Intel has used the fifth anniversary of its purchase of security company McAfee to release a review of how the cybersecurity landscape has changed in that time.

There are a number of surprising observations from the report and a few that were expected. Of little surprise has been the continued lack of importance a large number of companies, and individuals, have placed on implementing basic security practices like applying updates to software and implementing policies around passwords. The reasons for this may be that people are “playing the odds” by believing that the risks are relatively small of cybercrime happening to them. It may also be that they simply don’t want to put in the effort or pay for the computer support or advice.

More surprising, to McAfee at least, has been the rapid development of cybercrime into a fully fledged industry with “suppliers, markets, service providers (‘cybercrime as a service’), financing, trading systems, and a proliferation of business models”. The growth of this industry has been fuelled by the use of cryptocurrencies like Bitcoin and the protective cloak for criminals provided by technologies like Tor).

The sophistication of the cybercrime industry has led to changes in the focus of criminals away from simply stealing credit cards to the perhaps more lucrative, large-scale implementation of “ransomware”. This has ranged from encrypting the contents of a user’s computer and then demanding payment to unlock it, to the recent exploit of users caught up in the publishing of personal sexual information from the Ashley Madison dating site.

What hasn’t come to pass (yet) is the pervasive hacking of mobile phones. Part of the reason for this has been Apple’s, and increasingly Google’s, approach of controlling the software that is allowed to be installed on the devices. The other reason is perhaps the fact that these devices are backed up more frequently and automatically, making recovery a much easier option. There is also potentially less of interest to cybercriminals on a mobile phone device as most of the actual important, and valuable, personal content is stored in the cloud.

The recent exception to the relative safety of mobile devices was the report that up to 225 000 Apple accounts had been compromised from Apple phones. The compromise in this case only affected mobile phones that had been “jailbroken”, a process that allows the user of the phone to circumvent Apple’s restrictions on what apps can run on the phones. Of course, what this has demonstrated is that the restrictions on what software can run on Apple and Android phones is actually a major security feature and so avoiding that increases the risk of being compromised significantly.

Along with mobile phones, smart devices that make up the Internet of things have also been relatively free of large-scale hacks. Researchers have demonstrated that it is possible to hack things like cars, including being able to apply the brakes of a car by sending the control system of the vehicle an SMS. In the case of this type of vulnerabilities, car manufacturers have moved to plug security holes quickly. The fact that criminals haven’t turned their attention to smart devices however is probably because of the lack of means of commercialising these types of compromises.

People still the problem
Organisations like McAfee are fighting a largely losing battle as long as companies continue not to take security seriously. In fact, US companies are spending and doing less where security is concerned than in previous years. This has led organisations like the OECD to recommend national strategies around the development of cybersecurity insurance. A benefit of having this type of insurance would be the requirements that insurance companies would place on implementing a basic level of security best practice.

David Glance is director of the UWA Centre for Software Practice at the University of Western Australia
This article was originally published on The Conversation

Netflix, Warner Bros talks raise fresh headaches for MultiChoice

Big Microsoft price increases coming next year

Vodacom to take control of Safaricom in R36-billion deal

Black Friday goes digital in South Africa as online spending surges to record high

BYD takes direct aim at Toyota with launch of sub-R500 000 Sealion 5 PHEV

Amazon and Google launch multi-cloud service for faster connectivity

Google makes final court plea to stop US breakup

Bezos unveils monster rocket: New Glenn 9×4 set to dwarf Saturn V

Tech shares turbocharged by stellar Nvidia earnings

Config file blamed for Cloudflare meltdown that disrupted the web

So, will China really win the AI race?

Valve’s Linux console takes aim at Microsoft’s gaming empire

iOCO’s extraordinary comeback plan

Why smart glasses keep failing – it’s not the tech

BYD to blanket South Africa with megawatt-scale EV charging network

TCS+ | How Cloud On Demand helps partners thrive in the AWS ecosystem

TCS | Ralph Mupita on competition, AI and the future of mobile

TCS | Dominic Cull on fixing South Africa’s ICT policy bottlenecks

TCS | BMW CEO Peter van Binsbergen on the future of South Africa’s automotive industry

TCS | Why Altron is building an AI factory in Johannesburg

Your data, your hardware: the DIY AI revolution is coming

The energy revolution South Africa can’t afford to miss

It’s time for a new approach to government IT spend in South Africa

How South Africa’s broken Rica system fuels murder and mayhem

South Africa’s AI data centre boom risks overloading a fragile grid

The changing face of cybercrime

Signs of life at Intel

Intel fights back in the AI chip wars

Panther Lake: the chip that Intel can’t let fail

Beat the summer heat with Samsung’s WindFree air conditioners

AI is not a technology problem – iqbusiness

Telcos are sitting on a data gold mine – but few know what do with it