“Take the blue pill”
This is the pill from the Matrix movie that would have given Neo that blissful ignorance of illusion that everything is ok as he would forget about all the bad stuff of the Matrix. Every time I attend a Security event, I think I would have taken the blue pill and conveniently forget about just how bad the BAD guys are as they trade in our information, stolen credit cards and passwords.
Cybercrime apparently does pay and pay well. This I learnt after a chat with Gert-Jan Schenk, president for McAfee EMEA and Canada and Trevor Coetzee, Regional Director,McAfee,South Africa/Sub Saharan Africa. It would seem that cyber syndicates operate 24 hours a day which is evident by the slight lull in attacks as the shift change happen which is picked up by the McAfee intelligence network. Gert-Jan Schenk says that Cyber business is equivalent to a regular business complete with career growth path, medical plan, leave days and even a help-desk when your virus software is stuck.
Criminals go after the money.
In the past gangs would break into banks as that is where the money was kept, however these days, bank branches are typically used to advise people about their mortgage or about a saving plan. In the modern bank, there is very little cash as we no longer head to the branch where we can do everything we need to from our mobile devices and laptop computers. Therefore, the modem “bank robber” doesn’t attack a bank, but rather the individuals who have their login to the bank.
The criminal is fortunate that there are billions of people online which makes it easy to find those who are not security-conscious and are easy victims. Hence the tie up with Intel.
McAfee and Intel Joined at the Chip
Avi Mistry from Intel explains that there are currently 600 million laptops sold per annum. Smartphone are set at 3 billion units per annum and when the Internet of Things rolls around there will be more than 20 billion devices by 2020. Each one of these devices need to be secured and the smaller devices, the more load they put on the data centre they connect to for their info. This is why Intel purchased McAfee so that security is not afterthought layer that is added later but security agents are now part of Intel’s core function.
Security is now top of mind, not for the IT department but for the CEO of the company who know full well the financial and reputational damage that could be caused to the business should their systems be compromised. This could amount to millions of dollars.
The cost of global cybercrime is $445 Billion per annum. To put that into perspective, the global Narcotics trade is 0.9% of global GPD and Cybercrime is at 0.8% of global GPD. Cybercrime is estimated to cost South Africa R5.8 Billion in revenue every year.
When researches look at evaluating the cost of cybercrime they use these 6 components:
- Loss of intellectual property and innovation cannibalism – cybercriminals take designs and schematics and sell these to competitors who replicate products and ideas
- Risk-Free financial crime
- Confidential Business Information and Market manipulation such as stoke market manipulation
- Opportunity cost – the cybercriminal takes the same time and effort to target a rich target vs. poor which is why there is a percentage of attacks against rich countries and those countries with high Intellectual Property
- Recovery Costs – Companies don’t like to publicise that they were hacked as that would mean they would have to spend a lot of money to clean up their system. Example where Sony spent $171 million to clean up their business after an attack. There is also the reputation damage, customers who leave etc.
- Continued Growth – if companies fail to protect heir network, they will be disadvantaged as they will continue to suffer loses at the hands of cyber criminals.
Start with the Kids
Paging through the McAfee Lab Threats Report for June 2014 the game Flappy Bird struck me. The report showed that since the author of the game Flappy Bird removed the game from the App Store, there have been many clones created and uploaded to the app store to replace the game. McAfee Labs sampled 300 of those clones and found that almost 80% of them contained malware.
“Some of the behaviour we found includes making calls without the user’s permission; sending, recording, and receiving SMS messages; extracting contact data; and tracking geolocation. In the worst cases, the malware gained root access, which allows uninhibited control of anything on the mobile device including confidential business information.”
As our kids are born into this digitally connected world, they (and their teachers) need to be taught about online safety, security and threats that exists. For this reason McAfee has the Online Safety for Kids program whereby they educate kids about being safe. This is not a boring lecture type of course, but rather a unique interactive discussion which has been put together to make it cool and fun for kids to get the safety message across. What is interesting is that kids actually want to learn about safety as this is something that effects them everyday – especially the cyber bullying epidemic.
I look forward to seeing this program launched in South Africa.