As much as 640 terabytes of data, 100,000 tweets, and 204 million Emails are transferred on the Internet every minute. Other data transfers include trillions of dollars USD (for financial transactions), very sensitive military records and documentation, and an immeasurable amount of personal information.
Cyberspace and its critical infrastructure are always susceptible to threats and risk. People, organizations, corporations, and states are vulnerable and can be exploited by almost anyone. Malicious actors from any point in the world, because of the openness of the Internet and cyberspace, can disrupt states; even the most sophisticated and advanced Western countries, shielded autocracies, or rogue states.
IBM estimates that about 100,000 hackers operate around the world.
Who are they? Hackers can be amateurs (accounting for about 90% of all hackers), potential professional hackers for hire (9.9%), and world-class cybercriminals (0.1%) (IBM Global Security Analysis Lab, 2015).
Where do they operate? The top locations are Russia, Taiwan, Germany, Ukraine, the US, Hungary, Romania, Brazil, Italy, Australia, China, Poland, Israel, and Japan (InnovatioNews, 2015)
Cyber actors’ ability to operate from anywhere in the world is one of the most challenging aspects of the threat to cyber security. Interconnectivity of cyberspace and physical systems is another major stumbling block for those who benefit from operating online. Cyber networks are also becoming increasingly complex, so much so that their growth can outpace the capabilities of authorities and experts striving to reduce their vulnerability and the consequences associated with compromised security (US Department of Homeland Security, 2015).
“Pyongyang has active cyber-warfare capabilities, military and software security experts have said, according to Ju-Min Park and James Pearson (Reuters, 2014), and “[m]uch of it is targeted at the South, technically still in a state of war with North Korea. But Pyongyang has made no secret of its hatred of the United States, which was on the South’s side in the 1950-53 Korean War.
“Military hackers are among the most talented, and rewarded, people in North Korea, handpicked and trained from as young as 17” (Reuters, 2014).
So when individuals with the necessary skills to intrude in cyberspace receive the proper training and support from states, the threat(s) are substantially amplified. Actors believed to be working for the Russian government recently hacked the White House, gaining access to real-time private material such as the President’s schedule.
Evan Perez and Shimon Prokupecz (CNN, 2015) stated that, “[t]he [Federal Bureau of Investigation] FBI, Secret Service and US intelligence agencies are all involved in investigating the breach, which they consider among the most sophisticated attacks ever launched against US government systems. The intrusion was routed through computers around the world, as hackers often do to hide their tracks, but investigators found tell-tale codes and other markers that they believe point to hackers working for the Russian government.”
Michael Daniel, senior White House cyber security advisor said that the search continues for a “flexible response with no necessarily pre-defined red lines” (FWC, 2015). With the security breach surge over the past several years, questions about what measures companies and states are implementing to ensure their security are also rising yet tend to follow in the wake of attacks.
2014 has been called “the year of the cyber breach.”
In the business world, midsize companies reported an increase in attacks from 2,581 in 2013 to 4,227 in 2014 (PwC, 2015). “Aside from worry and personal privacy loss, cyber crime is costing companies and individuals billions as rogue states, cyber criminals, terrorists, and hacktivists (those who hack to make a political statement) keep finding ways to circumvent the data protection solutions offered by a host of protection providers” (InnovatioNews, 2015).
Chief information security officer at PR Newswire, Laura Deaner, noted in a PwC report that government agencies were once the most popular targets for threat actors in cyberspace. The threat moved to financial services. “Now it’s smaller organizations that happen to have critical data. Plus there are simply more threat actors out there nowadays, and it’s easier to go after the lowest hanging fruit. They see many private companies as easy targets” (PwC, 2015).
The main security incidents experienced include: (1) Data exploited (30%), (2) IT system exploited (29%), (3) Application exploited (23%), (4) Network exploited (21%), and (5) Removable storage exploited (20%) (PwC, 2015). After access is gained, 31% of hackers compromised employee records, 27% compromised customer records, 23% stole intellectual property, 20% compromised partner/customer information, 17% incurred financial loss, and 15% interrupted business or other processes (PwC, 2015).
Cyber vigilance can be anticipatory or responsive. Reducing computer and systems reliance, however, is impossible. The word is moving in the direction of trust being place in systems to accommodate personal and non-personal processes. The greater this dependence/trust, the more attractive those systems become to cyber threat and actors.
Israel has become one of the most important places in the world against a challenging backdrop of cyber insecurity. With mounting cyber threats, Israel’s e-government site has become one of the most targeted sites in the world. There exists the potential for improved defense capacities. With the digital universe doubling in size every two years (from 4.4 trillion gigabytes in 2013 to 44 trillion gigabytes by 2020), target options for cyber actors will become boundless.
Cyber innovation is racing against digital expansion to provide necessary securities. Israel, has recently demonstrated a 20% increase in its talent pool from Israeli academic institutions and the military, which have set cyber security as a top priority. Mergers in the cyber world (regarding Israeli companies in particular) have produced a positive demand for cyber security talent that can be drawn from Israel’s expanding cadre of experts (TechRepublic, 2015).
Noted for building the next “Silicon Valley,” the unique blend of Israel’s “perpetual concern with defense and its technological prowess have turned cyber security into one of its most important exports” (TechRepublic, 2015).