Cybercrime knows no boundaries and its threat is increasing around the world

Risk atlas November 2012

The total cost of cybercrime in the USA alone is put at more than $3 trillion (€2.3 trillion) a year. For the UK and many other European countries, it runs into billions. The explosive growth of cybercrime in the past decade means computer systems in practically every company, particularly in the West, are potential victims of hackers, spies and internet fraudsters.

The same technology that has enabled the smallest company to engage in real-time global trading, widen the scope for international business dealings, and increase the rate of business-to-business transactions, has also turned every office computer into a potential security weak spot.

But other attacks, whether mounted by criminal gangs, unscrupulous companies, or government agencies, represent a serious and increasing threat to business. The head of the UK’s Government Communications Headquarters, which handles the vast majority of the country’s signals intelligence, says government offices receive about 20,000 malicious emails each month, of which about 1,000 are deliberate attacks.

A war without boundaries
There are no geographical boundaries in cyber space, but China and Russia are currently the primary locations from where cyber activity against Western business interests emanates.

Two years ago, intelligence specialists KCS Group defended a business within the nuclear sector against a government-sponsored attack from within China. Since then, the level of threat has escalated. KCS Group estimates that cyber criminal activity globally is now a greater threat than the illegal narcotics industry ever was, and is generating more money.

Cyber criminals don’t withdraw once the havoc has been created. Typically, they tend to hang around undetected and continue to take data, monitor information and gather intelligence.
It is important to repeat, however, that cybercrime by its very nature is not confined within national boundaries. Viruses have been known to originate in various parts of South America, eastern Europe, Russia and China, and spread rapidly through networks all around the world.

The days when computer hacking was seen as a misdemeanour carried out by a few computer geeks are long gone. Today’s hackers may be supported by organised crime, by unscrupulous commercial organisations seeking an unfair competitive advantage, or even by government agencies working for political and military ends.

Exploiting Stuxnet

Stuxnet, rumoured to have been created or developed by the American and Israeli security services working together, is a case in point. Technically, it is a computer worm rather than a virus, since it needs no existing programme to attach itself to, but replicates itself automatically and subverts industrial systems. It was first discovered in July 2010, and by the end of that year more than 60% of the computers known to be infected with it were in Iran, strengthening suspicions that it was deliberately designed to attack Tehran’s nuclear programme. As forms of Stuxnet are currently being sold on the black market, it is now able to be exploited by criminals and even terrorists.

Many of the world’s serious cyber attacks are believed to originate in Russia or China - two countries that have proven less ready than others to enter into international agreements that aim to regulate internet use and stamp out cybercrime. Law enforcement agencies in several governments, as well as the EU and defence alliances such as NATO, have produced strategy documents describing ways of combating what is now seen as a major international security issue.

So while technicians understand the facts, governments and companies could go a long way in their own policies to ensure computers are secure.
Putting it starkly, the world is being held to ransom by the dealings of cyber criminals. There is a war going on out there in cyber space and fighting it is getting dirtier by the day.