accommodation to paying guests carried out by each fire and rescue authority. Information on the number of inspections of houses or flats offering short-term accommodation to paying guests is the responsibility of individual FRSs.
Asked by: Lord Mendelsohn (Labour - Life peer)
Question to the Home Office:
Her Majesty's Government what plans they have to review fire safety regulations applied to short-term lettings through online accommodation platforms such as Airbnb; and what processes are in place to ensure compliance.
Answered by Baroness Williams of Trafford - Shadow Chief Whip (Lords)
The Regulatory Reform (Fire Safety) Order 2005 applies to houses or flats where the premises are not occupied as a private dwelling – this would include properties which offer holiday or short term accommodation to paying guests. In the case of Airbnb and other similar web-based accommodation providers, we consider the Order would apply during the period where paying guests were staying. That is because, during this period, the property would no longer be occupied as a single private dwelling.
Under the Order, the responsible person (usually the owner or building manager) is required to undertake a fire risk assessment and put in place fire precautions that are adequate and appropriate to manage the risk that lives could be lost in a fire.
Fire and rescue authorities are the enforcing authorities for the Fire Safety Order in such accommodation. They are required to have a risk based inspection programme and management strategy in place to ensure compliance with the Fire Safety Order within their area.