The risk of cyber attacks is massively overstated, because very few attacks are capable of causing global meltdown, an OECD report claims.
Headline-grabbing events including malware, distributed denial of service attacks, criminal activities and espionage can, at best, cause only local disruption, and it would take a concentrated attack on the technology protocols underpinning the internet to cause a catastrophic meltdown in global communications, the report states.
While the report does not rule out the possibility of a prolonged cyber attack being successful, it notes that several factors would need to come together to achieve that.
Attackers would need to use methods that online security firms are unaware of, and conduct thorough research of targets in order to be successful. They would also need to develop new ways to conceal the means of carrying out the attack and the people behind it, and constantly update their methods as security firms learn to deal with the new threat.
The OECD claims most attacks are hyped up due to lack of agreement on the terminology covering cyber security, with “exaggerated language,” resulting in a catch-all approach to attacks.
“Rolling all these activities into a single statistic leads to grossly misleading conclusions,” the reports states.