Cyber-crime is rampant; denial of service attacks and extortion malware are proliferating online. Is your protection in good shape, are your electronic devices protected?
Cyber security weaknesses and the resulting problems are affecting both the digital environment and the real world. Trust in many current systems is weakening. Various kinds of attacks are commonplace online and, unless they are directly affected, individual users often find it difficult to understand the impacts of such attacks. Chains of indirect impacts are particularly difficult to grasp.
Information warfare seeks to have an impact at grassroots level (e.g. AI applications that support smartphone users) as well as on a larger scale, such as during elections. Information leaks are very often due to hidden vulnerabilities in systems, which are exploited by various hackers. Such information can be used in various ways, depending on the aims of the attacker: financial interests, espionage, whistle-blowing or engaging in smear campaigns. Systems are paralysed by denial of service attacks on a daily basis, and criminals use a range of malware to extort money from victims.
Anticipating our actions by combining data
Privacy has also been compromised, because both the private and public sectors have woken up to the potential of online interaction. The gathering and use of data are everyday activities in the modern world and enable a range of wonderful applications that make our everyday lives easier. The downside is that individual scraps of data can be combined to form a highly accurate picture of us and strongly anticipate our future actions. Such data could be used to manipulate us in terms of marketing or voting behaviour, for example.
Future development will propel us into a world where various appliances interact with each other and the internet. While this will increase business activity, which is the main idea behind it, it will also create many more opportunities for attackers. A foretaste of this has already been provided by large-scale denial of service attacks. These have exploited poorly protected online devices such as surveillance cameras, creating huge amounts of abusive traffic at the victim’s expense.
In addition, a range of extortion malware is targeted at individuals and businesses. Victims are often inclined to pay up, given the increasing value of data and its availability in critical environments such as hospitals.
What can we do?
Consumers should demand better security. Unfortunately, it is extremely difficult for consumers to obtain information on the security of devices and software. Problems are often only revealed in retrospect, when it is too late to have ‘buyer’s regret’.
Technology developers should become aware of the importance of information security. Devices and software should be designed, developed and tested with sufficient thoroughness from the information security perspective. Although complete security is unachievable, attackers should not be presented with easy targets. On the other hand, choosing just the right service and product for your own use can be difficult.
Many questions are raised by the adoption of information security and technology, and it is not always clear whether such questions meet with a more emotional or rational reaction. From the Finnish and European perspective, it is particularly interesting that under 10% of European organisations opt for a European service.
Together with our expert network and information security partners, we have decided to explore the criteria that businesses use when choosing security services and technologies. Participate in our survey which will be released in early April and give us your opinion – we will update the link to survey here. We will organise an informative but relaxed feedback session for respondents in the Helsinki metropolitan area, possibly on 8 June (the date will be confirmed when we launch the survey).
Update, 10 May 2017: you find the survey here.
Kimmo Halunen, Senior Scientist
Pekka Savolainen, Principal Scientist