Some have said, only half-jokingly, that an innovation only gets the investment they need to be perfected once the arms industry has seen a need for it. More worryingly, there is now good evidence that much of the innovation is being driven by increasingly organised, sophisticated and well-resourced cyber-criminals.
For example, one of the world’s first encrypted wireless network was created by a Mexican drug cartel. Submarines that cannot be detected by radar have been developed by, and are being manufactured on behalf of, international smuggling syndicates. And then, of course, there are the software developers that create the software that allows hackers to access any system, from a power plant, oil refinery or similarly vital site to a bank. The Bangladeshi central bank recently lost more than $80-million.
“The real issue here is that cyber-criminals have become leading innovators in their own right, and they have the resources, both financial and human, to do whatever it takes to penetrate the most carefully constructed defences,” says Kovelin Naidoo, CIO at Internet Solutions, speaking at a recent cyber-security event hosted by ContinuitySA.
“We have to be aware that there is a vast hidden network of organisations and individuals who are focused on accessing the data and system for their own purposes.”
These shadowy players make use of the “Deep” and “Dark” Webs, which host an alternate economy where pretty much anything can be ordered and paid for in untraceable Bitcoins, including contract killings and replacement human organs. All of this covert activity falls into three broad categories: governments working against their enemies, activists motivated by a cause, or those simply motivated by profit.
The figures make for scary reading. The Verizon Data Breach Report 20126 noted 2 260 data breaches and 64 199 security incidents last year, overwhelmingly from external players, while the Dell Threat report 2016 shows that the number of unique malwares is growing exponentially year on year. Internet Solutions, Naidoo reveals, prevented 11 000 denial-of-service in the past year.
Jeremy Capell, head of advisory at ContinuitySA, says the threat posed by cyber-criminals to businesses and governments has now become so severe and so sophisticated that nothing but a co-ordinated and integrated technical and business response across all domains would be effective.
“A technical response to cyber-crime is one important component, but it’s only part of the solution,” he says. “Companies need to understand what the risks of a breach are, but they also need to have a detailed, enterprise-wide response that will limit the damage. This damage is not restricted to direct financial loss, but also includes reputational damage, which can be devastating.”
Capell says that organisations need to assess whether they are properly prepared. Do they have the right skills? Do they have a document set of processes and procedures in place? Do they have adequate threat intelligence?
Very often sites are breached and corporate information is posted on Deep Web yet the organisation remains unaware of the breach. Is security conscious behaviour integrated into the corporate culture? And are all the risks known and properly communicated, and is the security and threat landscape constantly being monitored?
“Cyber-crime calls for a technical response, a business response and, increasingly, proper cyber insurance as well,” Capell concludes.