Cybercrime - one of world's greatest threats. 12 simple actions for every business and individual. Cyber-attacks will cost >$5 trillion a year by 2025. How to stop hacking, ransomware attacks, data loss, IP theft. Keynote speaker on cybersecurity

Futurist Keynote Speaker: Posts, Slides, Videos - Technology Futurist, AI, Big Data, Robotics, Cyber

When you combine all the power and all the weaknesses of the Internet of Things, Big Data, Cloud Computing and Artificial Intelligence, together with 6 billion smartphones, computers and other smart devices, the result is a gigantic range of lucrative targets, and a potential future global emergency.  

As I warned years ago, every large company in the world is now experiencing frequent, severe cyber-attacks, on their own systems or in the Cloud, whether they know or not.

I have given keynotes all over the world for global companies on growing risks of cybercrime and how to fight cyberattacks.

The scale is daunting, and need for action is overwhelming.  The question is what do do, and how to respond in an affordable way.

4 billion people have already had their personal data stolen online

As we will see, over 4 billion people have already been personally affected by theft of their private details.

But this is just the beginning of the security nightmare, which will drive huge investment in new security measures by all large corporations and by governments.

Never in human history has it been possible for one person, sitting in a bedroom at home in a distant land, to create such havoc and chaos, or seize such power, using a few lines of computer code to hold entire nations or governments to ransom.  

But there is no way back from such a future, except by dismantling our entire digital universe. 

Losses are likely to be more than $5 trillion a year by 2025, especially if we include wider-scale attacks, sponsored by hostile governments which are responsible for 70% of major attacks.

Single data breach can cost  >$6m plus fines of 4% of turnover

In companies with over 50,000 records, the average cost of a single data breach is $6.3m.  

But with GDPR legislation in EU, fines can be as high as 4% of turnover, enough to bankrupt a EU2 billion a year corporation.

We are not just talking about attacks on traditional targets like bank websites, but also commercial aggression like the blackmail of Sony, after the company released a controversial film about North Korea.

250 billion spam emails every day

There is nothing new about web abuse.

At least 80% of 250 billion emails sent every day are spam, many of them so-called phishing attacks, pretending to be from a bank, encouraging people to enter passwords.

All of them trying to steal from individuals, organisations or governments - money or data or both.

600 million different types of computer viruses, malware etc a year

McAfee is already detecting over 600 million new and different computer viruses, malware or Trojan horses every year – several per second.

Pharma, chemicals, mining, electronics and agricultural companies are seeing increases of 600% a year in malware attacks.

Energy, oil and gas attacks are growing by 400%.

Attempts to steal data from retailers are doubling every 12 month.

3 billion people’s personal details stolen in single theft

If you have a number of online accounts, chances are that your personal details are already being sold to fraudsters - passwords, name, address, bank details, credit card numbers and date of birth.  

The scale of these hacks is shocking and scandalous, since in many cases the companies concerned have been sloppy about basic security measures.  

Hackers recently stole information from 3 billion Yahoo customer in a single attack – which Yahoo took two years to reveal.

It can take up to 8 years to realise your company has been hacked

It can take up to 8 years in some cases for large companies to realize they have been hacked.  

In 2019, a file was published online by criminals revealing 3 billion different names and passwords, stolen from 25 billion different records.

Other recent cases include

- Adult Friend Finder (412 million)

- LinkedIn (164 million)

- Adobe (164 million)

- eBay (142 million)

- Equifax (143 million – including social security numbers)

- Marriott Hotels (500 million - including passport numbers)

- Sony (100  million)

The list is endless, grows every day and includes Facebook, Uber, DropBox, Tmblr as well as many of the world’s largest airlines, retailers and banks.  

JP Morgan Chase lost 76 million names, addresses, telephone numbers and email addresses – affecting two thirds of households across America. Bank of New York Mellon saw details hacked on 12.5 million accounts; CitiGoup (3.9 million); Bank of America (1.2m). 

Web security is completely broken

We have to conclude that web security is completely broken, and it will take at least two decades to fix.  

This is not hype, but daily reality and it affects every financial service company, every utility company, every government.

Payments fraud on an unimagineable scale

The Heartbleed bug is yet another example of a viral attack which caused huge damage as it swept globally, invading the websites of many multinationals, retailers, banks and email companies.  

Expect many more highly sophisticated attacks, aimed at forcing people or companies to pay ransom money, or forfeit their entire digital existence, lose all their old data.

Online fraudsters earning >$66 billion every year - "safest" crime to commit

Online fraudsters are now earning more than $66 billion a year -  $19bn in the United States alone, but most cases are not reported.

99.6% of online fraud cases in the UK never result in any prosecution to what is the point?

So this kind of crime is the most profitable and safe in the world – and this will continue to be the case for at least the next 15 years. 

8% of all online merchant revenues are fraudulent in US

At least 8% of all online merchant revenues are fraudulent in America, rising to a staggering 43% fake transactions in peak months.  

Over 17 million US citizens are victims of identity theft each year, approaching 7% of the entire adult population.  

In a single year, the number of people whose bank accounts were taken over by criminals grew 66%.

Pay attention first to weakness you can easily fix at almost zero cost

The truth is that a huge number of cyber-attacks can prevented by simple measures.  I am astonished at how many companies leave the digital door almost wide open.

Just look at this statistic:

43% use the same passwords on multiple sites 

43% of people use identical passwords across the web, so a single theft means that criminals often get access to many other private accounts owned by the same person. 

What is more, 40% of IT employees record loads of passwords in Word documents - without passwords on those documents either.

The other problem is that so many people use terrible passwords – 1% of the entire world uses 123456 for example.

And most passwords that most people think are sophisticated and strong can be broken in less than minutes or hours.

A survey was done recently of senior leaders of household name companies, to see what kind of passwords they were using - not difficult since so many are freely available online.  Their own passwords were often shockingly short, breakable almost instantly.

How to stop online fraud and multiple hacks

Expect many new steps to stop fraud.  

For example:

1. Forcing people to use stronger passwords

2. Forcing regular password changes, and using fingerprint access

3. Setting up two-step authentication, with confirmation of passwords using codes sent to mobile devices

As a result of investment in two-step verification, expect huge growth in attacks on telco companies and mobile devices, as criminals seek to hack SMS, or emails, and intercept these codes. Attacks on two-step verification have grown more than a hundred times in 12 months.

Most banks realised a long time ago that security features on smartphones are often far more robust than on ordinary computers.

In other words, one of the simplest ways to prevent a lot of fraud is to push customers to use smartphone Apps instead of ordinary web browsers to access their own accounts.

Why bank hackers will often escape prosecution – even when caught 

I have met bankers who don’t prosecute or even sack staff who hack into their own bank systems.

Terrified of bad publicity, they pay them off, give them a wonderful reference, and let them go and work for a competitor – where exactly the same thing is likely to happen again.

There is no legal requirement in most countries for any bank to report when they have been hacked and lost data, which means that most attacks will never be known, and the true scale is far larger than most people think.

Large corporations will be forced to encrypt stored data

All IT and smartphone companies will step up personal security with end-to-end encryption during data transmission, and encryption of all data ‘at rest’ stored on servers.

It is really shocking that most banks still do not encrypt data on their servers, so once a hacker gains entry, which they do in every large bank several times a year, they usually have no trouble at all reading files.

Best practice will mean universal encryption, which makes a large attack significantly more difficult for hackers.

12 Steps for every individual to take

1. Change every password that is more than 2 years old

2. Make sure every password is at least 10 letters and characters long, with upper and lower case

3. Don't use same password on more than one site

4. Always turn on 2-step verification if an option - and register more than one mobile phone number just in case

5. Always take securty alerts seriously - but be sure they are really from the company

6. Always stop and think before opening any warning emails - and take utmost care in responding to any similar phone calls

7. Do not write down your passwords anywhere - except the most important ones, but hide that record very securely 

8. Store passwords using a secure device such as iPhone / keysafe

9. Use a shredder to dispose of documents like bank statements or credit card statements

10. Backup all your hard drive data very regularly to a physical device you own, don't rely on the cloud alone, as well as backing up phone data regularly.

11. Keep backups physically separate, hidden, preferably at a different location so that if devices stolen with backup drives etc, you still have secure data

12. And finally, always have a backup plan - what you would do if hacked or attacked, or if you have a major systems failure.


Related news items:
Older news items:


Thanks for promoting with Facebook LIKE or Tweet. Really interested to read your views. Post below.

Join the Debate! What are your own views?


?

 

Our cookie policy

We use cookies for statistical purposes. To comply with the e-Privacy Directive we need to ask your consent to place these cookies on your computer.

Your use of this site indicates acceptance of these terms. I accept