Gordon Campbell | Parliament TV | Parliament Today | News Video | Crime | Employers | Housing | Immigration | Legal | Local Govt. | Maori | Welfare | Unions | Youth | Search

 

Cyber security lessons from 2017

The US election hack, fake news, data theft: the cyber security lessons from 2017


File 20171219 4995 17al34.jpg?ixlib=rb 1.1

Cyber attacks have the potential to cause economic disruption, coerce changes in political behaviour and subvert systems of governance.
from www.shutterstock.com, CC BY-ND

Joe Burton, University of Waikato

Cyber security played a prominent role in international affairs in 2017, with impacts on peace and security.

Increased international collaboration and new laws that capture the complexity of communications technology could be among solutions to cyber security issues in 2018.


Read more: Artificial intelligence cyber attacks are coming – but what does that mean?


The US election hack and the end of cyber scepticism

The big story of the past year has been the subversion of the US election process and the ongoing controversies surrounding the Trump administration. The investigations into the scandal are unresolved, but it is important to recognise that the US election hack has dispelled any lingering scepticism about the impact of cyber attacks on national and international security.

From the self-confessed “mistake” Secretary Clinton made in setting up a private email server, to the hacking of the Democratic National Committee’s servers and the leaking of Democratic campaign chair John Podesta’s emails to WikiLeaks, the 2016 presidential election was in many ways defined by cyber security issues.

Many analysts had been debating the likelihood of a “digital Pearl Harbour”, an attack producing devastating economic disruption or physical effects. But they missed the more subtle and covert political scope of cyber attacks to coerce changes in political behaviour and subvert systems of governance. Enhancing the security and integrity of democratic systems and electoral processes will surely be on the agenda in 2018 in the Asia Pacific and elsewhere.

Anti-social media

The growing impact of social media and the connection with cyber security has been another big story in 2017. Social media was meant to be a great liberator, to democratise, and to bring new transparency to politics and societies. In 2017, it has become a platform for fake news, misinformation and propaganda.

Social media sites clearly played a role in displacing authoritarian governments during the Arab Spring uprisings. Few expected they would be used by authoritarian governments in an incredibly effective way to sow and exploit divisions in democratic countries. The debate we need to have in 2018 is how we can deter the manipulation of social media, prevent the spread of fake news and encourage the likes of Facebook and Twitter to monitor and police their own networks.

If we don’t trust what we see on these sites, they won’t be commercially successful, and they won’t serve as platforms to enhance international peace and security. Social media sites must not become co-opted or corrupted. Facebook should not be allowed to become Fakebook.

Holding data to ransom

The spread of the Wannacry virus was the third big cyber security story of 2017. Wannacry locked down computers and demanded a ransom (in bitcoin) for the electronic key that would release the data. The virus spread in a truly global attack to an estimated 300,000 computers in 150 countries. It led to losses in the region of four billion dollars - a small fraction of the global cyber crime market, which is projected to grow to $6 trillion by 2021. In the Asia Pacific region, cyber crime is growing by 45% each year.


Read more: Cyberspace aggression adds to North Korea’s threat to global security


Wannacry was an important event because it pointed not only to the growth in cyber crime but also the dangers inherent in the development and proliferation of offensive cyber security capabilities. The exploit to windows XP systems that was used to spread the virus had been stockpiled by the US National Security Agency (NSA). It ended up being released on the internet and then used to generate revenue.

A fundamental challenge in 2018 is to constrain the use of offensive cyber capabilities and to reign in the growth of the cyber-crime market through enhanced cooperation. This will be no small task, but there have been some positive developments.

According to US network security firm FireEye, the recent US-China agreement on commercial cyber espionage has led to an estimated 90% reduction in data breaches in the US emanating from China. Cyber cooperation is possible and can lead to bilateral and global goods.

Death of cyber norms?

The final big development, or rather lack of development, has been at the UN. The Government Group of Experts (GGE) process, established in 2004 to strengthen the security of global information and telecommunications systems, failed to reach a consensus on its latest report on the status of international laws and norms in cyberspace. The main problem has been that there is no definite agreement on the applicability of existing international law to cyber security. This includes issues such as when states might be held responsible for cyber attacks emanating from their territory, or their right to the use of countermeasures in cyber self-defence.

Some analysts have proclaimed this to be “the end of cyber norms”. This betrays a pessimism about UN level governance of the internet that is deeply steeped in overly state-centric views of security and a reluctance to cede any sovereignty to international organisations.

It is true that norms won’t be built from the top down. But the UN does and should have an important role to play in cyber security as we move into 2018, not least because of its universality and global reach.

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia recently launched the Tallinn Manual 2.0, which examines the applicability of international law to cyber attacks that fall below the use of force and occur outside of armed conflict.

These commendable efforts could move forward hand in hand with efforts to build consensus on new laws that more accurately capture the complexity of new information and communications technology. In February 2017, Brad Smith, the head of Microsoft, proposed a digital Geneva Convention that would outlaw cyber attacks on civilian infrastructure.

The ConversationIn all this we must recognise that cyber security is not a binary process. It is not about “ones and zeros”, but rather about a complex spectrum of activity that needs multi-level, multi-stakeholder responses that include international organisations. This is a cyber reality that we should all bear in mind when we try to find solutions to cyber security issues in 2018.

Joe Burton, Senior Lecturer, Institute for Security and Crime Science, University of Waikato

This article was originally published on The Conversation. Read the original article.

© Scoop Media

 
 
 
Parliament Headlines | Politics Headlines | Regional Headlines

Marsden Pipeline Rupture: Report Calls For Supply Improvements, Backs Digger Blame

The report makes several recommendations on how the sector can better prevent, prepare for, respond to, and recover from an incident. In particular, we consider it essential that government and industry work together to put in place and regularly practise sector-wide response plans, to improve the response to any future incident.

Most significantly, we found that Auckland’s jet fuel supply is currently not sufficiently resilient, when assessed against the specific resilience standards we developed during our work, and from a public interest perspective. More>>

 

PM's Post-Cab: "A Way Forward"

At Monday's post-cabinet press conference, Prime Minister Jacinda Ardern announced a number of actions in response to the Labour Party's mishandling of sexual assault complaints. More>>

ALSO:

Gordon Campbell: On Allegations Of Left Wing Media Bias

“Left wing bias” accusations date back at least to the mid 1990s... The charge of left wing bias was ridiculous then, and is ridiculous now. More>>

Next Wave Of Reforms: Gun Registration And Licensing Changes Announced

“The Bill includes a register to track firearms and new offences and penalties that can be applied extraterritorially for illegal manufacture, trafficking, and for falsifying, removing, or altering markings – which are a new requirement under the Firearms Protocol.” More>>

ALSO:

Gordon Campbell: On Labour’s Mishandling Of The Alleged Sexual Assault

The focus of Labour’s alleged sexual assault scandal has now shifted from the party organisation to the Beehive... This is now a crisis of Beehive management and response, not something occurring at a distance within the party organisation. More>>

ALSO:

'History Rectified': Rua Kēnana To Be Pardoned

An official pardon for Tūhoe prophet and leader Rua Kēnana is one step closer after the Te Pire kia Unuhia te Hara kai Runga i a Rua Kēnana: Rua Kēnana Pardon Bill was read in Parliament for the first time today. More>>

ALSO:

Mental Health: Initial Mental Health And Wellbeing Commission Appointed

The Government has announced details of the initial Mental Health and Wellbeing Commission which will play a key role in driving better mental health in New Zealand. More>>

ALSO:

people outside the meeting house at WaitangiEducation: NZ History To Be Taught In All Schools

“We have listened carefully to the growing calls from New Zealanders to know more about our own history and identity. With this in mind it makes sense for the National Curriculum to make clear the expectation that our history is part of the local curriculum and marau ā kura in every school and kura,” Jacinda Ardern said. More>>

ALSO:

Sexual Assault Claims Mishandled: Labour Party President Resigns

Jacinda Ardern: “This morning I was provided some of the correspondence from complainants written to the party several months ago. It confirms that the allegations made were extremely serious, that the process caused complainants additional distress, and that ultimately, in my view, the party was never equipped to appropriately deal with the issue…" More>>

ALSO:

Budget Process: Wellbeing To Be Enshrined In Law

Legislation has been introduced in Parliament to ensure every Government considers the wellbeing of New Zealanders when creating future budgets. More>>

 
 
 
 
 

LATEST HEADLINES

  • PARLIAMENT
  • POLITICS
  • REGIONAL
 
 

InfoPages News Channels