Cybercrime is everywhere, it targets everyone and its threat is ever present. The only surprise is that we hear so little about it, but that is changing. The regularity with which high-profile websites and organisations are being hacked should be concerning, but often these hacks and the hackers are viewed as little more than an embarrassing inconvenience for the organisation targeted. Yet hacker networks such as Anonymous have the power to do genuine damage both in terms of the budget needed to repair systems and the public relations efforts of restoring faith after hackers have infiltrated a company.
The Internet has become a battleground and just as banks such as JPMorgan and retailers including Target have found themselves on the receiving end of hacker attacks, the political sphere is also susceptible to cybercrime. Political groups make a tempting target and the ability of individuals and groups to obtain cyber-weapons that can be used to both harvest vast amounts of private information and employed to influence results in a target group is a very real threat.
As far back as 2006, a Princeton computer science professor demonstrated how to install a piece of vote-rigging malware onto e-voting systems to alter the course of an election or referendum. Also in 2011, technicians at the Argonne National Laboratory revealed how it is possible to hack e-voting machines and remotely change voting data.
A threat that targets us all
Whilst high-level intrigues are undeniably fascinating, what we need to bear in mind is that what is happening to large companies and celebrities is just as liable to happen to the rest of us. It may not involve government-sponsored spooks, but for every cyber spy there are countless thousands of small-time criminals looking to find a way to help themselves to our data and payment details.
The list of threats outlined on the National Crime Agency’s Cyber Crime Unit makes for frightening reading. Phishing, file/webcam hijack and keylogging are terms that have become common knowledge to anyone working with computers regularly. What it highlights is that businesses even more than private individuals are vulnerable to what can be highly organized attacks. These can also take the form of an Advanced Persistent Threat, with highly skilled criminals infecting a targeted system for a prolonged amount of time and garnering vast amounts of data for nefarious purposes.
According to Computer Weekly, the cost of UK cybercrime is put at £1 billion a year and rising at an annual rate of over 20%.
Developing security technology
Faced with such threats, businesses are striving to find ever more sophisticated ways to protect their data and to secure their operations. Web Application Firewalls (WAF) are becoming more mainstream and more affordable, which is crucial to the small businesses and individuals particularly vulnerable to attack.
The development of cloud-based services is key to the mainstreaming of such high-grade security. The technology is, for example, increasingly enabling effective filtering of visitors to a site. Signature ID, as it is known, allows legitimate visitors access to a site whilst screening out approaches from suspicious IP addresses and known threats. At the same time, the latest security packages continually monitor unusual behaviours and irregular visits, either of which may indicate an attempted security breach. Such ‘error recognition’ was not something that traditional security packages allowed, but it is an increasingly potent weapon in the fight against the criminals.
The media occasionally provide us with a useful reminder that cyber security is not something we should ever take for granted. That is just as true for blue-chip companies, famous figures, and even private individuals: we all need to be aware of the perils of not taking precautions against cyber-attacks.
