It is quite obvious that world economy is increasingly
dependent on the information and communications technology, especially after
the dynamic implementation and expansion of new technologies in the public and
private sectors of commercial and social applications. The Information and
Communication Technology (ICT) sector is vital for all segments of the
government and the society.
Businesses for example rely on the ICT sector both
in terms of direct sales and for the efficiency of internal processes. ICT
infrastructures are a critical component of innovation and are responsible for
nearly 40% of productivity growth. [1] It
is actually so obvious that our society considers for granted the uninterrupted
use of networks and infrastructures.
The ICT sector is also responsible for the
sustainability of the National Security in various forms. But the permanent
adoption of the internet and the nonstop utilization and the convergence of
multiple technologies are not without a risk. And that risk cannot be explained
with traditional terms or only with quantitative criteria.
Modern societies are more open and more networked than
ever. The high complexity and the different possibilities of the systems create
vulnerabilities and threats, easy to exploit. It is widely accepted that since
2008 with the fall and the consequences of Lehman Brothers, our world has
changed dramatically. Cyber crime attacks rise globally at explosion rates. In
order to understand the significance of the issue, we need to understand first,
that modern tactics performing cyber terrorism activity and behavior.
It is
furthermore a necessity to shape an understanding of the topic and the danger
that could cost the loss of integrity, huge financial damage or even the loss
of human lives. Therefore there is a need for technologically informed
political leadership, that is able to drive the decision making and deal with
the problems, balancing individual privacy and freedom of the people with
safety and security. The economic landscape provides extreme difficulty to take
action, especially when budget reduction is extreme and affects the operational
expenditure.
During the World Economic Forum estimated that there
is a 10% to 20% probability of a major CII breakdown in the next 10 years, with
a potential global economic cost of approximately $ 250 billion.[2] Security
Experts warned at Davos, that cyber crime threat is rising sharply. Security
experts and law makers are constantly addressing a wide range of vulnerabilities,
unraveling a trend that is not just vandalism but organized criminality. Our
active communities are based upon free will, but at the same time national security
and social coherence should be a top priority and in balance.
The current economic
turbulence has contributed in the decline of economic activity, high
unemployment and social unrest, not only inside the European continent, but in
the Western world. These negative developments can easily result with social
unrest which can lead to outbursts of violence and criminality, including the
multiple rises of electronic crime and cyber terrorism.
As more and more jobs are being lost, the financial crisis magnifies
negative psychology. Under this situation people can be exploited by various groups
that promote acts of violence[3]. And just as street crime increases in
times of financial stress, the same trend is being noticed in cyber crime, but
in a far higher impact, financially and ethically as well.
It is not a coincidence that is expected a
considerable expansion in cyber crime. Economic projections expect an extremely
weak growth for the following years. Governments anticipate that specific
policy actions would stabilize the economy, developing the right consequences
for sustainable economic growth. This process will not only take years, but it
will test the limits of a vast majority of the population.
European
governments ultimately respond with heavy cost reductions that could probably have a negative
impact in basic governmental and military operations. This could easily endanger
a decline of the efficiency and the effectiveness of network and
telecommunications infrastructures as also the level of security and privacy. The
truth is that nobody knows the duration and the depth of this crisis, in Europe
and the Western countries.
As Joseph Stiglitz notes “Given the complexity of the economic system, the
difficulties in predicting how expectations will be altered, and the pervasive
irrationalities in the market, there is no way the impact of any economic
policy could be ascertained with certainty”[4]. Many distinguished
economists openly compare this current crisis with the Great Depression of the 1930’s.
The vertical decline of housing prices, the rapid loss of jobs, and the decline
in business investments as also the decline in lending capacity of the banking
system, created mass anger and various groups realize that the World Wide Web
eliminates boundaries and lacks centralized control. Therefore it is a tool
that it can be exploited in a manner so disastrous not only against an
individual but also against a country.
Discussing the issue of cyber warfare we should note
that at the same time the attacker is trying to develop the highest possible
damage, in public or private Information Technology Infrastructures and
Communication networks. The sophistication of new attack tools and their
widespread availability in open networks, create a disastrous mix that it
cannot be eliminated without the appropriate policies and countermeasures, as
also with the agreement of centralized operational and strategic principles for
Europe.
The international competition could initiate a new
round of state sponsored cyber attacks in mass level, and governments
understand that this threat is unlike any other traditional threat, coming from
an army or a terrorist group.
It is daily news in the mainstream media these days, cases
like the Political extremism coming from altered or malicious information that
is targeting political parties or individuals known or unknown personalities, with
the use of propaganda and harassment methods.
Under specific circumstances the spread of malicious
information in mass scale, could create social unrest or even worse acts of
terrorism. At the age of the internet
and fast moving information, people are ready to believe, without having too
much time to think about the legitimacy of the source that is providing the
information or the real intentions of the author that in many cases is unknown.
Social networking is growing rapidly along with the misuse of social networking
accounts. It includes the use of offensive religious comments, race messages of
hatred to anyone, pedophilia and other acts of behavior that very often cannot
be categorized as individual crime but as a scheme that employs many
individuals with different roles.
It is worth noting the Greek based European Network
and Information Security Agency (ENISA) based in Heraklion, Crete, which is the
responsible body of expertise, in order to tackle Network and Information
security problems, and enforce community legislation in collaboration with the
European Commission. ENISA’s role is also to address, respond and especially to
prevent
Network and Information Security problems[5]. In 2008 ENISA’s mandate was extended ‘à l’identique’ until March 2012.[6] It is in the positive direction policies like
the Critical Information Infrastructure Protection (CIIP) launched by the
European Commission, and the first pan European CIIP exercise Cyber Europe 2010[7].
The OECD as well underlines the importance of ICTs and the Internet "to boost economic performance and social
well-being, and to strengthen societies’ capacity to improve the quality of
life for citizens worldwide"[8] The
complexity and the extreme rising in vulnerabilities and threats should be
accompanied by the proper refinancing, distribution of knowledge through
International and European Union wide collaboration and further recruitment of
advanced scientific personnel, on the forefront of ICT Security research. This
is the only way to be ahead of a constantly growing threat of criminal and
terrorist activity. There is much to be done the following years.
Cyber crime
cannot be characterized as a white collar crime anymore. Traditional organized
crime is already involved in various forms of Cyber crime, while at the same
time the use of tools and techniques to attack to a given network are
widespread over the internet. These criminal groups are able to exploit
vulnerabilities of critical infrastructures and it is quite clear that
traditional organized crime is developing relationships with technically
skilled hackers, working under an incomplete law scheme that in many cases
prohibits the arrest of these criminal actors.
As the economy sinks it is also
expected that internet will become a tool for money laundering. Illegal Online gambling
for example creates the possibility to move huge amounts of capital to offshore
companies, to the other side of the globe within minutes. This provides an added
degree of protection against law enforcement and allows them to operate with
minimal risk. The inherently transnational nature of the Internet fits
perfectly into this model of activity and the effort to maximize profits within
an acceptable degree of risk[9].
Hackers characterize the current state of
counteraction of malefactors’ systems to security systems as a “game of network
cats and mice” (Nomad 2002)[10] As with any other profession, hackers need an
assortment of tools to do the job. These tools are widespread over the
internet today.
The reality though is that for the first six months of 2008, of all
security breach incidents reported around the world only 23 per cent could be attributed
to the activities of hackers[11]. But these percentages are also likely to
increase dramatically, because of the widespread use of smart phones and
laptops and the ever increasing number of users who are more mobile than ever,
thus creating an easy target.
The rise of social networks misuse of social
networking accounts is an ever growing problem that governmental think tanks
should address and respond, as a challenge that requires a broad and
cooperative response.
Fifteen percent of all
of the youth reported an unwanted sexual solicitation online in the last year;
4% reported an incident on a social networking site specifically. Thirty-three
percent reported an online harassment in the last year; 9% reported an incident
on a social networking site specifically. Among targeted youth, solicitations
were more commonly reported via instant messaging (43%) and in chat rooms
(32%), and harassment was more commonly reported in instant messaging (55%)
than through social networking sites (27% and 28%, respectively)[12].
In order to tackle effectively with all these threats in a this unstable
era, a serious, information security conscious and willing political action is required, in
order to address and respond effectively with specific directions all these
current and growing problems that arise. Knowledge, regulation and compliance is
the key for more effective governance. The collaboration between the public and
the private sector should be further encouraged.
Policy-makers
and governmental agencies must consider the constantly developing cyber threats
and vulnerabilities as an integral part of a complete security strategy, an
issue that is far beyond the military purpose, even if tackling Cyber terrorism
activities is still not an easy task to define and execute.
There are many
examples of the past that demonstrate the fact that even a whole country can go
down very fast, if essential integral parts of the society, like
telecommunications, the banking system, or the utilities like electrical
networks become a target of such an attack. Furthermore the effects of
misinformation, data-pooling or corrupted data events should never be
underestimated in an open society.
References
[1] http://epp.eurostat.ec.europa.eu/ - Science and Technology/Information Society (October
29 2010)
[3] Kalentis C. (2009)Interview
under title Financial Crisis and Crime,(p.p. 56-59) Value Invest, Issue 3
[9] Williams Phil, Organized
Crime and Cyber-Crime, Implications for Business, Cert Coordination Center
[10] Nomad 2002. Nomad Mobile
Research Centre. www.nmrc.org
[11] Microsoft, Security
Intelligence Report Key Findings Summary January 2008 – June 2008)
[12] Ybarra M. and
Mitchell K. (2008) Official Journal of the American academy of Pediatrics, How
Risky Are Social Networking Sites? A Comparison of Places Online Where Youth
Sexual Solicitation and Harassment Occurs.
