How to Combat the Global Cybercrime Wave (Op-Ed)
Dmitri Alperovitch is a computer security researcher and co-founder & CTO of CrowdStrike Inc., which provides cloud-based endpoint protection. With expertise incybersecurity technology, policies and state tradecraft, Alperovitch also holds eighteen technology patents. This Op-Ed is part of a series provided by the World Economic Forum Technology Pioneers, class of 2015. Alperovitch contributed this article to Live Science's Expert Voices: Op-Ed & Insights.
Today, economic reliance on the internet is all-encompassing. With 40 percent of the world population now online, there is hardly an industry that has not been dramatically transformed and empowered by the communication and business opportunities created. But the very thing that has been such a powerful engine of global economic growth is now threatening to undermine it.
Cyberthreats from hacktivists and terrorist groups, cybercriminals and nation states have had an impact on millions of companies, government agencies, nonprofit organizations and individuals over the past several decades.
The risks have grown
Only in the past few months, an attack on the U. S. Office of Personal Management (OPM) by a sophisticated nation-state actor resulted in the theft of the highly personal and detailed records of more than 21 million people. Hacktivist and terrorist groups have successfully defaced websites and launched denial-of-service attacks, which disabled access to numerous networks and systems, and leaked sensitive and private information collected from targeted organizations.
The financial impact can also be direct: Transnational organized cybercriminal groups have stolen hundreds of millions of dollars from financial institutions and ordinary citizens. In 2014 alone, the FBI's Internet Crime Complaint Center (IC3) received hundreds of thousands of reports with a total aggregate loss of more than $800 million in 2014.
But perhaps the greatest economic threat of all comes from the persistent campaigns by major countries to hack into the networks of innovative and successful companies to steal their most valuable trade secrets and intellectual property.
A rapidly growing number of nation states have determined that cyberespionage is a highly valuable tool not only to steal national and military secrets but also to pillage the most valuable business information from international competitors and pass it on to domestic industries to help them out-innovate and out-negotiate their rivals. This cuts through the heart of the modern economic system, which assumes and relies on fair competition in the global free market. What's worse is that it destroys the incentive for businesses to invest in innovation and research and development if they can rely instead on the intelligence instruments of their country's national power to steal and reuse the innovation of others.
And while cyberespionage is having a tremendous negative affect on the global economy from the theft-caused drain of intellectual property and the resulting adverse incentives for continued investments in innovative growth, the threat from destructive and disruptive attacks is amplifying risks even further. In the past three years, entertainment companies such as Sony Pictures and Las Vegas Sands Casino, and Middle Eastern oil and gas corporations, have come under devastating nation-state orchestrated cyberattacks that have demolished their networks and halted their business operations for weeks. [DARPA Kicks Off Two-Year Cybersecurity Hack-A-Thon ]
But what is even more insidious is the prospect of covert modifications of critical data, such as financial records or stock market settlement statements, which could cause lasting and enormously costly damage to the global financial system, and as a result, the world economy.
Laying down the law
What can be done to address these enormous global challenges?
One of the most important is the urgent establishment of global norms among the major industrial and developing countries on issues of national security and economic cyberespionage conducted by their intelligence agencies and military services. As daily news accounts of discovered hacking incidents from around the world reveal, this problem is reaching epidemic proportions, with more and more countries involved. Unless an enforceable accord can be established to regulate the impact of these activities on private sector companies and regular citizens, this issue will poison global business relationships and further Balkanize the Internet.
Second, we need to promote broader cooperation among countries on the investigation and prosecution of cybercriminals, terrorists and hacktivist groups. We have witnessed encouraging signs, with law-enforcement cooperation between the United States and China, two of the greatest archrivals in cyberspace.
Finally, we need to encourage and promote further adoption of defensive technologies that can rapidly crowdsource threat data and enable companies to hunt for, detect, attribute and stop cyberattacks.
The Internet is a global resource that does not belong to any one nation or alliance. It has contributed to amazing economic growth, collaboration, civil education and awe-inspiring lifestyle improvements for billions of people. We need to focus our efforts to keep it safe, interconnected and open for future generations.
Read more from the Technology Pioneers on their Live Science landing page. Follow all of the Expert Voices issues and debates — and become part of the discussion — on Facebook, Twitter and Google+. The views expressed are those of the author and do not necessarily reflect the views of the publisher. This version of the article was originally published on Live Science.
Live Science newsletter
Stay up to date on the latest science news by signing up for our Essentials newsletter.
By Harry Baker
By Sarah Moore