21st century cybercriminals are more sophisticated, daring and organized than ever. The threat landscape has evolved.
There are more connected devices, connected people and connected things than at any time in history and, as the 21st century progresses, this trend is set to continue. For many people, all this innovation is going to make the world a smarter, sharper and more captivating place to be, with new technologies offering us plenty by way of opportunities. Others, naturally, remain skeptical.
At the same time, in the dark, beneath the surface, there lies another world where cybercriminals are equally enabled and empowered by these technologies (as they become exploited and manipulated). It’s a world without borders, the digital wild west, where the rules of law are disregarded.
Here, all sorts of malicious activities are plotted, tailored techniques developed, targets identified. They may not all share the same values or have a common goal, but they do have something in common: to disrupt the status quo and muddy the waters.
This means that for all the technical wonders in the world, there are unfortunate and inevitable drawbacks. Nothing is perfect and, as history has shown, all sorts of things can be used in negative and nefarious ways.
In this instance, technology, especially the kind that allows us to connect like never before, is increasingly vulnerable to attacks. So, it’s great that your connected car delivers entertaining and seamless trips, yet, via jackware – as ESET’s Stephen Cobb puts it – your car may well be locked up in an entirely new way (requiring a digital key to unlock).
Needless to say the threat posed by this mishmash of 21st century cybercriminals – not all working together, it must be noted – increases by the day. They are more sophisticated, threatening and organized in their efforts than ever.
This new reality was recently recognized by the UK’s National Crime Agency (NCA) in a report that stated that “the accelerating pace of technology and criminal cyber capability development currently outpaces the UK’s collective response to cybercrime”.
Dubbing this situation as a “cyber arms race”, the NCA is under no illusion of the “enduring” challenges that lie ahead.
It’s time to batten down the hatches and give cybersecurity the attention that it rightly deserves.
New thinking, greater collaboration
A starting point is to rethink what we understand about cybercriminals, how they approach “their work” and who they target (as ESET highlighted in its 2016 Trends paper, security is an issue that concerns more and more people).
“If we think of it like a business, like a competitor, then we can prioritize the most effective efforts to disrupt it.”
What’s evident is that cybercriminals have evolved to be more professional, entrepreneurial and organized in their activities. The latter is a particularly telling description, as cybercriminals are either part of, work for, or commission – from a “growing online criminal marketplace”, as the NCA puts it – groups of individuals that bear all the hallmarks of real-world organized crime groups (except for the fact they’re more cyber-focused).
The business of hacking is a business just like ours,” explained Hewlett Packard in a 2016 report. “If we think of it like a business, like a competitor, then we can prioritize the most effective efforts to disrupt it.”
This is a shrewd observation, from which we can all learn. In ‘respecting’ the gravity of the threat posed by cybercriminals and recognizing that they possess a complex skill-set, only then can we begin to really understand how serious an issue this is (and is likely to be).
“Technology, management and education,” ESET has explained, “are key factors for security”, as is “collaborative action”, the NCA pointed out in its paper. This requires everyone to get involved, from businesses to law enforcement, from government to industry regulators, and everyone else in-between.
The result is that all stakeholders and participants get to see things from a different perspective, with unique perspectives and experiences delivering original insight. Further, the more visible and collaborative an approach to cybercrime and cybersecurity, the more universal knowledge becomes. This means that threats can be detected more quickly and equally swift responses to attacks can be delivered. Knowledge is, after all, power.
In recent years, as our personal and professional lives have increasingly been defined and shaped by gadgets and gizmos, we’ve become accustomed to a more streamlined way of living. That’s the brilliant thing about connected technologies – it helps to make life easier and more fun.
Yet, thanks to 21st century cybercriminals, everything we take for granted – paying for a book online, inputting your name and address on a webpage – is at risk. More so if we don’t invest in security software, develop skills and work together. The threat landscape may have evolved, but together, the security environment can also advance. It just takes effort.