The World Economic Forum (WEF) has issued its Global Risks Report, a document it publishes every year.
This year, cyber security is a high-ranking risk, coming in at third, behind extreme weather events and natural disasters. According to the WEF survey respondents, cyber attacks and data theft are two of the risks most likely to happen.
The WEF explained that attacks against businesses have almost doubled in the last five years, and that incidents that would once have been considered extraordinary are becoming commonplace. The financial impact of cyber security breaches is also rising, with some of the largest costs in 2017 related to ransomware attacks, which accounted for 64 per cent of all malicious emails.
Notable examples, according to the report, included the WannaCry attack – which affected 300,000 computers across 150 countries – and NotPetya, which caused quarterly losses of $300 million (£212 million) for affected businesses.
Serious cyber attacks
The report also found that another growing trend is the use of cyber attacks to target critical infrastructure and strategic industrial sectors. This has raised fears that a worst-case scenario could see attackers trigger a breakdown in the systems that keep societies functioning.
Explaining how serious threats to the Internet of Things (IoT) are, the report’s authors said “cybercriminals have an exponentially increasing number of potential targets, because the use of cloud services continues to accelerate and the Internet of Things is expected to expand from an estimated 8.4 billion devices in 2017 to a projected 20.4 billion in 2020”.
This highlights just how risky the situation is.
Action needed now
It is so risky, in fact, that a report – ‘Internet of Things: Pinning down the IoT’ – compiled by the Cyber Security Research Institute and F-Secure has found that industry experts believe that in its current form, the IoT represents a considerable threat to consumers due to inadequate regulations regarding security and privacy.
F-Secure said “swift action is recommended to avoid a predictable descent into a dystopian future”.
With the number of connected devices now expected to exceed the human population, the company said, the IoT is “already nearly inescapable”. It pointed to the fact that millions of connected devices have already been compromised to be used as part of the Mirai botnet.
Meanwhile, many consumers remain unaware of the inherent risks of their connected devices and that manufacturers often rush to get products to market without taking basic security requirements and settings into consideration.
The report states: “This situation could create an even more frightening scenario than the UK tabloid newspapers’ ‘phone hacking’ scandal, due to a massive adoption of insecure IoT devices.”
Mikko Hypponen, chief research officer of F-Secure, said: “Eventually almost every household device will be online, and they will largely be invisible to the end user as a smart device.
“They will look like dumb devices, but they will be smart devices, though they won’t offer any features to the consumer because the real reason for them to be online will be for them to report home and report analytics to the company that built the device.”
An IoT for the future
F-Secure explained that the laws of supply and demand have not yet resulted in an IoT built for the future. The company said that manufacturers will only prioritise security if consumers demand it.
However, because of the “extraordinary dependency” our society is likely to develop on the billions of connected devices that we currently use, governments could have to get involved to demand security requirements from manufacturers.
The report said that, in addition to educating consumers about the risks of existing IoT devices, governments must also address the quality of technology consumers are using in their homes.
It recommended that product manufacturers should be regulated to ensure products that come to market are not lacking in security or privacy measures.
Share This Post, Choose Your Platform!
With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.