Times are certainly changing. Politics, regulation, threats, conflict and so much more are changing; but it can be difficult to adapt to all the new and emerging technologies and their applications. There is little doubt that the world's reliance on computers and their use continue to increase rapidly. Arguably, digital transformation is the leading driver of change. All these are producing a significant amount of new data and data communication paths that are all potential targets for cyberattacks by our adversaries and criminals. The sum of all this equals changes to our knowledge base, education requirements and the cyberthreat environment. Let's take a look at some of the stats.

Cyberattack surface area

In 2016, there were multiple numbers that clearly showed just how large the cyberattack surface area has become. It was estimated that in 2016, internet of things, or IoT, devices rose to 17.6 billion. In 2016, there were an estimated 12.5 million connected cars produced and put into operation. Also in 2016, an estimated 45 percent of Americans had either a smart home or invested in smart-home technology, according to a survey by Coldwell Banker.

Now we should also include robots. In the forth quarter of 2016, robot orders in North America surged by 61 percent. The increases in robot sales has led analysts projecting that robots will take/occupy 6 percent of all U.S. jobs by 2021.

Here is something that provides a partially over-arching perspective: data storage. IDC projects data storage growth by 35 to 40 percent per year for external storage and 33 to 38 percent for internal storage. Finally, consider Gartner’s projection that "manufacturers, consumer goods companies, medical device providers and their supply chain vendors are expanding the use of 3-D printing." Think of the data files flowing to those printers! Think about the value of those files. Theft of those files enables counterfeit products, for sure. Think about all the changes in technology and to the cyberattack surface area the above data represents.

Threats

Consider the following metrics as an indication of the current pace of change to the cyber environment. In just one quarter of 2016, Panda Labs stated there were 18 million new strains of malware identified/captured. That equates to about two and one-third new pieces of malware being identified every single second. That is what was found! It is anyone's guess what was actually released. In 2016, ransomware continued to grow in number. In fact, some place the growth rate at approximately 300 percent. That means in 2016 there were on average approximately 4,000 ransomware attacks occurring every day. That equates to two and three-fourths ransomware attacks per minute. We shouldn't forget about the growing use of cryptocurrencies for payment in ransomware attacks! At the time of writing this, there were more than 850 different cryptocurrencies with a total market capitalization equal to or over $97 billion. Think about all the nefarious activities that cryptocurrencies could be used to fund. It's proven to be so relevant that a recent cryptocurrency webinar had approximately 3,000 professional attendees. 

Distributed denial of service, or DDoS, attacks in 2016 were up in frequency, intensity and the amount of flooding data. In fact, we saw the largest DDoS attack of its kind in history. One company reported DDoS traffic of 1.2 terabytes per second. But hold on. Think about the potential for a highly distributed IoT bot net. That is a distinct possibility evolving right before our eyes. 

Impact on cyber training and education

The pace at which the cyberthreat environment is changing creates a huge challenge for our military and intelligence communities. Keeping up with these changes is a large and growing task. Considering the pace with which technology is advancing and implemented, it is easy to see just how essential continuous education has become. With all of the changes that have taken place and continue to take place, updating the curriculum must be an ongoing activity; the same goes for the knowledge and skill-set requirement of professionals in the cybersecurity field. Today, very few organizations have as a requirement for employees and contractors the upkeep of cybersecurity knowledge. That must change immediately if we are to keep pace with the ever-changing cyberthreat environment.

Share:
More In Cyber