Cyber Security

Information Technology also referred to as “IT” (NAICS Code 541618 and SIC Code 8748) has evolved tremendously and continues to advance day by day.  There’s so much innovation and at times it may feel extremely hard to keep up with what’s new and how to use certain software, smartphones, tablets, laptops, etc.  So, what exactly is Information Technology?

According to Techopedia, “Information technology is a business sector that deals with computing, including hardware, software, telecommunications and generally anything involved in the transmittal of information or the systems that facilitate communication” (Techopedia, 2018). Findings There are about 3.5 billion users which accounts for 40% of the world’s population accessing the internet using a smartphone (Hughes, 2017).  In the past twenty years, we have seen dial-up internet which would take a few minutes to achieve a connection to 4G and wireless at the palms of our hands and we still tend to get frustrated when the connection at times is just a tad bit slow.

We have become so dependent on IT; it is incorporated in our day to day lives personally and professionally.  IT has allowed us to streamline complexity to simplicity and come to acceptance that there will always be change (Page, 2016). Top Trends in Information Technology Three trends that are flourishing rapidly in the IT world include Data as a Service (DaaS), Artificial Intelligence (AI), and Cybersecurity.  DaaS is a cloud computing model which delivers readily accessible data via cloud-based platform to users regardless of their geographic location. (Data as a Service, 2013.) Cloud storage is where digital data is stored on a server which is owned and managed by a hosting company.  This helps minimize the risk of data latency which can occur from locally stored data.  This is achieved by DaaS packaging Symantec web technologies for data discovery using open standards and builds web links between different distributed systems.  DaaS using data virtualization allows access to all data including internal and external, provides secure and controlled access to data, abstract data complexities, and the ability to build data views of diverse levels of granularity.

Artificial intelligence is a branch of computer science where computer systems attempt to model and apply the intelligence of the human mind.  It has become a crucial part of the technology industry and everyday life.  Artificial intelligence is developing quickly but as far as it’s come, it’s still in the preliminary stages of development.  Over the past few decades, Artificial intelligence research has mostly focused on solving specific problems where solutions have been developed to do so reliably and efficiently.  AI is composed of various commercial applications including; software, sensors, devices that compete with and enhance human capabilities, learn or understand from experience, use reasoning to solve problems and make decisions effectively, and make sense of ambiguous or contradictory information.  Five categories of AI include; expert systems, neural networks, genetic algorithms, intelligent agents and virtual reality (Darguzas & Mikulski, 2018).

Artificial intelligence can help improve our way of life, machines will be able to complete tasks that require detailed instructions, decisions making capabilities, execute and perform certain tasks faster and better than most humans.  Four diverse types of AI include modeling exactly how humans think, act, and modeling how ideal agent should think and act.  There’s Artificial intelligence in our digital systems, like Siri, Alexa, and Google assistant and in software like Facebook messenger or Gmail auto replies (Fast Company, 2017).

Cybersecurity has become essential to the IT industry yet organizations are still struggling.  Cybersecurity, a wide-ranging term which covers all aspects of protecting and defending the integrity of electronic systems, servers, network, and data from unauthorized users.  The opportunity for hacking and cyber-crimes is growing exponentially with an increasing number of people and devices connected to the internet.  IT security is everyone’s responsibility and individuals need to understand how to keep their data and devices secure.

Cybersecurity and Cyber Threats The U.S. government has spent billions of dollars when it comes to tackling the next threat to global security. Cyber spending has increased enormously from $7.5 billion in 2007 to $28 billion in 2016 (Stone, 2017).  Cyber-attacks have become much more sophisticated and much more dangerous.  In the past year cyber criminals used technical expertise to breakdown cyber defenses and cause major disruptions.  In the coming years, it is predicated that cyber criminals will take advantage of artificial intelligence and machine learning to launch treacherous attacks (Savvides, 2017).  As technology advances so does the number of enemies in the cyber world.  Hackers come in every shape and size.

Information security is broken into five vital components: confidentiality, integrity, availability, authentication, and non-repudiation.  Confidentiality is protecting and preserving information and information systems from unauthorized access and disclosure. Unauthorized disclosure of information is a loss of confidentiality.  Integrity is shielding against improper information alteration or destruction, and safeguarding information authenticity.  Availability is having information readily available, loss of availability is a disruption to information and information systems (Chia, 2012).

Authentication is a validation process that verifies the identity and establishes the validity of individual’s authorization to receive access to specific information and information systems.  Non-repudiation is assurance that sender and recipient are provided with proof of identity and delivery so neither can later deny having processed the data.

Cybercrime comes in all different forms ranging from social engineering, denial of service, exploit tools, logic bombs, phishing tricks, sniffers, viruses, and malware.  Social engineering manipulates human interaction to gain knowledge of and access to confidential information.  Spear phishing is a social engineering email attack targeted against a specific user or organization that usually contains a zip file, pdf, or hotlink that relates to the field of responsibility or interest.  If the attacker is successful in creating a legitimate email sent to the phishing target, the attachment is activated and attacks the receiving computer (Symantec, 2017).  Cyber-attacks can work in two ways; they either require a user to mistakenly run an infected program or the virus spreads itself and only needs a network to infect other computers.  Software like anti-versus and anti-malware are available for protecting against unwanted operations.

In 2017 cyber-attacks doubled targeting businesses, according to Sargent (2018), “Online Trust Alliance (OTA) found 156,700 cyber incidents last year, compared to 82,000 in 2016.  93 percent of breaches could have been avoided by regularly updating software, blocking fake emails, and training people to recognize phishing attacks” (Sargent, 2018).  Three of the worst breaches included Equifax, Yahoo, and Uber.  Equifax lost 143 million consumers’ personal details which could have been prevented if due diligence was done and security warnings were not ignored.  Yahoo’s entire user base accounts were compromised which could have been prevented if security initiatives were not ignored.  Uber concealed a data breach which affected 57 million customers and drivers.

Instead of notifying impacted users and authorities, Uber gave $100,000 ransom to the hackers believing the data would be destroyed in exchange for the payment (Nizri, 2017).

Conclusion

Criminals techniques are consistently evolving but their goals remain steadfast.  Combating cyber-crime will require a cohesive formalized movement whereby law enforcement agents can go beyond cyber space to prosecute those engaged in illegal cyber activities.  In a recent study (Schulze. H, 2017) “The three biggest obstacles to stronger cybersecurity are lack of skilled employees (45%), lack of budget (45%), and a lack of security awareness among employees (40%). To overcome these challenges and create a better security posture, 54% of organizations want to train and certify their current IT staff.  Leveraging third-partner security solutions (47%), partnering with a managed service provider (41%), and hiring additional security staff (32%) are popular strategies companies use to address security issues” (Schulze. H, 2017).

The demand for cybersecurity professionals is on the rise, so many organizations are providing cybersecurity related trainings and seminars.  To prevent cybercrimes individuals and organizations both need to do their part. Educating and having open discussions with individuals, recognizing the impact of cyber related crimes will provide awareness and prevent future cybercrimes.  Information technology is used in every aspect of our lives and has increase efficiency and effectiveness along with adding risk. 

The innovations brought about by the wide availability and utilization of the internet through computers and mobile devices have eased the execution of socio economic transactions; be it financial, educational, infotainment or pure social interactions thanks to the seamless connectivity and information processing capabilities of most computer. However, the anonymity and privacy the internet gives has created a source menace of immense financial losses on the global digital economy- cyber criminals. This paper critically reviewed actions of cybercriminals, the types of crimes and their threat to the survival of the digital economy of the 21st century. Suggestions and solutions to the sustainability of the 21st century digital economy were proffered.

Cybercrime is an increasingly menacing, rapidly rising area of crime as more individuals and entities who have access to cutting edge technologies solely for criminal purposes are exploiting the fast speed, high connectivity, greater accessibility and secure privacy of the Internet to commit a wide range of criminal acts that know no physical or virtual boundaries, causing serious harm and posing real dangers to internet users globally. Cybercrime involves gaining illegal access to or illegal entry into a computer or illegally interfacing with another through the use of a computer (Bernat and Godlove, 2012). It requires the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy (Dennis, 1998).

Hence, cybercrimes are crimes committed on the internet using the computer as either a tool or a targeted victim (Dashora, 2011). Recent cybercrime statistics by IC3 (2012) and PwC(2012) indicate that with hundreds of millions worth of damage, cybercrime remains one of the primary threats facing nations, corporations and ordinary people. The intriguing question then is how has cybercrime managed to evolve into such a persistent problem despite almost a decade of extensive research into cybersecurity? (Yip et al., 2012).

While some cybercrimes are just a new method for committing old offences against property, such as theft and fraud, or crimes against the person, such as harassment and assault, other cybercrimes are newly created offences, enacted to respond to the computer’s ability to be used as a conduit for unacceptable behaviour, such as phishing and hacking (Bernat and Godlove, 2012). Cybercrime, especially through the Internet, has grown in importance as the computer has become central to commerce, entertainment, and government (Dennis, 1998). Although, most cybercrimes are committed by individuals or small groups, large organized crime groups also take advantage of the Internet using new ways to commit old crimes, treating cybercrime like a business and forming global criminal alliances (Anonymous, 2019).

Additionally, most cybercrimes target information about individuals, corporations, or governments which take place on the personal or corporate virtual body, which is the set of informational attributes that define people and institutions on the Internet (Dennis, 1998). New trends in cybercrime are emerging all the time, with estimated costs to the global economy running to billions of dollars(Interpol, 2018).New criminality platforms and a booming cybercrime economy have resulted in about $1.5 trillion in illicit profits being acquired, laundered, spent and reinvested by cybercriminals (Ismail, 2018). Since the line demarcating legitimate endeavours from crime based activities on the internet is gradually thinning out, understanding the dynamics of internet based crimes could not have come at a better time.

Digital Economy and the Cyber Space

The transformation of several traditional brick and mortar institutions, black and white procedures to a digital economy has increased competitiveness, innovation and driven profitability to heights never imagine in the history of many businesses. Corporations, more than ever are setting objectives on the domination of their digital niches, creating opportunities and evoking favourable outcomes, the security of the digital resources utilized in the achievement of the set objectives are critical.

In the digital age, the virtual identities are essential elements of everyday life: using a bundle of numbers and identifiers in multiple computer databases owned by governments and corporations, Cybercrime highlights the centrality of networked computers and the fragility of such connectivity as means of fighting the way things are done on the digital space (Dennis,1998). As many countries are counting on a booming digital economy to create higher paying jobs, improve productivity, and deliver future prosperity- a prospect that is fraught with immense danger, not many are concerned by any signs that this growth is being undermined by an erosion of trust in, and growing fear of, digital technology(Cobbs, 2017).

The growing interconnectedness and interdependence between the illegitimate and legitimate economies on the digital space has created a phenomenon called ‘The Web of Profit’. This occurs by acquiring data which results in competitive advantages from the interconnectedness as a tool for strategy, global advancement and social control (Ismail, 2018).

Cybercrime is growing and current technical models to tackle cybercrime are inefficient in stemming the increase in cybercrime; thus this serves to indicate that further preventive strategies are required in order to reduce cybercrime (Hamid et al., 2014). Despite growing efforts at tackling the scourge of cybercrimes, not much information is available on the influence of cybercrimes on the digital economy which is domiciled on the internet. Additionally, the activities of illegal entities and individuals pose more threat to a safe and secure digital economy than any other. Thus this study seeks to review existing information on cybercrime in relation to digital economy with a view to proffering relevant suggestions on better ways to combat the growing menace.

Types of Cybercrimes

Brown(2018) highlighted the various types of cybercrimes to include the following; Hacking (credit card), Denial of Service Attacks, Identity theft, Virus Dissemination, Computer Vandalism, Cyber Terrorism, Online Fraud, Software Piracy, Forgery, Malicious Code Malware, Phishing, Spam, Spoofing and Defamation. However, Yar (2006) and Hamid et al., (2014), subdivided cybercrime into four areas of harmful activity, illustrating a range of activities and actions which include the following:

Cyber-trespass: which is the crossing of cyber boundaries into other people’s computer systems into spaces where rights of ownership or title have already been established and causing damage, e.g., hacking and virus distribution.

Cyber-deceptions and thefts: the different types of acquisitive harm that can take place within cyberspace. At one level lie the more traditional patterns of theft, such as the fraudulent use of credit cards and (cyber) cash, but there is also a particular current concern regarding the increasing potential for the raiding of online bank accounts as e-banking become more popular.

Online fraud and cheating is one of the most lucrative businesses that are growing today in the cyber space which may assume any of the following forms of online fraud and cheating that have come to light such as those pertaining to credit card crimes, contractual crimes, offering jobs, etc(Dashora,2011)

Cyber-pornography: the breaching of laws on obscenity and decency. Pornography on the net may take the following various forms (Dashora,2011): the hosting of web site containing these prohibited materials, use of computers for producing obscene materials, downloading through the Internet, obscene materials with the intention to cause harm to the mind of the adolescent and tend to deprave or corrupt their minds.

Cyber-violence: the violent impact of the cyber activities of others upon individual, social or political grouping. Whilst such activities do not have to have a direct manifestation, the victim nevertheless feels the violence of the act and can bear long-term psychological scars as a consequence. The activities referred here range from cyber-stalking and hate-speech, cyber terrorism to tech-talk.

Although cybercrime is generally a domestic issue, which may have international consequences, cyber terrorism on the other hand is a global concern, which has domestic as well as international consequences (Dashora, 2011). Common forms of these terrorist attacks on the Internet include: distributed denial of service attacks, hate websites and hate emails, attacks on sensitive computer networks, utilization of 512-bit encryption by Tech savvy terrorists, which is next to impossible to decrypt; a recent example may be cited of – Osama Bin Laden, and the LTTE attack on America’s army deployment system during Iraq war.

Cybercrime and the Security of the Digital Economy

The digital economy is the worldwide network of economic activities, commercial transactions and professional interactions that are enabled by information and communications technologies (ICT) (Rouse, 2016). The digital economy extends well beyond digitization and automation; instead, this new paradigm harnesses multiple advanced technologies and new technology platforms such which include but not limited to: hyperconnectivity, the internet of things (IoT), big data, advanced analytics, wireless networks, mobile devices and social media (Rouse, 2016).

As technological innovations help governments, corporations and cities become ‘smarter’ and more resource efficient while enhancing sustainability and quality of life, the use of data is central to these innovations (Chatham House, 2017). With more and more commerce and collaboration taking place digitally, there are great rewards but new risks that need to be considered (Cauana, 2017). Computers, being the core of digital technology have enormous potential to improve the lives of all, as new evidence of transformations brought by the technologies can be in positively affecting the economy and the quality of life (Cobbs, 2017)

Since data are responsible for diving this transformation, unlocking the potential of data obtainable from the Internet of Things (IoT), social media and other sources will help cities, big corporations move from being net consumers of digital content and products to being producers and digital innovators(Chatham House, 2017). While harnessing data-driven technological transformations can propel innovation and advancement, it can also help solve classic governance challenges: for example, by making government data available to society and businesses, and by leveraging the ever-increasing applications of big data and artificial intelligence (Chatham House, 2017).

Despite the great innovations in digital economy (including IoT and the cloud computing), a global shortage of cybersecurity talent and regulatory pressures, as well as the difficulty in identifying ransomware and malware, have heightened the cyber security threat to businesses(Anonymous, 2016). Digital economy that helps us work smarter, faster, and more safely as more lives are enriched by digital devices and networks and by the innovators who have found creative ways to harness technology (Cobbs, 2017) The digital economy uses these technologies, both individually and in concert, to rework traditional exchanges and enable new ones(Rouse, 2016).Although some organizations and individuals use technologies to simply execute existing tasks on the computer, the digital economy is more advanced than that(Rouse, 2016).

Security of the Digital Economy

Since criminal organisations are the aggregations of criminal relationships, it is argued by McIllwain (1999) that the study of organised crime should focus on these “human relationships”, otherwise known as “criminally exploitable ties” (Von Lampe, 2003). Such ties form the common denominator among the different manifestations of criminal organisations which in this case are the cybercriminal social networks. Therefore, a tool is needed to comprehensively study the “human relationships” embedded within these carding forums (Yip et al., 2012).

Additionally, the utilization of firewall, up‐to‐date Operating systems, up‐to‐date anti‐virus and antispyware, pop‐up advertising blocker, strong passwords and secure wireless network are some useful ways of securing digital platforms (Brown, 2018). Also visitation of reputable websites and utilization of mobile applications with avoidance OF clicking on unexpected or unfamiliar links ARE very relevant strategies for a safe experience on the internet (Brown, 2018).

The Future of Digital Economy

The digital economy has created waves of disruption: new companies and new ways of interacting have emerged (Rousse, 2016). However, many companies and industries that did not or could not capitalize on the technologies to change their operations have faced declining sales, falling market share and even complete collapse Rousse, 2016). Hence the popular saying: “innovate or die”. Inventing effective organizations for the digital economy is the grand challenge for our time, and the companies that are already adapting are leading the way (Anderson and Wladawsky-Berger, 2016). From a legal perspective, having cybercrime laws to which everyone adheres, and which are in line with international norms and standards, is vital for a safe, trustworthy and secure internet able to drive economic prosperity(Chatham, 2017).

According to Cobbs (2017) the digital economy and society will achieve full potential only if end users can trust these systems to protect their safety, security, and privacy. Not only is this a critical part of user experience, it is also relevant for the sustainability of the digital economy in the future to come. While technologies advance rapidly, organizations and skills advance slowly, and the gap between swiftly evolving technology and the slower pace of human development will grow quickly in the coming decades as exponential improvements in artificial intelligence, robotics, networks, analytics, and digitization affect more and more of the economy and society (Anderson and Wladawsky-Berger,2016).

Increasing cybercrime rates show that the current approaches and existing legal frameworks are not fully serving their purpose. The dynamism of a technological environment requires constant assessment and improvement of cybercrime prevention, preparation, response and recovery measures – including of cybercrime laws (Chatham 2017). There should be a strategic IT plan where technology gaps and risks would be identified and assessed on a continuous basis to be complemented by the requisite allocation of IT resources and capabilities (Rousse, 2016). This calls for more deployment of resources to research and the development of new methods of combating a growing cybercrime industry.

Cybercrimes and their impacts on the digital economy were reviewed. The allure of quick and bigger rewards with an anonymous identity has lured many people into cybercrimes thereby jeopardising the future and sanity of the digital economy of the 21st century. Suggestions were made and new insights were proffered. Most especially the study of the human relationships that make up the crime rings of the cyber space. Hence cyber security must be a comprehensive policy for the future of the 21st century digital economy.