Bringing order to the online world requires global co-operation, not just talks between major nations, says Greg Day.
News of the recent summit talks between US President Barack Obama and his Chinese counterpart, President Xi Jinping, provoked perhaps unrealistic optimism that the growing issue of cyber espionage - widely considered to be high on the agenda - would reach some conclusion. While many had hoped that Obama would use this opportunity to persuade China’s leader of his vision of a world order, where all countries abide by a set of cyber security rules, it appears that little progress was made. This is despite mounting tension between the two global powers being exacerbated by continued finger-pointing regarding the US and China’s respective roles in cyber spying. Indeed, the much anticipated meeting followed recent reports from the Washington Post that Chinese hackers had stolen designs for “more than two dozen US weapons systems”. The US has also recently accused Beijing of executing a targeted cyber espionage campaign against the nation - claims which have been refuted by Chinese officials, who highlight that they have also been a victim of hacking.
The historic first meeting came at a rather unfortunate time for Obama, who in the same week was forced to defend his own government’s ‘cyber spying’ following the revelations of Edward Snowden - the infamous NSA/Prism whistleblower. China has robustly fought back against claims that it is the main perpetrator of cyber espionage - a stance strengthened by the international fallout surrounding the NSA breach.
Furthermore, many nations have seized upon this as an opportunity to accuse the US of double standards when it comes to global cyber spying. Indeed, revelations that the Obama administration has continued the surveillance regime initiated under his predecessor George W Bush are unlikely to have gone unnoticed by President Jinping.
Despite the undoubtedly tense backdrop, both leaders claimed to agree in principle that it is important for their nations to implement and abide by common cyber rules. However, the issue of cyber espionage is a global governance issue and, as such, it cannot simply be resolved with bilateral talks between just two nations. The number of countries and non-state groups with sophisticated offensive capabilities in cyber space is growing at an alarming rate. This means that even if one or two countries show restraint, it is difficult to see how that will result in fewer attacks on the US and other countries, given the global and highly distributed nature of the cyber problem.
The fact is that the advantage belongs to the attacker in cyber space - as organisations struggle to keep pace with ever-changing threat trends, and traditional security techniques are generally poor in their ability to detect the growing number of personalised, advanced threats. Therefore it is difficult to rule out the possibility that attacks will continue to evolve, becoming more stealthy and sophisticated.
These days, extreme vigilance is needed as our world becomes increasingly connected, and the Internet continues to control more aspects of daily life. The security implications of the ‘Internet of Things’ are vast, and are still widely misunderstood and underestimated.
Cybercrime is very much a global issue and moving to a global consistent approach still seems to be a long-term goal. Indeed, the Council of Europe passed the Convention on Cybercrime back in November 2001, aiming to build a consistent legislative framework. Over a decade later, 39 countries have ratified this, yet there is still plenty to be done before it is a globally adopted programme.
Despite the lack of an international plan of action to reduce ongoing incidents and allegations of cyber espionage, we remain hopeful that meetings such as this will go some way to improving international cooperation and reducing the global cyber threat. While this meeting marked an important first step in improving the lines of communication between the US and China, and encouraging other nations to follow suit, recent events are sadly only likely to contribute to the international cyber blame game.
Greg Day is VP and CTO for the EMEA region at IT security firm FireEye (www.fireeye.com).