Cybersecurity

This new initiative aims to make cybercrime harder - and riskier - to commit

Man poses in front of on a display showing the word 'cyber' in binary code, in this picture illustration taken in Zenica December 27, 2014.

The risk-reward ratio is currently skewed in cybercriminals' favour. It's time to change that Image: REUTERS/Dado Ruvic

Alois Zwinggi
Managing Director, World Economic Forum
Kevin Brown
Managing Director, BT Security

Many facts and figures are published on an almost daily basis in an effort to describe the constantly changing threats to our online world. These can often be overwhelming and paint such a picture of doom that the general public, and businesses, have become almost immune to their message.

Statistics on how many cybercriminals are actually investigated and prosecuted are striking. In the UK, police logged 735,098 frauds and cybercrimes in the 12 months to March 2017 (the last year with available figures.) However, less than 10% (or 71,133 reports) were investigated and only 8,214 individuals - fewer than 1% of cases - were prosecuted. This reflects a global trend in which nascent cybercrime capabilities in many law enforcement agencies struggle to keep up with ever-evolving cybercriminal activity.

The good news, from our perspective, is that many of the attacks that are causing considerable damage to individuals and to the global economy are not so difficult to defeat. Cybercriminals often make use of online tools that are easy to download, with step-by-step guides on how to maximize their disruptive or fraudulent effect. It is not that our adversaries are necessarily highly trained computer wizards; in fact, in many cases the barrier to entry for wreaking havoc on the internet is not actually as high as we might think.

Bar chart shows the cost of cybercrime to various business sectors.
The costs of cybercrime are rising across all sectors - but we can make life harder for the perpetrators Image: Accenture Cost of Cybercrime Study 2019
Changing the attack economics

The World Economic Forum Platform for Cybersecurity and Digital Trust is seeking to drive collaboration across public and private sectors to shift the very economics of the attacks themselves – making the ‘barrier to entry’ for attacks far more robust and the penalties for attack much stronger, so that the likelihood and cost of being caught outweighs the potential gain. In the words of cybersecurity firm FireEye: “The attackers are not waking up fearful that they are going to get arrested for stealing email or extorting someone for a certain amount of cryptocurrency.”

BT and the World Economic Forum are leading an initiative, with input from the Global Cyber Alliance and a range of other partners, to consider the role that telecommunications providers play in securing the very networks that are used to making online activity possible. This approach makes it possible to address some of these macro issues in a way that has not been tested before at this level - and that could make a real difference to global cybersecurity.

A new approach to addressing high-volume cybercrime

There are three main focal points through which to find a way into a network to conduct a cyberattack. First, through the hardware, such as routers, where vulnerabilities can provide a way in; second, through software vulnerabilities, where readers will be aware of the need to frequently install patches to counter issues with erroneous or malicious code; and third, through the flow of internet traffic itself, which can be manipulated in various ways with the intent of achieving a vindictive aim.

There are actions which can and should be taken in all of these areas by telecommunications providers to make the internet a safer place for all.

This initiative will attempt to build on the successful work BT has been doing in the UK to tackle the high-volume attacks that affect people’s everyday lives. Working alongside government and industry partners, BT is preventing more than 100 million attempted malware connections every month and is working collaboratively with other ISPs in the UK to share and act on information about malicious domains.

Have you read?

The work aims to encourage other global ISPs to take responsible action which could have a significant impact on defending against high-volume attacks and securing online ecosystems. A set of principles is in preparation which aims to help ISPs better understand the types of activities they can implement to create real impact and help protect their customers.

Via the development and publication of such principles, we would like to encourage a dialogue to generate greater responsible action between and among ISPs as well as action to be taken where it can be markedly effective but has not yet been perceived as instrumental. Criminals are motivated by a risk-reward ratio which is currently skewed in their favour. Working collaboratively to make it more difficult for attackers to be successful will alter that ratio and help create safer digital ecosystems around the world.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Stay up to date:

Cybercrime

Share:
The Big Picture
Explore and monitor how Digital Communications is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

5 ways to achieve effective cyber resilience

Filipe Beato and Jamie Saunders

November 21, 2024

We asked 6 tech strategy leaders how they're promoting security and reliability. Here's what they said

About us

Engage with us

  • Sign in
  • Partner with us
  • Become a member
  • Sign up for our press releases
  • Subscribe to our newsletters
  • Contact us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2024 World Economic Forum