Charlie McMurdie is a leading authority on cybercrime, a renowned cybersecurity speaker, and the former Head of the Police Central e-Crime Unit at New Scotland Yard. With over 30 years in law enforcement, she played a pivotal role in developing and leading the UK’s national cybercrime capabilities.
A trailblazer in her field, Charlie draws on her distinguished policing career to advise international governments and private sector organisations on tackling evolving digital threats. She offers unparalleled insight into cyber policing, online criminality, and risk management in a hyper-connected world.
In this exclusive interview with Champions Speakers, Charlie explores today’s most pressing cyber threats and shares her expert perspective on defending against them.
Q: Ransomware continues to dominate headlines—but what makes it such a persistent and damaging threat for businesses today?
Charlie McMurdie: “It’s how ransomware has developed and become far more sophisticated—that’s what really causes significant harm to businesses. When organisations are hit with this kind of attack, it can feel like a rabbit in the headlight’s moment— “What do we do now?”
“I remember, back in the day, ransomware was quite straightforward. You’d receive an email and suddenly your computer would be locked down because you’d supposedly been involved in illegal file sharing or downloading music that you weren’t allowed to download. A message would pop up on your screen saying, “You have been fined 50 euros or 50 pounds. Pay your money now.”
“I clearly remember the early days when they were even using our police logo. We’d just set up the original cybercrime unit in law enforcement—the Police Central e-Crime Unit (PCeU)—and attackers were using our logo in those fake notices, saying people had to pay the PCeU. We joked at the time that it might help with the funding challenges we were facing! But that was all very low-level.
“Nowadays, we’re seeing companies—and large organisations—being targeted. Recently, it’s included the NHS, the healthcare sector, the public sector—anywhere that holds rich data and where attackers know they can cause significant disruption. They go after sectors like legal, healthcare, and financial services. And it’s no longer just a simple attack-and-lock operation.”
Q: The shift to remote working expanded the attack surface for organisations. How have cybercriminals adapted their methods in response?
Charlie McMurdie: “COVID really caused a lot of disruption, and it gave cybercriminals a huge opportunity. There was a massive shift, with more people using their own kit—their personal laptops, phones—and a big increase in remote working.
“We saw a huge rise in attacks and data harvesting. Criminals jumped on the back of it by pretending to be government bodies offering furlough payments or COVID information— “Click here for this, that, or the other.”
“Cybercriminals will always exploit the hot topic of the moment for their own gain. Now that remote working is more common, it has definitely opened more doors for them. But I don’t think we should be put off by that. Remote working, when done properly and with the right security protocols in place, can be a great enabler.
“The problems come when people don’t follow the proper processes. They might not have adequate security, antivirus software, or they’re not using the correct company setup or systems.
“Let me give a simple example—we’ve seen breaches where, at first glance, it’s unclear why attackers would even bother stealing data from that particular company. There’s no obvious financial incentive. But then you dig deeper and see whose data was in that database—say, Charlie McMurdie, for instance.
“And if that individual uses the same password for a seemingly insignificant site—like a social media platform or an online shop selling toilet rolls—as they do for their work email, then suddenly, that data becomes very valuable. That kind of password reuse is a very basic but highly effective tool for attackers. People use the same credentials across multiple platforms, and that gives cybercriminals a foothold.”
Q: With modern technologies entering the market almost daily, how must cybersecurity teams evolve to remain resilient and effective against emerging threats?
Charlie McMurdie: “Everything is now connected to our networks, and every day there’s a new piece of technology or a new development—both in terms of defensive tools and in the tools being developed by attackers.
“So, the question becomes: how do we stay match-fit to deal with the kinds of cyberattacks and technologies we’re facing?
“I think the key is getting the right people in place. In my old cyber unit, many of the team were detectives from the Flying Squad, and we had lots of experienced industry professionals. It’s about mindset—people who are keen to stay match-fit, to keep learning, to maintain their curiosity and interest.
“Technology moves so quickly that if you’re good at one thing today and stop there, you’ll quickly fall behind. You need that inquisitive mindset—the drive to keep developing.
“The other major factor is that no one can handle cyber in isolation. It’s a team effort. If you look at the attackers, they often operate as organised networks. They’ll headhunt individuals from around the world to join their operations. They’ll effectively check CVs and recruit based on skills.
“We need to mirror that approach. We need to share intelligence, collaborate with the best people, and build networks that allow us to understand what’s happening out there. No one can do this alone.”
Q: Based on your time leading cybercrime efforts in the police, what type of digital attack was most prevalent or damaging during your tenure?
Charlie McMurdie: “In my former role, I spent 32 years in law enforcement, and back in the late 1990s, I was running several serious and organised crime departments at Scotland Yard, including the Fraud Squad.
“That involved hundreds of officers dealing with long, complex fraud investigations—which wasn’t really my typical area, as I came from a more proactive, fast-paced investigative background.
“But through the Fraud Squad, I worked closely with banks and began to see how they were struggling with fast-time money movement—mostly related to money laundering.
“At the time, we’d approach companies to ask about losses and data compromise, and often they wouldn’t admit their systems had been breached. Back then, “cyber” wasn’t even a word. It was referred to as high-tech crime, digital crime, or simply fraud.
“There was a real reluctance to talk about data theft or customer losses—it was all kept very quiet. So, we didn’t have a full picture of the scale.
“But then some very visible attacks started happening. I often say it was a bit of a turning point. You may recall Julian Assange and WikiLeaks, and the freedom of speech domain groups—primarily Anonymous—who started launching attacks on organisations under the banner of “we have a right for our voice to be heard”.
“That’s one thing—but when they started knocking over organisations like PayPal or Mastercard and putting them out of service, which caused real damage.
“So, in those early days—mainly because other incidents weren’t being reported—we saw a lot of denial-of-service (DoS) attacks taking down organisations. You may also recall Fathers4Justice; they jumped on the bandwagon and started launching attacks too.
“So, the most prominent and visible type of cybercrime we encountered was denial-of-service attacks—overwhelming systems and disrupting business operations.”
This exclusive interview with Charlie McMurdie was conducted by Mark Matthews.
