Let’s focus on cybercrime. Cybercrime is becoming the largest criminal enterprise ever seen in the world.
It’s expected that this year, 2015, that there will be $500B stolen from everyone or anyone on the internet. That is 1% of GDP worldwide.
Now to be a victim of cybercrime is not that hard. You could go to a website that has been compromised with malware, accidentally download it onto your computer, you are now a victim.
You can get a phishing email that says, you need to go here, click this, and off you go. The biggest one of those type of things is the cryptovirus that comes in as something totally innocuous, something you wouldn’t think is a problem. Comes from Australian post. Comes from Paypal. And the email will look exactly like something that has come from Australian post and something that’s come from Paypal.
Or you can be in a specific role in a business, and you will be specifically targeted by the cybercriminals. Now cybercriminals are very intelligent. They really are.
They do not discriminate between who they’re going to target and why. And there are two types of cybercriminal. There are the full blown people who are after your money. And then there are the wannabes, the script kiddies, the teenagers who think I can do that, and I’m going to go do that.
The script kiddies are a major problem. These, the black hat hackers are a severe problem. But these are a major problem. Now script kiddies are a major problem because what they do is they look in the digital world for vulnerabilities that your system might have. Those vulnerabilities come about from holes in applications, holes in hardware, holes in operating systems.
But because they are so numerous, because what they do is so pervasive, they are looking to find you as a target. To do that they test your system to make sure that you have patched everything. But there are a lot of them. And they are different sequences, different services, different systems that these people can do, or the script kiddies can do, that allows them to target anybody who’s connected to the internet.
So if you’re thinking that we’re too small to be a target. We have nothing worth stealing. Or it will never happen to me. Well, no you’re not. You’re wrong. It will happen to you because of the script kiddies. You are a target because of the script kiddies.
And it will happen to you because the simple fact is eventually they are going to get in. They only have to win once. We have to win all the time. So what we’re looking at is a holistic attitude to cybersecurity and protecting yourself from cybercrime.
Going back to the complicated people over here, the ones who know how to write scripts and know how to get around systems, they’re no longer the little guys that hide in the dark rooms with a computer in front of them. These are very literate. They are very clever. They have the ability to talk normally to people.
These people over here, not so much. These people, very much.
These people have the capability of extracting information from Facebook by getting on there and saying, “hi, I’m your friend. Don’t you remember me from X? We had a beer in Y. And I saw you over here and there and everywhere.” Because he knows where you’ve been because you’ve put it all on Facebook.
These people are clever. They are very dangerous. These are the ones who steal the money, the intellectual property of your business and of yourself. They are looking to make money. And that’s the whole thing behind cybercrime. It used to be that cybercriminals or hackers were there to have a big of fun, maybe put a bit of graffiti on a website, and that was it.
They used to target defense, and defense’s websites were hacked. But there, they got worse.
2015 is going to be a really bad year. And it’s not until you start realizing that everyone is a target, that everybody has something worth stealing, and on that point, everyone has something worth stealing, it’s very important for you to understand.
Because if you get a piece of malware on a computer, yeah, it might be a computer sitting in a corner that nobody’s using and nobody’s doing anything with. But because that malware is on there, it now becomes a component of things like bot net, or a zombie, or it can be utilized to download porn, kiddie porn, and all that sort of stuff.
And this then becomes a component of their systems. You no longer have control over this. So when you say that you have nothing worth stealing. The technology you’ve got in your office is worth stealing. It’s worth something to them.
In addition to that, you’ve got credit cards, you’ve got financial actions. You’ve got clients. You’ve got intellectual property. All of these things are what they are targeting.
So this series is to look at all of those components and from there we will then create something that we can look at and go, I need to know about firewalls, or the management components, or what policies do I need to put in place? A holistic attitude to cybercrime and protecting yourself from cybercrime.