Kevin Curran, Senior Member, IEEE & Professor Of Cyber Security At Ulster University
A recent report stated that cybercrime damage is to hit $6 trillion annually by 2021. Cyber theft is simply becoming the fastest growing crime in the world. Gartner reports that this rising tide of cybercrime has pushed cyber security spending to hit $170 billion by 2020.
A major problem is that there is a severe shortage of cyber security talent, with unfilled cyber security jobs to reach 1.5 million by 2019. There were 1 million cyber security job openings in 2016. As a result, the cyber security unemployment rate has dropped to almost zero percent. This is good for those cyber security specialists right now but not good for others especially as the human attack surface is growing each day with more people coming online. Couple that with the 50+ billion IoT devices that will need to be secured by 2020, and you can easily see how cybercrime will continue to grow into a highly lucrative and well-organized enterprise, seeking competitive advantage with the aid of sophisticated cyber operations in 2017. These operations will spend more money on research and development, with cyber criminals becoming increasingly innovative as far as the threats they can leverage are concerned.
A major threat at present is ransomware. Security vendor Malwarebytes has a honeypot to attract unwitting attackers and noted that in 2015, 17 percent of exploit payloads were categorized as ransomware but by 2016 this had risen 259 percent to over 60 percent.
The most effective way for hackers to gain a foothold on computers and install keyboard loggers or ransomware is to get people to click on links
Not only will people end up paying to unlock their files, computers, and mobile phones but we will see smart homes and offices held hostage and the owners asked to pay a fee to regain access to lights and appliances in the coming months. We can also expect to see ransomware spreading to transport with the arrival of ever-smarter cars. 2017 will no doubt bring us episodes of people left helpless and unable to drive their cars unless they pay up a ransom.
Stranger threats may see delivery drones being hijacked and deliveries stolen. We have already seen other uses for drones such as WiFi hacking drones which are adapted as flying laptops which can land on the roof and sit there intercepting wireless transmission as easily as in a public café.
The most effective way for hackers to gain a foothold on computers and install keyboard loggers or ransomware is to get people to click on links. This can be done by placing these files online and tricking people into downloading them or more commonly, by sending people 'phishing emails'. The first line of defense to stopping these attacks, apart from the firewalls, anti-virus software, and intrusion detection systems, is to simply educate people about the dangers of clicking on links. Only a fraction however will listen and learn. What I do like is a modern initiative where security teams send phishing emails to employees which then simply lead them to a page telling them about their mistake and educating them on the dangers of what they did.
Therefore, an opportunity in 2017 to address cybercrime is to embrace a concept of lifelong learning which is the "ongoing, voluntary, and self-motivated" pursuit of knowledge for either personal or professional reasons. This is a concept we need to apply in our quest to fight against cybercrime especially as the landscape changes with new attack vectors daily.
IEEE is a large global technical professional organization dedicated to advancing technology for the benefit of humanity. It is the trusted voice on a verity of areas from aerospace systems, computers to biomedical engineering.