At first glance, Marshal Webb might seem an unlikely public servant. Ten years ago, the American computer whizz was part of Lulz Security, a famous network of hackers. The group claimed responsibility for a number of attacks on private and public sector bodies, including a breach in 2011 of tech giant Sony, which stole the details of 100 million PlayStation users.
A decade on, Mr Webb is hitting government targets – the US Air Force, the Pentagon and, most recently, Dubai Police. His motivations, however, have changed for the better. Mr Webb now runs the US-based Path Network, a cybersecurity consultancy that specialises in finding flaws in an organisation's computer systems. He is now on the side of his former victims.
Mr Webb's hack on Dubai Police took place live on stage at this month's Gulf Information Security Expo and Conference (Gisec). The theme of this year's meeting was "Enabling Resilience in Digital Economies", a topic that could hardly be more relevant as a number of Mena countries continue to reap the rewards of digitisation in government services and the private sector. In some Gulf countries, citizens and residents are now able to access government services, apply for visas, access health records and pay fines not from official buildings, but from their smartphones.
Dubai Police registered 25,000 e-crimes last year
Government digitisation strategies have been around for years, but international leaders in the field enjoyed unexpected benefits during the pandemic, when access to physical spaces was limited. The logistical flexibility of modern, cyber-integrated healthcare systems has been a factor behind the world-leading vaccination campaigns of countries such as Israel, the UAE and the UK.
But new solutions bring new risks. The cost of security breaches can be staggering. The research group Cybersecurity Ventures predicts that crimes committed in cyberspace could cost the world about $6 trillion in 2021, a figure it suggests could grow by 15 per cent annually. And as digital currencies increasingly become a feature of modern life, criminals now have a dangerously anonymous means of extorting money.
Attacks can also endanger lives. In February, hackers gained access to the systems of a water treatment plant in Florida, temporarily altering the chemical content of water in the area.
And the personal costs of sensitive information being breached is a threat to all of us, not just governments and companies. Closer to home, Dubai Police registered 25,000 e-crimes last year, up by 11,000 compared to 2019.
Nonetheless, statistics as worrying as these must be put into context. Digitisation is still making our lives more efficient, easier and safer, and on balance brings more benefit than danger. Risk assessment, even before the rise of digitisation, has always been an integral part of government policymaking. Today, it is simply modernising, throwing up surprising quirks along the way, such as the once unlikely, but now vital contribution of hackers like Mr Webb.