Myriam Dunn Cavelty calls for a realistic assessment of what state institutions can do to combat cyberattacks.
When a cyberattack has been orchestrated by a state actor, people may be tempted to call it “war”. After all, it’s an attack waged on national infrastructures by a foreign power. But the term “cyber war” has been used so often for dramatic effect that I don’t just want to warn against hype. It’s also time to dampen expectations regarding the scope of governmental intervention.
In the past three years, barely a week has gone by without a report of a critical cyberattack on a business or government institution. We are constantly bombarded by revelations of new ransomware strains, new botnets executing denial of service attacks, and the rapidly expanding use of social media as a disinformation and propaganda platform.
Without increased cooperation, the global digital economy is vulnerable to catastrophic cyberattack.
Information and communications technology (ICT) presents one of the most critical modern challenges to global security. Threatassessments predict that the next major international crisis could be due to a state or terrorist group weaponizing ICTs to devastate critical infrastructure or military logistics networks. The proliferation of asymmetric warfare (i.e., conflicts between nations or groups that have disparate military capabilities) has increased states’ use of ICTs, which necessitates the development of an international code of cyber conduct.
The Wannacry virus that attacked computers around the world last week is one more reminder of the growing threat posed by vulnerabilities in cyberspace. Over 100,000 networks in over 150 countries were infected by the malware; the actual ransoms paid appear to have been limited, but the total cost of the attack – including, for example, the work hours lost – is not yet known. Experts believe that this is only the most recent in what will be a cascading series of attacks as information technologies burrow deeper into the fabric of daily life; security specialists already warn that the next malware attack is already insinuated into networks and is awaiting the signal to begin.
Cyber threats are climbing steadily up the list of Asia-Pacific security concerns. Experts reckon that cyber crime inflicted $81 billion in damage to the Asia Pacific region in 2015 and the number of such incidents is growing. Online radicalization and other content-related issues pose expanding threats to the region, challenging national narratives and in some cases undermining government legitimacy and credibility. The networks and technologies that are increasingly critical to the very functioning of societies are vulnerable and those vulnerabilities are being distributed as regional governments are more intimately connected and more deeply integrated in economic communities. One recent study concludes that an ASEAN digital revolution could propel the region into the top five digital economies in the world by 2025, adding as much as $1 trillion in regional GDP over a decade. This growth and prosperity are threatened by proliferating cyber threats.
The so-called Islamic State (IS) is the most innovative terrorist group the world has seen. In the backdrop of its loss on the ground, IS is expanding its cyber capabilities to conduct more cyber-attacks and hacking. This and its migration into the ‘darknet’ will make IS more dangerous than before.
TERRORIST AND non-state actors have used different modes and mediums to spread their message and communicate with their comrades. The dawn of the Internet has also provided such groups with unparalleled opportunities to establish communications and operational links that were not possible before. Starting from websites, terrorist groups moved to more interactive mediums like chatrooms and forums. It was social media platforms, such as Facebook and Twitter that truly revolutionised how militants, terrorists and non-state actors communicated with each other, recruited sympathisers and supporters and disseminated their propaganda.