Whether you choose to ignore the issue or face it head-on, cybersecurity and online privacy are such vital problems happening in our world today, as they introduce various obstacles at the individual, business, and global levels. Often, the complications of the cybersecurity industries are not as published or recognized in new sources individuals choose to look at, so the effects are typically ignored. Our world is, for the most part, ignorant of cybercrime because they are unable to picture the impact happening to them; a large number of people are waking up and noticing the importance of cybersecurity, but it is not enough to hold our policymakers, corporations, and global agencies accountable. Cybersecurity is so vital to the future, due to the increasing number of cybercriminals and data breaches, as cybersecurity seeks to protect people in terms of their health information, personal identity, online blueprint, intellectual property, and governmental information. With the cost of cybercrime in 2021 reaching the highest it has ever been at $6 trillion, it continues to increase in the wake of more individuals staying at home for work and the impact of the pandemic (due to many individuals using online platforms for every activity they would have completed in-person before the Covid-19 pandemic). How is it that the cost of cybercrime on the world has doubled in the last six years when more and more individuals are looking into cybersecurity measures to keep themselves, their businesses, and the rest of the world safe? How can everyday people outsmart hackers to improve the protection of their data? Education is ultimately the key to everything cybersecurity.
Both the future of cybersecurity and cybercrime are great. The International Data Corporation created a forecast focused on ransomware attacks which believes that the worldwide cybersecurity spending will grow to $174.7 billion in 2024. But with massive amounts of spending only increasing, a large cybersecurity talent gap remains as so many roles in these fields are unfilled; those teams that are “filled” continue to be understaffed. In a report of over two thousand experts in the cyber world, 62% mentioned they had understaffed infosec teams and 57% had unfilled positions. Those areas that do have a high budget to hire experts still are not getting the supply of staff needed to fill the demand. This is just another one of the many examples that will lead to the solution of increasing education in the sector of cybersecurity.
As cybersecurity looks into the future on the growing front of attacks, it is important to look at some disruptive trends that will shape digital privacy in years to come. These trends include the growing use of the internet of things, the focus of social engineering techniques, the changing shape of financial fraud, the difficulty of prosecuting cybercrime, and the future of threat detection.
Individual Level
As cybercrime and surveillance capitalism is on the rise, so many people feel like they could never truly be alone or maintain a sense of privacy in our current world. Every day individuals are becoming more aware of the risk of cyber warfare due to the war between Russia and Ukraine. These people rarely paid attention to potential hacks before the invasion. A report done by ABC News details the importance of taking cybersecurity measures, especially since the war is becoming threatening to more individuals all across the world. The unfortunate matter is that cyber warfare has gotten detrimental to individuals as they are falling behind in protecting their own privacy. In the ABC article, it includes the different types of cyberattacks that should be considered: “there are two types of cyberattacks, the ones that have an indirect impact on people’s livelihood and attacks targeting the tech of specific people.” Regardless of the attack, people are ultimately at risk.
So the question stands, what can people do to protect themselves from future attacks? The Cybersecurity and Infrastructure Security Agency (CISA) created a list of four things every person should consider when trying to protect their data and digital blueprint. These things include:
- The implementation of multi-factor authentication on personal accounts will make them 99% less susceptible to future hacks.
- Individuals should either update their software manually or turn on automatic updates.
- Educate yourself on phishing. Over 90% of successful cyber attacks begin with a phishing email.
- The creation of a strong and long password makes a person less likely to become hacked. In the future, will these passwords “in word-form” still be used? This is something we must consider with the advancements of artificial intelligence and facial recognition.
Additionally, one should maintain an education on all things cybersecurity in the news (or through independent news sources). If the individual wants to increase their privacy even further, they could learn to install detection programs on their devices. With aspects of our lives becoming so controlled and exposed across the various social media platforms, we are vulnerable in every single way. Places like the cloud or our Facebook and Instagram profiles make it so easy and attainable for anyone to gather information on us. In the next few years, will there be a cloud to back up everything onto? Tyler Cohen Wood, a former senior intelligence officer with the Defense Intelligence Agency, predicts cloud computing might be more short-lived than we think. She believes the creation of more closed networks will become popular, as individuals focus on the remaining aspects of the privacy they believe they have left. This will be through more peer-to-peer systems.
Business Level
While reducing the impact of cyberattacks and cybercrime should be one of the top priorities for businesses, both large and small, in the 21st century, many companies end up placing cybersecurity of low importance in their business models. Many businesses use the excuse that they are unable to allocate enough capital to cybersecurity, but is that really the main issue? Is it that companies are unable to place money in something that they see may or may not happen to their business? Their vulnerability is ultimately exposed to the cybercriminals of the world without effective measures or education on the subject. It is estimated that sixty percent of small businesses that have become attacked on the cyber-front have closed within six months of the attack, so why have businesses and even larger corporations chose not to take this topic seriously? While the integrity of the corporation could be at stake if the privacy of its customers and staff is not taken seriously, especially in the wake of many cyber incidents occurring across the globe, the economic impact of the business, as well as its customers, could pose a problem in the future. Eventually, the company will experience a loss of customers or a loss of sales if the issue of cybersecurity does not become prioritized.
As more individuals have grown accustomed to working from home because of the recent pandemic that has rocked every industry and sector of our world, those people have become more vulnerable to various scams, like phishing. It is important to note that not just those working from home are susceptible to phishing attacks, but also those using social media; these attacks have grown from the typical email-chain hacking like you might have heard about and grown into the impersonation of brands such as Facebook, Microsoft, WhatsApp, and LinkedIn. The brand Facebook, now known as Meta, has become the most targeted. Aside from phishing, companies in the last couple of months have experienced other instances of hacks, just like the 200 million profiles of Facebook, Instagram, and LinkedIn profiles being exposed through a startup in China in January. These examples are indicators of what is to come in the future of cybercriminals:
- “A senior Volkswagen employee was dismissed weeks after raising the alarm about alleged cyber security vulnerabilities at the carmakers’ payments arm, which is soon to be majority-owned by JPMorgan.” Although after past issues dating back to 2015 within the company, Volkswagen claims they are doing their best at hearing concerns of employees by even creating a “speak up environment”, yet the company chose to fire an employee for warning the company about the huge, disruptive issue of cybersecurity.
- An incident just occurred within the NFL team (San Francisco 49ers) due to a ransomware gang BlackByte. The VP of corporate communications for the 49ers, Roger Hacker, did not comment but the news found out it was just within their corporate IT department and did not affect ticketholders. Two days earlier on February 11th, the FBI and Secret Service told US companies to be on the lookout for BlackByte ransomware.
- Cybercriminals have used the shift of working from home to their advantage, as 1.5 million malicious emails per day have been sent to gain data and personal information from individuals. Something must be done in order to educate workers on the protection of their information as well as within the company to protect the business and its employees. Legal implications could follow for the company if they decide not to take cybersecurity measures.
- As many already have heard, the Colonial Pipeline was hacked in April of 2021. If hackers had the ability to hack it once before and gain $4.4 million in bitcoin, they would be able to hack any of our gasoline companies again, as our nation as well as many others rely upon gas as fuel for our moto vehicles. Although there is a great push for electric vehicles, not enough individuals at this very moment have electric cars or trucks to combat the possibility of another attack. How would this increase the price of oil in an already inflated economy? How would our government and other countries combat this issue? What could gasoline companies do in the future to fix problems from occurring over and over again?
The answer to each of the concerns of the businesses and their past hacks is education on preventative measures for the future.
Global Level
The entirety of our world right now is looking to the country Russia to see the fight against Ukraine play out, whether it be completed in a physical manner or the form of a cyber attack. The recent invasion of Ukraine by Russia on February 24, 2022 has left the world wondering what they can do to protect themselves and why the invasion occurred in the first place. As this is happening, many have grown concerned about how other countries will react to the news, especially since cyber warfare has played a significant role in the turmoil between the two nations. But, how are the United States and other countries able to fight against cybersecurity, a topic so many officials have little to absolutely no knowledge on? The Biden administration finally set up the Cyber Safety Review Board it adopted after President Biden signed his executive order. The board was enacted due to the administration claiming cybersecurity was one of its top priorities; it hopes to crack down on cybercrime within the United States by engaging in greater communication within private and public sectors in addition to the “call for the creation of new governmental bodies to further the growth of cybersecurity.” Other countries are starting to notice the importance of government intervention with cybercrime, although its difficulty in tracking poses a risk in prosecuting individuals or different nations. But, are these initiatives already too late? There definitely is major catching up to do for countries as they finally recognize the comprehensive issues that lay ahead for the future of cybersecurity, but the fight against attacks and hacks is better late than never. Although, the different countries of the world and their people are in different stages on their journey for better online and data protection. Here are some present examples of different changes happening in our world that indicate a future for cybersecurity:
- India explains its interest in getting more skilled people working in cybersecurity industries in order to protect their digital infrastructure. The digital India that is being focused on would work with the internet of things, digital solutions, and digital operational tools and be implemented into all sectors of the government including power, oil, water, and gas– all of which we have seen previous hacks take place. To try to place greater importance on the future of cybersecurity, IBM opened a new cybersecurity hub in India specifically to help fight attacks in various areas in Asia and the Pacific.
- Additionally, the push for the importance of cybersecurity measures was spoken about on International Women’s Day from women in Egypt, Saudi Arabia, Dubai, and India. Women from different Western countries used the Canadian-based platform siberXchange to create a group of women to foster more careers in technology and to educate those individuals on the importance of digital privacy, particularly in nations in Africa and Asia. Initiatives like this create a positive change for the future as more women are able to build careers in STEM and see themselves represented through these roles.
- China has been targeting several European countries as the war between Russia and Ukraine becomes more and more aggressive. Although the TA416 (the Chinese hacker) has apparently been attacking Europe for years, it has become more intense as cybersecurity walls are being broken throughout the world. The future in terms of Chinese cyberattacks is becoming more and more aggressive, especially as many NATO nations have become compromised by TA416. How will this affect the fight between Russia and Ukraine?