Hackers are getting more sophisticated as they use the internet to spread malware and exploit vulnerabilities, according to a new study by security firm Kaspersky Lab.
A survey of 1,300 security experts revealed that more than 80% said they would hire a cybersecurity professional to conduct research into a problem or exploit a vulnerability in a product, but only around a third of respondents said they were willing to do so.
The survey was carried out by Kasperski Lab’s Global Security Research Center in partnership with the Institute of Advanced Strategic and Cybernetics (IASCC) at the University of Cambridge.
It surveyed security experts across different industries and across different continents, as well as people with cybersecurity backgrounds.
It also asked respondents to rate the importance of cybersecurity in their work, as compared with other areas.
The study found that nearly 90% of respondents felt that they needed a cybersecurity expert in their organisation to protect their information and their reputation, and a further 21% felt that a cybersecurity-related role was very important.
However, the most common cybersecurity expertise respondents mentioned was the ability to conduct security research.
More than half (53%) of respondents indicated that they could hire a cybercriminal to conduct penetration testing and reverse engineering of software systems.
The remaining 18% listed security researchers as an area of expertise that they felt they could easily find.
The results of the survey revealed that cybercriminals were often looking for opportunities to exploit vulnerabilities in systems or applications, or exploit vulnerabilities on their own, rather than using research to find flaws or exploit weaknesses.
Kaspersky Labs’ research revealed that a cyber criminal can make as much as $150,000 per year from cybercrimes.
Cybercriminal networks are also more adept at using social engineering and other techniques to get people to give up their personal information.
Klaus Schmidt, Kasperskic’s chief executive officer, said the survey data is a valuable insight into the cybersecurity landscape.
“In a world where information security has become an increasingly important focus, cybercrimbs are looking for the opportunity to exploit vulnerability or to find weaknesses in systems to gain advantage over their competitors,” he said.
“It’s a very attractive market and it’s not just the cybercriminal community who are interested in finding these opportunities, it’s also the large companies and governments.
The survey data also shows that many of the security experts surveyed feel that they can learn a lot from cybercrimbers.”
The survey also revealed that there is an increasing amount of cybersecurity knowledge and expertise across different disciplines.
Forty per cent of respondents reported having cyber skills in their fields, and 38 per cent reported being an information security expert.
The remainder reported having an engineering degree.
The security sector is also seen to be one of the most popular areas of study for cybersecurity professionals.
The most popular research areas for cybersecurity experts were computer science, mathematics and statistics, computer network and communication systems, and information systems.
Kosovo’s Cybersecurity and Information Security Academy has the highest average age of cybersecurity graduates in the world, according the Kaspersko Institute.
The institute noted that the number of cybercrimms in Kosovo has risen since the start of the crisis in 2011.
The country is also home to several cybercrime hotspots, including cybercrimbias targeting healthcare providers, financial institutions, and private businesses.
Kossuth said it is important to remember that cybercrime and cybercrime prevention do not have to be mutually exclusive.
“We need to continue to work together, both as a nation and a community, to identify, prevent and respond to the threats,” he added.
“The cyber security profession should also continue to be a leading pillar of the Kosovo national security and economic development.
We need to focus on education, training and training programmes and to also strengthen our research capabilities and our capabilities to develop new ways of attacking and defending against cybercrime.”