The COVID-19 pandemic has resulted in the expansion of the cyber domain in our daily lives and in all industrial fields, and in conjunction with this, the scope and target of cyber attacks has expanded rapidly. As the advanced digital transformation has accelerated and the use of online platforms such as telecommuting, distance education and video conferencing has increased, this has resulted in a corresponding increase in omnidirectional cyber attacks.
According to the Allianz Risk Barometer report, recent cyberattacks and data breaches are the highest risks for the corporate sector. Over 40% of businesses globally have experienced cyberthreats and cyberattacks that resulted in business disruption in 2021. This threat has ranked number one seven times over the past decade, growing of the workplace a hot spot for cybercriminals. Unsurprisingly, 94% of companies surveyed last year reported supply chain disruptions after the pandemic.
The KOTRA Silicon Valley Trade office pointed out in a report that cyber threats targeting security blind spots have increased sharply since last year, including acquiring the VPN account information of employees using them to work from home, access to internal company networks, downloading class files remotely, or inducing malware infections.
In addition, as the use of cloud services, a key technology for digital transformation, increases, more and more data and applications are transferred to the cloud, resulting in unprecedented security concerns.
The cybersecurity market grows with digital transformation
The global cybersecurity market is expected to grow from $ 217.9 billion this year to $ 345.4 billion in 2026. According to Research & Markets, the United States by region has been ranked as the largest cybersecurity market in the world. world with sales of $ 54.4 billion in 2021, five times more. more than China, the second largest market.
The US cybersecurity market is expected to grow 17% over the next two years to reach a value of $ 63.8 billion. During the same period, China’s cybersecurity revenue is expected to reach $ 10.1 billion, significantly lower than the major United States. Nonetheless, that figure is expected to reach a value of $ 14.3 billion by 2023, with an astonishing growth rate of 41%. In the future, China is expected to overtake the United States and become the largest sales-growing country in the world. The UK, the third-largest cybersecurity market, is expected to generate $ 9.8 billion in revenue by 2023, an 18% increase in two years.
The amount of damage caused by data breaches during the COVID-19 period was the highest on record. Global Stock Apps reported that the average cost of damage per business due to data breaches around the world has increased by around 10% per year over the past 12 months to reach $ 4.2 million, up 5. 5% in two years. In particular, the United States posted the highest average data breach cost of $ 8.64 million in 2020, up 5.5% from 2019. In the second quarter of 2021, it continued to top the list with $ 9 million from $ 8.64 million a year ago, followed by Saudi Arabia. Arabia and the United Arab Emirates with $ 6.9 million. Canada was $ 5.4 million, Germany $ 4.9 million, Japan $ 4.7 million, and Korea $ 4.24 million.
Cyberterrorism the biggest threat to the United States
According to the US Federal Bureau of Investigation (FBI) Internet Crime Report 2020, types of financial loss caused by cybercrime include damage and destruction of data, money, intellectual property rights, data financial, hacked data and system restore, and damage to an organization’s reputation. In 2005, total financial losses due to cyber attacks and fraud reached $ 183.1 million, while at the end of 2011 that figure jumped 165% to $ 485 million. In 2015, it hit $ 1 billion, but that was just the start of massive growth. In 2019, that figure tripled to $ 3.5 billion. Last year, the FBI’s Internet Crime Reporting Center received nearly 792,000 complaints, the most common Internet crimes being phishing attacks, fraud and extortion. Last year, business email compromise schemes were the biggest cybercrime, accounting for 42% of total losses, or $ 1.8 billion.
The US White House recently announced at a CEO meeting that President Biden has decided to invest $ 20 billion and $ 10 billion over the next five years, respectively, between Microsoft and Google, the big tech companies. to strengthen the cyber ecosystem. Apple, Amazon, IBM and JP Morgan were also included. An official said it would be used to improve security solutions, upgrade protections for U.S. government agencies and expand cybersecurity education partnerships.
One of the main targets for cybercriminals was Microsoft, based in Washington. Around 38 million confidential records were accidentally leaked from thousands of apps and portals using Microsoft’s Power Apps platform and exposed to the internet for months. Additionally, in March, the cyber espionage group Hafnium abused Microsoft’s widely used mail and calendar exchange servers, harming more than 30,000 commercial and local government agencies in the United States. Recently, T-Mobile US said cyber attackers breached computer networks and stole personal information from more than 40 million past, present and potential customers. Information stolen from the company’s server included the victim’s name, date of birth, resident’s registration number and driver’s license information.
Additionally, over the years the United States has faced a long list of threats, from geopolitical tensions with China and Russia to international terrorism and the spread of pandemics. In the future, cyber attacks targeting critical infrastructure between the United States and Russia and China can be expected to increase. According to a Gallup poll, more than 80% of those polled cited cybersecurity issues as the number one threat the United States will face over the next decade. North Korea and Iran ranked second and third in the threat rankings, while international terrorism and infectious diseases tied for fourth.
Cyber Threat Response Tasks
According to a report published jointly by the World Economic Forum and the University of Oxford in November 2020, ubiquitous connectivity, artificial intelligence (AI), quantum computing and digital identity were cited as technologies exposed to representative cyberthreats that promote the transformation of cyberspace.
First, when we look at the data released by the Korea Internet & Security Agency on ubiquitous connectivity, operational cybersecurity capabilities are generally insufficient. It is further exacerbated in new systems where current risk controls are not functioning properly. As the industrial ecosystem becomes more and more complex, it is important to determine the optimal risk response method suited to the business objective. To enable customers to make the right risk management decisions, the industry ecosystem needs to build confidence in the transparency of security functions in the supply chain.
Additionally, AI increasingly relies on business services and AI algorithms as the use of AI in core business activities increases. However, there is a general lack of confidence in how to design, develop and use artificial intelligence algorithms. Therefore, there is a need to develop tools to protect AI-based processes in order to deal with various cyber threats. It is extremely important to establish safety principles for AI related to safe design, lifecycle management and accident management.
Quantum computing is one of the most important technologies that will spark a future quantum revolution. Quantum algorithms have the potential to bring benefits and innovative developments in a variety of use cases across industries. For example, quantum can be applied to molecular simulations to accelerate drug discovery, improve financial optimization issues, and improve AI functions. However, quantum computing poses a variety of security risks. That is, there is a risk of destroying the existing cryptosystem. In the face of the quantum transition and potential future threats, standards, governance principles and regulations must be in place for risk management.
The final issue to pay attention to is the emergence of the next generation of identity systems. A high-value digital identity ecosystem is susceptible to being targeted by cyber attackers. Increasingly sophisticated attackers will exploit vulnerabilities in key components such as authentication devices, communications equipment, and databases to steal accounts, gain transaction information, and collect sensitive information. There is a need to introduce a new approach to prevent the complex ID of the distributed heterogeneous ecosystem from fraud and counterfeiting.
According to experts, security officials are advised to upgrade their cybersecurity framework to the next level, which identifies the motivations, means and methods organized by cybercriminals and develops the necessary defenses. Considering the trend of technology development across the entire industrial ecosystem and the future complexity, speed, scale and interdependence, there is a need to gradually expand the scope of the cybersecurity of existing networks and systems to various information layers and the integrity of AI algorithms.
Cyber security should not just be about protecting systems and networks, but a means of ensuring the integrity and resilience of interconnected processes in an increasingly complex technological environment. Therefore, new security priorities need to be established within the business and key infrastructure to identify the impact of exposure to cyber risks resulting from the introduction of new technologies and to keep the risk at bay. an acceptable and sustainable level.
In conclusion, there is a saying that cybersecurity is a battle between a spear and a shield in a virtual world. This means that attention should not be delayed for a single moment. In order to adapt to rapid changes in technology, policymakers will need to strengthen information protection education and ensure the monitoring, blocking and protection of the full range of cyber attacks, including system hacking, networks and clouds.
저작권자 © Korea IT Times 무단 전재 및 재배포 금지