Did you know there are some next-gen online tools that can bypass the sophisticated anti-virus programme on your device? Or that damages caused globally due to cyber crimes are expected to cross $10 trillion by 2025?
Whether nations, corporations or international organizations, everyone has cyber crime high on their agenda, considering the every-growing risk and vulnerabilities in online activities and the forthcoming 2023 Global Risk Report will show, deepening geopolitical tensions have increased the prevalence of so-called advanced persistent threats (APTs), which are becoming as sophisticated as they are pervasive.
According to an article from the World Economic Forum Annual Meeting, new technology is scaling up the reach and impact of cybercrime: malware and ransomware attacks (the latter threaten to publish data or permanently block it unless a ransom is paid) soared by over 350% and 430% respectively in 2020.
“Next generation tools are bypassing antivirus programs, which is why living off the land (LOtL) attacks, in which attackers use legitimate software and functions to perpetrate malicious actions, accounted for almost two thirds of all reported incidents in 2021,” it stated.
These problems are compounded by a scarcity of security experts, poor reporting habits and a lack of global agreements about how to regulate cyber threats.
The Need For International Rules To Tackle Cybercrime
The WEF article notes that cybercrime is big business and has impacts beyond financial damages. Sample an industry estimate which claimed that the damages incurred by all forms of cyber crime, including the cost of recovery and remediation, totalled $3 trillion in 2015, $6 trillion in 2021, and could reach $10.5 trillion annually by 2025.
“But the impact of cybercrime extends far beyond the economic costs. It also degrades trust among internet users, and damages the reputations of public and private service providers. Online attacks ratchet up tensions between nations, since governments and critical infrastructure are increasingly the targets,” the article stated.
Yet despite all this, there are still few clear global norms, standards and rules to mitigate and prevent cybercrime, it noted.
Problems And Possible Solution
A big part of the problem is that many of the public authorities, corporations and civil society groups that are targeted are not mandated to report data breaches and cyber theft. Many are reluctant to do so, fearing reputational damage.
But this has starting to change as seen in the US and in the European Union.
The US’s 2022 Cyber Incident Reporting for Critical Infrastructure Act provides industry-specific guidance for voluntary disclosures, and the European Union’s 2018 Directive on Security Network and Information Systems and a host of other regulations mandate telecom payment services, medical device manufacturers, and critical infrastructure providers to also report breaches.
“Until global rules are strengthened and reporting of breaches is mandatory across most sectors, it will be impossible to understand the true magnitude of the challenge, much less develop targeted solutions,” the article noted.
Who Are Behind Cyber Attacks?
Cyber criminals are making fortunes not just in black-mailing targets with ransomware, but also in selling-off their data assets, including credit card information, login credentials of financial accounts, subscription credentials, social security numbers and usernames and passwords.
“The perpetrators of cybercrime range from powerful intelligence agencies to teenage hackers. Cybercrime is hard to stop precisely because of its distributed nature,” the article stated.
Consider the Cobalt CyberCrime gang that in 2018 breached 100 financial institutions in over 40 countries, reaping some $11 million per attack. Although its leader was captured in Spain in 2018, three members arrested by the US in 2018, and three more convicted in Kazakhstan and Ukraine in 2021, experts believe this will do little to dent its operations.
Global Cooperation and the Way Ahead To Deal With Cyber Crime
The article precisely noted that without global cooperation or a major structural change to the internet, there is not much that victims can do to defend themselves. There is the option of cyber insurance but it is not only increasingly out of reach to most buyers, but also potentially making a bad problem even worse.
“We urgently need international rules that are enforced as well as a more expansive approach that fosters cyber resilience,” it stated.
The matter is already on priority list of the United Nations, which voted to set-up a cybercrime treaty in 2019. The first meeting of the treaty was held in 2022 amid concerns that it could also expand government regulation of online content, criminalize free expression and undermine privacy.
“For now, states are negotiating over the parameters of a treaty – called the Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes – with most western governments determined that it upholds individual data protection and privacy rights,” the article noted.
Follow The420.in on