There are more connected devices, connected people
and connected things than at any time in history and, as the 21st century
progresses, this trend is set to continue. For many people, all this innovation
is going to make the world a smarter, sharper and more captivating place to be,
with new technologies offering us plenty by way of opportunities. Others,
naturally, remain skeptical.
At the same time, in the dark, beneath the surface,
there lies another world where cybercriminals are equally enabled and empowered
by these technologies (as they become exploited and manipulated). It’s a world
without borders, the digital wild west, where the rules of law are disregarded.
Here, all sorts of malicious activities are
plotted, tailored techniques developed, targets identified. They may
not all share the same values or have a common goal, but they do have something
in common: to disrupt the status quo and muddy the waters.
This means that for all the technical wonders in
the world, there are unfortunate and inevitable drawbacks. Nothing is perfect
and, as history has shown, all sorts of things can be used in negative and
nefarious ways.
In this instance, technology, especially the kind
that allows us to connect like never before, is increasingly vulnerable to
attacks. So, it’s great that your connected car delivers entertaining and
seamless trips, yet, via jackware – as ESET’s Stephen Cobb puts it – your car
may well be locked up in an entirely new way (requiring a digital key to
unlock).
Needless to say the threat posed by this mishmash
of 21st century cybercriminals – not all working together, it must be
noted – increases by the day. They are more sophisticated, threatening
and organized in their efforts than ever.
This new reality was recently recognized by the
UK’s National Crime Agency (NCA) in a report that stated that “the accelerating pace of technology and
criminal cyber capability development currently outpaces the UK’s collective
response to cybercrime”.
Dubbing this situation as a “cyber arms race”, the
NCA is under no illusion of the “enduring” challenges that lie ahead.
It’s time to batten down the hatches and give
cybersecurity the attention that it rightly deserves.
New thinking, greater collaboration
A starting point is to rethink what we understand
about cybercriminals, how they approach “their work” and who they target (as
ESET highlighted in its 2016 Trends paper, security is an issue that concerns more and
more people).
“If we think of it like a
business, like a competitor, then we can prioritize the most effective efforts
to disrupt it.”
What’s evident is that cybercriminals have evolved
to be more professional, entrepreneurial and organized in their activities. The latter
is a particularly telling description, as cybercriminals are either part of,
work for, or commission – from a “growing online criminal marketplace”, as
the NCA puts it – groups of individuals that bear all the hallmarks of
real-world organized crime groups (except for the fact they’re more
cyber-focused).
The business of hacking is a business just like
ours,” explained Hewlett Packard in a 2016 report. “If we think of it
like a business, like a competitor, then we can prioritize the most effective
efforts to disrupt it.”
This is a shrewd observation, from which we can all
learn. In ‘respecting’ the gravity of the threat posed by cybercriminals and
recognizing that they possess a complex skill-set, only then can we begin to
really understand how serious an issue this is (and is likely to be).
“Technology, management and education,” ESET has
explained, “are key factors for security”, as is “collaborative action”, the
NCA pointed out in its paper. This requires everyone to get involved, from
businesses to law enforcement, from government to industry regulators, and
everyone else in-between.
The result is that all stakeholders and
participants get to see things from a different perspective, with unique
perspectives and experiences delivering original insight. Further, the more
visible and collaborative an approach to cybercrime and cybersecurity, the more
universal knowledge becomes. This means that threats can be detected more
quickly and equally swift responses to attacks can be delivered. Knowledge is,
after all, power.
In recent years, as our personal and professional
lives have increasingly been defined and shaped by gadgets and gizmos, we’ve
become accustomed to a more streamlined way of living. That’s the brilliant
thing about connected technologies – it helps to make life easier and more
fun.
Yet, thanks to 21st century cybercriminals,
everything we take for granted – paying for a book online, inputting your
name and address on a webpage – is at risk. More so if we don’t invest in
security software, develop skills and work together. The threat landscape may
have evolved, but together, the security environment can also advance. It just
takes effort.