At last count the Internet connects to over 170 counties and 1.7 billion users worldwide. The breadth and depth of the Internet demands diplomatic attention and coordination, particularly in the areas of cyber crime, cyber espionage, cyber terrorism and cyber warfare. The economic implications of these threats were clearly articulated by economists at the World Economic Forum at Davos, Switzerland. This is not the first time experts have raised this issue on the world stage.
The numerous warning of the magnitude of the threat of cyber aggression must be heeded. In February of this year in my presentation at the United Nations, I took the opportunity to call upon the United Nations to take a much more pragmatic and prominent role in protecting against the imminent threat of cyber attacks, cyber terrorism and cyber warfare. Without immediate action it is just a matter of time before the world experiences a substantive event — the threat of a massive cyber attack or war.
Acts of cyber aggression represent the top transnational threat of the 21st Century. To that end, president Obama has spoken of new initiatives designed to strengthen the nation’s digital defenses against cyber attacks. That being said, where are the efforts to bolster international cooperation to bring those behind these acts to justice?
Cyber security must be escalated to a top priority of the Obama administration. This must include bidirectional foreign policies needed to support cyber attack investigations. The responsibility for this would fall under the office of the Secretary of State. Sec. Clinton must take a leadership position in these efforts and accelerate an international dialog that leads to cooperative agreements.
FACT: There are currently over 170 countries directly connected to the Internet backbone.
FACT: There were over 60 trillion emails sent in 2008, about 70 percent of those spam.
FACT: There are approximately 140 million blogs on the Internet.
FACT: There are approximately 190 million web sites.
Now is the time to address the global cooperation needed to defend against, investigate and bring to justice those who commit acts of cyber aggressions not amid the throws of an international crisis.
{ 20 comments… read them below or add one }
1- Keep the freedom to possess security tools without certification or license.
2- Don’t rely on the government for professional certification standards.
If I were interviewing someone, I would personally completely disregard A+, Network+, Security+, CCNA, MSDE. Anything. They basically mean nothing in the real world of work ethic, being a team member, or even being good. I know how hard it can be to cram for an exam, but the sad, sad reality is certifications are an illusion.
This environment is changing too quickly to just reply on certification. You can fall out of date in a single day. Cyber Intelligence information distribution is critical with all countries contributing!
Why’s Clinton’s face heading this article? Don’t bait assholes for snarky comments, the world is unpleasant enough as it is…
Totally agreed on the necessity for increased cyber defense. Don’t expect a substantive cyber defense policy to have a large public profile or for someone like Clinton to champion it – why should she? Our program would be run by the Pentagon, so expect a Pentagon staffer to be the frontperson, or some ex-university professor.
Also… The economy is shredded, we’re still more or less fighting two wars, and much of the leftover efforts of the administration are focused on the healthcare issue. And conservatives seem to be mostly screaming about death panels these days, so expect even less interest from them on this. But I would love to be proved wrong!
Someone who knows more than me please expound – what are the likelihoods and holdups for the State Department taking up this issue? In what capacity are they dealing with cyberdefense now, if any?
Mang
Most cyber attacks are routed through intermediary countries. The state department needs to negotiate cooperation agreements to assist investigators in their efforts to determine who is behind the attack. Without international cooperation the investigation has to stop at the IP address of the computer in a foreign country that was used in the attack.
Yes I am crazy, but I say we tear down the internet and rebuild a better one without 90% of the crap on the internet. Of course we need the right people to organize the new internet.
At the rate the world is going, why the hell not?
Thanks Kevin, it makes more sense to me now.
What can I do to be part of CyberSecurity?
Strong PC skills (non programming,) Internet saavy,
Who can use my skills.
Need job eventually in Oahu HI as I plan to move there sometime.
Oahu HI.
Thanks.
SpyGuy, the point was that people make too big of a deal about certification and if the government puts their weight behind it, it will just be a false sense of security. And, the issue of security tools being freely available is something that I think we should talk about.
Stephen Russell,
Learn Japanese and become a spook. :)
i agree men!
Have u not read the news even people without certification also can hack!
Wat u think about it?
even teen can hack C.I.A computer.
It is not something can be prove by paper
I’m retired and I do not relish the federal Government giving the president the right to suspend free speech. The Internet has become the strongest method of communication. If they control the internet what part of free speech will be controlled next. If government wants to restrict government computerts then so be it but they need to stay away from personal computers unless they are being used to illegally access information whether it is government or financial
The thesis sentence seems to be: “Cyber security must be escalated to a top priority of the Obama administration.” I feel obliged to point out that nothing in the article supports that thesis.
The fact that there are 190 million web sites doesn’t do anything to prove that cyber security must be elevated to at top priority. Nor does the fact that 70% of emails are spam. Nor does the fact that there have been numerous warnings of impending cyber threats. Nor does anything else written in the article. You make an assertion that we must prioritize cyber security, but you don’t prove it.
You gotta offer some evidence, Kevin. You can’t just say that “acts of cyber aggression represent the top transnational threat of the 21st Century” and expect me to accept it as truth without any proof. You get a lot of negative comments on this site, Kevin, and one reason is that your articles often consist of one assertion after another with zero proof that any of them are true.
For the next article you write, try a new approach. Instead of making a bunch of speculative assertions that a cyber-terrorism disaster is right around the corner, try making just one plausible assertion. Then prove it. And don’t use random Google-factoids like “there are 140 million blogs on the internet” – use facts that matter. Assert a thesis in the form of: “Cyber-terrorist threat X can cripple America through mechanism Y”. Then present some fact to prove that Threat X exists. Then present facts to prove that Threat X is capable of doing Mechanism Y. Then present facts to prove that Threat Y could, at least in theory, cripple America. Keep in mind that readers won’t accept the idea that even the most successful DOS attack on eBay or Yahoo would cripple America.
Actual threat. Plausible mechanism. Real damage. Proof of each. That would be nice.
Cenobyte, have you ever worked IT in an enterprise Exchange environment? Please give some examples of how most personal “internet” communications are not email.
Spam blocking is better than it used to be, but it is still a problem. Operating System patches take a while to be approved and tested. Social engineering will always be a problem.
When it comes to email (Which was not the major point of my post) I honestly can’t find any of the white papers I have read. However the basic issue is this, almost no one under the age of about 35 uses email at all anymore and users over that age send very few internet email (Mostly enterprise email which is very very different from SMTP) . Most users are switching to or have switched to chat clients, SMS, twitter, blackberry and the like. The number of people that are doing this grows every day, while the number of legitimate email messages (Minus spam obviously) is falling. People have learned that email has issues because it’s so open and easy to exploit and more or less stop using it.
As to enterprise work. I am a VP for enterprise network architecture for a very large US bank. I was until recently was in enterprise security and dealt with security issues day in and day out. 99.99% of our data and network security issues where because of people doing dumb stuff, not computers being compromised.
I think for cyber security we should have our own virus to send back to the attackers that has that picture of hillary show up on their desktop. That would scare anyone from trying to be a hacker again!
Cenobyte,
Do your employees not communicate with other employees of other companies? And as to PDA-based email, RIM is not the only player.
The best summary is that cybersecurity is often a big compromise between being permissive for the happiness of the employees, and restrictive for the security of the company.
It is clear most of you do not get the reports about the new computer viruses, the sharp increase in computer crime(82% is international), the numerous rootkits that emerged this year, and number of malicious web sites Google found via their scans.
The fact is that cyber attacks against businesses and government sites and users are growing by leaps and bounds. You all should do a bit of reading about the current state of security and get the information that makes the subject of this post timely and needed!
Yup- good post, Frank.
Its not just Foreign Policy, there is an entire legal frame-work that needs to be considered.
Cyber is borderless, however the actual and potential impacts are not. This is an area where the US should gently lead rather than act in a unilateral fashion.
The Russians are already calling for an outlawing of offensive cyber weapons, the irony shoul dnot be missed.
The NATO Cooperative Cyber Defence Center of Excellence in Estonia just held their first Legal and Policy Conference to start talking about these issues.
The current status quo is inadequate.