Last week’s report by McAfee and the Security & Defence Agenda, Cyber Security: The Vexed Question, considered the opinions of 330 policymakers and cyber security experts in government, business and academia worldwide. The consensus is that there is a cyber-war ‘arms race’ afoot - 57% of those surveyed think this. Slightly less, 45% think cyber-defence is as important as border security.
According to a report in 2011 by Detica, acting for the Cabinet Office, cyber-crime costs UK PLC £1,000 per second, or a gargantuan £27bn per year.
Then, on Monday, we found out about the FBI investigating hacking group Anonymous’ eavesdropping into of a Scotland Yard conference call which talked about ongoing court cases involving hackers. Not only did they get into Scotland Yard’s phone calls, they hacked the FBI’s emails, to find out when the aforementioned call would be taking place!
If cyber criminals can access the FBI’s private mailboxes, what hope is there for the rest of us?Dr. Phyllis Schneck, Vice President & Chief Technology Officer at McAfee, says
"Until we pool our data, and equip our people and machines with intelligence, we are playing chess with only half the pieces."
This cannot continue - industry and governments must unite. There needs to be a worldwide collaborative movement against criminals, ‘political hacktivists’ and terrorists, not to mention the espionage activities of other states.
At the moment, no country achieved the full five stars in the McAfee & SDA report. Israel, Finland and Sweden did the best, with four and a half stars. The UK and the USA, along with France and Germany achieved only 4 stars. And these are the high achievers! Many nations scored much lower, and this brings about a problem of ‘jurisdictional arbitrage,’ where criminals operate from less secure, more lawless nations. The experts surveyed took the near-unanimous opinion that we are more vulnerable than ever before.
The thing is, the criminals are getting better quicker: they are highly organised, well-funded and most importantly, they collaborate in ways that corporations and governments can only dream of right now. Sharing information freely, carefree of the ‘competition’ - there isn’t the same attitude to competition, as the crime sector offers pretty much infinite opportunities - is something that criminals do instinctively, and corporations and governments tend to resist.
According to the report, private companies fear their information could be misused by the government or competitors. But, in terms of ensuring that systems are secure it is vital to dispense with this attitude and join forces.
Major ITO providers, who manage huge swathes of the world’s corporate and public sector IT, should share appropriate information to make sure everybody’s customers are as safe as possible.
The cyber criminals, although disparate and cloaked behind anonymous IP addresses, are thick as thieves. IT providers, corporate end users and governments must achieve a similar state of affairs if we are to effectively team up to defend £27bn per year. And for every second we don’t, that’s another £1,000 down the drain.