A report released by the United Nations says that cybercrime has risen at a record rate since the start of the global financial crisis in 2007, with an estimated $12 trillion stolen worldwide.
A report by the International Institute for Strategic Studies (IISS) also estimates that cybercriminals are still on the march.
It warns that there is a risk of a new wave of attacks on the UK, including the UK government and other financial institutions.
What’s the threat?
The report by IISS says that there are two distinct types of cyberattacks, cybercrime and computer network attacks.
Cybercrime refers to malicious activity which involves physical or online intrusions into or disruption of computer networks or devices.
The IISS defines computer network networks as systems that provide services to a global market of over 500 million people.
It also said that while the use of cyberattack is growing, there has been a decrease in the volume of cybercrime since the beginning of the financial crisis, with the exception of the United States.
But the report warns that a growing number of cybercriminal groups are using new technologies to target governments, institutions and businesses.
The report says that this trend has led to a “growing number of organisations being targeted with malicious cyberattacks in addition to the use and proliferation of malware.”
What do we know about cyberattacks?
A study published in March by the UK’s National Crime Agency (NCA) said that cyber crime has increased in the past five years in the UK and that cyberattacks on financial institutions have increased from around 3,000 per annum in 2008 to more than 40,000 in 2017.
NCA chief executive Richard Webb said that the NCA has recorded over 50 cyber attacks in 2017 alone, including “attacks on businesses, businesses of all sizes, banks, insurers, credit reporting companies, financial institutions and individuals”.
What are the threats?
Cybercriminals use new malware, exploits and cyberweapons to infect and steal money.
“The increase in cybercrime in recent years has been fuelled by an increase in the use by cybercrimics of new and existing techniques and tools for the exploitation of the computer network,” Webb said.
“Cyber attacks are increasingly becoming used by criminals to gain entry to the financial services sector.”
What can be done?
There is a need for better and more robust cyber security, said IISS chief executive Martin Roesler.
He said that security needs to be addressed at the national level and that the IISS recommends the establishment of a Cybersecurity Advisory Board.
“Cybersecurity is a matter for governments and institutions, not the private sector, but this is an opportunity for the UK to lead the way,” he said.
How can you protect yourself?
The NCA’s Roesller said the UK should develop cyber policies and regulations that make it clear what types of services and what type of cyber attack are permitted and that businesses should follow appropriate security practices.
“It is important that the UK has a robust cyber defence capability,” he added.
Why do you have a Cyber Security Advisory Board?
The UK has been ranked first among 27 European countries in terms of cybersecurity awareness among its EU partners and the NCAA’s Riesler said that having a Cyber Intelligence and Security Board is a way to promote awareness of the risks.
Who is responsible for the Cyber Security Board?
The IISS is responsible to create an advisory board for the cyber security of the UK.
The NCAA is responsible with setting the policies and guidelines for the NCAC, which will have a role in making recommendations to the NCBA.
Are there any sanctions for cyber crime?
Cyberspace security experts have expressed concern that the new legislation would allow governments to bypass cyber defences.
The UK government has proposed a bill that would give police the power to arrest anyone who breaches a cyber security network, which would mean that anyone could be held liable for cyber attacks on their property.