How Cybercrime will make the internet better
In 2016, cybercrime cost the global economy over $450 billion—yet some experts have claimed trying to secure the Internet is more trouble than it’s worth, or a Zero-Sum game.
Cybercrime Is On The Rise
Cybercrime Activity is…
The fastest-growing crime
Stealing intellectual property
Causing the greatest transfer of economic wealth in history
Costing companies millions—even billions
According to a Ponemon Institute survey of international companies
2017 average annual cost of cyber security: $11.7 million
22.7% increase from 2016
2017 average number of security breaches per year: 130
27.4% increase from 2016
The Costs of Cybercrime
In 2012, hacking group Cutting Sword of Justice
Used a scam email with a bad link to partially wipe or completely destroy 35,000 Saudi Aramco computers
Forced the company to
Use typewriters and faxes
Give away oil for free
Buy 50,000 new hard drives
In 2011, LulzSec hackers
Attacked Sony’s PlayStation Network affecting 77 million accounts
Cost the company $171 million
Caused the site to be down for a month
For those who aren’t taking dedicated measures to protect their data, the costs can include:
Lost business revenue
Loss of company assets
Damage to reputation
Litigation
The Zero Sum Game
What it is: a situation in which one person or group can win something only by causing another person or group to lose it
Argument | Security is a Zero-Sum Game
In mass surveillance: Tradeoff between national security and personal privacy
In cybersecurity: No matter a company’s efforts to maintain security, in the end the company will not win
Why:
Human Element
Laziness – Little or no desire to follow security protocol or improve existing policies
Greed – Security software companies claim to be able to prevent all types of attacks and prey on:
Fear
Uncertainty
Doubt
Security and commerce are in opposition to each other
Security software companies need cyber threats to generate sales
Companies rely on software to maintain security
Counterargument | Security is Not a Zero-Sum Game
In mass surveillance: Governments should be
Held accountable to their citizens and
Pursue transparency
In cybersecurity: Companies should
Maintain security protocol
Pursue the improvement of security measures
Why:
Protecting Americans is not an option
Innovation in digital infrastructure should thrive in the American democracy
Regardless of if the internet can ever truly be secure, businesses and individuals are using a variety of tools to protect their data
Security Options Used Today
Virtual Private Network (VPN)
What it is: A technology that creates a secure network while using a public network
How it works: Uses a combination of dedicated connections and encryption protocols to create virtual P2P connections
Benefits:
Help protect from
Wi-Fi spoofing
Honeypot attacks
Firesheep
Allow users to spoof their physical location
Allow users to subvert government filters
ProtonMail
What it is: Switzerland based company offering end-to-end encrypted email
How it works: The service encrypts all email messages in the user’s web browser before it even reaches the ProtonMail servers
Benefits:
ProtonMail does not store passwords and therefore can’t decrypt messages
If the server is compromised, hackers won’t have access to users’ email
Company cannot be compelled to expose their technology to any government authority
DuckDuckGo
What it is: A search engine established in 2008 that doesn’t track users
How it works:
Does not collect or share personal information.
Does not use cookies
Does not store IP addresses or unique User agent strings
Prevents search leakage by default
Available on desktop and mobile
Benefits:
Offers a range of options for
Privacy
Customization
Offers search results without being intrusive
Brave
What it is: An ad-blocking web browser with a connected cloud service enabling the placement of select ads that don’t track a user’s online activities
How it works:
1) Default setting will block all display ads
2) Block programmatic ad networks’
Signaling
Analytics scripts
Ad-click confirmation signals and
Placement of third-party cookies
3) Search ads will not be blocked
4) Will use anonymous targeting for future ads
5) A Brave “vault” will
Allow syncing bookmarks with passwords across devices
Be controlled by the user
Not be connected to personally identifiable information (PII)
Benefits:
Increased page load speed for users — 2 – 3xs faster
Greater online privacy
But with every cyber attack claiming the data of millions, the world is starting to wonder: is data ever truly safe on the Internet and how can we make it safer?
The Future of Cybersecurity
Decentralized Web (or Internet)
Today Google, Facebook, and Apple control the Internet by requiring users to connect with each other using their platforms, but the new Internet will use revolutionary technology that was first invented in 2009 for payments.
What it is: Uses blockchain technology to decentralize the
Infrastructure
Protocols,
Applications and
Governance of the Web
How it works:
1) Uses crypto token – a long private key
Would need more energy than is present in entire solar system to hack
2) Removes the middleman
Such as banks and data banks like Facebook
Giving power back to users
3) Does not require trust —> secured by mathematics and cryptography
4) Run by a group of developers, businesses, and users —> not a single company
Benefits:
Aligns incentives of users and developers
Protects the network with crypto tokens
Encourages innovation by providing protocol as a shared resource
Results:
Unbundling of data silos- users will own their data
No central companies to leak data
Hackers will have to target individual users
Will be impossible to simultaneously steal from millions
Lower barrier of entry will provide:
Freedom to innovate and
Freedom of choice
Understandably, Internet users are getting excited about blockchain technology. The next step? Spreading the word.
Sources:
https://www.infosecisland.com/blogview/18588-The-Nature-of-Infosec-A-Zero-Sum-Game.html
https://www.cnbc.com/2017/02/07/cybercrime-costs-the-global-economy-450-billion-ceo.html
https://www.cnbc.com/2017/07/25/stay-protected-from-the-uss-fastest-growing-crime-cyber-attacks.html
https://www.accenture.com/t20171006T095146Z__w__/us-en/_acnmedia/PDF-62/Accenture-2017CostCybercrime-US-FINAL.pdf#zoom=50
https://www.hiscox.co.uk/cyber-readiness-report/docs/cyber-readiness-report-2017.pdf
https://gizmodo.com/5990192/vpns-what-they-do-how-they-work-and-why-youre-dumb-for-not-using-one
https://techcrunch.com/2014/06/23/protonmail-is-a-swiss-secure-mail-provider-that-wont-give-you-up-to-the-nsa/
https://searchenginewatch.com/2016/03/01/going-over-to-the-duck-side-a-week-with-duckduckgo/
https://www.merriam-webster.com/dictionary/zero-sum%20game
https://www.lawgazette.co.uk/comment-and-opinion/security-and-privacy-is-not-a-zero-sum-game/5039382.article
https://www.aei.org/publication/cybersecurity-and-commerce-its-not-a-zero-sum-game/
https://www.forbes.com/sites/roberthof/2016/01/20/brave-softwares-new-browser-nukes-ads-that-track-you/#6044161760ac
https://ischoolonline.syr.edu/blog/what-is-the-decentralized-web/
https://www.shareable.net/blog/21-technologies-that-will-decentralize-the-world
https://blockstack.org/videos/the-conference-the-future-of-the-internet-is-decentralized
https://money.cnn.com/2015/08/05/technology/aramco-hack/index.html
https://www.csoonline.com/article/2130877/data-breach/the-16-biggest-data-breaches-of-the-21st-century.html
https://www.insidesources.com/ex-nsa-head-chinese-hacking-is-the-greatest-transfer-of-wealth-in-history/
https://fortune.com/2015/05/01/how-cyber-attacks-became-more-profitable-than-the-drug-trade/
https://www.criticalhit.net/gaming/these-are-the-men-who-hacked-the-psn-in-2011/
https://duckduckgo.com/privacy
https://www.cio.com/article/2908864/security0/5-costly-consequences-of-smb-cybercrime.html