Cyber Costs Reframed: The Human Costs of Cyber Insecurity
2 Nov 2023 08:30h - 09:05h UTC
Event report
Moderator:
- Ryan Chilcote
Speakers:
- Dan Cîmpean
- Dr. Ahmed Abdel Hafez
- Major General (rtd.) Eng. Mohammad Abdulaziz Boarki
Table of contents
Disclaimer: This is not an official record of the GCF session. The DiploAI system automatically generates these resources from the audiovisual recording. Resources are presented in their original format, as provided by the AI (e.g. including any spelling mistakes). The accuracy of these resources cannot be guaranteed. The official record of the session can be found on the GCF YouTube channel.
Knowledge Graph of Debate
Session report
Ryan Chilcote
The discussions revolved around several key topics related to cybercrime and AI. Firstly, the rising costs of combating cybercrime were a cause for concern. The former president of Estonia expressed worries about the escalating expenses in fighting cybercrime globally and specifically in his country. In Estonia, the budget for combating cybercrime has grown five-fold over the past five years. This highlights the financial strain that governments face in dealing with the ever-evolving nature of cyber threats.
Another area of discussion focused on the use of AI by attackers to create sophisticated, zero-day attacks. Zero-day attacks refer to attacks that have no prior fingerprint, making them difficult to detect and defend against. It was noted that attackers do not need to be cybersecurity experts to utilise AI in their attacks. New attacks using AI are being invented on a daily basis, posing a significant challenge to cybersecurity professionals and organisations.
To address the potential misuse of AI, there was a consensus that regulation is necessary. Notably, AI is considered an uncontrollable technology, and there are ongoing efforts by the UN and governments to find ethical ways to regulate it. The goal is to prevent malicious actors from harnessing AI for nefarious purposes, while still allowing for its beneficial applications.
However, regulating AI is not an easy task due to its fast-changing nature. AI technology evolves rapidly, and as a result, regulations need to be constantly updated to keep pace. There was expressed doubt about whether enough time exists to develop comprehensive AI regulations, as it took the European Union nine years to create GDPR regulations.
The need for international cooperation in addressing cybercrime was emphasised. It was highlighted that 40 countries have agreed not to pay ransom during cyber-attacks, showcasing a concerted effort to refuse ransom payments. This unity in refusing to pay ransoms aims to discourage cybercriminals and reduce their financial incentives.
One of the notable points of discussion was the practical implications and boundaries of banning ransom payments. Ryan Chilcote questioned whether a policy of banning ransom payments would also apply to individuals who are threatened with the release of sensitive personal information. This raised considerations about striking a balance between protecting individuals and preventing further harm caused by ransomware.
In conclusion, the discussions brought attention to the challenges posed by cybercrime, the use of AI in sophisticated attacks, the need for regulation to prevent AI misuse, the difficulties in regulating a fast-changing technology, and the importance of international cooperation to counter cyber threats. The rising costs of combating cybercrime were seen as a pressing concern, while the practical implications of banning ransom payments highlighted the complexities of finding effective solutions. The analysis shed light on the ongoing efforts to tackle cybercrime within the framework of peace, justice, and strong institutions.
Mohammad Abdulaziz Boarki
The analysis reveals that the healthcare sector, emerging technologies, and oil sectors are highly susceptible to high asset cyber attacks. The healthcare sector has become a prime target for ransomware attacks, disrupting surgeries and compromising patient data. Similarly, emerging technologies, such as IoT systems, are connected to wide networks, making them attractive targets for cyber attacks. Additionally, systems holding sensitive or valuable information, including government entities, are frequently targeted.
Countries with poor infrastructure face significant challenges in protecting their cyber space due to budgetary constraints and lack of resources. A global effort is needed to protect these countries from cyber threats. Awareness training and capability building in cyber space are crucial in enhancing cybersecurity. Adequate budgetary allocations are necessary to combat cybercrime and protect institutions and citizens. Cybersecurity is now one of the top three priorities for any country, and countries need to invest more in cybersecurity.
Regulating artificial intelligence (AI) is complex due to its fast-changing nature. However, it is important to establish and adapt regulations to ensure ethical and safe use of AI. The decision to pay ransomware depends on the value and impact of the stolen data, and each country has the right to make decisions based on national interest.
In conclusion, this analysis highlights the vulnerability of various sectors and systems to high asset cyber attacks. The importance of global collaboration, awareness training, budgetary allocations, and investments in cybersecurity is emphasized. Adequate regulation of AI and thoughtful decision-making regarding ransomware are crucial in ensuring cybersecurity. By addressing these issues, countries can protect their institutions, citizens, and national interests in the digital landscape.
Dan Cîmpean
Phones, tablets, and laptops are considered the most vulnerable devices to cyber attacks because they are in close proximity to humans. The aggressive digital transformation in recent years has resulted in the installation of numerous applications and tools on these devices, making them prime targets for malicious activities. These devices also contain a significant amount of data and are constantly used, further increasing their susceptibility to cyber threats. Protecting personal devices from such threats is crucial as any negative impacts can have serious consequences on productivity, finances, and daily activities. The healthcare sector is another area particularly vulnerable to cyber attacks. The consequences of such attacks can have a direct and harmful impact on human lives. There have been documented cases, such as a hospital in Germany being subjected to a ransomware attack, which resulted in a patient's death. The potential disruption caused by cyber attacks on healthcare systems can render hospitals unable to handle patient cases, leading to tragic outcomes. Consequently, there is a need for greater investment and focus on improving the cybersecurity of healthcare systems. The healthcare sector, being relatively less mature from a cybersecurity perspective, requires increased financial resources to ensure the safety and well-being of patients and medical professionals. It is recommended that the cybersecurity of healthcare systems should be given priority by national competent authorities. Privacy protection, especially among young people, presents a significant challenge. While young people are often proficient in using digital technologies, they tend to overlook the regulatory landscape. However, it is noteworthy that young people also play a vital role in knowledge transfer to older generations when it comes to online safety. They are often the ones teaching their parents and grandparents how to behave safely online, as they possess more experience and understanding of digital technologies. Consequently, there is a call to invest more in educating young people about cybersecurity, given their proficiency and their potential to bring about a paradigm shift in the dissemination of digital knowledge. Regulatory measures are crucial in combatting cybercrime; however, the ever-evolving nature of technology poses a constant challenge in enforcing effective measures. Cyber criminals exploit the vulnerabilities of technology, causing harm that is often difficult to prevent and mitigate. It is recognized that the education and resilience of regular internet users play a significant role in reducing cybercrime. With millions of users directly or indirectly needing protection, their behavior on the internet, as well as the resilience of critical infrastructures, become crucial factors in preventing cyber attacks. In order to achieve this, there is a need to improve the education of internet users and enhance their ability to respond effectively to potential threats. Dealing with the ransomware phenomenon is an intricate issue that presents complex problems with no clear or effective solution at present. There are debates surrounding whether paying ransoms to cyber criminals should be prohibited or encouraged. It is acknowledged that paying ransoms can perpetuate the cybercrime economy; however, finding alternative solutions to tackle ransomware remains a challenge. There are difficulties in cascading down decisions of not paying ransomware at an individual or organizational level, highlighting the complexities of addressing this issue. In conclusion, protecting personal devices from cyber threats and ensuring the cybersecurity of critical sectors like healthcare is of paramount importance. Education and awareness, particularly among young people, play a crucial role in combating cybercrime. Regulatory measures need to be continually updated and enforced to keep up with the ever-evolving nature of technology. Additionally, efforts to deter cybercrime include the banning of ransomware payments to discourage the growth of the cybercrime economy. Overall, a comprehensive approach that combines investment, education, regulation, and cooperation is essential for effectively addressing the challenges posed by cyber threats and protecting individuals, organizations, and society as a whole.
Dr. Ahmed Abdel Hafez
Cyber attacks have both direct and indirect impacts on humans, affecting both individuals and digital services. Individual loss of control over data, such as banking credentials and social engineering details, can greatly affect individuals. Furthermore, cyber attacks on digital services like healthcare, intelligent transportation systems, and other emerging service systems that are being digitised can have direct or indirect impacts on human beings.
The psychological impact of cyber attacks and digital dependency is becoming prevalent. The fear of losing a mobile phone, known as "nomophobia," is a psychological issue that is on the rise. In addition, issues such as cyber bullying cause harm to people, particularly vulnerable individuals like young girls.
The increasing dependency on mobile phones is a concern as well. People's lives are now heavily reliant on their phones, which contain their bank details, personal information, and social accounts. Even the loss of battery life in a phone can cause stress in individuals.
Awareness plays a crucial role in combating cybercrime. Dr Hafez suggests that teaching people how to handle digital transformation safely is crucial and can reduce cyber attacks by 80 to 90 percent. This highlights the importance of educating individuals about cybersecurity risks and best practices.
Strict regulations and laws are necessary to control cybercrime. Dr Hafez believes in implementing strict rules and regulations that should be followed by individuals and government officials. In Egypt, for example, anti-cybercrime laws and data privacy laws have been enacted.
A Child Online Protection strategy is essential to help children access the internet safely, especially considering that 40% of the population in Egypt is under 18. This underscores the need to protect vulnerable individuals from the potential harms of the internet.
The role of artificial intelligence (AI) in cyber attacks is significant. AI can be used to invent new sophisticated attacks, including zero-day attacks, which complicates the task for cybersecurity professionals. Additionally, the scope of potential attackers has expanded with AI, as individuals do not need to be cybersecurity experts to use it.
The ethical use and control of AI are important considerations. Currently, AI is seen as an uncontrollable technology, leading governments and organizations like the United Nations to work on managing its use in an ethical manner.
Ransomware attacks pose a significant issue, with losses reaching three trillion US dollars last year. Nations' efforts to control ransomware have become crucial in mitigating the impact of these attacks.
Data has become the most important asset in the global economy, on par with oil. As such, responsible data management and protection are essential for economic sustainability.
Strong data backup control measures and international collaboration are necessary to effectively combat cybercrime. Dr Hafez emphasizes the importance of a three-to-one backup for data assets to prevent ransomware attacks. Furthermore, increased collaboration among nations is necessary since cybersecurity is a cross-border activity that requires cooperation and collaboration.
Overall, cyber attacks and their various impacts on human beings are significant considerations in today's digital world. From the direct impact on individuals to the societal implications of digital dependency, it is crucial to address these issues through awareness, regulation, protection strategies, and international collaboration.
Speakers
DC
Dan Cîmpean
Speech speed
156 words per minute
Speech length
1220 words
Speech time
468 secs
Arguments
Phones, tablets and laptops are most vulnerable to malicious cyber activities as they are closest to humans
Supporting facts:
- Aggressive digital transformation has led to numerous applications and tools being installed on these devices
- These devices contain a lot of data and are constantly used, making them prime targets
Topics: Cyber Attacks, Damage from Cyber Attacks, Device Security, Digital Transformation
Healthcare system is vulnerable to cyber attacks which can have direct human harm
Supporting facts:
- There was a documented human death in Germany due to a ransomware attack on a hospital.
- A hospital treating 1,000 patients a day could be rendered unable to handle these cases due to a cyber attack.
- Any disruption in the healthcare sector due to cyber attacks can have a tragic impact.
Topics: cybersecurity, healthcare, digital technologies
Privacy protection, especially among young people, presents a significant challenge
Supporting facts:
- Young people are proficient in using technologies
- They tend to ignore regulatory landscape
- Young people learn best practices from each other
Topics: Privacy, Cybersecurity, Youth
Young people's proficiency in technology leads to a paradigm shift in knowledge transfer
Supporting facts:
- Youngsters are teaching their parents and grandparents how to behave safely online
- They are more experienced in using digital technologies than older generations
Topics: Privacy, Youth, Cybersecurity, Technology, Education
Regulatory measures are crucial for combatting cyber crime, but technology will always be one step ahead
Supporting facts:
- It's difficult to put regulatory measures in place for technology
- Cyber crime, for example, will use and exploit the vulnerabilities of those technologies and cause harm
Topics: Cyber crime, Regulatory measures, Technology
Improving the education and resilience of regular internet users is necessary to reduce cyber crime
Supporting facts:
- Millions of users directly or indirectly need to be protected either through their behaviour on the internet or through the resilience of critical infrastructures
- Regular users become a gigantic attack surface that can be exploited by malicious actors
Topics: Cyber crime, Education, Resilience, Internet users
Difficulty in cascading down the decision of not paying ransomware at individual or organizational level
Supporting facts:
- Challenges include enforcement and user autonomy
Topics: Cybersecurity, ransomware, Policy
Report
Phones, tablets, and laptops are considered the most vulnerable devices to cyber attacks because they are in close proximity to humans. The aggressive digital transformation in recent years has resulted in the installation of numerous applications and tools on these devices, making them prime targets for malicious activities.
These devices also contain a significant amount of data and are constantly used, further increasing their susceptibility to cyber threats. Protecting personal devices from such threats is crucial as any negative impacts can have serious consequences on productivity, finances, and daily activities.
The healthcare sector is another area particularly vulnerable to cyber attacks. The consequences of such attacks can have a direct and harmful impact on human lives. There have been documented cases, such as a hospital in Germany being subjected to a ransomware attack, which resulted in a patient's death.
The potential disruption caused by cyber attacks on healthcare systems can render hospitals unable to handle patient cases, leading to tragic outcomes. Consequently, there is a need for greater investment and focus on improving the cybersecurity of healthcare systems. The healthcare sector, being relatively less mature from a cybersecurity perspective, requires increased financial resources to ensure the safety and well-being of patients and medical professionals.
It is recommended that the cybersecurity of healthcare systems should be given priority by national competent authorities. Privacy protection, especially among young people, presents a significant challenge. While young people are often proficient in using digital technologies, they tend to overlook the regulatory landscape.
However, it is noteworthy that young people also play a vital role in knowledge transfer to older generations when it comes to online safety. They are often the ones teaching their parents and grandparents how to behave safely online, as they possess more experience and understanding of digital technologies.
Consequently, there is a call to invest more in educating young people about cybersecurity, given their proficiency and their potential to bring about a paradigm shift in the dissemination of digital knowledge. Regulatory measures are crucial in combatting cybercrime; however, the ever-evolving nature of technology poses a constant challenge in enforcing effective measures.
Cyber criminals exploit the vulnerabilities of technology, causing harm that is often difficult to prevent and mitigate. It is recognized that the education and resilience of regular internet users play a significant role in reducing cybercrime. With millions of users directly or indirectly needing protection, their behavior on the internet, as well as the resilience of critical infrastructures, become crucial factors in preventing cyber attacks.
In order to achieve this, there is a need to improve the education of internet users and enhance their ability to respond effectively to potential threats. Dealing with the ransomware phenomenon is an intricate issue that presents complex problems with no clear or effective solution at present.
There are debates surrounding whether paying ransoms to cyber criminals should be prohibited or encouraged. It is acknowledged that paying ransoms can perpetuate the cybercrime economy; however, finding alternative solutions to tackle ransomware remains a challenge. There are difficulties in cascading down decisions of not paying ransomware at an individual or organizational level, highlighting the complexities of addressing this issue.
In conclusion, protecting personal devices from cyber threats and ensuring the cybersecurity of critical sectors like healthcare is of paramount importance. Education and awareness, particularly among young people, play a crucial role in combating cybercrime. Regulatory measures need to be continually updated and enforced to keep up with the ever-evolving nature of technology.
Additionally, efforts to deter cybercrime include the banning of ransomware payments to discourage the growth of the cybercrime economy. Overall, a comprehensive approach that combines investment, education, regulation, and cooperation is essential for effectively addressing the challenges posed by cyber threats and protecting individuals, organizations, and society as a whole.
DA
Dr. Ahmed Abdel Hafez
Speech speed
174 words per minute
Speech length
1673 words
Speech time
577 secs
Arguments
Cyber attacks can have both direct and indirect impacts on human beings
Supporting facts:
- Losing control of data such as banking credentials, social engineering details, can greatly affect individuals
- Cyber attack on digital services like healthcare, intelligent transportation systems, emerging service systems which are being digitized will have direct or indirect impacts on human beings
Topics: Cyber Security, Digital Transformation
The psychological impact of cyber attacks and digital dependency
Supporting facts:
- The fear of losing a mobile phone is called nomophobia, which is becoming a prevalent psychological issue
- Issues such as cyber bullying causes harm to people, especially vulnerable individuals like young girls
Topics: Psychology, Digital Dependency
Increased dependency on mobile phones
Supporting facts:
- People's lives are now majorly dependent on their phones which contain their bank details, personal information, social accounts etc.
- Losing battery life of a phone itself causes stress in individuals
Topics: Digital Dependency, Mobile Technology
The importance of awareness in combating cybercrime
Supporting facts:
- Dr. Hafez states that awareness can reduce cyber attacks by 80 to 90 percent.
- He suggests that teaching people how to handle digital transformation safely is crucial.
Topics: Digital Transformation, Cybersecurity
Child Online Protection strategy to help children access the internet safely
Supporting facts:
- Dr. Hafez mentioned that Egypt is working towards creating a Child Online Protection strategy, as 40% of the population is under 18.
Topics: Child Online Protection, Internet Safety
AI complicates threats in cybersecurity
Supporting facts:
- AI can be used to invent new sophisticated attacks, including zero-day attacks, which complicates the task for cybersecurity professionals.
- The scope of potential attackers has expanded with AI, as they don't need to be cybersecurity experts to use it.
Topics: AI, Cybersecurity, Zero-day attack
The issue of nations trying to control ransomware is significant, with losses increasing to three trillion US dollars last year.
Supporting facts:
- Ransomware attacks have led to an increase in losses, reaching three trillion US dollars in the last year.
Topics: Ransomware, Cybersecurity, Data Protection
Data has become the most important asset, akin to oil in the global economy.
Topics: Data Management, Information Asset, Global Economy
Organizations that do not back up their data will, as punishment, have to pay the ransomware to retrieve it.
Topics: Data Backup, Ransomware, Organizational Regulation
Dr. Ahmed Abdel Hafez is not satisfied with the current level of international collaboration in combating cybercrime
Supporting facts:
- Spending on cybersecurity globally is in billions, but the losses are in trillions
- Cybersecurity is a cross-border activity and requires cooperation and collaboration
Topics: International collaboration, Cybercrime, Data protection, Data privacy
Report
Cyber attacks have both direct and indirect impacts on humans, affecting both individuals and digital services. Individual loss of control over data, such as banking credentials and social engineering details, can greatly affect individuals. Furthermore, cyber attacks on digital services like healthcare, intelligent transportation systems, and other emerging service systems that are being digitised can have direct or indirect impacts on human beings.
The psychological impact of cyber attacks and digital dependency is becoming prevalent. The fear of losing a mobile phone, known as "nomophobia," is a psychological issue that is on the rise. In addition, issues such as cyber bullying cause harm to people, particularly vulnerable individuals like young girls.
The increasing dependency on mobile phones is a concern as well. People's lives are now heavily reliant on their phones, which contain their bank details, personal information, and social accounts. Even the loss of battery life in a phone can cause stress in individuals.
Awareness plays a crucial role in combating cybercrime. Dr Hafez suggests that teaching people how to handle digital transformation safely is crucial and can reduce cyber attacks by 80 to 90 percent. This highlights the importance of educating individuals about cybersecurity risks and best practices.
Strict regulations and laws are necessary to control cybercrime. Dr Hafez believes in implementing strict rules and regulations that should be followed by individuals and government officials. In Egypt, for example, anti-cybercrime laws and data privacy laws have been enacted.
A Child Online Protection strategy is essential to help children access the internet safely, especially considering that 40% of the population in Egypt is under 18. This underscores the need to protect vulnerable individuals from the potential harms of the internet. The role of artificial intelligence (AI) in cyber attacks is significant.
AI can be used to invent new sophisticated attacks, including zero-day attacks, which complicates the task for cybersecurity professionals. Additionally, the scope of potential attackers has expanded with AI, as individuals do not need to be cybersecurity experts to use it.
The ethical use and control of AI are important considerations. Currently, AI is seen as an uncontrollable technology, leading governments and organizations like the United Nations to work on managing its use in an ethical manner. Ransomware attacks pose a significant issue, with losses reaching three trillion US dollars last year.
Nations' efforts to control ransomware have become crucial in mitigating the impact of these attacks. Data has become the most important asset in the global economy, on par with oil. As such, responsible data management and protection are essential for economic sustainability.
Strong data backup control measures and international collaboration are necessary to effectively combat cybercrime. Dr Hafez emphasizes the importance of a three-to-one backup for data assets to prevent ransomware attacks. Furthermore, increased collaboration among nations is necessary since cybersecurity is a cross-border activity that requires cooperation and collaboration.
Overall, cyber attacks and their various impacts on human beings are significant considerations in today's digital world. From the direct impact on individuals to the societal implications of digital dependency, it is crucial to address these issues through awareness, regulation, protection strategies, and international collaboration.
MA
Mohammad Abdulaziz Boarki
Speech speed
152 words per minute
Speech length
1302 words
Speech time
512 secs
Arguments
Health care sector is a high asset and frequently targeted by ransomware attacks
Supporting facts:
- Healthcare sector has become one of the highest assets for ransomware attacks
- Disruption in executing surgeries due to encryption of patient data
- The sector becomes a high target due to potential monetary gains
Topics: Cybersecurity, Ransomware Attacks, Healthcare
Emerging technologies are escalating the assets' vulnerability to attacks
Supporting facts:
- Emerging technology is evolving very quickly, changing asset targets for attacks
- A system becomes a high asset when it holds valuable information
- IoT systems attached to wide networks become high assets
Topics: Emerging Technology, Cybersecurity
Oil sectors are also frequent targets of high asset attacks
Supporting facts:
- Oil sectors have become one of the highest assets for attacks
Topics: Oil Sectors, Cybersecurity
The impact of cyber threats on countries with poor infrastructure is devastating
Supporting facts:
- Some countries do not have the budget or correct resources to execute proper regulation for sizing and measuring cyber impacts
- Poor countries with poor infrastructure lack the capabilities to protect their cyber space
- Lack of an appropriate strategy or clear objectives can lead to a costly impact
Topics: cybersecurity, budgetary constraints, infrastructure
Awareness training and capability building in cyber space are critical
Topics: cybersecurity, education, training
Cybercrime is a debilitating threat and needs adequate budgetary allocations
Supporting facts:
- The budget of Estonia for combating cybercrime has grown five-fold over the last five years
- Cybercrime can be devastating for any country
Topics: Cybercrime, Government Budget
Cybersecurity is now one of the top three priorities for any country
Supporting facts:
- Cyber threats could hit economy, society, and financial systems
- Countries need to invest in handling cyber threats
Topics: cybersecurity, global priorities, national security
Regulating AI is not an easy job due to its fast-changing nature
Supporting facts:
- AI is fast changing
- Should be constantly changing publication and policies to keep up with AI
Topics: Artificial Intelligence, Regulation
Whether a country or its citizens should pay ransomware depends on the value and impact of the data stolen
Supporting facts:
- If the data stolen are personal and essential, such as data in a smartphone without a backup, individuals might negotiate if the necessary payment was low
- If the stolen and encrypted data pose a national threat or could cause disruption of services, a country might also need to negotiate.
Topics: Ransomware, Data Security, Negotiation
Report
The analysis reveals that the healthcare sector, emerging technologies, and oil sectors are highly susceptible to high asset cyber attacks. The healthcare sector has become a prime target for ransomware attacks, disrupting surgeries and compromising patient data. Similarly, emerging technologies, such as IoT systems, are connected to wide networks, making them attractive targets for cyber attacks.
Additionally, systems holding sensitive or valuable information, including government entities, are frequently targeted. Countries with poor infrastructure face significant challenges in protecting their cyber space due to budgetary constraints and lack of resources. A global effort is needed to protect these countries from cyber threats.
Awareness training and capability building in cyber space are crucial in enhancing cybersecurity. Adequate budgetary allocations are necessary to combat cybercrime and protect institutions and citizens. Cybersecurity is now one of the top three priorities for any country, and countries need to invest more in cybersecurity.
Regulating artificial intelligence (AI) is complex due to its fast-changing nature. However, it is important to establish and adapt regulations to ensure ethical and safe use of AI. The decision to pay ransomware depends on the value and impact of the stolen data, and each country has the right to make decisions based on national interest.
In conclusion, this analysis highlights the vulnerability of various sectors and systems to high asset cyber attacks. The importance of global collaboration, awareness training, budgetary allocations, and investments in cybersecurity is emphasized. Adequate regulation of AI and thoughtful decision-making regarding ransomware are crucial in ensuring cybersecurity.
By addressing these issues, countries can protect their institutions, citizens, and national interests in the digital landscape.
RC
Ryan Chilcote
Speech speed
179 words per minute
Speech length
1383 words
Speech time
465 secs
Arguments
Rising costs of dealing with cybercrime globally and in specific countries
Supporting facts:
- The former president of Estonia expressed concerns about spiraling costs of governmental cybercrime combat
- The budget of Estonia for combating cybercrime has grown five-fold over the past five years
Topics: Budgeting, Cybercrime, Economic Impact
AI is being used by attackers to create sophisticated, zero-day attacks
Supporting facts:
- Zero-day attack is an attack with no fingerprint
- Attacker does not need to be a cybersecurity expert to use AI for attacks
- Every day new attacks using AI are being invented
Topics: AI, Cybersecurity, Zero-day attacks
AI regulation is not an easy job due to its fast-changing nature
Supporting facts:
- AI could be a powerful protection or a threat depending on its use
- AI regulation needs constant updates to keep up with technology
Topics: AI, Regulation, Technology
Need for nations to control the problem of cyber crimes
Supporting facts:
- Asks about what nations can do to control cyber crimes causing harm to people
Topics: Cyber Crime, National Security, Regulation
A concerted international effort is being made to refuse to pay ransoms during cyber-attacks
Supporting facts:
- 40 countries have agreed that they would not pay ransom during cyber-attacks
Topics: ransomware, cyber-attacks, international cooperation
Report
The discussions revolved around several key topics related to cybercrime and AI. Firstly, the rising costs of combating cybercrime were a cause for concern. The former president of Estonia expressed worries about the escalating expenses in fighting cybercrime globally and specifically in his country.
In Estonia, the budget for combating cybercrime has grown five-fold over the past five years. This highlights the financial strain that governments face in dealing with the ever-evolving nature of cyber threats. Another area of discussion focused on the use of AI by attackers to create sophisticated, zero-day attacks.
Zero-day attacks refer to attacks that have no prior fingerprint, making them difficult to detect and defend against. It was noted that attackers do not need to be cybersecurity experts to utilise AI in their attacks. New attacks using AI are being invented on a daily basis, posing a significant challenge to cybersecurity professionals and organisations.
To address the potential misuse of AI, there was a consensus that regulation is necessary. Notably, AI is considered an uncontrollable technology, and there are ongoing efforts by the UN and governments to find ethical ways to regulate it. The goal is to prevent malicious actors from harnessing AI for nefarious purposes, while still allowing for its beneficial applications.
However, regulating AI is not an easy task due to its fast-changing nature. AI technology evolves rapidly, and as a result, regulations need to be constantly updated to keep pace. There was expressed doubt about whether enough time exists to develop comprehensive AI regulations, as it took the European Union nine years to create GDPR regulations.
The need for international cooperation in addressing cybercrime was emphasised. It was highlighted that 40 countries have agreed not to pay ransom during cyber-attacks, showcasing a concerted effort to refuse ransom payments. This unity in refusing to pay ransoms aims to discourage cybercriminals and reduce their financial incentives.
One of the notable points of discussion was the practical implications and boundaries of banning ransom payments. Ryan Chilcote questioned whether a policy of banning ransom payments would also apply to individuals who are threatened with the release of sensitive personal information.
This raised considerations about striking a balance between protecting individuals and preventing further harm caused by ransomware. In conclusion, the discussions brought attention to the challenges posed by cybercrime, the use of AI in sophisticated attacks, the need for regulation to prevent AI misuse, the difficulties in regulating a fast-changing technology, and the importance of international cooperation to counter cyber threats.
The rising costs of combating cybercrime were seen as a pressing concern, while the practical implications of banning ransom payments highlighted the complexities of finding effective solutions. The analysis shed light on the ongoing efforts to tackle cybercrime within the framework of peace, justice, and strong institutions.