Why do the people working on the frontlines of cybersecurity feel that collaboration is so important right now?
I think the answer lies in the staggering statistics on cybercrime growth that are appearing in every corporate survey released recently and stories like the Facebook and Equifax data breaches that are constantly in the headlines as well.
Cybercrime is growing almost exponentially at the moment and that sort of threat needs to be met by a proportionately massive response. But what single organisation can confront a threat like cybercrime that is on such a huge scale and is constantly shifting in terms of tactics and targets?
At the CxO Cybersecurity Forum in March the presentations of all the speakers - including myself - were firmly focussed on collaborative strategies.
I shared the stage at the forum with Alastair MacGibbon, Anita Sood and Steve Ingram: cybersecurity experts from government and industry who all agree on one important point; winning the cybersecurity battle means working together more closely than ever before. Companies, governments, law enforcement, researchers and even consumers need to share intel, coordinate their responses and treat cybercrime as a common enemy.
Make or break technology
Cambridge University put out a fascinating report recently focussed on ‘existential threat’; issues that are most likely to cause fundamental breakdowns in society.
Artificial Intelligence is included in the report, alongside threats like climate change and pandemic disease outbreaks.
Why does the Cambridge report consider AI to be such a major peril? Because technologists can now see the potential for AI to be exploited in cyber-attacks to devastating effect - both as a crime tool and as part of future nation-state-level cyber-warfare.
We’ve already seen the way cyber-attacks like Wannacry have been able to disrupt vital public infrastructure and services and these were fairly primitive cyber-attacks compared with the sort of thing we might be seeing in the near future, according to Cambridge University’s report. Wannacry was a destructive and concerning incident, but comparing it to the AI-powered cyber-attacks of the near future is like comparing a rifle to a Stealth Fighter Jet; these are generationally different technologies.
Technology is fundamental to our contemporary way of life; it’s woven right into every daily activity now, so thinking about cyber-attacks that have the potential to take down tech infrastructure we’re really considering a threat to society as a whole.
That sort of threat is an issue not just for businesspeople, not just for governments but an issue for all of us to think about.
Cybersecurity calls for a grassroots level response; it’s a problem we all have to understand and defend ourselves from because, at the most fundamental level, cyber-attacks are actually targeted at individual people.
Big crimes - small targets
Cybercriminals go for big scores. They can reap millions of dollars from their attacks and take down huge companies, but their weapon of choice - email - is pointed directly at individual people.
Statistics show consistently that 90% of cyber-attacks are initiated via email. That seems strange to some people but think about it; everyone uses email. Billions of messages are flying around the globe at any given moment and they can be used by cybercriminals the way terrorists used to send letter-bombs in the pre-internet era.
To devastate a huge company, all a criminal needs to do is attach a malware file, like a virus, to an email and send it off to unsuspecting strangers. A cyber-attack email can hit millions of inboxes in seconds, and if just one of those recipients clicks on the message it can release a virus into their company’s computer system that is capable of shutting down the entire organisation.
In the cyber-attack ecosystem we live in now, every person who uses the internet needs to think of themselves as a cybercrime fighter, because the unfortunate reality is, we are all potential cybercrime targets.
How can we all work together?
That’s the question I started asking myself a couple of years ago; and it led to the inception of my new cybersecurity project: GlobalGuard.
GlobalGuard will be a mechanism for real-time collaboration to correct the imbalance of cybercrime prevention; it’s going to leverage the past seventeen years of threat data that MailGuard has collected in combination with an AI system that’s trained to detect cyber-attacks. The GlobalGuard technology and intel will be constantly available to and curated by the people who use it. It’s a hub to bring people together to confront the common enemy: cybercriminals.
GlobalGuard will use Blockchain technology to create an unprecedented community of cybersecurity stakeholders; businesspeople; IT specialists; white hat hackers and universities.
Hi, I’m Craig McDonald; MailGuard CEO, founder of GlobalGuard and cybersecurity blogger.
I’d really value your input and comments so please join the conversation.