22 November 2016

International Cyber Security Cooperation

NOV 13, 2016

he rapid development of digital technologies and wide range of services provided for activities in cyberspace raises the issue of cyber security as a serious concern for governments around the world. Cybercrimes pose a direct threat to the security of critical infrastructures and Information Technologies (IT) as a low-cost asymmetric warfare element.

Most countries are aware of the vulnerability of information technologies, abuse of public data provided on the internet and the great importance of shielding critical infrastructures. Nations adapt their own national strategies and policies to cope with the threat of potentially devastating cyberattacks. Policy makers in different countries are increasingly considering the use deterrence strategies to supplement national cyber defense. But it is rather hard to counteract the threat by means of merely ‘national’ cyber defense strategies and policies, given that cyberspace spans worldwide and attacks can be carried out from anywhere of the world.

The internet has changed the political landscape of the planet in an extremely profound way. If the whole world is connected via the internet, cyber attacks are never just a national threat. With the advent of advanced information and communication technologies, crime now knows no jurisdictional or national boundaries. The very nature of the internet allows for unprecedented collaboration and interaction among particular communities of criminals. In February 2016, a spectacular bank hack occurred that stole $81 million from accounts at the Bangladesh Bank via the SWIFT system. SWIFT credentials of Bangladesh Bank employees were used by unknown hackers to send fraudulent money transfer requests to the US Federal Reserve Bank in New York asking to transfer nearly $1 billion from Bangladesh Bank’s funds held there to bank accounts in the Philippines, Sri Lanka and other parts of Asia. Despite separate investigations carried out by Bangladesh, Philippines and US authorities, the true identity and origin of those attacks are still undetected. Reportedly, almost eleven different cyber criminal groups including the Sony hack, which the US government attributed to North Korea, have been suspected to have connections with this central bank cyber heist. Following the Bangladesh Bank cyber heist, SWIFT sent out an alert to its members indicating that a second bank in Asia had been targeted in a similar attack.

Though, in the past, cybercriminals were mainly individuals or small groups, today, heavily funded and highly organized cyber criminal groups are bringing together individuals from across the globe. As cybercrimes can be committed in real time from anyplace in the world in an unprecedented way, and they are hard to track, prosecute, and enforce penalties, therefore, criminals are increasingly turning to the internet to facilitate their activities and maximize their profit. Crimes committed in cyberspace are not necessarily new, such as theft, fraud etc. but they are rising in line with the opportunities presented by digital technologies. Consequently, cyber criminals are frequently holding the world to ransom. The Daily Mail (UK) reports (10 June 2014) that cyber attacks damage the global economy to the amount of more than £238 billion a year – almost equal to 0.5 per cent of the world’s total GDP. On the other hand, Juniper research (UK) predicts that cybercrime will cost businesses over $2 Trillion by 2019. Cyber attacks, by analogy, represent a threat to global peace and security as frightening and horrific as nuclear war. So every government, business entity, organizations and individuals who are using electronic data processing have no way to escape the threat of cyber attacks.

While cybercrime is generally understood to mean unlawful access and attempts to unlawful access to computers, networks, and the information stored therein - all illegal, harmful and hostile activity on the internet - cyberterrorism, meanwhile, adds a new dimension of threat in cyberspace. Though cyberterrorism does not necessarily imply something different from cybercrime, it has a stronger meaning. Cyberterrorism usually describes acts done online that have similar characteristics to real-world terrorism attacks. As the statutory definition suggests, terrorism is usually intended to demoralize either a society or a civilian population in furtherance of some political or social objectives. To understand what cyberterrorism can – and will – be, we must examine how terrorists can use information and communication technology to gain those objectives.

Using cyber attacks, terrorists can cause much wider damage to a country or region than they could by resorting to conventional physical violence. As a hypothetical example of cyberterrorism, a critical infrastructure such as a nuclear plant may be taken over by terrorists for destructive purposes. The Lipman Report (2010) states that “During 2009, a series of cyber attacks were launched against popular government Web sites in the United States and other countries, effectively shutting them down for several hours” and claims that “most disturbing is the possibility that this limited success may embolden future hackers to attack critical infrastructure, such as power generators or air-traffic control systems — with devastating consequences for the economy and security“. More recently, Bangladesh based the Daily Star (August 28, 2013) reports that in August 2013 media companies including the New York Times, Twitter and the Huffington Post lost control of some of their websites after a hacker group named Syrian Electronic Army supporting the Syrian government breached the Australian Internet company that manages many major site addresses.

Cyberwarfare - as distinguished from cybercrime and cyberterrorism – can be defined as actions by a nation-state to break into another nation's computers, networks and the information stored therein for the purposes of gaining some military objectives i.e., achieving certain advantages over a competing nation-state or preventing a competing nation-state from achieving advantages over them. Cyberwarfare generally constitutes the use of cyberspace by nation states to achieve the same general goals they pursue through the use of conventional military force. Some governments are increasingly making it an integral part of their overall military strategy, having invested heavily in cyber warfare capability. The Chinese Defense Ministry has confirmed the existence of a cyberwarfare unit officially claimed to be engaged in cyber-defense operations. There are reports published in Washington Times that the People’s Republic of China is frequently launching cyberattacks that are intended to disable Taiwan’s infrastructure and defeat the capacity of that island’s government and economy. In May 2007, Estonia faced mass cyberattack soon after removal of a Soviet World War II war memorial from downtown Tallinn. In August 2008, during the Russia-Georgia War cyberattacks caused the Parliament of Georgia and Georgian Ministry of Foreign Affairs websites to be replaced by images comparing Georgian president Mikheil Saakashvili to Adolf Hitler. Several other incidents of cyberwarfare are increasingly being reported between different state sponsored cyber defense groups and military cyber units, most commonly, US-China, US-Russia, Israel-Iran, North Korea-South Korea, India-Pakistan etc.

Since crimes in the cyberspace often transcend a nation’s boundaries in being committed, actions to cope with them must also be of an international nature. While threats arising out of cybercrime, cyberterrorism or cyberwarfareare increasing rapidly with the advent of information and communication technology, international law to deal with cybercrime has been slow to adapt. The International Cybercrime Treaty (ICT) is the first and only international treaty to date seeking to address internet and computer crime by harmonizing national laws, improving investigative techniques, focusing on regulatory initiatives and increasing cooperation among nations. Due to the heterogeneity of law enforcement and technical countermeasures of different countries, the Treaty is far ranging in the areas it attempts to address and touch upon. Given the myriad of issues arising from the Treaty, much controversy has sprung up over various points. It is silent about the most crucial issues rapidly evolving in cyberspace such as cyberterrorism or cyberwarfare. The main failings of existing international Treaty systems that touch on cyber law are that most do not carry enforcement provisions. Treatments of cybercrime or cyberwarfare outside the orthodox international human rights law (IHRL) or international humanitarian law (IHL) framework are almost absent. On the other hand, issues relating to cyberspace are multidimensional and too complex to fit easily under the mainstream IHRL and IHL framework. This renders the tension between classifying cyber attacks as merely criminal, or as matters of state survival resorting to the same rationales as conventional threats to national security and which then creates a vacuum for cybercrime to grow bigger.

As cyberspace is not a customary arena over which a Sate may exercise its national jurisdiction or State sovereignty and, thus, challenges arising out of it are unique, the situation therefore requires exceptional regulatory solutions. Some have argued that cyberspace is international commons - resource domains or areas that lie outside of the political reach of any one nation. To the extent cyberspace is international commons, it requires the common vision of the international community to deal with the issue. By fostering international cooperation, nations can tackle the problem of the borderless nature of cybercrime by enabling actions beyond the borders of a single nation. This will be a win-win situation for all countries coming forward to cooperate. It is important for the international community to establish a comprehensive regime for various types of cyber threats through a new international accord dealing exclusively with cyber security and its status in international law. Until such an accord becomes politically viable, it is important to examine how existing treaty systems may extend to handle the challenges presented by cyber threats. In addition to each country taking individual measures and actions for their own cyber security, all stakeholders in the global cyberspace need to cooperate and assist each other

One of the most urgent needs for the international community is to establish an inclusive mechanism to regulate cyberspace. The best way to ensure international cyber security is to form an appropriate legal regime for the various types of cyber threats e.g. cybercrime, cyberterrorism or cyberwarfare - whether it is humanitarian law (laws of war), human rights law or some novel combination of treaty systems. Before thinking about cyber security, an institution has to define what is worthy to protect. The institution will also be in charge of building fundamentals for dynamic cyber defense, implementing relevant international cyber security treaties and laws, functioning as catalyst for discussion among different disputant States and other entities, and harmonizing with other treaty systems. The institution will have a comprehensive jurisdiction to appropriately address the risks associated with the revolution in information and communication technology. There should be also a mechanism based on enhanced international cooperation to implement a risk-based approach, whereby risks are quickly and appropriately identified as they evolve and responded to dynamically in accordance with their characteristics. A major effort should be undertaken to increase the monitoring of critical networks, and to assess and furnish remedies for any vulnerabilities that are identified. Measures should be taken to help developing countries improve their cyber defense programs through training and other necessary logistic support. Mechanisms should be developed for comprehensive military cooperation including cyber security deterrence strategies.

As the United Nations (UN) has a significant and unique role in the international community, the organization can take action on a wide range of issues. An inclusive legal regime, institutional mechanisms, multilateral agreements and international military deterrence can be considered and discussed under the auspices of UN. Other international organizations, in particular, NATO, European Union, Council of Europe, G-8, OECD etc. can play a lead role in furtherance of international cyber security cooperation.

No comments: