Gordon Campbell | Parliament TV | Parliament Today | News Video | Crime | Employers | Housing | Immigration | Legal | Local Govt. | Maori | Welfare | Unions | Youth | Search

 

Cyber security lessons from 2017

The US election hack, fake news, data theft: the cyber security lessons from 2017


File 20171219 4995 17al34.jpg?ixlib=rb 1.1

Cyber attacks have the potential to cause economic disruption, coerce changes in political behaviour and subvert systems of governance.
from www.shutterstock.com, CC BY-ND

Joe Burton, University of Waikato

Cyber security played a prominent role in international affairs in 2017, with impacts on peace and security.

Increased international collaboration and new laws that capture the complexity of communications technology could be among solutions to cyber security issues in 2018.


Read more: Artificial intelligence cyber attacks are coming – but what does that mean?


The US election hack and the end of cyber scepticism

The big story of the past year has been the subversion of the US election process and the ongoing controversies surrounding the Trump administration. The investigations into the scandal are unresolved, but it is important to recognise that the US election hack has dispelled any lingering scepticism about the impact of cyber attacks on national and international security.

From the self-confessed “mistake” Secretary Clinton made in setting up a private email server, to the hacking of the Democratic National Committee’s servers and the leaking of Democratic campaign chair John Podesta’s emails to WikiLeaks, the 2016 presidential election was in many ways defined by cyber security issues.

Many analysts had been debating the likelihood of a “digital Pearl Harbour”, an attack producing devastating economic disruption or physical effects. But they missed the more subtle and covert political scope of cyber attacks to coerce changes in political behaviour and subvert systems of governance. Enhancing the security and integrity of democratic systems and electoral processes will surely be on the agenda in 2018 in the Asia Pacific and elsewhere.

Anti-social media

The growing impact of social media and the connection with cyber security has been another big story in 2017. Social media was meant to be a great liberator, to democratise, and to bring new transparency to politics and societies. In 2017, it has become a platform for fake news, misinformation and propaganda.

Social media sites clearly played a role in displacing authoritarian governments during the Arab Spring uprisings. Few expected they would be used by authoritarian governments in an incredibly effective way to sow and exploit divisions in democratic countries. The debate we need to have in 2018 is how we can deter the manipulation of social media, prevent the spread of fake news and encourage the likes of Facebook and Twitter to monitor and police their own networks.

If we don’t trust what we see on these sites, they won’t be commercially successful, and they won’t serve as platforms to enhance international peace and security. Social media sites must not become co-opted or corrupted. Facebook should not be allowed to become Fakebook.

Holding data to ransom

The spread of the Wannacry virus was the third big cyber security story of 2017. Wannacry locked down computers and demanded a ransom (in bitcoin) for the electronic key that would release the data. The virus spread in a truly global attack to an estimated 300,000 computers in 150 countries. It led to losses in the region of four billion dollars - a small fraction of the global cyber crime market, which is projected to grow to $6 trillion by 2021. In the Asia Pacific region, cyber crime is growing by 45% each year.


Read more: Cyberspace aggression adds to North Korea’s threat to global security


Wannacry was an important event because it pointed not only to the growth in cyber crime but also the dangers inherent in the development and proliferation of offensive cyber security capabilities. The exploit to windows XP systems that was used to spread the virus had been stockpiled by the US National Security Agency (NSA). It ended up being released on the internet and then used to generate revenue.

A fundamental challenge in 2018 is to constrain the use of offensive cyber capabilities and to reign in the growth of the cyber-crime market through enhanced cooperation. This will be no small task, but there have been some positive developments.

According to US network security firm FireEye, the recent US-China agreement on commercial cyber espionage has led to an estimated 90% reduction in data breaches in the US emanating from China. Cyber cooperation is possible and can lead to bilateral and global goods.

Death of cyber norms?

The final big development, or rather lack of development, has been at the UN. The Government Group of Experts (GGE) process, established in 2004 to strengthen the security of global information and telecommunications systems, failed to reach a consensus on its latest report on the status of international laws and norms in cyberspace. The main problem has been that there is no definite agreement on the applicability of existing international law to cyber security. This includes issues such as when states might be held responsible for cyber attacks emanating from their territory, or their right to the use of countermeasures in cyber self-defence.

Some analysts have proclaimed this to be “the end of cyber norms”. This betrays a pessimism about UN level governance of the internet that is deeply steeped in overly state-centric views of security and a reluctance to cede any sovereignty to international organisations.

It is true that norms won’t be built from the top down. But the UN does and should have an important role to play in cyber security as we move into 2018, not least because of its universality and global reach.

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia recently launched the Tallinn Manual 2.0, which examines the applicability of international law to cyber attacks that fall below the use of force and occur outside of armed conflict.

These commendable efforts could move forward hand in hand with efforts to build consensus on new laws that more accurately capture the complexity of new information and communications technology. In February 2017, Brad Smith, the head of Microsoft, proposed a digital Geneva Convention that would outlaw cyber attacks on civilian infrastructure.

The ConversationIn all this we must recognise that cyber security is not a binary process. It is not about “ones and zeros”, but rather about a complex spectrum of activity that needs multi-level, multi-stakeholder responses that include international organisations. This is a cyber reality that we should all bear in mind when we try to find solutions to cyber security issues in 2018.

Joe Burton, Senior Lecturer, Institute for Security and Crime Science, University of Waikato

This article was originally published on The Conversation. Read the original article.

© Scoop Media

 
 
 
Parliament Headlines | Politics Headlines | Regional Headlines

Crowdsale And Crowdfunding Campaign: Help Create The Future Of Independent News

Two weeks to go! The Scoop 3.0 plan aims to create NZ’s first community-owned, distributed news and media intelligence ecosystem in 2019. We believe this ScoopPro media monetisation approach can be scaled and spread globally to support local and independent news efforts in regional New Zealand and around the world.

Scoop is an ecosystem, it would not exist without those who contribute to it, read it and rely on it for professional media purposes. Generous past support from this ecosystem has enabled us to come this far in developing our business model. Support our PledgeMe Campaign>>

 

14/11: Two Years’ Progress Since The Kaikoura Earthquake

Mayor John Leggett said it was a day for reflection, but also a time to recognise the work by many people to support progress towards recovery made across Marlborough since November 2016. More>>

ALSO:

Pike River: Mine Drift Re-Entry Plan To Proceed

“I’ve decided the Te Kāhui Whakamana Rua Tekau Mā Iwa - Pike River Recovery Agency, recommended course of action to enter the drift, using the existing access tunnel, is by far the safest option,” said Andrew Little. More>>

ALSO:

Appointments: New High Commissioner To Australia Announced

“Dame Annette King needs no introduction given her long running career as a parliamentarian where she has previously held a number senior Cabinet portfolios, including Justice, Police and Health. She also was Parliament’s longest serving female MP with 30 years’ service,” said Mr Peters. More>>

ALSO:

Two Years Since Kaikoura: Silvia Cartwright To Lead Inquiry Into EQC

“The inquiry will be the first of its kind under the Public Inquiries Act 2013 and will have all the powers of a Royal Commission, be independent of Government and make its report directly to the Governor-General. More>>

ALSO:

Gordon Campbell: On The Royal Commission Into Child Abuse

Obviously, it is good news that the coalition government has broadened the scope of its Royal Commission into the abuse of children, beyond its previous focus on children in state care. More>>

ALSO:

Cases Delayed: Court Staff Refuse To Handle Sentencing Papers

Dozens of court cases have reportedly been delayed, as court staff escalate industrial action at two Auckland courts by enforcing a ban on handling sentencing papers. More>>

ALSO:

Education: Primary Teachers Rolling Strikes

RNZ Report: More than 100,000 primary school students in Auckland will be home from school today as teachers and principals walk off the job for the second time this year. It's the start of a week of rolling one-day strikes around the country, after the collapse of contract negotiations last Thursday. More>>

ALSO:

"Process Was Sound": Inquiry Into Haumaha Appointment Released

The Inquiry’s purpose was to examine, identify, and report on the adequacy of the process that led to the appointment. It found the process was sound and no available relevant information was omitted. More>>

ALSO:

 
 
 
 
 

LATEST HEADLINES

  • PARLIAMENT
  • POLITICS
  • REGIONAL
 
 

InfoPages News Channels