Generali SpA

    premises & global services

    31 January 2017

    There is a spy in your network

    New cyber-risks and new challenges for cyber-security

    Cyber threats represent the new frontier of data analysis prone to foster high-risk activities ranging from private monitoring and surveillance to effective web-driven criminal activities.

    The 14 billion dollar budget that the USA has allocated for cyber-security purposes, could only give us a hint of the magnitude of concerns that cyber-threats pose to individuals and nation-states alike.

    So, what are the main risks associated with the rise of the network-society? According to the American news channel CNBC, there are roughly a dozen important cyber threats that need to be highlighted: the hacking of cloud computing, of the ‘clouds’ that allow us to store data without occupying physical space, demands particular attention. Cloud hacking seems indeed to be particularly significant considering the fast-growing usage of the ‘cloud-space’ both by private users and companies to store sensible information (cloud revenues have more than double over the last five years). Infrastructural attacks on service-providers, such as telecommunications and logistics companies are also central in understanding cyber-threats. Passwords, warn the experts, are no longer viable means of providing security. Even some medical devices seem to be risk prone. According to the analysts, a cyber-criminal could acquire valuable data by gaining access to administrative privileges that only the programmers of the given software or hospital managers should be entitled to have. The aim: monetize.

    Regarding the private sphere, there seems to be widespread knowledge regarding phishing (the attempt to gain sensitive information through electronic communication), the diffusion of malwares (also known as malicious software) and the so-called crypto-walls, designed to paralyse computer devices as to obtain a sum of money in exchange of their removal. However, the majority of risks are associated with telephony: to smartphones and old-generation mobile phones alike, half of which – only in the United States – do not present any anti cyber-threats security measures.

    The same could be said about automobiles, connected more than ever to the network for GPS and connectivity purposes. A hacker could gain access to the network of a given vehicle to modify and manipulate its functions. Even if it sounds as a remote possibility, British Telecom’s head of Consumer Innovation, Andy Rowland, has warned CNBC that a viral “infection” could be originated by manipulating a function of a vehicle in order to incorporate in it a malware that might not be detected, even by the producing company itself. In the worst-case scenario, many vehicles could then be infected by a singular source. Possible cyber-threats also concern credit cards: some companies have developed a system that memorises data on an integrated circuit rather than on a magnetic stripe. In this way, they have prevented thefts to use stolen credit cards, but have simultaneously exposed their owner to a new genre of cyber-threats.