Monday 17 January 2011

Governments need to plan for "cyber shocks", OECD warns

Governments must plan to withstand the growing threat of cyber warfare, the OECD warns in a new report.

U.S. soldiers on “virtual missions” (IMAGE – U.S. Army)

Governments and policymakers should have detailed plans in place to withstand and recover from a wide range of unwanted cyber events, both accidental and deliberate, according to a study on cyber security published by the Organisation for Economic Co-operation and Development (OECD).

However, very few single cyber-related events had the capacity to cause global catastrophe, said the report's authors, London School of Economics professor Peter Sommer and Ian Brown of the Oxford Internet Institute, cited by the Computer Weekly website on 17 January 2011.

The study found it was highly unlikely there would ever be "a pure cyber war fought solely in cyberspace" with equivalent effects to recent wars in Afghanistan, the Balkans or the Middle East.

But it said there were significant and growing risks of "localised misery and loss as a result of compromised computer and telecommunications services". Reliable internet and other computer facilities were essential in recovering from large-scale disasters, the report added.

Risk of "Combined Cyber Events"

The report took the view that very few single "cyber events" could cause a global shock. Possible examples included a successful attack on one of the technical protocols on which the Internet depends, or a large solar flare wiping out key communications components such as satellites.

But it added that a combination of events such as coordinated cyber attacks, or a cyber incident occurring during a disaster of another kind, should be a serious concern for policy makers.

"In that eventuality, 'perfect storm' conditions could exist," Reuters news agency on 17 January 2011 quoted Prof Sommer as saying.

Internet Hacking "Not Cyber War"

The OECD report described a true cyber war as "an event with the characteristics of conventional war but fought exclusively in cyberspace," Reuters added.

"We don't help ourselves using 'cyber war' to describe espionage or hacktivist blockading or defacing of websites, as recently seen in reaction to WikiLeaks, nor is it helpful to group trivially avoidable incidents like routine viruses and frauds with determined attempts to disrupt critical national infrastructure," Sommer said, as cited by Reuters.

His co-author Brown added: "We think a largely military approach to cyber security is a mistake… That said, cyber weaponry in all its forms will play a key role alongside more conventional and psychological attacks by nation states in future warfare."

UK, USA Guard against Online Attacks

The OECD report concluded that cyber weaponry would be "increasingly deployed and with increasing effect by ideological activists of all persuasions and interests."

But as The New York Times noted on 17 January 2011, the study also argued that "doomsayers have greatly exaggerated the power of belligerents to wreak havoc in cyberspace", and it was unlikely that their attacks "could create problems like those caused by a global pandemic or the recent financial crisis, let alone an actual shooting war".

The UK newspaper The Guardian said on 17 January 2011 that the report came at a time of "heightened awareness of online attacks", following hacking protests against companies caught up in the WikiLeaks controversy.

The United States was preparing for cyber conflict and had launched its own military cyber command. The UK in October 2010 had rated cyber attacks as one of the top external threats, promising to spend an extra 650 million pounds (one billion US dollars) on the issue, The Guardian recalled.

No comments:

Post a Comment