Cybercrime Bill: $3 Trillion
World’s annual damage from cybercrime is estimated at $3 trillion, Ambassador at Large at the Russian Foreign Ministry Andrey Krutskikh, the Russian president’s special representative for international cooperation in the field of information security, said.
The diplomat replied affirmatively when asked if he thought that cybercrime and terrorism were closely interrelated. “Of course, they are. For example, cyber-terrorism, which is one of the most horrible phenomena, is a totally new kind of crime,” Krutskikh said in an interview with the Kommersant newspaper, Tass reported.
“For example, the ‘Islamic State’ (a terrorist organization also known as Da’esh), has already barged in the information space and is engaged in cyber-terrorism,” the diplomat said.
“In addition to that, cybercrime causes colossal damage to our planet. The annual size of damage varies, according to various estimates, from $500 billion to $2-3 trillion,” Krutskikh said.
According to the ambassador, the information security theme concerns three threats: the military-political use of the content, terrorism and cybercrime. “Some countries prefer the first aspect, while others, the second or the third. But honestly, these themes should be considered as a whole,” Krutskikh said.
Krutskikh said that the situation in global informational space in general “has a tendency toward deterioration and even toward escalation, taking into consideration well-known regional developments.
“I think that geopolitical condition of the modern world could be described as ‘a war in conditions of peace’ due to peculiarities of the revolution in the sphere of information & communication technologies and methods of their use,” the diplomat noted.
He stressed that “this war is far from virtual. It inflicts real damage. It is waged in perfect combination with maintaining diplomatic relations,” he added.
“In particular, the number of cyber-attacks is increasing exponentially. Last year the number of harmful influences on Russian state internet resources exceeded 70 million.
“The extent of cyber confrontation between China and the US, for instance, is similar. South Korea also came under sensitive attacks multiple times. While in Seoul, I witnessed one such attack—it affected work of important government agencies, media, banking system, Seoul University and so on,” Krutskikh noted. He said that “no one is safe from such cyber-attacks”.
“Cyber-terrorism is one of the most terrible activities, and it is quite new. But the Daesh, for example, has already gotten into the information space and is engaged in cyber-terrorism,” Krutskikh said.
In April, US Defense Secretary Ashton Carter said that the US Department of Defense was using its new Cyber Command to disrupt the Daesh’s Internet communications and the group’s ability to move funds for its activities around the world.
Threat to Financial Systems
Speaking at the Reuters Financial Regulation Summit in Washington, Mary Jo White, the chair of the Securities and Exchange Commission in the US, warned that cybercrime is the most pressing threat to global financial systems.
The SEC found that in some cases, major exchanges, dark pools and clearing houses did not have cyber-policies in place that matched the risks they faced.
“What we found, as a general matter so far, is a lot of preparedness, a lot of awareness but also their policies and procedures are not tailored to their particular risks. As we go out there now, we are pointing that out,” reported Reuters.
White said that the SEC was actively reviewing cyber-security defenses of financial institutions to see if they are fit for purpose.
Her remarks come after the Bangladeshi central bank was defrauded of $81 million due to a vulnerability in software used to make payments through the SWIFT system.
Tom Kellerman, chief executive of the investment firm Strategic Cyber Ventures and former member of the World Bank’s security team told Reuters that White’s remarks on the subject were a “historic recognition of the systemic risk facing Wall Street.”
Kevin Bocek, chief security strategist at Venafi, told SCMagazineUK.com that in the wake of a breach security teams rush to issue a patch and think that their work is done.
“But banks need to realize that plugging the immediate security gap is just one step on the road. Kicking bad guys out and keeping it that way requires focused attention and making sure the basics are done right. Unfortunately, there is a trend of what Gartner describes as ‘lazy’ remediation: patching, but leaving the real vulnerabilities or weakness unsecured,” he said.