Many facts and figures are published on an almost daily basis in an effort to describe the constantly changing threats to our online world. These can often be overwhelming and paint such a picture of doom that the general public, and businesses, have become almost immune to their message.
Statistics on how many cybercriminals are actually investigated and prosecuted are striking. In the UK, police logged 735,098 frauds and cybercrimes in the 12 months to March 2017 (the last year with available figures.) However, less than 10% (or 71,133 reports) were investigated and only 8,214 individuals – fewer than 1% of cases – were prosecuted. This reflects a global trend in which nascent cybercrime capabilities in many law enforcement agencies struggle to keep up with ever-evolving cybercriminal activity.
The good news, from our perspective, is that many of the attacks that are causing considerable damage to individuals and to the global economy are not so difficult to defeat. Cybercriminals often make use of online tools that are easy to download, with step-by-step guides on how to maximize their disruptive or fraudulent effect. It is not that our adversaries are necessarily highly trained computer wizards; in fact, in many cases the barrier to entry for wreaking havoc on the internet is not actually as high as we might think.
Changing the attack economics
The World Economic Forum Platform for Cybersecurity and Digital Trust is seeking to drive collaboration across public and private sectors to shift the very economics of the attacks themselves – making the ‘barrier to entry’ for attacks far more robust and the penalties for attack much stronger, so that the likelihood and cost of being caught outweighs the potential gain. In the words of cybersecurity firm FireEye: “The attackers are not waking up fearful that they are going to get arrested for stealing email or extorting someone for a certain amount of cryptocurrency.”
BT and the World Economic Forum are leading an initiative, with input from the Global Cyber Alliance and a range of other partners, to consider the role that telecommunications providers play in securing the very networks that are used to making online activity possible. This approach makes it possible to address some of these macro issues in a way that has not been tested before at this level – and that could make a real difference to global cybersecurity.
A new approach to addressing high-volume cybercrime
There are three main focal points through which to find a way into a network to conduct a cyberattack. First, through the hardware, such as routers, where vulnerabilities can provide a way in; second, through software vulnerabilities, where readers will be aware of the need to frequently install patches to counter issues with erroneous or malicious code; and third, through the flow of internet traffic itself, which can be manipulated in various ways with the intent of achieving a vindictive aim.
There are actions which can and should be taken in all of these areas by telecommunications providers to make the internet a safer place for all.
This initiative will attempt to build on the successful work BT has been doing in the UK to tackle the high-volume attacks that affect people’s everyday lives. Working alongside government and industry partners, BT is preventing more than 100 million attempted malware connections every month and is working collaboratively with other ISPs in the UK to share and act on information about malicious domains.
The work aims to encourage other global ISPs to take responsible action which could have a significant impact on defending against high-volume attacks and securing online ecosystems. A set of principles is in preparation which aims to help ISPs better understand the types of activities they can implement to create real impact and help protect their customers.
Via the development and publication of such principles, we would like to encourage a dialogue to generate greater responsible action between and among ISPs as well as action to be taken where it can be markedly effective but has not yet been perceived as instrumental. Criminals are motivated by a risk-reward ratio which is currently skewed in their favour. Working collaboratively to make it more difficult for attackers to be successful will alter that ratio and help create safer digital ecosystems around the world.