Cybercrime, largely driven by financial gain, is developing as a danger to the national security of many nations. On the plus side, as more victims of cybercrime share their experiences, these hazards are becoming more obvious. The 2021 Internet Crime Report by the Federal Bureau of Investigation (FBI) indicated that cybercrime, including bank fraud, malware, and romance scams, has cost the US economy $7 billion, double the losses in 2019. Due to the possibility of having their bank accounts depleted and private information taken, this problem impacts both people and corporations. However, cybercrime poses implications for national security as well as being a financial issue. State hacking groups and cybercriminals learn from each other, and governments have co-opted cybercriminal infrastructure and tools. There is evidence of states potentially acquiring tooling from the dark web (Handler & Rowley, 2022). In the case of Ghana, Cyber fraud operations caused the country to suffer direct financial losses totalling $4.32 million (GH49.5m) between January and June 2023. This figure according to Dr Albert Antwi-Boasiako, the Director-General of the Cyber Security Authority (CSA) only represents a portion of the cases reported to government organisations. This suggests the losses could be more than reported.
According to the United States Department of Justice (DOJ), cybercrime can be broken down into three different categories: crimes where the computer is the target, like gaining network access; crimes where the computer is used as a weapon, like launching a denial-of-service (DoS) attack; and crimes where the computer is used as an accessory to a crime, ie., storing illegally obtained data on a computer. Cybercrime is a form of criminal activity that targets computers or devices to generate profit, spread malware, or infect them with viruses. It can be done directly to damage or disable devices, or use computers or networks to spread illegal information. The primary effect of cybercrime is financial, with various types of profit-driven criminal activity including ransomware attacks, email and internet fraud, identity fraud, and attempts to steal financial accounts or payment card information (Brush, Rosencrance & Cobb, 2021).
The capacity of a government to safeguard its people, economy, and other institutions is known as national security. National security in the twenty-first century comprises various non-military responsibilities in addition to the apparent defence against military threats. Economic, political, energy, homeland, cybersecurity, human, and environmental security are some contemporary non-military levels of national security (Longley, 2021). Similarly, Evie (2022) argues that a government’s capacity to protect its population against military assaults was the original definition of national security. However, in today’s world, this term also includes non-military elements like cyber security, economic security, environmental security, food security, and security against terrorism and crime. National security is the protection of a country’s sovereignty, territory, and citizens from external and internal threats, including military aggression, terrorism, espionage, cyber-attacks, economic and energy security, critical infrastructure and resources. The scope of national security justifies the argument that cybercrime has national security implications hence, a threat to national security. National security has witnessed a huge expansion to include so many things, and Cybercrime has a substantial negative influence on national security. For instance, among other important effects, it compromises vital infrastructure, interferes with the provision of crucial services, steals sensitive data, and erodes public confidence in government agencies. Some of the key impacts of cybercrime on national security include:
Critical Infrastructure Vulnerability
Critical infrastructure, such as communication networks, power grids, and transportation systems, are vulnerable to cyberattacks that could seriously jeopardize national security and interrupt vital services. Cybercrime activities pose a serious security threat to a country by disrupting critical systems like military installations, which renders a country vulnerable in a space of time. Cybercriminals may attack vital infrastructure, such as communication networks, transportation networks, water supplies, and power grids, to impair or disable these services, thereby leading to significant disruptions in the economy and society. For instance, on October 28, 2019, Georgia got hit by a massive cyber-attack, which knocked out up to 15,000 state, private, and media websites as well as the national television station. Website home pages were replaced with an image of former Georgia President Mikheil Saakashvili and the caption ‘I’ll be back’. Court websites containing case materials and personal data were equally attacked (Gotev, 2020). When these occur it puts the state in danger because people could take advantage and perpetrate all manner of crimes, for instance, coup d’états. Also, intrusion like the hacking of Ghana government websites in the early part of 2015 is a typical example of how cybercrime threatens national security. To hack a government website has serious security implications.
Critical infrastructure systems, which rely on networked technologies and software, are vulnerable to cyber threats if not adequately protected. Cybercriminals can exploit these weaknesses to gain unauthorized access and control, leading to service disruptions and outages. Cyberattacks, such as DDoS attacks, can overwhelm networks, posing serious security risks. Sensitive data stored in these systems can also be compromised, posing security risks. Complex supply chains for equipment, software, and services can also be exploited by cybercriminals to introduce malicious software or compromise infrastructure components.
Disruptions to a country’s critical infrastructure can have a big effect on its capacity to fight off outside threats, respond to emergencies, and preserve social order.
Economic Damage
Cyber attacks can lead to significant financial losses for businesses, governments, and individuals, directly impacting a country’s economy and national security. It can involve theft of funds, fraudulent transactions, and ransomware attacks, causing financial losses for businesses, governments, and individuals. One repercussion of cybercrime that threatens national security is how it discourages investors from establishing businesses or investing in countries tagged as a hub for cybercrime activities. The negative image cybercrime hangs on a country goes a long way to affect the economy by way of preventing foreign investment as every business thrives in a conducive and hygienic business environment. Aside from discouraging investors, businesses will not be motivated to adopt technologies for innovation considering the huge threat of cybercrime (Abdul-Salam, 2023).When the economy suffers setbacks due to cybercrime in this case discouraging investors would increase unemployment among the population as these investments when made possible would employ citizens. Therefore, once this occurs a lot of people will miss out on getting employment, increase in unemployment among the population has been established as a major cause of social vices which in itself threatens national security. It is argued that most violent extremist groups target the unemployed section of the population to carry out their activities.
Cybercrime results in significant financial losses and disastrous consequences for businesses, including damaged brand identity, investor confidence, potential share price drops, and business collapse. This leads to job losses and exacerbates unemployment (Abdul-Salam, 2023). When unemployment exacerbates, social vices (such as armed robbery, illicit drug use, illicit sex, thuggery etc.) increase because people will find alternative means of livelihood be it legitimate or not thereby threatening national security.
The costs of cybersecurity measures, such as software, personnel, and training, can be substantial and add to the overall economic burden. Cyberattacks targeting critical infrastructure, such as power grids, transportation systems, and financial institutions, can disrupt essential services and have a direct impact on a country’s economic stability.
Political Instability
Cybercrime activities can lead to political instability by disrupting democratic processes, influencing public opinion, and targeting government institutions. Disruption can involve disinformation, hacking voter databases, or tampering with election results, causing public distrust and turmoil. Influence operations can manipulate public opinion, leading to social unrest and political polarization. Unauthorized access (intrusion) as a cybercrime activity seriously threatens national security. For instance, in 2016, the Electoral Commission of Ghana allegedly had its website hacked during the transmission of election results. This particular activity could plunge a country into chaos considering how electoral fraud has caused a lot of mayhem in Africa and beyond. To Dmitry Smilyanets, financially motivated actors pose significant threats to national security, including espionage, infrastructure attacks, government officials’ account takeovers, election meddling, and disinformation. Targeting government institutions can compromise national security and undermine public confidence in government protection. For instance, the Electricity Company of Ghana (ECG) in 2022 had their prepaid vending system hacked for weeks during which customers could not purchase prepaid. Such development can put a whole country in a blackout, and provide a fertile moment for criminals to perpetrate their criminal activities. It is reported that crimes are often perpetrated in the dark. An example can be made from how the recent power outages popularly known as “Dumsor” in the local Ghanaian parlance have resulted in a series of robbery attacks in parts of the country, businesses folding up and some running at loss at the point of laying off workers, especially cold store business, printing press, barbering shop etc. These developments pose a serious threat to national security because the persistent occurrence of such issues could threaten the stability of the country.
State-sponsored cybercrime can lead to economic espionage, strained international relations, and trade disputes, contributing to political tensions and instability. Cybercriminals can also blackmail or extort political figures or organizations with sensitive information, causing scandals and undermining public trust in political leadership. Cyber warfare, involving nation-state threats, can escalate tensions between countries and increase the risk of conflict, threatening international stability. Overall, cybercrime can undermine political stability by eroding trust in democratic institutions, creating social division, and escalating geopolitical tensions.
Compromise National Defence
Cybercrime can disrupt national defence systems and military networks, potentially exposing sensitive information and reducing a nation’s defence against external threats. The activities of state-sponsored cyber threat actors may include espionage against governments, organizations, and individuals; prepositioning on or disrupting critical systems; influencing and shaping public discourse; or building networks of compromised devices to enable further cyber-attacks. Cybercrime poses a significant threat to national security, by allowing organized crime and hostile nation-states to obtain illicit profits, threaten economic stability, and disrupt supply chains. Recent ransomware attacks against Colonial Pipeline and Kaseya have prompted the classification of ransomware as a national security matter. The Conti ransomware attacks against Costa Rica’s public and private sectors, leading to a state of emergency, further highlight the growing concern of cybercrime (Fuelwood, n.d) cited in (Handler & Rowley, 2022).
Cybercrime has the potential to harm national security in several ways, such as intelligence collection and espionage, military operations disruption, supply chain breaches, weapon system vulnerabilities, cyber warfare, and hybrid threats. Cybercriminals can steal defence and military secrets, compromising strategic advantage and military might. By attacking military networks, command and control systems, and communication infrastructure, they can interfere with military operations and make it more difficult to organise, coordinate, and carry out missions successfully. Cybercriminals can interfere with critical infrastructure weaknesses, such as power grids, transportation systems, and communication networks, making it more difficult for the military to function and respond to attacks. Malicious actors can take advantage of weapon systems vulnerabilities, such as those in drones, missiles, and military vehicles, to undermine their control, accuracy, or operation.
Intellectual Property Theft
Cybercrime can lead to the theft of valuable intellectual property and sensitive information, posing significant threats to a country’s economic competitiveness and national security. For instance, Edward Snowden, a former worker of the Central Intelligence Agency (CIA) and the National Security Agency (NSA) leaked classified information from an NSA facility in Hawaii to The Guardian and The Washington Post in 2013, revealing the NSA’s extensive surveillance programs, including the collection of phone records and internet communications of millions of people worldwide. Snowden while in exile under asylum in Russia was charged by the US government with espionage and theft of government property. Snowden’s actions sparked a global debate on surveillance, privacy, and government transparency, with some viewing him as a hero and whistleblower, whilst others viewed him as a traitor whose action threatened national security.
Cybercriminals can use various methods to steal sensitive information, such as hacking, phishing, malware, insider threats, and supply chain attacks. Hacking involves gaining access to a computer system of businesses and organizations, while phishing involves tricking employees into providing sensitive information or downloading malware. Malware, such as keyloggers, spyware, and ransomware, can also be used to steal sensitive information, which can be sold on the dark web or used to extort businesses. Insider threats involve employees having access to sensitive information, which could be stolen for personal gain or to sell to competitors. Supply chain attacks involve cybercriminals targeting businesses’ supply chains to gain access to sensitive information and IP. The theft of IP can lead to lost revenue, decreased competitiveness, and reduced innovation, making protecting against IP theft a critical priority for businesses and governments.
Threatens Public Safety
Due to its capacity to compromise public safety communications and threaten vital emergency response systems, cybercrime has the potential to seriously impair public safety. Cybercrime has been a significant threat to national security information for over 40 years, with the rise of profitable transnational cybercriminal networks increasing the risk. These networks have conducted and enabled disruptive cyber incidents, impacting critical infrastructure and essential services. They may act as proxies for malicious foreign government activities or deny plausible deniability to foreign government security services for their malicious cyber activities (Noyes, 2022) cited in (Handler & Rowley, 2022). Cybercrime has a substantial influence on public safety in several ways.
Public safety is in danger when cybercriminals interfere with vital services including transportation networks, emergency response systems, water treatment plants, and electricity grids. For example, a cyberattack on the electricity infrastructure can result in widespread blackouts, endangering communication, transportation, and medical services.
Cyberattacks against medical facilities have the potential to influence patient care, treatment delivery, emergency response, and public safety by causing data breaches, interruptions in medical services, and compromised confidentiality. Cyberattacks on emergency response teams, law enforcement agencies, and public safety groups can undermine dispatch systems, interfere with communication networks, and make it more difficult to respond to and handle incidents effectively.
Also, sensitive data at research facilities, pharmaceutical firms, and public health organisations can be compromised by cybercrime, impeding efforts to manage illness, produce vaccines, and respond to emergencies. Cybercriminals can use digital channels to disseminate hoaxes, phoney alarms, and misleading information, frightening the public and raising security worries. This may cause needless alerts and distract resources away from actual crises. Cybercrime may also directly lead to hazards to personal safety, such as identity theft, financial fraud, and cyberstalking.
Conclusion and Recommendations
Every aspect of society, including national security, is impacted by cybercrime. Government organisations are targeted by cybercriminals for monetary gain, cyberwarfare, or other reasons. By attacking vital infrastructure like hospitals, gas pipelines, and military networks, they put our countries’ security at risk and pose a threat. Cybercrime has evolved into a sophisticated, widespread, and ruthless crime targeting critical healthcare, IT, financial services, and energy infrastructure. Numerous nations have set up specialised cybersecurity organisations to tackle cybercrime; nevertheless, because cyber threats are always changing, continuous attention to detail and investment in cybersecurity are necessary to guarantee national security in the digital era.
A comprehensive approach is necessary to combat cybercrime, which has a considerable influence on national security. Investing in strong cybersecurity tools like intrusion detection systems, firewalls, and encryption can help governments fight this. By exchanging data, intelligence, and best practices for thwarting and countering cyberattacks, countries may coordinate more effectively. To prevent and punish cybercriminals, especially those responsible for data breaches and cyberattacks, robust laws against cybercrime should be developed and enforced. Tools and public awareness campaigns should be used to educate the public about the dangers of cybercrime and how to stay safe, also, by enhancing public-private sector cooperation by fostering cooperative cybersecurity projects, coordinating incident response, and exchanging threat intelligence. Funding for cutting-edge technology, educational initiatives, and scholarly research are all examples of how to invest in cybersecurity research and development to remain ahead of new threats. By taking these steps, governments can create a more secure and resilient digital environment and mitigate the impact of cybercrime on national security.
Conclusively, mitigating the threat of cybercrime to national security involves a comprehensive strategy that includes strengthening cybersecurity through investment in advanced technologies and regular system updates, fostering international cooperation via treaties and intelligence sharing, enforcing strict laws and regulations for data protection, and enhancing public awareness and education about online safety. Additionally, developing robust incident response plans ensures rapid recovery and operational continuity after cyber-attacks. By integrating these measures, nations can effectively protect themselves against the evolving challenges posed by cyber threats.
Author: Abdul-Salam Shaibu (Investigator, IT & Cybersecurity Professional)
BIBLIOGRAPHIES
Abdul-Salam, S. (2023). Cyber-Crime: The Ghanaian Perspective.
Baylon, C., Antwi-Boasiako, A., & GLOBAL COMMISSION ON INTERNET GOVERNANCE. (2017). INCREASING INTERNET CONNECTIVITY WHILE COMBATTING CYBERCRIME: GHANA AS A CASE STUDY. In Cyber Security in a Volatile World (pp. 77–92). Centre for International Governance Innovation. Retrieved on December 24, 2023 from http://www.jstor.org/stable/resrep05239.11
Brush, K., Rosencrance, L. & Cobb, M. (2021). Cybercrime. Retrieved on 17th September 2023 from https://www.techtarget.com/searchsecurity/definition/cybercrime
Brenner, S. W. (2007). “At Light Speed”: Attribution and Response to Cybercrime/Terrorism/Warfare. The Journal of Criminal Law and Criminology (1973-), 97(2), 379–475. Retrieved on December 24, 2023 from http://www.jstor.org/stable/40042831
Brenner, S. W., & Schwerha, J. J. (2007). Cybercrime Havens: Challenges and Solutions. Business Law Today, 17(2), 48–51. Retrieved on December 24, 2023 from http://www.jstor.org/stable/23296752
Di Camillo, F., & Miranda, V. (2011). Ambiguous Definitions in the Cyber Domain: Costs, Risks and the Way Forward. Istituto Affari Internazionali (IAI). Retrieved on December 24, 2023 from http://www.jstor.org/stable/resrep09690
Eoyang, M., Peters, A., Mehta, I., & Gaskew, B. (2018). To Catch a Hacker: Toward a comprehensive strategy to identify, pursue, and punish malicious cyber actors. Third Way. Retrieved on December 24, 2023 from http://www.jstor.org/stable/resrep20153
Evie, L. (2022). National Security: Policy & Importance. Retrieved on 17th September, 2022 from https://study.com/learn/lesson/national-security-policy-concept-role.html
Handler, S. & Rowley, L. (2022). The 5×5—Cybercrime and national security. Retrieved on 13 September 2023 from https://www.atlanticcouncil.org/commentary/the-5×5-cybercrime-and-national security/#:~:text=%E2%80%9CCybercrime%20impacts%20national%20security%20in,disrupting%20supply%20chains%20and%20leaving
https://techpoint.africa/2023/09/07/techpoint-digest-665
Holt, T. J. (2017). LIMITATIONS AND POSSIBILITIES OF ESTIMATING THE COSTS OF CYBERCRIME. In T. Saadawi & J. D. Colwell (Eds.), CYBER INFRASTRUCTURE PROTECTION VOLUME III (pp. 35–62). Strategic Studies Institute, US Army War College. Retrieved on December 24, 2023 from http://www.jstor.org/stable/resrep11978.6
Jeffray, C., & Feakin, T. (2015). Underground web: The cybercrime challenge. Australian Strategic Policy Institute. Retrieved on December 24, 2023 from http://www.jstor.org/stable/resrep04074
Longley, R. (2021). National Security Definition and Examples. Retrieved on 17th September 2023 from https://www.thoughtco.com/national-security-definition-and-examples-5197450
Norton, S. (2019). CYBERCRIME. In Australia—China law enforcement cooperation (pp. 17–18). Australian Strategic Policy Institute. Retrieved on December 24, 2023 from http://www.jstor.org/stable/resrep23112.8
Peters, A., & Jordan, A. (2019). Countering the Cyber Enforcement Gap: Strengthening Global Capacity on Cybercrime. Third Way. Retrieved on December 24, 2023 from http://www.jstor.org/stable/resrep20150
Peters, A., & Hindocha, A. (2020). US Global Cybercrime Cooperation: A Brief Explainer. Third Way. Retrieved on December 24, 2023 from http://www.jstor.org/stable/resrep25041
Preciado, M. (2012). If You Wish Cyber Peace, Prepare for Cyber War: The Need for the Federal Government to Protect Critical Infrastructure From Cyber Warfare. Journal of Law & Cyber Warfare, 1(1), 99–154. Retrieved on December 24, 2023 from http://www.jstor.org/stable/26441234
Robinson, N. (2014). EU cyber-defence: a work in progress. European Union Institute for Security Studies (EUISS). Retrieved on December 24, 2023 from http://www.jstor.org/stable/resrep06816
Sherman, J. (2021). Digital Authoritarianism and Implications for US National Security. The Cyber Defense Review, 6(1), 107–118. Retrieved on December 24, 2023 from https://www.jstor.org/stable/26994115
Zabeu, S. (2021). Cybercrime threatens national security.Retrieved on 13 September 2023 from https://network-king.net/cyber-crime-threatens-national-security/