A lot has changed since the Morris worm was launched from MIT in November 1988, when then Cornell grad student Robert Morris made headlines for releasing one of the first Internet worms. Though this supposedly wasn’t an intentional attack, it still ended up causing between $100,000 and $10 million damage and resulted in Morris being prosecuted under the Computer Fraud and Abuse Act.1
At the time of the Morris worm, the Internet had fewer than 100,000 connected computers2 but today in 2016, with around 6 billion connected nodes—from vehicles to phones to buildings—cyber criminals have the ability to wreak more havoc than ever. With this number predicted to hit at least 20 billion by 2020, there is reason to be concerned.3
After the Morris worm, companies began attempting to build more secure products and software, and intrusion detection and malware detection software began to take off. Despite these efforts, the early 2000’s saw widespread malware infections like the Code Red worm, Slammer and Blaster,4 and the Conficker worm which appeared in 2008, affecting millions of Windows users.
Today’s Criminals Are More Brazen
Cyber criminals are growing increasingly bolder and more varied in their philosophy and motivations. Notorious hacktavist group Anonymous recently declared war on Donald Trump and previously on hundreds of private individuals, companies, and even governments.5
The Sony cyber attack of 2014, which resulted in Sony canceling the premiere of The Interview, illustrates the influence that hackers can have on a large corporation. There has even been a recent surge in cybercrime from nation-sponsored groups who attack for political reasons.6
Recent years have also seen a drastic increase in organized cyber criminals motivated by financial reward. In the last three months of 2015, there were 21 million fraud attacks and 45 million bot attacks in the financial sector.7
Since more customers are making transactions on their phones, criminals now also have additional opportunities to steal identities for financial gain.
Greater Connectivity, Greater Stakes
In a world where computers control so much, today’s cyber criminals are more empowered than ever before. Whether for political reasons, financial or personal gain, hackers can use their skills to put citizens and corporations on lockdown.
Believed to be the first-of-its-kind, the cyber attack on a Ukrainian power grid in December of 2015 left hundreds of thousands in the dark.8 In February of 2016, Hollywood Presbyterian Medical Center in Los Angeles, was attacked by hackers who used ransomware to demand over $16,000 to decrypt the hospital’s network.
Because the quickest means of restoring systems was to pay, the hospital handed over the money.9 This type of hacking could affect access to electricity, vehicles, appliances, toys and basically anything that’s connected to the Internet.
Even without a demand for ransom, hackers can cause personal turmoil as in the 2015 attack of the Ashley Madison website, which revealed millions of usernames, addresses and credit card information.
The Cost of Convenience
While The Internet of Things (a common phrase which reflects the growing connectivity of all types of appliances to the Internet) provides many conveniences, products are often developed so rapidly that there isn’t always adequate time or budget allocated for proper cybersecurity and data privacy measures.
For example, in the healthcare industry, to forego false positives and patient delays, hospitals end up making concessions and 75% of hospital network traffic goes un-monitored, according to Raytheon and Websense Security Labs, and the industry sees 340% more cyber attacks than other industries on average.10
The automobile industry isn’t safe either. With the onset of connected cars comes the possibility for cyber attack, as demonstrated in the summer of 2015 when security researchers took control of a Jeep Cherokee going 70 mph on a highway and were actually able to cause it to crash.11
Whether a fitness tracker, smart light bulb, security system or anything else connected to the Internet, these things are all potentially vulnerable to hackers.
Because so many cybercrimes are undefined in the U.S. legal system, it’s hard to seek recompense or prosecute attackers after the fact. The key is to be proactive and stay one step ahead of hackers.12 Assume hackers might already have access to your network, protect data accordingly, and stay on top of monitoring systems so there is immediate notification if such a threat materializes.
Hackers are always looking for the newest tools and techniques. So cybersecurity experts must also have the resources for a proactive offense. President Obama has already increased cybersecurity spending in the U.S. by $5 billion and many companies are also increasing their budgets.13
In order to remain one step ahead of today’s cyber criminals, proactive vigilance, increased resource budgets, training and holistic cyber defense strategies must all come together.