In 2016 alone, $81 million was stolen from Bangladesh’s central bank by suspected North Korean hackers. A separate incident saw the US National Security Agency’s hacking tools leaked on the internet. A $4.8 billion takeover of Yahoo by telecommunications giant Verizon was threatened by severe data breaches, and we’re still coming to grips with revelations of Russian hacking in the recent US presidential election.[1]
Cyber security is becoming a serious and prevalent issue in today’s digital age. In 2014, it was estimated that the total cost of cybercrime on the global economy amounted to $445 billion – roughly the equivalent of Austria’s GDP.[2] This estimate may also be a gross understatement, as firms and government agencies are often reluctant to disclose the fact that they have been subjected to a cyber attack due to the potential stains on their reputations.
History
Part of the problem dates back to the technological revolution itself and the culture in which technological products and programs have been designed. Computer chips are often designed by a particular manufacturer, then applied to a circuit board of a different manufacturer. Additionally, a third firm will be brought in to write the software, and it will traditionally write the most basic form of software to ensure the device is functional. This chain continues all the way through to the operating system. A mistake at any link in this chain can leave the entire system vulnerable to a cyber attack.
If hardware proves too difficult to infiltrate, then computer software provides an easier channel of access for hackers. In 2014, Google reportedly ran 2 billion lines of code across its products – it was reported that in every 1000 lines of code, up to 50 errors may have been present. Such vulnerabilities exist in all kinds of products, from smart phones to high tech weapon systems.[3]
The Internet of Things [IoT]
The risks and associated costs of potential cyberattacks are expected to rise, as we enter a new phase of the digital age termed the ‘internet of things’, or IoT. Everyday objects such as cars, toys and even medical devices could soon be embedded with sensors and computer chips. As these devices become increasingly updated and personalised, they will serve as more attractive targets for cyber criminals. Further, inconveniently, patches and software to prevent cyber attacks are generally only released once a flaw is detected in a system or a cyber attack has already taken place. Therefore, some losses may inevitably need to occur in order to enhance protection against future attacks.[2]
Corporate Responses
In response to alarming cyber-related incidents, tech companies such as Microsoft are trying to bring about an ‘attitude shift’ in the way people use their products. They have encouraged consumers to update their software every period, to ensure that only the most secure programs are being run on personal and business platforms. Another technique known as ‘sandboxing’ is also being explored in the tech industry, limiting communication between different ‘sections’ of a program or device. While this could limit the damage being caused by a potential breach, critics argue that such techniques of ‘walling off’ sections can lead to decreased productivity.
…Interestingly, we’re seeing such isolationist methods being adopted on the global political scale.
Governmental Responses
In 2016, China announced new laws which would make it much more difficult for data to flow across borders, in an effort to insulate the nation from potential cyber threats. The passing of the cyber security legislation has placed restrictions on foreign firms and cross border trade.[4]
Other global superpowers are also taking more aggressive stances on the subject of cybersecurity.
Phillip Hammond, the UK Chancellor of the Exchequer, announced last year that Britain was now ‘developing its offensive cyber capabilities’ in an effort to ‘detect, trace and retaliate in kind’ to any potential threat. Around the same time, the Obama administration officially accused Russia of orchestrating a cyber attack into the US election process. Then-Vice President Joe Biden went on to state that Russia would soon be on the ‘receiving end of a covert cyber-attack’.[5] All the while, back home, the Australian Government released ‘Australia’s cyber security strategy’ in April 2016, with Malcolm Turnbull publicly stating that Australia had the ability to ‘hack back’ against cyber perpetrators.[6][7]
With a range of alarming cyber incidents occurring in the space of a few years alone, corporations and governments are taking drastic actions to protect and potentially retaliate against cyber attacks. With computers and technology making their way into more facets of everyday life, the stakes are higher than ever and it will be interesting to see how governments and corporations choose to navigate the dark world of cyber warfare.
[1] The Economist 2017, ‘How to manage the computer security threat’, The Economist, Viewed 24 July 2017
[2] The Economist 2014, ‘The internet of things (to be hacked)’, The Economist, Viewed 23 July 2017
[3] The Economist 2017, ‘Computer security is broken from top to bottom’, The Economist, Viewed 24 July 2017
[4] The Economist 2016, ‘China adopts tough cyber security law’, The Economist, Viewed 22 July 2017
[5] The Economist 2016, ‘Britain flexes its cyber-muscles’, The Economist, Viewed 22 July 2017
[6] Commonwealth of Australia, Department of the Prime Minister and Cabinet 2017, ‘Australia’s Cyber Security Strategy: 2017 Update’, Viewed 24 July 2017, https://cybersecuritystrategy.pmc.gov.au/cyber-security-strategy-first-annual-update-2017.pdf
[7] Phair, N 2017, ‘Australia’s Cyber Security Strategy: weaknesses, yes, but we’re improving’, The Age, viewed 25 July 2017, http://www.theage.com.au/national/public-service/australias-cyber-security-strategy-weaknesses-yes-but-were-improving-20170601-gwhtgy.html