I put down the following question after growing concern about attacks on state infrastructure and now even on legislatures – although I am not sure which ones yet. I have been wondering about an international treaty or agreement to outlaw these attacks. Some states are launching such attacks – again it is difficult to prove which ones and clearly the government is not going to publish a list!
Some attacks probably come from individuals and organisations but the attacks by nation statescould be largely outlawed by an international agreement – a little like the treaty outlawing biological weapons.
http://www.publications.parliament.uk/pa/ld200708/ldhansrd/text/80616-0001.htm#0806161000006
I agree we need to try stop this, although I think an international agreement could be meaningless if China & Russia – two of the states suspected of being behind certain cyber attacks – don’t sign or follow it.
I think the country, and the EU, needs to look at spending on cyber defences from political & terrorist enemies, attacks could result in even more serious data breaches than this Gov have been responsible and could bring down critical infrastructure, even affecting public safety. I believe there have been attempts to attack the network & computer systems of nuclear power stations in America.
Looking at attacks on critical commercial infrastructure as well is important.
To be honest cyber attacks are a classic asymmetrical attack so even if
we do come up with international agreements to tackle it all it takes
is one disgruntled individual to potentially attack a vital piece of
infrastructure.
By all means get international agreement to outlaw governmental
attacks and increase cross border co-operation of police authorities
but don’t forget to invest in defence of our infrastructure.
Electronic Networking is split into two parts: Greenside and Redside. Greenside is known as intranet and Redside is called Internet.
Cyber crime takes place on both sides, however lapses in Greenside security are very serious and intensive efforts by infrastructure engineers are made to reduce this to an absolute minimum. System Administrators are the weak link in Greenside security paradigms as they have open access to everything. It is only by monitoring of internal audit trails that crimes or snooping come to light if ever.
Redside cyber crime can involve penetration of weaknesses in firewalls and operating systems but is more often associated with poorly designed web pages. Governments constantly probe other nations cyber defences often hiring reformed cyber criminals to do the work. Denials of Service attacks are the easiest to implement by external agents. They bombard servers with very high numbers of hits rendering normal traffic inoperative. Governments do this as precursor training to possible invasions.
One of the problems for MPs and Lords is a lack of expertise on an individual basis. The technology is constantly changing making it difficult if not impossible for reliable interpretation to take place at the political level. I understand that consultants are at hand but there is nothing like a gut feeling when you have to make a decision that matters.
An international treatise to outlaw this is naïve upon your part, as existing laws already exist to deal with this. When we stop snooping and prying at government and military level perhaps we will also encourage others to do the same. It is simply not going to happen and never will and there is nothing anybody can do about it.
However, I do feel that at a constitutional level ordinary people should be protected from the state and the use of this technology because of its stealthiness and ease of inappropriate data changes.
I’m pretty sceptical that governments are behind any significant internet based attacks (background: I am a computer engineer working in the ops team of a well known internet company).
Mounting attacks large enough to take off-line a robustly hosted site basically require a botnet. Building botnets is already illegal under virtually every countries computer abuse laws (at least for the countries where they are developed enough to care).
Hacking in the sense of breaking and entering to steal information is a problem that requires good security practices to solve. International agreements won’t achieve anything here because there are so many non-governmental agents who would be happy to steal information and sell it on to whoever the highest bidder is. I guess you could try and outlaw that too, but it’d be equivalent to outlawing spying in general. I suspect it’d be tough.
The threat of cyber attacks is real, but it’s much more of a problem for organized crime vs commercial ventures. Most government websites that offer citizen services aren’t worth attacking (relative to rich internet companies that have to be online or go bankrupt, and are thus ripe for extortion). In cases where government websites do host valuable information (eg, tax information) the effort would be better spent paying for professional penetration testing.
There have also been a few reports that the control computers for things like power stations are now on the public internet as well. That needs to be looked at seriously.
The trend for some time has been to replace hard wired telephone exchanges and replace them with electronic equivalents. This has now moved on to providing fibre optic connected systems that use VoIP technology.
These all have servers that connect to redside infrastructure. If a foreign power mounted a DoS attack on VoIP servers it would cripple that nations telephone systems.
Another important factors is the number of WiFi hotspots that are unsecured. These can be infiltrated and bots can act as servers themselves. A number of such cases have been stopped recently but the are an ever present problem for us all. A lot of businesses especially those that have taken a DIY approach to infrastructure build are a security problem and often a source of packet redirection for those wishing to cover their tracks.
It is impossible in my view to fully protect any net software and the evidence for this comes from the constant stream of security updates for commercial operating systems and web browsers.