Swedish authorities and companies are among the most digitised in the world, and this offer increased efficiency in the production of services and goods.
In the UN index for digitization, Sweden is on the 5th place globally. Sweden’s advanced position in digitalisation is based having a broad range of digital services combined with good IT expertise on a well-developed IT infrastructure.
Unfortunately, the various incidents over the last years, for example from the Swedish Transport Agency and the Health guide (Vårdguiden 1177), indicate a lack of competence in terms of requirements, follow-up and driving cybersecurity both among public and private actors.
At the same time, the number of attackers and their skills are increasing at a rapid rate, as can be seen in statistics from the Crime Prevention Council (Brottsförebygganderådet). The number of computer frauds have increased from 18,173 reported frauds in 2008 to 135,446 in 2018, and today computer fraud accounts for just over 50% of all reported fraud offenses. In parallel, the total number of prosecuted frauds have decreased from 1,463 in 2008 to only 578 in 2018. It is remarkable that one the one hand this type of crime can increase by 640% while the prosecution for them decreases by 40%.
The number of reported system intrusions is at a surprisingly low level with only 58 registered in 2018. At the same time as a report from Sentor 2017 showed that 4% of Swedes were affected by ransomware that encrypted their files and demanded ransom. It is likely, that only a few are report these crimes.
Unfortunately, many companies and authorities do not choose to report fraud or data breaches as most cases are closed due to lack of evidence. Globally, cybercrime turnover today is bigger than the drug trade, and it is both more profitable and less risk for the criminals. Organised cybercriminal groups can turn over $ 150 million per year for tens of years, and even boast about retiring.
In the future, a near-perfect storm awaits, where the amount of cybercriminals and their skills increase, while at the same time authorities, companies and socially important services become more vulnerable as we continue to blindly digitise our industry and infrastructure without a thought of security. Our systems are becoming increasingly complex, interconnected and vulnerable.
To cope with digitalisation, we must ensure security first and foremost. Government bodies and corporate executives most use risk-based methods to set the right demands on cybersecurity, these demands must followed-up and security measures must receive adequate funding. It is challenging to do this in today’s accelerating technology development, but we have no choice if we are going to be able to get the benefits of digitalisation. We risk life and health if society’s vulnerable and interconnected infrastructure continues to suffer.