All news

Is it Possible to Develop Safe Digital Infrastructurein an Age of Global Cyberthreats?

Experts estimate the cyber crime damage to the global economy in 2016 to have reached USD 650 billion. By 2020, it may increase to as high as USD 1 trillion, and cyber attacks may affect as many as 1.5 billion people. The cyber threat requires a joint preventive action, which is hampered by competition between national digital security programmes.

The deeper the internet infiltrates our lives, the greater is the exposure to cyber attacks. According to Boston Consulting Group, 2016 saw almost 3.5 billion internet users and approximately 10 billion connected devices, and these numbers are expected to double by 2020.

Cyber crime is going ahead in the fast lane. Any promising innovation instantly becomes an attack tool, while developing a defence takes time, so cyber crime cannot be countered by addressing the current threats only.

According to PWC, cyber crimes ranked as second most frequent economic crimes in 2016, with a share of 32% (24% in 2014), ahead of money laundering, corruption and other traditional offences.

  • Experts believe the cyber crime damage to the world economy in 2016 totalled 1% of the global GDP. Allianz Global Corporate & Specialty’s estimated it at USD 575 billion, and IDC at USD 650 billion.
  • Germany ranks first by cyber losses, which amount to 1.6% of its GDP (USD 59 billion), and is followed by the USA (0.64% of GDP, or USD 108 billion) and China (0.63% of GDP, or USD 60 billion). Russia lost 0.25% of GDP due to cyber crime and ranks fifth worldwide (according to AGCS).

Despite being virtual, about 5% of cyber attacks lead to real data being destroyed, equipment damaged and infrastructure failing. The credit and finance industry, defence sector, public administration, as well as scientific research are most vulnerable to cyber threats.

The main types of cyber attacks and their growth in 2016 compared with 2015 (according to EY):

  • malware – 9%, 
  • phishing (soliciting sensitive information) – 7%,
  • financial data theft– 12%,
  • intellectual property theft – 12%.

The most dangerous cyber threats are:

  • Cyber warfare: the ability to remotely control major infrastructure facilities.
  • Manipulation of public opinion: possibility to manipulate large numbers of people and arrange campaigns of any scale.
  • Digital dependence: people are increasingly dependent on technology, which reduces their adaptability in real world and threatens traditional social and cultural values.
  • Hacker attacks: an attack can target a personal mobile device, corporate server or government data centre.
  • Privacy invasion: every move in the virtual world has the potential to leave a digital trace; the systemic collection, analysis and use of these data by invaders enables them to influence the person’s life.

Countering cyber threats today is hampered by a number of factors.

  • Lacking harmonious regulatory framework to define cyber crime and stipulate punishment. 
  • Low awareness about the sources of cyber crimes and their effects.
  • Widespread mobile devices enabling users to store personal data.
  • A wide range of malicious software available on the web.
  • A huge amount of personal data accumulated by businesses (banks, mobile operators, private healthcare companies). Social media and messenger apps gaining ground as a means of customer support.
  • Functional ecosystem projects (smart city, smart healthcare, etc.) built on large-scale consolidation of personal data.
  • Cyber espionage on the rise amid growing geopolitical tensions.

The development of a resilient and secure digital infrastructure is one of Russia’s strategic national priorities.

  • In December 2016, President Vladimir Putin approved the information security doctrine.
  • A bill on the security of critical information infrastructure is underway.
  • Industry-specific information security centres are being set up (in 2017, the Competence Centre for Cyber Security of Automated Control Systems at Nuclear Power Plants was established).
  • Sberbank working with the Russian Ministry of Internal Affairs on drafting amendments to the Criminal Code.

International cooperation is essential. The Russian Ministry of Foreign Affairs, together with the relevant agencies, prepared a draft UN convention On Cooperation in Countering Information Crime. In February 2016, the EU and NATO developed and signed Technical Arrangement on Cyber Defence Cooperation. Work is underway to form a single digital space in the Eurasian Economic Union, including a common information security framework.