By 2021, cybercrimes will cost companies USD 6 trillion, according to a study.
The number of internet users has grown from an estimated at 2 billion in 2015 to 4.4 billion in 2019, but so have the cybercrimes which are expected to cost companies USD 6 trillion worldwide, according to a study by Cybersecurity Ventures.
Similarly, the number of smartphone users has grown from 2.5 billion in 2016 to 3.2 billion in 2019 and is forecasted to grow to 3.8 billion by 2021. Smartphones and the internet will make further inroads to our economic system. But there are certain risks involved as well.
Mobile phones are becoming targets of cybercriminals because of their widespread use and increasing computing power. Consider the fact that more than 60 % of online fraud occurs through mobile phones. This threat is not just towards individual users but businesses as well. It does not matter how large the company is either. 43% of the cyberattacks in 2019 were aimed at smaller businesses because they do not have adequate protection.
While it may be true that nobody can predict the future, when it comes to cybersecurity you can give it a good go. By looking at the security developments that we have witnessed over the past few years, it is perfectly possible to forecast what is likely to happen in the near future.
Plus, with 2020 just around the corner, now is the time to do exactly that. Staying ahead of the game and doing all you can to avoid the risk of a cyber-attack is vital; and what better way is there to do just that than by preparing yourself in advance.
From the rise of 5G to the implementation of AI, here are five cybersecurity predictions for the coming year.
Despite its negative connotations, the Dark Web is nothing to be afraid of. Few know that the Dark Web was actually thought out as a means of preserving privacy and security. However, this also enabled it to become a breeding ground for illegal activity.
There are certainly things to be distrustful of when navigating the Dark Web, and before venturing into it head-first, you should understand certain things about it.
What is the Dark Web?
The first thing you need to know is that there is no actual database for the Dark Web. Instead, there are only what are known as “peer to peer connections”, which means that the data you are accessing is not stored in just one place.
Instead, it is found on thousands of different computers that are part of the network, so that no one can actually identify where the information is coming from. You can upload to the network, but when downloading, there is no telling where you’re getting the data from.
“I’ve read that my web hosting provider’s website that they have a good security solution in place to protect me against hackers.”
This is a pretty common answer that a lot of bloggers and small business owners gave me when I ask them if they know about how secure their web hosting is. Also, they often add that their budgets are pretty tight so they’ve chosen to go with “an affordable provider.” By “affordable,” of course, they mean ‘ridiculously cheap.”
Come on, people.
Do you really think that a cheap web hosting has everything in place to stop a website attack? Do you think that they will protect you from all types of hacker attacks?
While I don’t know everything about how web hosting providers choose security solutions, I can tell you with some confidence that a lot of them have laughable solutions.
Some businesses – usually those that have never experienced any kind of major IT incident – think of cybercrime as an inconvenience. They may believe that if their company is hacked it will cause some disruption and perhaps an embarrassing news story, but that ultimately the breach will have only a minor effect.
However, the truth is that cybercrime can have a huge range of unexpected consequences. Here we take a lot of the real impact of a breach – cybercrime might affect you a lot more than you think.
The White House has recently published its new National Cyber Strategy, rescinding an Obama-era memorandum Presidential Policy Directive-20 (PPD-20) that laid forth the process by which the United States would undertake cyber attacks against cyber foes, to include foreign state actors. The Strategy consists of four primary pillars designed to guide how the United States will undergo defensive, and perhaps more importantly, offensive actions in order to preserve its interests in cyberspace. Per the Strategy, the four pillars are:
A recent article revealed that the United States government has gotten better at providing unclassified cyber threat information to the private sector. Law enforcement and intelligence organizations have greatly cut down the time it takes to provide unclassified versions of cyber threat indicators (a term that can reference that can refer to a variety of technical data that includes but is not limited to IP addresses, malware, e-mail addresses, etc.) to the Department of Homeland Security (DHS) to disseminate promptly to the private sector. The process had traditionally been slow as it involves an originating agency to determine if the indicator has been properly vetted without exposing sources and methods, per the article.
Speed of delivering pertinent threat information is certainly an improvement in a domain where attacks occur in seconds. A November 2017 report from the DHS Office of the Inspector General provided a report on actions taken during 2016 in fulfillment of direction mandated by the Cybersecurity Information Sharing Act of 2015 with regards to the sharing of threat indicators. Per the report, despite successfully classifying indicators and defensive measures, it still faced challenges effectively sharing such information across the public and private sectors. The report advocated enhanced outreach and a cross-domain information processing solution.
There has been recent focus on alleged Iran cyber activity the past few weeks, spurned on by the publication of a vendor report on Iranian operations. Per the vendor’s findings, not only was Iran likely behind the activity that was targeting government and private sector in the Middle East, it was implementing National Security Agency exploits that were stolen and dumped into the public domain by the Shadow Brokers group in April 2017. As recently as late August 2018, Iran is suspected of trying to launch influence operations ahead of the midterm elections. The conclusion is that Iran is increasingly using asymmetric attacks, particularly via cyberspace, as part of its tool box to conduct retaliatory attacks.
The new reporting comes at a time when Russia’s cyber malfeasance has largely dominated the press, due to its influence operations efforts and election shenanigans, not just in the United States but in other countries as well. Prior to the Russia focus, North Korea was the focal point with its suspected cyber activities targeting cryptocurrency, and the SWIFT banking transactions before that. Iran was propelled onto the scene with Operation Ababil
Space Force picture, an independent military branch by 2020. The move is designed to counter the weapons that China and Russia have already developed that threaten U.S. satellites. The U.S. Vice President quickly assured that the force did not and would not be created from the ground up, but would leverage the personnel and material resources already existing in the service elements. The goal is to streamline efforts and maximize efficiency, a noble endeavor given the difficulties that invariable arise when mission responsibilities traverse and overlap so many different organizations.
The protection of U.S. civilian and military space assets are considered a national security concern. In December 2017, U.S. Department of Defense officials expressed concern that the United States’ anti-satellite capabilities were not up to par as some of its adversaries. In contrast, adversary adoption of anti-satellite weapons been documented in the news. In April 2018, a report detailing global counterspace capabilities (that include direct ascent weapons, co-orbital, directed energy, electronic warfare, and cyber warfare) underscores how adversarial nations are actively pursuing the development of such weapons and the threat that they pose to U.S. space interests. The report reveals that such investment by these states started in the mid-2000s.
Thus far, there has been no confirmed retaliatory cyber strikes conducted by a victimized government against a suspected aggressor state. There has been some speculation that after the Sony Pictures attack, the United States “knocked” North Korea off the Internet for a brief period of time, although this has never been corroborated. Despite being a cyber power, the United States has demonstrated restraint in punishing against those transgressor states it believes to have been orchestrators of cyber attacks against its interests, preferring to level sanctions as a punitive alternative.
The question that governments ask is how to deter hostile acts in cyberspace? And while an important question to raise, perhaps the reality is that there is no viable answer. There is a reason why international efforts continually fail when trying to gain consensus on cyber norms, Internet governance, and the legalities and criteria of hacking back – there is lack of a fundamental desire to actually find a solution. Governments willing to agree to the standards and principles of any of these issues are stating their willingness to abide by them, and while that may fit the current situation, the dynamism of cyberspace has proven unpredictable. Being cuffed to such an agreement that no longer has relevance while other governments operate without constraints is not an ideal situation. Therefore, without an agreement in place, the status quo remains.