A couple of months ago we wondered if Europe would be ready for the digital age. We got a bit worried after the Sony hack which caused a lot of credit card info to be stolen. Such events can potentially hurt citizen and business confidence in cloud computing and may lead to distrust regarding government’s efforts for a digital Europe. It seems that we had some good reason to be worried. In May, Lockheed Martin confirmed that their systems were compromised, last month the IMF reported a cyber security attack and last week the Pentagon suffered from a major hack attack. The Pentagon revealed that 24000 files were stolen.
For hackers and ‘foreign intruders’ the Pentagon has been and still is a highly prized target since their databases contain very sensitive information regarding military protocols, systems, technology and operations. Because cyber attackers are almost never traceable, probing the Pentagon is almost a no brainer. Given enough dedication and resources (time, money and technology) hackers may just be able to pull it off and get away with classified information. No wonder these systems are under constant attack, even though billions are spent on securing the military IT systems. For 2012 $2.3 billion has been set aside for US cyber defense. It is ironic that the Internet started as a US military network.
Obviously high profiled institutions get a lot of media attention when something goes wrong but they can hardly be the only one suffering from criminals and other intruders. It exemplifies the popularity and the vulnerability of a digital world in which we are all connected. And since we also have been moving more and more of our assets to the cloud (money and data) it should come as no surprise that people from the shady side of life develop a keen interest in our digital economy. Moreover, for them it gets better and better because they can do their illegal activities in relative safety and comfort too. Moles, double agents and Smiley’s people are relics of a not too distant past and so are the brick and mortar robbers and thieves.
Cyber crime is a fast growing activity increasingly carried out by well financed groups and/or foreign governments for commercial, political or military reasons. They appreciate the growing value of the connected world and invest heavily in what seems to them low hanging fruit.
Robert Metcalfe once suggested that the value of a network is proportional to the square of the number of its users. That being the case and knowing that crime always follows the money, it is clear that we have only seen the tip of the iceberg cyber crime. In fact if we could argue that the cost of cybercrime grows at approximately the square number of user of the web.
Our cash money in the Netherlands represent some 800 billion Euro which equals 8% of all the money in our economy in 2010. It also represents the direct potential for brick and mortar crime. But the remaining 92% of our assets is electronically stored. Financial institutions, the first target for cybercriminals, have already spent a lot of money to cope with the new situation. It is only logical that cybercrime trickles down to the next most profitable sector or activity.
A quick estimate of cybercrime in the Netherlands? A recently released report from the UK government estimates the total cost of cybercrime to be 27 billion pounds. This is in line with the 1 trillion dollar total cost of worldwide cybercrime as estimated by MacAfee equalling 1.5% of worldwide GDP. If we assume that the Dutch economy is about a third of the UK economy and the level of digitization and crime to be on par with the UK, the estimated total cost of cybercrime in the Netherlands can be estimated at 10 billion Euro. Probably this number underestimates reality as we do not always discover cybercrime in the first place and are not eager to file a report on it if we do find out.
At the METISfiles we think that cybercrime is going into overdrive in the next few years. We expect cybercrime to diversify and specialize. Diversify in terms of an increasing number of ways to carry out electronic crimes, specialize in terms of specific business sectors and/or consumers. Are you beefing up your cybersecurity? Do you think the government is taking enough measures to counter cybercrime. We are interested in your views!