Worldwide Cyber Security Cooperation -By Mahmudul Hasan
The rapid evolution of information and communication technologies, and widespread services provided by the cyberspace bring up the cyber security issue at the front. Cyber Security is a growing concern for governments around the world. Cyber-attacks pose a direct threat to the security of the nations’ critical infrastructures and Information Technologies (IT) as a low-cost asymmetric warfare element. Most of these nations are aware of the vulnerability of the information technologies and the significance of protecting critical infrastructures. To counteract the threat of potentially disastrous cyber-attacks, nations’ policy makers are increasingly pondering on the use of deterrence strategies to supplement cyber defense. Nations create their own national policies and strategies which cover cyber security countermeasures including cyber defense and deterrence against cyber threats. But it is rather hard to cope with the threat by means of merely ‘national’ cyber defense policies and strategies, since the cyberspace spans worldwide and attack’s origin can even be overseas.
If the whole world is connected via internet, cyber attacks are never just a national threat. With the advent of advanced information technologies, crime now knows no jurisdictions or national boundaries. The very nature of the Internet allows for unprecedented collaboration and interaction among particular community of criminals. “In cyberspace there are no national boundaries, and attackers needn’t be a country or organization. They can be anyone with a computer, mouse and keyboard and the will to do harm.” said William Hagestad, a researcher in cyber security intelligence at Red Dragon Rising Publishing in the US, to UAE based the National. In February 2016, a spectacular bank hack that sucked $81 million from accounts at Bangladesh Bank via SWIFT. Unknown hackers used SWIFT credentials of Bangladesh Central Bank employees to send fraudulent money transfer requests to the Federal Reserve Bank of New York asking the bank to transfer millions of the Bangladesh Bank’s funds to bank accounts in the Philippines, Sri Lanka and other parts of Asia. Despite separate investigations carried out by Bangladesh, Philippines and US, the true identity and origin of those attacks are still undetected. Reportedly, almost eleven different cyber criminal groups including the Sony hack, which the US government attributed to North Korea, have been suspected to have connections with this central bank cyber hoist. Following the Bangladesh Bank cyber hoist SWIFT sent out an alert to its members indicating that a second bank in Asia had been targeted in a similar attack.
In the past, cybercrime was committed mainly by individuals or small groups. Today, we are seeing highly complex cybercriminal networks bring together individuals from across the globe in real time to commit crimes on an unprecedented scale. Criminal organizations are increasingly turning to the internet to facilitate their activities and maximize their profit in the shortest time. The crimes themselves are not necessarily new – such as theft, fraud, illegal gambling, sale of fake medicines etc. – but they are evolving in line with the opportunities presented online and therefore becoming more widespread and damaging. Consequently, cyber criminals are frequently holding the world to ransom. UK based the Daily Mail reports on 10 June 2014 that cyber attacks cost the global economy more than £238 billion a year – equal to more than 0.5 per cent of the world’s total gross domestic products. According to the Global Cost of Cybercrime report, cybercrimes are damaging the global economy almost as much as illegal drugs and piracy. On the other hand, Juniper research predicts that cybercrime will cost businesses over $2 Trillion by 2019. Cyber attacks, analogically, represent a threat to international peace and security as daunting and horrific as nuclear war So every government, business entity, organizations and individuals who are using electronic data processing have no way to escape the threat of cyber attacks. Even anyone with internet access, an email address or a social media account is a good target of cyber attack.
While cybercrime is generally understood to mean unlawful attacks and threats of attack against computers, networks, and the information stored therein, all illegal, harmful and hostile activity on the Internet, cyber terrorism meanwhile adds new dimension of threat in the cyberspace. Though cyber terrorism does not necessarily imply something different from cybercrime but it has a stronger meaning. Cyber terrorism usually describes acts on online that have similar characteristics to real-world terrorism attacks. As the statutory definition suggests, terrorism is usually intended to demoralize either a particular government or a civilian population – that distinguishes terrorism from warfare, which is not supposed to target civilians – in furtherance of political or social objectives. To understand what cyber terrorism can – and will – be, we must examine how terrorists can use computer technology to intimidate or coerce a civilian population and thereby undermine a society’s ability to sustain internal order. Using cyber attacks, terrorists can inflict much wider damage to a country than they could by resorting to physical violence. As a hypothetical example of cyber terrorism, the systems of a high-value target such as a nuclear plant may be taken over by criminals and held to ransom or by terrorists for destructive purposes. The Lipman Report (2010) states that “During 2009, a series of cyber attacks were launched against popular government Web sites in the United States and other countries, effectively shutting them down for several hours“and claims that “most disturbing is the possibility that this limited success may embolden future hackers to attack critical infrastructure, such as power generators or air-traffic control systems — with devastating consequences for the economy and security“. Most recently, Bangladesh based the Daily Star reports on August 28, 2013 that in August 2013 media companies including the New York Times, Twitter and the Huffington Post lost control of some of their websites after hackers supporting the Syrian government breached the Australian Internet company that manages many major site addresses. The Syrian Electronic Army, a hacker group that has previously attacked media organizations that it considers hostile to the regime of Syrian president Bashar al-Assad, claimed credit for the Twitter and Huffington Post hacks in a series of Twitter messages.
Cyberwarfare – as distinguished from cybercrime and cyberterrorism – has been defined as actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption. Cyberwarfare constitutes the conduct of military operations by virtual means. It consists of nation-states’ using cyberspace to achieve the same general ends they pursue through the use of conventional military force, i.e., to achieve certain advantages over a competing nation-state or to prevent a competing nation-state from achieving advantages over them. Some governments have made it an integral part of their overall military strategy, with some having invested heavily in cyber warfare capability. The Chinese Defense Ministry confirmed the existence of an online defense unit in May 2011. Composed of about thirty elite internet specialists, the so-called “Cyber Blue Team,” or “Blue Army,” is officially claimed to be engaged in cyber-defense operations. There are reports that the People’s Republic of China (“PRC”) is launching cyberattacks that are intended to cripple Taiwan’s infrastructure and “paralyze” the island’s government and economy. In May 2007 Estonia was subjected to a mass cyberattack in the wake of the removal of a Russian World War II war memorial from downtown Tallinn. During the Russia-Georgia War in August 2008, cyber attack caused the Parliament of Georgia and Georgian Ministry of Foreign Affairs websites to be replaced by images comparing Georgian president Mikheil Saakashvili to Adolf Hitler. Several other cyber warfare were reported between different state sponsored cyber armies and military cyber wings, most commonly, US, China, Russia, Israel, Iran, North Korea, South Korea, India, Pakistan etc.
Since cybercrime often transcends a nation’s borders in being committed, the measures to combat it must also be of an international nature. While threats arising out of cybercrime, cyber terrorism or cyber warfare are increasing rapidly with the advent of information technology, international law to deal the cybercrime has been slow to adapt. International Cybercrime Treaty (ICT) is the first international treaty seeking to address Internet and computer crime by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. As of September 2016, 49 states have ratified the convention, while a further six states had signed the convention but not ratified it. The Treaty is far-sweeping in the areas it attempts to address and touch upon. Given the myriad of issues arising from the Treaty, much controversy has sprung up over various points. The main failings of existing international treaties including ICT that touch on cyber law are that most do not carry enforcement provisions. Treatments of cybercrime or cyber warfare outside the orthodox international human rights law (IHRL) or international humanitarian law (IHL) framework are nearly non-existent. This underscores the tension between classifying cyber attacks as merely criminal, or as a matter of state survival calling for the same responses as conventional threats to national security and creates a vacuum for cyber crime to grow bigger. The best way to ensure a comprehensive regime for cyber attacks is through a new international accord dealing exclusively with cyber security and its status in international law. It is important for international community to form an appropriate legal regime for the various types of cyber attacks – whether it is humanitarian law (laws of war), human rights law or some novel combination of these and other treaty systems. Until such an accord becomes politically viable, it is critical to examine how existing treaty systems may extend to cover the novel facts presented by cyber attacks.
Before an international legal regime can be developed to deal with cyber attacks, the international community must accord political will to tackle this issue together. As cyberspace is not a customary arena over which sate may not exercise its national jurisdiction or state sovereignty, it poses a unique challenge and thus requires exceptional regulatory solutions. Some argued that cyberspace is international commons. To the extent cyberspace is international commons, it requires the common vision of international community to deal with the issue. By fostering international cooperation, nations can tackle the problem of the borderless nature of cybercrime by enabling pursuit beyond the borders of a single nation. In addition to each country taking individual measures and actions for their own cybersecurity, all stakeholders in the global cyberspace need to cooperate and assist with each other.
One of the most urgent needs for the international community is to establish an inclusive mechanism to regulate the cyberspace. Before thinking about cybersecurity, an institution has to define what is worthy to protect. The institution also will be in charge of building fundamentals for dynamic cyber defense, implementing relevant international cyber security treaties and laws, harmonizing among other treaty systems e.g. IHL, IHRL etc. states and other entities. There should be also a mechanism based on enhanced international cooperation in order to appropriately address the risks associated with the revolution in information and communication technology. There should be a mechanism to implement a risk-based approach, whereby risks are quickly and appropriately identified as they evolve and responded to dynamically in accordance with their characteristics. A major effort should be undertaken to increase the monitoring of critical network and to assess and furnish remedies to any vulnerabilities that are identified. Measures should be taken to help countries improve their cyberdefense programs through training and other necessary logistic support. Mechanism should be developed for comprehensive military cooperation including cyber security deterrence strategies.
As UN holds a significant and unique role over the international community, the organization can take action on a wide range of issues. Inclusive legal regime, institutional mechanism, multilateral agreements and international military deterrence can be considered and discussed under UN. Other international organizations such as NATO, European Union, Council of Europe, G-8, OECD etc. can play a lead role in furtherance of worldwide cyber security cooperation.