18 July 2012
Norfolk Constabulary has made the decision to formally close its
investigation into the hacking of online data from the Climate
Research Centre (CRU) at the University of East Anglia (UEA) in
The decision follows a comprehensive investigation by the
force’s Major Investigation Team, supported by a number of national
specialist services, and is informed by a statutory deadline on
While no criminal proceedings will be instigated, the
investigation has concluded that the data breach was the result of
a ‘sophisticated and carefully orchestrated attack on the CRU’s
data files, carried out remotely via the internet’.
Senior Investigating Officer, Detective Superintendent Julian
Gregory, said: “Despite detailed and comprehensive enquiries,
supported by experts in this field, the complex nature of this
investigation means that we do not have a realistic prospect of
identifying the offender or offenders and launching criminal
proceedings within the time constraints imposed by law.
“The international dimension of investigating the World Wide Web
especially has proved extremely challenging.
“However, as a result of our enquiries, we can say that the data
breach was the result of a sophisticated and carefully orchestrated
attack on the CRU’s data files, carried out remotely via the
internet. The offenders used methods common in unlawful internet
activity to obstruct enquiries.
“There is no evidence to suggest that anyone working at or
associated with the University of East Anglia was involved in the
The security breach was reported to Norfolk Constabulary on 20
November 2009, following publication of CRU data on the internet
from 17 November onwards.
An investigation was launched by the joint Norfolk and Suffolk
Major Investigation Team, led by Det Supt Gregory, with some
support from the The Met’s Counter Terrorism Command, the National
Domestic Extremism Team and the Police Central e-crime Unit, along
with consultants in online security and investigation.
The investigation, code-named Operation Cabin, focused on
unauthorised access to computer material, an offence under the
Computer Misuse Act 1990, which has a three year limit on
proceedings from the commission of the original offence. It has
been concluded by Norfolk Constabulary, in consultation with The
Met, that due to outstanding enquiries this is now an unrealistic
Norfolk Assistant Chief Constable Charlie Hall, Protective
Services lead, said: “Online crime is a global issue. While law
enforcement agencies continue to develop our response to emerging
threats, it falls upon individuals and organisations to be alert to
this and and take steps to mitigate risk as far as is