Cyber security: What will consumers pay for?

More connected lives, more cyber risks

The extent to which people live their lives online today can be summed up in LocaliQ’s internet minute statistics. Nine million searches happen on Google every minute. Facebook is the world’s third most visited website with three billion monthly active users spending 38 minutes per day on the site and clicking on an average of 12 ads per month. 251 million apps are downloaded per day and more than six million people are shopping online every minute with $4,722 spent every second on Amazon.

STL Partners highlighted the growing dominance of Wi-Fi in the home in Consumer Wi-Fi: Faster, smarter and near-impossible to replace, and the operator strategies to improve Wi-Fi experience with smart Wi-Fi apps and partnerships with value add players such as Plume. Connectivity in the home has become even more important since the COVID-19 pandemic as customers took on entertainment subscriptions (TV and gaming) and added smart TVs, cameras, doorbells, lights, and speakers (with voice assistants) to their home. According to Plume, smartphones (including “guest” phones) are the most prevalent devices in the home with an average of six per household. This is followed by computers (2.6 per household), tablets (1.3), smart TVs (1.1) and set-top boxes (1).

The graphic below highlights the growth in smart home IoT devices between the first half of 2021 and 2022 with 55% more cameras, 43% more doorbells, and 25% more smart bulbs as customers invest in making their homes more comfortable and secure. The average number of connected devices across Plume’s customer base of 41 million homes has grown to 17.1 in the first half of 2022 up from 15.5 in the first half of 2021. This figure is likely higher than the average household, as those with more devices are more likely to want a premium smart home Wi-Fi management set-up but is still indicative of growth trends.

Growth in devices between H1 2021 and H1 2022

plume-smart-home-device-in-home

Source: Plume smarthome market report – August 2022

With 40% of EU workers switching to working from home during COVID-19, the take up of digital technology has had a permanent effect on every-day life. IoT devices and digital technologies are projected to increasingly embed themselves in various aspects of our daily lives in coming years. Estimates on the number of connected devices by 2025 have ranged from 25 billion (GSMA) to 42 billion (IDC). The increasing volume and wide range of connected devices of varying hardware and software standards increases the attack surface for malicious actors who can inflict significant emotional and financial damage on consumers, their families and their employers.complex cybersecurity threat landscape

Enter your details below to download an extract of the report

A complex cybersecurity threat landscape

Cybersecurity Ventures – a leading researcher on the global cyber economy and publisher of Cybercrime Magazine – estimates that organisations suffered a ransomware attack every 11 seconds in 2021. It has also forecast that attacks on a consumer or business will happen every two seconds by 2031. It is believed the majority of cybercrimes go underreported by victims due to embarrassment, potential reputational harm and a perception that legal authorities cannot help. Even in a gaming community, a micro payment of less than $1 for a prize or item that doesn’t appear could go unreported due to the low cost of the transaction, but can be very lucrative for cybercriminals should enough games fall victim to the trick.

Cybersecurity Ventures forecasts this rise global cybercrime to inflict damages of $10.5 trillion annually by 2025. The cybersecurity specialists highlight that, if measured as a country, cybercrime would have the third largest GDP after USA and China.

The European Union Agency for Cybersecurity, ENISA, reports on the current cyber threats facing European consumers and businesses. In its latest 2022 threat landscape report (covering July 2021 to June 2022) it identified eight prime threats shown in the graphic below. These include:

  • Ransomware where bad actors take control of an organisation’s or individual’s assets and demand ransom in exchange for return of the assets and confidentiality of the information. The attack could involve locking out the user, encrypting, deleting or stealing the data. The most common attack vectors are phishingemails and brute-forcing on Remote Desktop Protocol (RDP). Cybersecurity Ventures estimates ransomware will cost victims $265bn annually by 2031.
  • Malware is commonly defined as “software, firmware or code intended to perform a malicious unauthorised process that will have an adverse impact on the confidentiality, integrity, or availability of a system”. Malware comes in the form of virus, worm, trojan, or software code that can negatively impact a host computer or mobile device. Spyware and adwareare considered subsets in this category. This malware could allow actors to take remote control of a system, denial skimmers, or steal information or enable botnets to carry out nefarious attacks such as distributed denial of service (DDoS). According to ENISA, malware attacks are on the rise in 2022 after a decline in the previous reporting period (2020 and 2021). The decline had been linked to increased working from home during the pandemic. While the rise could be attributed to workers returning to the office, ENISA also point out that there has been simply more malware.

One of the most known malware threats is Pegasus malware a WhatsApp exploit which can affect both iPhone and Android phones and can be used to access messages, photos and emails, record calls and activate the microphone.

  • Most mobile malware comes from malicious applications downloaded and installed by users. In 2021 fake adblockers or adware were common for Android. These adblocking apps can look for extensive permissions when being installed from downloads on third-party app stores and online forums.

ENISA reported a rise in malware from crypto-jacking (the unauthorised use of devices to mine for cryptocurrency – further described below) and IoT malware. In the first six months of 2022, the malware attack volume on IoT was higher than had been recorded over the previous four years with Mirai botnets responsible for most (seven million) attacks. ENISA reported in 2021 and 2022 the most common IoT targets were networking devices such as Netgear (DGN), D-Link339 (HNAP), and Dasan (GPON).

  • In 2021 Flubot (a banking Trojan delivered via fake SMS messages claiming to be from banks or government organisations) was a prevalent form of phone malware, and) lured many Android phone customers into downloading nefarious applications.

ENISA Threat Landscape 2022 – prime threats

ENISA-Threat-landscape-2022

Source: ENISA Threat Landscape report 2022

  • Social engineering attacks target weaknesses in human behaviour, where false actors exploit an individual’s trust in communication and in their online habits. These attacks consistently rank high according to ENISA. The most common threat vectors for social engineering attacks include phishing, spear-phishing (targeting specific individuals/businesses), whaling(attacking individuals in high positions such as executives and politicians), smishing (a combination of SMS and phishing), vishing (a combination of phishing on a voice call where sensitive information is given over the phone), business e-mail compromise (BEC) and spam. ENISA reported phishing was the most common vector for initial access in 2022. This rise was attributed to more advanced and sophisticated phishing practices, fatigue among users as well as more targeted and context-based phishing practices.
    • E-mail may be used by bad actors to carry out man-in-the-middle-attacks effectively using software to eavesdrop on users by using an innocent link to accessing e-mail and intercept messages between two people in order to steal data. A man-in-the-middle-attack could also take place over an unsecured Wi-Fi network where the attacker intercepts data transmitted from a user’s device over the network.
  • Threats against data refer to data breaches or leaks of sensitive, confidential, or protected information to bad actors / hackers and occur due to cyberattack, insider job, unintentional loss, or exposure of data. This includes data theft or identity theft where personal identifiable information (PII) is stolen and used to impersonate an individual. It also usually results in hack attempts on personal online accounts as well as spam e-mail, spam calls and SMS. Customers can check if their personal data has been exposed on the dark web due to a breach using the free online service Have I Been Pwned. Similar resources are also offered by consumer cyber safety players.
  • Threats against availability occur when users of a system or service cannot access the relevant datafrom that service or system. This is often commonly achieved through Distributed denial-of-service DdoS attacks which prevent users from accessing a website or system by overloading the website or network with requests resulting in decreased service performance, loss of data and outages. The attack has been in use for over 20 years now with many criminals using it to extort ransoms on organisations. It is also increasingly being used as part of a state-sponsored attack. ENISA highlighted that traditional DdoS attacks are increasingly moving towards mobile networks and IoT where such (IoT) devices have limited resources and poor security protection. Threats against the availability of the internet was cited in the context of the Russian invasion of Ukraine where access to the internet and websites have been curtailed in certain captured cities where internet infrastructure has been captured leading to re-routing internet traffic over Russian networks, censoring of (western) websites and shutting down of Ukrainian mobile networks.
  • Disinformation – includes creation and sharing of false information, usually by social media. In recent years there are number of websites and digital platforms that present false or erroneous information for their particular agenda and these sites are generally spurred through sharing of information through social media channels. ENISA pointed to the war between Russia and Ukraine as one example of current disinformation to target people’s perception of the status of the war. Wrong and purposely falsified information can often be mistakenly shared. This is where the definitions of misinformation and disinformation come in. Misinformation is the unintentional sharing or reporting of inaccurate information in good faith. Disinformation is an intentional attack where false or misleading information is intentionally created and shared.
  • Supply-chain attacks refers to the targeting of individuals, groups of individuals or organisations hardware and software resources including cloud storage, web applications, online stores and management software. The supply chain attack is usually a combination of at least two attacks; the first on the supplier to access their assets and from there access the suppliers’ own network of customers and suppliers. The most recent high-profile attack was Solar Winds in 2020.
    • Cryptojacking or hidden crypto-mining occurs when a hacker secretly uses a victim’s computing power to generate cryptocurrency after the victim mistakenly and unwittingly downloads malicious software. Cryptocurrency is popular due to its ability to offer anonymity and its use as payment in ransomware attacks. Crypto-crime – i.e. crimes involving cryptocurrencies – is predicted to cost the global economy $30bn in 2025 according to Cybersecurity Ventures, while Chainalysis estimated crypto-scams (i.e. rug pulls on fake crypto projects) generated revenue of more than $7.7bn in 2021 and is one of the largest types of cryptocurrency-based scams.

Attacks affecting customers identity, privacy, financial and emotional wellbeing

Threats such as ransomware, malware, phishing, man-in-the-middle and social engineering have given rise to fears of identity theft and financial losses as a result of hacked bank accounts, e-mail, and social media accounts. In the US for example, the Identity Theft Resource Center (ITRC) reported a sharp rise (1,000% in a year) in social media account take overs with criminals using stolen information not only to take over existing bank accounts but to set up new bank and credit accounts using information stolen in data breaches and phishing attacks. In a snap survey of 97 people who contacted the IRTC over a social media account take over, 66% reported strong emotional reactions to losing access to their social media account.

Snap Survey of social media account takeover victims in 2021

ITRC-social-media-account-takeover-victims-2021

Source: Identity Theft Resource Centre

Table of Contents

  • Executive Summary
    • The threat landscape in an increasingly connected life
    • How to build successful cyber security services
    • A digital life security opportunity
  • More connected lives, more cyber risks
    • A complex cybersecurity threat landscape
    • Are consumers willing to pay for cybersecurity?
  • Operator cybersecurity propositions
    • Vodafone’s Secure Net
    • Telia Security package
    • Telefónica – Secure Connection
    • NOS Portugal
    • MEO Portugal
    • Safe Net
    • Deutsche Telekom
    • AT&T USA
    • Comcast
    • MTS Russia
    • SmarTone Hong Kong
    • A1 Austria
  • Conclusions

Related research

 

Enter your details below to download an extract of the report

The changing consumer landscape: Telco strategies for success

Winning in the evolving “in home” consumer market

COVID-19 is accelerating significant and lasting changes in consumer behaviours as the majority of the population is being implored to stay at home. As a result, most people now work remotely and stay connected with colleagues, friends, and family via video conferencing. Consumer broadband and telco core services are therefore in extremely high demand and, coupled with the higher burden on the network, consumers have high expectations and dependencies on quality connectivity.

Furthermore, we found that people of all ages (including non-digital natives) are becoming more technically aware. This means they may be willing to purchase more services beyond core connectivity from their broadband provider. At the same time, their expectations on performance are rising. Consumers have a better understanding of the products on offer and, for example, expect Wi-Fi to deliver quoted broadband speeds throughout the house and not just in proximity to the router.

As a result of this changing landscape, there are opportunities, but also challenges that operators must overcome to better address consumers, stay relevant in the market, and win “in the home”.

This report looks at the different strategies telcos can pursue to win “in the home” and address the changing demands of consumers. It draws on an interview programme with eight operators, as well as a survey of more than 1100+ consumers globally . As well as canvassing consumers’ high level views of telcos and their services, the survey explores consumer willingness to buy cybersecurity services from telcos in some depth.

Enter your details below to download an extract of the report

With increasing technical maturity comes an increasingly demanding market

Consumers are increasing in technical maturity

The consumer market as a whole is becoming much more digital. Over the past decade there has been a big shift towards online and self-service models for B2C services (e.g. ecommerce, online banking, automated chatbots, video streaming). This reflects the advent of the Coordination Age – connecting people to machines, information, and things – and the growing technical maturity of the consumer market.

COVID-19 has been a recent, but significant, driver in pushing consumers towards a more digital age, forcing the use of video conferencing and contactless interactions. Even people who are not considered digitally native are becoming increasingly tech savvy and tech capable customers.

Cisco forecasts that, between 2018 and 2023, the number of Internet users globally will increase from 51% to 66% . It has also forecast an increase in data volumes per capita per month from 1.5GB in 2017 to 9.7GB in 2022 . Depending on the roll out of 5G in different markets, this number may increase significantly as demand for mobile data increases to meet the potential increases in supply.

Furthermore, in our survey of 1,100+ consumers globally, 33% of respondents considered themselves avid users and 51% considered themselves moderate users of technology. Only 16% of the population felt they were light users, using technology only when essential for a limited number of use cases and needing significant support when purchasing and implementing new technology-based solutions.

Though this did not vary significantly by region or existing spend, it did vary (as would be expected) by age – 51% of respondents aged between 25 and 30 considered themselves avid users of technology, while only 18% of respondents over 50 said the same. Nevertheless, even within the 50+ segment, 55% considered themselves moderate users of technology.

Self-proclaimed technical maturity varies significantly by age

Source: STL Partners consumer survey analysis (n=1,131)

The growing technical maturity of consumers suggests a larger slice of the market will be ready and willing to adopt digital solutions from a telco, providing an opportunity for potential growth in the consumer market.

Consumers have higher expectations on telco services

Coupled with the increasing technical maturity comes an increase in consumer expectations. This makes the increasing technical maturity a double edged sword – more consumers will be ready to adopt more digital solutions but, with a better understanding of what’s on offer, they can also be more picky about what they receive and more demanding about performance levels that can be achieved.

An example of this is in home broadband. It is no longer sufficient to deliver quoted throughput speeds only within proximity to the router. A good Wi-Fi connection must now permeate throughout the house, so that high-quality video content and video calls can be streamed from any room without any drop in quality or connection. It must also be able to handle an increasing number of connected devices – Cisco forecasts an increase from a global average of 1.2 to 1.6 connections per person between 2018 and 2023 .

Consumers are also becoming increasingly impatient. In all walks of life, whether it be dating, technology or experiences, consumers want instant gratification. Additionally, with the faster network speeds of 4G+, fibre, and eventually 5G, consumers want (and are used to) continuous video feeds, seamless streaming, and near instant downloads – buffering should be a thing of the past.

One of our interviewees, a Northern European operator, commented: “Consumers are not willing to wait, they want everything here, now, immediately. Whether it is web browsing or video conferencing or video streaming, consumers are increasingly impatient”.

However, these demands extend beyond telco core services and connectivity. In the context of digital maturity, a Mediterranean operator noted “There is increasing demand for more specialized services…there is more of a demand on value-added, rather than core, services”.

This presents new challenges and opportunities for operators seeking growth “in the home”. Telcos need to find a way to address these changing demands to stay relevant and be successful in the consumer market.

Table of Contents

  • Executive summary
  • Introduction
  • Growing demand for core broadband and value-added services
    • COVID-19 is driving significant, and likely lasting, change
    • With increasing technical maturity comes an increasingly demanding market
  • Telcos need new ways to stay relevant in B2C
    • The consumer market is both diverse and difficult to segment
    • Should telcos be looking beyond the triple play?
  • How can telcos differentiate in the consumer market?
    • Differentiate through price
    • Differentiate through new products beyond connectivity
    • Differentiate through reliability of service
  • Conclusions and key recommendations
  • Appendices
    • Appendix 1: Consumer segments used in the survey
    • Appendix 2: Cybersecurity product bundles used in the conjoint analysis

Request STL research insights overview pack