The number of connected objects is estimated to reach 50 billion in 2020, of which 6 billion are expected to be people and 4 billion are expected to be machines/devices, totaling 10 billion (Ericsson). People of all ages, various work and home appliances, cars, measuring and monitoring systems, etc., all these objects become connected and continuously generate data while creating extraordinary traffic by sharing this data.
Created, stored, and transmitted in the “Cyber Universe” which started with the internet and progressed fast, this data is expected to reach 130 Exabyte (billion Gigabyte) by 2005, 1,227 Ebyte by 2010, 8,590 by 2015, and 40,000 Ebyte by 2020.
According to published data, in approximately 1 minute in the cyber universe, 200 million e-mails are sent, 100 thousand tweets are posted, 20 million photos are viewed, 48 hours’ worth of video is uploaded to YouTube, 1.3 million videos are watched, over 2 million Google searches are done, and 277 thousand accounts log in to Facebook. All of which creates internet traffic of 650 thousand Gigabytes.
Thanks to Information and Communication Technologies, the “Cyber Universe” that encompasses all areas of life, from work to entertainment, from education to trade, provides numerous opportunities and abilities. On the other hand, the cyber universe is vulnerable to all real-life threats and dangers while having newly emerged threats and risks because of its specific features.
These threats and risks are as follows:
- Unauthorized access to systems
- Modification, destruction, or corruption of information
- Theft, disclosure, or sale of information
- Disruption of systems or denial of service
Cyber threats are all kinds of cyber-attacks and unauthorized interventions on people and institutions, targeting their data, possessions, and equipment, and corrupting their privacy, security, and transactions. Depending on the perpetrators, the motivation behind these attacks changes. Depending on the motivation, these attacks and perpetrators can be grouped into 3:
The first group mainly consists of relatively innocent actions such as individual attacks by amateurs who are trying to prove themselves, attacks by activist hackers (hacktivists) that are more in the nature of propaganda (religious or political), and protests.
In the second group, there are attacks that are considered a crime all around the world and committed by organized professionals. Behind these, there are criminal organizations, various institutions, and even countries. The purpose and motivation of these attacks can be a monetary gain (e.g. stealing from bank accounts), obtaining trade secrets, and stealing technology information.
The third group is the attacks on other countries by other countries through official or semi-official structures. This is also known as “Cyber War”. In these attacks, the aim is to destroy the critical infrastructure and projects of the target country; thus, causing damage.
Dependency on Information and Communication Technologies of critical infrastructures increases every day. Therefore, threats directed at Information and Communication Technologies have dimensions and importance relevant to all areas of life. For this reason, “cyber security” has become a significant priority.
The damage by these threats and dangers that results in reflections such as violation of human rights, hindering of business and transactions, personal and corporate victimization besides big financial losses, is estimated to be hundreds of billions of dollars globally.
It is estimated that 15-20% of the global IT market, which is estimated to have reached 2-3 trillion US dollars in 2013, is the cost of cybercrime. Global spending on cyber security, on the other hand, is estimated to be rather small, around 60 billion dollars (IDC).
According to a McAfee study (Economic Impact of Cyber Crime – Aug2014), the annual cost (with optimistic estimates of USD 375 billion and pessimistic estimates of USD 575 billion) of cyber-crimes to the global economy is over 400 billion US dollars.
Millions of computer systems and websites around the world have been crashed, and various attacks have been carried out, causing hundreds of billions of dollars in business losses. This cost also includes the cost of the stolen identity information of hundreds of millions of people in different countries (e.g. 54 million in Turkey, 40 million in the USA, over 20 million in China, 20 million in South Korea, and 16 million in Germany).
Even though a big portion of the information has not been made publicly available, it is public knowledge that in 2013 more than 3,000 companies in the US were hacked, a British company was hacked for 1.3 billion dollars in a single attack, and two banks in the Persian Gulf were hacked for 45 million dollars in a few hours, and some banks in Brazil were hacked for millions of dollars.
References:
- Symantec – 2014 Internet Security Threat Report
- Prolexic – Quarterly Global DDoS Attack Report Q2 2014
- RedSocks – Malware Trend Report Q1 2014
- Prolexic – Q2 2014 Global DDoS Attack Report
- McAfee – Economic Impact of Cyber Crime – Aug2014
- Microsoft – Security Intelligence Report H2/2014
- Fortinet – 2014 Threat Landscape Report