Gone are the days when a cybersecurity threat was mostly aimed at an unsuspecting individual or a group of gullible people. For example, if an individual’s bank account and credit cards were compromised, the impact was mostly financial and it was felt by the affected individual and their families. In one study by the US Government Accountability Office (GAO), the number of incidents experienced by federal agencies increased by 680 percent in a 6 year period. If Government systems with reasonable controls and security measures see such a drastic rise in threats, it is a no-brainer to guess the increase in the volume of attacks on individual computer systems. Nowadays it is not uncommon for large corporations and government agencies to be relentlessly targeted by hackers to gain access to sensitive information, to conduct large scale fraudulent financial transactions or control computer systems in a way that could harm millions of people.
Let’s look at some of the attacks that caught the attention of national and international media. An anonymous leak of documents belonged to a Panama law firm, Mossack Fonseka, revealed unconfirmed, but financially sensitive information dating back to 1970’s of many high profile individuals around the world. Thousands of pages of classified information were distributed by a US defense contractor. The Data breach in Home Depot triggering thousands of fraudulent transactions, Credit Card breach of millions of customers at Target, Heist for $1 Billion from Bangladesh Bank, compromise of private information of millions of OPM users, hacking of 1 Billion Yahoo email users etc. had far reaching impacts. The recent US Presidential Election was allegedly manipulated or impacted due to cyber attacks.
In developing economies such as India where the number of mobile phones is in excess of 1 billion and the Government pushing the digital reforms, the convenience of ecommerce and business transactions through mobile phones also bring security vulnerabilities. The cybersecurity threat is everyone’s problem and there should be collective efforts from citizens, academia, hardware and software providers, corporations and governments to create awareness, education and solutions. US Computer Emergency Readiness Team (CERT) from Department of Homeland Security (DHS) provides alerts and tips pertaining to individuals, Industrial Control Systems and Critical Infrastructure. Cyber Insurance is offered by many insurance carriers to protect against the impact of cyber threats. With the advancement of Internet of Things (IoT) where devices and appliances such as fridge, microwave, thermostats, garage door openers and life saving devices such as pacemakers become “smart”, the threat of hacking and control of such devices in the wrong hands could result in potentially harmful consequences.
What are your thoughts on this issue? What could be some of the collective citizen-corporations-nonprofit-academia-government approaches to solve this issue?
Balaji Venkatesan is the President & CEO of SD Solutions, LLC – a provider of Cybersecurity, Governance and IT services to clients including several US Federal Government agencies. He can reached at bvenkatesan-at-sdsolutionsllc.com