The World Economic Forum (WEF) published their 2018 Global Risks Report last week, which showed that concern for cybersecurity risks has jumped this year, despite respondents in previous years showing optimism towards technological risks.
Both cyber attacks and data fraud appear in the top five global risks by perceived likelihood, most likely because of the increasing prevalence and disruptive potential for cyber attacks. The report stated that cyber breaches reported by businesses have almost doubled in five years, from 68 per business in 2012 to 130 per business in 2017, and incidents that would once have been considered extraordinary are becoming more and more commonplace.
There are multiple factors at play which are contributing towards the increasing cyber risks, including, but certainly not limited to; the resurgence of ‘dark net’ markets, increasing use and reliance on cloud services, and the persistence of cyber criminals to create and execute large scale cyber attacks. For example, the report states that in 2016 alone there were 357 million new malware variants released, and that in 2017 the average DDoS (Distributed Denial of Service) target was” likely to be hit 32 times over a three-month period”.
Not only are companies at risk of major disruption due to cybersecurity risks, but can be exposed to rising financial . WEF estimate that cybercrime will cost businesses US$8 trillion over the next five years, and the annual cost of responding to cyberattacks is said to be £11.7 million per company according to the Accenture 2017 ‘Cost of Cyber Crime’ study. According to the Global Risk Report, ransomware was one of the most costly forms of cyber crime in 2017, which locks targets out of their data and demands a ransom in return for restoring access.
Increase in Ransomware attacks.
“Ransomware attacks accounted for 64% of all malicious emails sent between July and September last year, affecting double the number of businesses compared with 2016” stated the report. Perhaps the most high-profile of ransomware experienced in the UK last year was the “WannaCry attack”, which hit the headlines after affected 300,000 computers across 150 countries. One of the more notable WannaCry victims of the attack was the NHS, with 81 out of the 236 trusts across England affected, alongside a further 603 primary care and other NHS organisations, according to the National Auditing office.
What is alarming, apart from the financial cost of the WannaCry attack, that it “illustrated a growing trend of using cyberattacks to target critical infrastructure and strategic industrial sectors, raising fears that, in a worst case scenario, attackers could trigger a breakdown in the systems that keep societies functioning.” The report goes on to state that many such attacks are thought to be state sponsored.
In Summary – heightened vulnerability to attacks
The Global Risks Report believes that risks are increasing – not necessarily because of increasing successful attacks on critical and strategic systems – but due to the” combination of isolated successes with a growing list of attempted attack”; an increasing worldwide interconnectedness and pace means our vulnerability to attacks is heightened.