Cybercrime is one of the most important issues in the global security discussions today. It is no coincidence that it has grown to the size of the world’s third largest ‘economy’, behind the United States and China. At the same time, this issue has become part of the global security game between great powers, because, as we can see, it is absolutely not difficult to accuse the other country of doing it. The US is leading the way in in this respect, as it has now essentially monopolized the global information market and the IT sector. That is why the US is in no hurry to regulate this issue in a comprehensive and integrated way that meets the interests of all parties concerned.
The financial damage caused by cybercrime would make it to the third largest economy in the world if it were a country’s GDP. Cyber criminals are becoming more active and are increasingly hiding in organization’s computer systems, collecting data and just waiting for the right opportunity. Microsoft’s security network alone blocks 5 billion such attacks worldwide each month. According to the FBI’s Cyber Crime Report of 2020, there were 2,474 attacks in the US alone that year, with damages amounting to $29.1 million. However, as the authorities are unaware of the majority of extortion cases, in reality the number is much higher. German data processing company Statista reported 304 million attacks worldwide last year, most of them affecting lawyers, accountants, consultants and similar professions, up 62 percent compared to 2019.
“Despite this fact, cybercrime caused $6,000 billion worth of damage alone in the first half of this year. It has now become the third largest ‘economy’ behind US and China. However, according to estimates, by 2025, the damage caused by cybercrime could reach up to $10,000 billion”
Attackers in possession of sensitive data can take control of the host computers at any time and literally cause disasters. For example, they could cripple an entire air traffic control system, a water utility or a power plant. But even a temporary production shutdown in a factory could result in serious losses.
And on the computer screen, a message will appear in poor English using Google Translate saying that the files have been encrypted. Thus they are now inaccessible, but the hackers will restore them for a fee. And then, after a short hesitation, the company in question usually reaches into its pocket, paying the extortionists in bitcoin or other cryptocurrency. In order to avoid any further inconvenience, the case is not even reported to the authorities.
“For example this spring, the owners of the Colonial Pipeline running between Texas and New York paid $5 million to the criminal network DirkSide, and earlier this summer the US meat processing company JBS paid $11 million to the Russian-based hacking group REvil (Ransomware Evil). Those who, by the way, asked for $70 million a month later for an attack”
The US media then published a series of articles on cybercrime. The New York Times editorial immediately stated that the majority of attacks originate from Russia, but also mentioned China, Iran and North Korea as among the big players. Of course, we are aware of the capabilities of the Russian or Chinese hackers, but reading all this makes it seem as if cybercrime is the exclusive domain of the strategic adversaries of the United States.
These articles explain in detail how authoritarian regimes know about these criminal groups and sometimes use them. Therefore, they turn a blind eye to their activities. As evidence, they point to the fact that when REvil launched the biggest attack ever by hacking into the US software company Kaseya, Joe Biden called his Russian counterpart and REvil suddenly disappeared from the Darknet. The New York Times however notes that it is by no means certain that the Kremlin took action, because in such cases these groups often leave the dark side of the web themselves, just as it is possible that the US intervened and shut down the group’s servers.
“In other words, there are several possible scenarios, yet these articles go on at length about why, as long as these groups are carrying out money-raising operations abroad, Putin is not interested in cybercrime”
They recall the talks between Biden and Putin in Geneva, where the US President identified 16 sectors to his Russian counterpart, where Washington will retaliate particularly harshly if Moscow attacks them. What is not mentioned in these articles is that Russia has also submitted a proposal to the UN to strengthen digital security. However, this would limit the US monopoly in the information and communications sector. Because let’s not forget that, while the White House accuses the Kremlin of inaction in this area, as the article already mentioned shows, Washington essentially controls the global market both in IT and in the distribution of information in its entirety.
“But remember that digital security cannot be reduced to cybercrime. And because comprehensive, global regulation is advancing too slowly, many countries are strengthening digital sovereignty at the national level, limiting US room for manoeuvre. In a world where the battle is now fought to influence thoughts, to shape interpretations, and where information has become a strategic tool, it is now a factor that affects national security”
So, in addition to the ‘Great Firewall of China’, Russia has also shut down the internet as an experiment. Somewhat more slowly, but the European Union is also looking for a solution to the problem. As the proposals from Brussels outline, in a post-Covid environment, the EU aims to defend and strengthen its digital sovereignty and its leadership in strategically important international digital value chains, which are crucial to ensure Europe’s strategic autonomy in our digital age. ‘We have set ourselves no lower ambition than digital sovereignty – to achieve a truly digital single market, where we lay down our own rules, make autonomous technological choices and develop our own digital solutions’ said the President of the European Council, Charles Michel. In this context, the Commission has developed a comprehensive ‘Digital Agenda’ setting out the EU’s concrete objectives for digitalization by 2030.