‘If We’re Going to Be Connected, Then We Need to be Protected” – Barack Obama
We hear the term ‘cybercrime’ bandied about these days, as it is a bigger risk now than ever before, due to the sheer number of connected people and devices. But what is it exactly? In a nutshell, it is simply a crime that has some kind of computer or cyber aspect to it.
Cyber crime has the capability to affect a nation’s financial health and security. Issues surrounding these types of crimes have become high-profile, particularly those surrounding hacking, copyright infringement, child grooming and child pornography. There is another kind of cyber abuse called Social Engineering, which is linked with influencing an individual to get his confidential data that may not be in his best interest.
Cybercrime: The facts
- Cybercrime has now surpassed illegal drug trafficking as a criminal moneymaker.
- Somebody’s identity is stolen every 3 seconds as a result of cybercrime.
- Without a sophisticated security package, your unprotected PC can become infected within 4 minutes of connecting to the Internet.
The threats and security in the cyber world have evolved very similarly to the real world, where the balance has been oscillating from one side to the other in the course of time, but today in the cyber world it seems that the balance is tilted in favor of the threats.
Anybody can be hacked. No system is flawless.
This fact was proven true by Edward Snowden, a former Central Intelligence Agency (CIA) employee. Snowden brilliantly showed the way for other attackers, both internal and external, by using his knowledge of the National Security Agency (NSA)’s poor control over their SSH and private keys and self-certificates to turn those security assets against the NSA and steal valuable and top secret information.
Today, attackers have different motivations (national security, espionage, money, revenge, policy, etc.). These criminal groups act differently than in the past. Today they aim at specific targets, study the victims over the course of weeks, months and even years in order to create customized programs for them. The malicious software they build is basically unique and unrecognizable by the traditional defense tools.
Criticality of Cyber Crime
Cyber crime has been referred to as the next 9/11 and the biggest threat to national security today by President Obama.
97% of the fortune 500 companies have been hacked and the rest just don’t want to admit it. Many organizations have not been able to understand the complexity of this matter and have not carried out the necessary actions to establish appropriate levels of cyber security.
In the United States, we have a fear of being hacked or being cyber abused more than any other crime in the world, and the initiatives to fight this issue are being taken. For instance , the construction of cyber security centers in Los Angeles; the installation of cyber security cells and white hat hackers being employed in corporate world in order to stay one step ahead of the cyber criminals.
But the question arises: How successful are these initiatives going to be, when the cyber “offense” is overtaking the cyber “defense” and when there is little understanding of it?
As the former CIA director quoted, “Rarely something has been so important and so talked about with less and less clarity and less apparent understanding.”
There seems to be a handshake going on between cybercrime and evolving technology. The cyber-criminals have now launched their advertisements on YouTube in order to sell their skills over the Internet. They would also provide technical support in case you wish to infect your competitors’ website for your own profit in business. Whimsical but frightening. Isn’t it?
The criminals now have crime packs and business intelligence dashboards to track the distribution of their malicious code. The advancement in technology, with sophisticated tools and techniques being used and enhancing the nature of crime being borderless, makes the situation of cyber security even worse.
Countries have been spending millions of dollars on cyber security. McAfee estimate that the global cost of cybercrime is $1 trillion. But can we really trust these numbers?
One reason it’s a challenge to measure the financial costs of cybercrimes is that the victims often don’t know they’ve been attacked. Even when the breach is known, how do you put a dollar value on a Social Security Number, a formula for a new drug, the blueprints for a new car, or the bidding strategy of an oil firm?
Cyber security faces a challenge at the intersection of law and policy as well. Every country has a different law framed for cyber security. Some interesting public policy questions which are still unanswered are
- How do we allocate the liability?
- When can the private organizations attack back, once they are subject to cyber crime?
- How to regulate the Internet?
- What are the rights of self defense, OR, when can a state attack militarily?
The challenges and threats are different for every country. Moreover, the technology evolves much faster than the laws. Hence it’s quite challenging to see a reform coming in the near future on cyber security.
There’s more to be talked about this national threat. In the upcoming post, I’ll walk you through the various types of cyber crimes and how do we tend to help these criminals intentionally or unintentionally. We’ll also talk about the ways which can help us to stay secure and make it difficult for the criminals to attack.