Gordon Campbell | Parliament TV | Parliament Today | News Video | Crime | Employers | Housing | Immigration | Legal | Local Govt. | Maori | Welfare | Unions | Youth | Search

 

Cyber security lessons from 2017

The US election hack, fake news, data theft: the cyber security lessons from 2017


File 20171219 4995 17al34.jpg?ixlib=rb 1.1

Cyber attacks have the potential to cause economic disruption, coerce changes in political behaviour and subvert systems of governance.
from www.shutterstock.com, CC BY-ND

Joe Burton, University of Waikato

Cyber security played a prominent role in international affairs in 2017, with impacts on peace and security.

Increased international collaboration and new laws that capture the complexity of communications technology could be among solutions to cyber security issues in 2018.


Read more: Artificial intelligence cyber attacks are coming – but what does that mean?


The US election hack and the end of cyber scepticism



The big story of the past year has been the subversion of the US election process and the ongoing controversies surrounding the Trump administration. The investigations into the scandal are unresolved, but it is important to recognise that the US election hack has dispelled any lingering scepticism about the impact of cyber attacks on national and international security.

From the self-confessed “mistake” Secretary Clinton made in setting up a private email server, to the hacking of the Democratic National Committee’s servers and the leaking of Democratic campaign chair John Podesta’s emails to WikiLeaks, the 2016 presidential election was in many ways defined by cyber security issues.

Many analysts had been debating the likelihood of a “digital Pearl Harbour”, an attack producing devastating economic disruption or physical effects. But they missed the more subtle and covert political scope of cyber attacks to coerce changes in political behaviour and subvert systems of governance. Enhancing the security and integrity of democratic systems and electoral processes will surely be on the agenda in 2018 in the Asia Pacific and elsewhere.

Anti-social media

The growing impact of social media and the connection with cyber security has been another big story in 2017. Social media was meant to be a great liberator, to democratise, and to bring new transparency to politics and societies. In 2017, it has become a platform for fake news, misinformation and propaganda.

Social media sites clearly played a role in displacing authoritarian governments during the Arab Spring uprisings. Few expected they would be used by authoritarian governments in an incredibly effective way to sow and exploit divisions in democratic countries. The debate we need to have in 2018 is how we can deter the manipulation of social media, prevent the spread of fake news and encourage the likes of Facebook and Twitter to monitor and police their own networks.

If we don’t trust what we see on these sites, they won’t be commercially successful, and they won’t serve as platforms to enhance international peace and security. Social media sites must not become co-opted or corrupted. Facebook should not be allowed to become Fakebook.

Holding data to ransom

The spread of the Wannacry virus was the third big cyber security story of 2017. Wannacry locked down computers and demanded a ransom (in bitcoin) for the electronic key that would release the data. The virus spread in a truly global attack to an estimated 300,000 computers in 150 countries. It led to losses in the region of four billion dollars - a small fraction of the global cyber crime market, which is projected to grow to $6 trillion by 2021. In the Asia Pacific region, cyber crime is growing by 45% each year.


Read more: Cyberspace aggression adds to North Korea’s threat to global security


Wannacry was an important event because it pointed not only to the growth in cyber crime but also the dangers inherent in the development and proliferation of offensive cyber security capabilities. The exploit to windows XP systems that was used to spread the virus had been stockpiled by the US National Security Agency (NSA). It ended up being released on the internet and then used to generate revenue.

A fundamental challenge in 2018 is to constrain the use of offensive cyber capabilities and to reign in the growth of the cyber-crime market through enhanced cooperation. This will be no small task, but there have been some positive developments.

According to US network security firm FireEye, the recent US-China agreement on commercial cyber espionage has led to an estimated 90% reduction in data breaches in the US emanating from China. Cyber cooperation is possible and can lead to bilateral and global goods.

Death of cyber norms?

The final big development, or rather lack of development, has been at the UN. The Government Group of Experts (GGE) process, established in 2004 to strengthen the security of global information and telecommunications systems, failed to reach a consensus on its latest report on the status of international laws and norms in cyberspace. The main problem has been that there is no definite agreement on the applicability of existing international law to cyber security. This includes issues such as when states might be held responsible for cyber attacks emanating from their territory, or their right to the use of countermeasures in cyber self-defence.

Some analysts have proclaimed this to be “the end of cyber norms”. This betrays a pessimism about UN level governance of the internet that is deeply steeped in overly state-centric views of security and a reluctance to cede any sovereignty to international organisations.

It is true that norms won’t be built from the top down. But the UN does and should have an important role to play in cyber security as we move into 2018, not least because of its universality and global reach.

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia recently launched the Tallinn Manual 2.0, which examines the applicability of international law to cyber attacks that fall below the use of force and occur outside of armed conflict.

These commendable efforts could move forward hand in hand with efforts to build consensus on new laws that more accurately capture the complexity of new information and communications technology. In February 2017, Brad Smith, the head of Microsoft, proposed a digital Geneva Convention that would outlaw cyber attacks on civilian infrastructure.

The ConversationIn all this we must recognise that cyber security is not a binary process. It is not about “ones and zeros”, but rather about a complex spectrum of activity that needs multi-level, multi-stakeholder responses that include international organisations. This is a cyber reality that we should all bear in mind when we try to find solutions to cyber security issues in 2018.

Joe Burton, Senior Lecturer, Institute for Security and Crime Science, University of Waikato

This article was originally published on The Conversation. Read the original article.

© Scoop Media

 
 
 
Parliament Headlines | Politics Headlines | Regional Headlines

Joseph Cederwall: The End Of ‘Objectivity’ In Journalism

... and the dawn of something much better?
2019 looks like it might well be another really bad, terrible, not so good year for the traditional journalism model globally. Already in January three leading US digital outlets—BuzzFeed, the Huffington Post, and Vice announced layoffs that have left many accomplished journalists unemployed. Consolidation of journalism looks set to continue unabated as larger (sharky) media conglomerates swallow up smaller players globally. We also appear to be witnessing the death throes of the concept of ‘objective’ truth in journalism. However, perhaps that is not at all as bad as it sounds, and we are just finally waking up to the reality that it never really existed in the first place... More>>

 
 

Environment: Government To End Tenure Review

“Tenure review has resulted in parcels of land being added to the conservation estate, but it has also resulted in more intensive farming and subdivision on the 353,000 ha of land which has been freeholded. This contributed to major landscape change and loss of habitat for native plants and animals,” said Eugenie Sage. More>>

ALSO:

Bell Tolls: Big Changes, Grand Mergers Planned For Vocational Training

“At a time when we’re facing critical skill shortages, too many of our polytechnics and institutes of technology are going broke... More>>

ALSO:

Sallies' State Of The Nation: Progress Stalled In Reducing Inequality

The report shows a lack of tangible progress in key areas including record levels of household debt and a growing gap in educational achievement between poorer and more well off communities. More>>

ALSO:

Party Politics In Tax Morale Survey: SSC To Seek Answers From IRD

Minister of State Services Chris Hipkins has today asked the State Services Commissioner Peter Hughes to examine IRD’s reported inappropriate use of a public survey. More>>

ALSO:

Health: Prohibiting Smoking In Vehicles Carrying Children

Under the change, Police will be able to require people to stop smoking in their cars if children (under 18) are present. Police will also be able to use their discretion to give warnings, refer people to stop-smoking support services, or issue an infringement fee of $50... It is expected that this amendment will become law by the end of 2019. More>>

ALSO:

Waitangi Day: Nationwide Events Commemorate Treaty Signing

“From large-scale events attracting tens of thousands of people such as those at Hoani Waititi Marae in Auckland and the Porirua Waterfront, to smaller gatherings in areas as far flung as the Chatham Islands and to the significant commemorations at Waitangi, these events are an opportunity for us to reflect on the signing of the Treaty of Waitangi.” More>>

ALSO:

 
 
 
 
 

LATEST HEADLINES

  • PARLIAMENT
  • POLITICS
  • REGIONAL
 
 

InfoPages News Channels