The value of total fraud in the UK — not limited to the cybersphere — surpassed £1bn for the first time since 2011, according to a report published yesterday by accountancy firm KPMG.
Sophisticated technology is largely to blame for this sharp rise, as more hackers illegally exploit the web for their own gain.
“Through the rapid rise of technology and online platforms, more people than ever are being targeted by fraudsters who have unrestricted access to a larger pool of victims,” said Hitesh Patel, UK forensic partner at KPMG.
An estimated 5.5m cyber offences take place every year in the UK alone, the most recent Crime Survey of England and Wales (CSEW) revealed.
There were 110 attempts to hack the European Commission’s servers last year, the Financial Times reported earlier this month.
A growing problem
The increasing severity of cyber attacks cannot be ignored.
Lloyds, the major British bank, suffered a two-day denial of service attack in early January, when cyber criminals attempted to block access to some 20m accounts.
Financial institutions are routinely targeted; Tesco Bank was forced to repay £2.5m to 9,000 customers who had their money stolen by hackers just a few months earlier.
In December, US intelligence agencies blamed Russia for accessing and leaking Democratic National Committee (DNC) emails during the US presidential election campaign.
However, large-scale cyber attacks are nothing new — so why aren’t we better able to prevent them?
Over 1bn Yahoo user accounts were hacked in 2013 alone. These are just some of the many thousands of hacking, phishing and scamming incidents occurring every day that few are prosecuted for.
It is very difficult to attribute responsibility for cyber attacks because sophisticated hackers can easily remain anonymous.
“Cyber criminals know there is a low likelihood of being detected, caught or prosecuted and many attack strategies can be executed cheaply. This has led to a substantial broadening of the attacker base,” said Cyril Roux, deputy governor of the Central Bank of Ireland in a speech in September 2015.
“The risk/reward trade-off for cyber crime is very attractive.”
Philip Howard, professor of internet studies and director of research the Oxford Internet Institute remains hopeful that there are ways to deter cyber criminals:
“Governments and firms increasingly find that the most damaging cyber-attacks come from Russia and China, so in the years ahead the stable signal of sanctions and consistent diplomacy might discourage these particular regimes continuing such attacks,” told Verdict.
A dark future
However, other experts are less convinced that the cyber threat can be contained.
In a new book released next month, The Dark Side of Technology, Peter Townsend, emeritus professor of experimental physics in engineering at the University of Sussex explores the disastrous consequences of technology — and he paints a worrying picture.
Infiltrating email servers, unlawfully accessing NHS patient data, and causing minor power cuts is “really quite straightforward,” Townsend explained. “Even kids can do it.”
And some have. High school student David Dworken, from Washington DC, hacked into the Pentagon websites on his laptop in between classes at Maret high school in July.
More recently, a 17-year-old boy was found guilty of carrying out the major cyber attack on the telecoms company TalkTalk; almost 157,000 customers’ personal details were hacked.
Townsend points to the potential for even more dangerous and far-reaching scenarios:
“There are about 30,000 flights a day over Europe. If a pilot can’t contact the airports because the satellite system has been hacked, the plane can’t land. The pilot has no way to navigate the plane. If you were a passenger, you’d be in pretty big trouble,” he told Verdict.
“Most pilots can’t navigate without a GPS system, because they don’t get that training anymore. They really should.”
Other forms of transport, like driverless cars, which will be tested on UK motorways later this year, have been hailed as the answer to reducing road deaths. They are also a prime target for hackers, who could easily carry out so-called ransomware attacks in which driverless cars are hijacked, with a ransom demanded to avert disaster.
“Hackers can already record your signal as you lock your car. When you walk away, they unlock your car and steal your valuables. When you come back, your car is locked and there is no sign you’ve been broken into,” Townsend explained.
“With driverless cars, the scope is even greater.”
Is there any real way to protect against cyber attacks?
“Not a hope,” Townsend insisted. “Protection software is written by humans. If one human can write the protection software, another human can write the hack.”
The Dark Side of Technology by Professor Peter Townsend will be published by Oxford University Press (OUP) in February.