Cybercrime is here to stay| 15th September, 2016
Why cybercrime is not going to go away, ever.
If you asked CIOs to express their opinion about security, most would say that security has shortened the professional life span of many CIOs. While dealing with security, the threat of cybercrime tops their list.
The bad news is that cybercrime is not going to go away. For ever.
You know why? For a very simple reason. It’s too lucrative. And there is a huge, multibillion-dollar cybercrime black market that supports it.
Compared to other criminal industries, cybercrime is too safe and too lucrative. While drug trade is a $400 billion market and arms trading a $150 billion market, cybercrime is a $470 billion market. This is the stark reality.
Now, add the Internet of Things to the mix. By 2022, we will have about 25 billion connected devices. The estimated annual cost of cybercrime by then would be a whopping $715 billion.
Cybercrime as a Service
Cybercriminals today are botnet savvy and are constantly coming up with new scams. . Ransomware attacks are ever-increasing.
Currently, we are witnessing cyberthreats occurring from a number of sources: Ransomware, Internet of Things, Insider Threats, Exploitation of appliances (default passwords, unpatched systems, etc.), Cloud services, Targeted phishing, and Mobile payment systems/POS. According to security company Logrhythm, new threats are emerging on top of the existing ones: Reveton, Crypto Locker, Crypto Wall, CTB-Locker, Tesla Script, Torrentlocker, and KeRanger.
According to a McAfee report, today’s cybercriminals don’t need much of technical expertise to commitcybercrime. Sometimes, they don’t even need a computer. All they need is a credit card. There is a thriving marketplace offering cybercrime tools and services for little money.
The spurt in cybercrime is a direct result of this growth market of the “as-a-service” model. It allows cybercriminals to execute attacks at a cheaper rate or even allows them to rent services for a relatively small sum.
Also, cybercriminals are different from physical criminals such as robbers. Cybercriminals don’t get shot at, unlike traditional bank robbers. Thus, cybercrime appears to be more alluring as a relatively safe profession: less danger of being caught and at the same time, the returns are in millions.
All of this is well known by now. Yet not much has been done to stem the tide of cybercrime. The cybercrime experts are also well aware that most of the attacks originate from China and Russia. Consequently, the bad guys are almost immune as their schemes span international boundaries and they sit in many countries where what they do is not considered illegal, or the local government has no vested interest in changing anything. In recent years, governments in Asia have banded together in trying to set up an ‘Asiapol’ to combat cross-border cybercrime, on the lines of Europol.
As long as there are no laws to combat criminal activities around cybercrime, it is here to stay. Given this dismal scenario, CIOs have no choice but to prepare themselves to deal with the ongoing tsunami of cybercrime. It’s an ogre that will never cease to raise its head.