Being European Cybersecurity Month, it is apt for us to write about this practice of protecting networks, devices, and any other digital assets from malicious attacks. It has become an increasing field of analysis and study due to the emerging technology that opens new avenues for cyberattacks. Critical infrastructure protection, application security, information security, IoT security, disaster recovery, and network security are the main areas protected by cybersecurity.
Cybercriminal activity is one of the significant threats humanity will face in the next two decades. It is the fastest-growing crime globally that increases in size, sophistication, and cost. According to the Cybercrime Magazine report published in February 2019, cybercrime damages will cost the world $6 trillion annually by 2021. It is exponentially more damaging than the damage inflicted from natural disasters in a year, and more profitable than the global trade of all major illegal drugs combined. A study published by the University of Sydney reports that around $76 billion of illegal activity per year involves bitcoin – close to the US and European markets’ scale for illegal drugs.
Digital ad fraud is rising sharply as well. One study found that advertisers lost an estimated $19 billion to fraudulent activity last year and it is expected that this amount, reflecting ads on online and mobile devices, will increase to $44 billion by 2022.
We have all heard of common malware that encrypts a victim’s files, namely ransomware. To regain access to the data upon payment, the intruder then requests a ransom from the victim. Instructions on how to pay a fee to get the decryption key is shown to users. According to the study, ransomware damage costs are estimated to be 57 times higher in 2021 than in 2015. Cybersecurity Projects believe that global ransomware damage costs are expected to reach $20 billion in 2021, up from $11.5 billion in 2019 and just $325 million in 2015. By 2021, Cybersecurity Projects expect organisations to experience a ransomware attack every 11 seconds, up from every 14 seconds in 2019.
The FBI website includes 63 infamous people (up from 19 in 2016) who have conspired to commit the most dangerous crimes against the United States, including computer intrusions, wire fraud, identity theft, money laundering, fake domain name registration, trade secret theft, and other crimes. Cybercrimes are significantly undercounted because they are not recorded due to shame, fear of reputational harm, and (among other reasons) the notion that law enforcement will not help. However, in the European Union with the onset of GDPR, and cyberattacks resulting in data breach must be made known, which may increase the reputational harm, not to mention the hefty fines that organisations can be subjected to.
Cybercriminal activity is one of the significant threats humanity will face in the next two decades
The COVID-19 pandemic has prompted new activities such as remote working and increased dependency on digital platforms and technology to be embraced by organisations and individuals. The pandemic has created a “perfect cyberattack storm,” according to AFP, with millions of people employed in unfamiliar, less safe environments. Technological developments are the primary driver of economic growth, with the counter-point being a higher incidence of cyber-attacks. By designing and implementing new financial policies, policymakers are reconsidering ways to ensure that their countries are prosperous. The cyber risk for consumers and companies is intensified by the leading developments in Internet-connected technology such as e-commerce, mobile payments, cloud computing, big data analytics, IoT, AI, machine learning, and social media. Nevertheless, as the world focuses on the health and economic risks presented by COVID-19, this problem is inevitably being capitalized on by cybercriminals worldwide.
According to the Global Cybersecurity Index, Malta, Greece, and Romania, all with a 41 per cent score, are the most vulnerable to possible cybercrime attacks in Europe.
Finland came out on top as the safest of the 28 countries with just 29 per cent vulnerability, followed by Estonia, Germany, and the Netherlands, all at 30 per cent. With insufficiently robust cybersecurity regulations and weak international cooperation, Malta found itself at the bottom of the pile. Meaning that while Malta’s population is facing marginally less cybercrime than its neighbours, due to a lack of defensive or preventive measures in place, they are at much greater risk.
There is also a significant shortage of worldwide cybersecurity specialists. According to a CNBC report, 2.8 million professionals work globally in cybersecurity jobs. To better protect organisations and close the skills gap, the industry will require another four million skilled employees. Cybersecurity Ventures reports that out of these open places, more than two million openings will be in the Asia-Pacific region, and nearly 400,000 will be in Europe. Such ability shortages in Europe threaten the growth prospects of companies and the continent’s economy.
With a rapidly changing environment, today’s demand for cybersecurity is expected to continue growing over the next years. It will pave the way for a more stable cyber world age by investing emphasis on cybersecurity education, translation of new concepts, and study approaches. Hence why at the American University of Malta, we have introduced an M.Sc. in Cybersecurity two-year programme to ensure that we attract and train tomorrow’s much-needed cybersecurity experts today.
Dr Md Baharul Islam is Assistant Professor at the American University of Malta.