In early 2020, World Economic Forum (WEF) published its annual Global Risks Report that highlights events, trends, and developments that are most likely to cause major disruptions to societies across the world. In the middle of a worldwide pandemic, the report is more actual than ever. Cyberattacks to infrastructure, destruction of natural ecosystems, extreme heat waves, political polarization, and economic confrontations are ranked as the top 5 short-term global risks in the report.
Why cybercrime ranks so high as a global risk?
The scale of global cybercrime is mind-boggling. People used to say that guns, drugs and porn were the biggest illegal industries in the world, but cybercrime has quickly grown to the same league.
The WEF report estimates that cybercrime generates about 6 trillion dollars in annual revenue. Corporations like Facebook, Microsoft, Apple, Amazon, Walmart, and Tesla make a combined, total annual revenue of $1.28 trillion. One of the biggest (legal) industries in the world – tourism and travel – generated 9.25 trillion dollars in 2019.
Without a doubt, cybercrime is also one of the fastest growing businesses, making it bigger than, for instance, travel industry soon.
Why security experts are constantly warning us about smart home and smart personal devices (IoT)?
The most popular methods of cybercrime are Ransomware blackmail and Denial of Service (DdoS) extortion. A ransomware criminal sneaks a malicious piece of software to a victim’s computer, encrypts stored data, and demands money for decrypting the content. Denial of Service attack is based on sending excessive network traffic to victim’s computer infrastructure, and demanding money to stop it. This works well for many modern corporations whose businesses are running on digital platforms.
The alarming piece of information in the WEF report is that, for instance, in the US, only 0.05% of cybercriminals are brought to the court. This is not because of young hacker men who are hiding in college dorms and in their parents’ garages, but cybercrime is highly organized, professional global businesses.
Smart home devices, like voice assistants, door cameras, lighting systems connected to the internet (often labeled as Internet of Things, or IoT devices) and smart personal devices, like smartwatches or activity trackers are high on the target lists of criminals. They try to hijack (without the owner realizing anything) as many smart devices as possible, and install a piece of software into the devices that can take orders from the attack center. When the time is right, the hijacked devices are told to attack a bank, a government organization, online store, or whatever criminals believe is a profitable target.
What the high risk of cybercrime means for individuals, businesses and organizations?
When I see the way, for instance, my neighbors use their mobile phones and tablets, it is evident that they are an easy target for professional criminals. As people without digital security skills buy smart devices to their homes, the situation is going to get even worse. Criminals can’t expect high return from attacks on individuals, but still, fake computer support call centers exist that accept 100 dollars for fixing a problem that they caused to a victim’s computer.
Small businesses that don’t have computer or security experts are easy targets as well. The most lucrative targets are of course corporations with plenty of money.
As with any other type of crime, the fight against cybercrime never ends. But really, governments should think of regulating the devices people buy and connect to the internet. Basic security should be a default setting in all products that can be connected to the network.
An excellent article about cybercrime tells more about the crime methods and includes a number of pointers to valuable information.
The header image from the World Economic Forum Global Risks Report.