Cyberattacks must also be understood as a phenomenon of political violence and combated as such, says Myriam Dunn Cavelty.
Digitalisation will fundamentally alter many aspects of our lives – in many cases for the better. However, our increasing dependence on computers and networks for data exchange and storage is creating new vulnerabilities for both individuals and society. The key word here is: cybersecurity. This encompasses more than just technical solutions: it involves not only security in cyberspace, but also security that is influenced by cyberspace.
Myriam Dunn Cavelty calls for a realistic assessment of what state institutions can do to combat cyberattacks.
When a cyberattack has been orchestrated by a state actor, people may be tempted to call it “war”. After all, it’s an attack waged on national infrastructures by a foreign power. But the term “cyber war” has been used so often for dramatic effect that I don’t just want to warn against hype. It’s also time to dampen expectations regarding the scope of governmental intervention.
In the past three years, barely a week has gone by without a report of a critical cyberattack on a business or government institution. We are constantly bombarded by revelations of new ransomware strains, new botnets executing denial of service attacks, and the rapidly expanding use of social media as a disinformation and propaganda platform.
Without increased cooperation, the global digital economy is vulnerable to catastrophic cyberattack.
The Challenge
Information and communications technology (ICT) presents one of the most critical modern challenges to global security. Threatassessments predict that the next major international crisis could be due to a state or terrorist group weaponizing ICTs to devastate critical infrastructure or military logistics networks. The proliferation of asymmetric warfare (i.e., conflicts between nations or groups that have disparate military capabilities) has increased states’ use of ICTs, which necessitates the development of an international code of cyber conduct.
The Wannacry virus that attacked computers around the world last week is one more reminder of the growing threat posed by vulnerabilities in cyberspace. Over 100,000 networks in over 150 countries were infected by the malware; the actual ransoms paid appear to have been limited, but the total cost of the attack – including, for example, the work hours lost – is not yet known. Experts believe that this is only the most recent in what will be a cascading series of attacks as information technologies burrow deeper into the fabric of daily life; security specialists already warn that the next malware attack is already insinuated into networks and is awaiting the signal to begin.
Cyber threats are climbing steadily up the list of Asia-Pacific security concerns. Experts reckon that cyber crime inflicted $81 billion in damage to the Asia Pacific region in 2015 and the number of such incidents is growing. Online radicalization and other content-related issues pose expanding threats to the region, challenging national narratives and in some cases undermining government legitimacy and credibility. The networks and technologies that are increasingly critical to the very functioning of societies are vulnerable and those vulnerabilities are being distributed as regional governments are more intimately connected and more deeply integrated in economic communities. One recent study concludes that an ASEAN digital revolution could propel the region into the top five digital economies in the world by 2025, adding as much as $1 trillion in regional GDP over a decade. This growth and prosperity are threatened by proliferating cyber threats.
