Summary: Absence of trust and coordination among nation states, and communication between public and private sectors to fight organized cyberterrorists, means the security industry has fallen behind.
SINGAPORE– The security industry is lagging behind cyberterrorists due to a lack of cooperation and communication between the public and private sectors and nation states.
Speakers at Cyber Security Forum Asia 2012, hosted by security and defense firm IB Consultancy here Monday, reiterated the importance of collaboration among private and public organizations in fighting cybercrime, but noted such coordination has yet to be established despite the surge in cyberattacks.
Cyberterrorists today are very organized and collaborative, leveraging ICT to promote their ideals, observed Zahri Yunos, CEO of CyberSecurity Malaysia. Citing research on cyberterrorism and the Internet, Zahri noted cyberterrorists have effectively and successfully used the Internet and social media for psychological warfare, publicity and propaganda, social networking, and even recruitment purposes.
In comparison, nation states still are not collaborating with each other to battle cybercrime due to a lack of trust, noted Benjamin Ho, associate research fellow for the Center of Multilateralism Studies at the S. Rajaratnam School of International Studies, Nanyang Technological University (NTU).
This mistrust is the result of the use of cyberweapons and cyberattacks between nation states, as well as the problem of attribution which has created a state of paranoia among countries, Ho said.
Nation funding lead to cyberterrorism
Costin Raiu, global research and analysis director at Kaspersky Labs, who was also a speaker at the forum agreed, noting that since the first known cyberweapon, Stuxnet, appeared in 2010, many other variations have surfaced including Duqu, Gauss, and Flame.
These cyberweapons are sophisticated, complex, and expensive to construct, requiring investments of US$10 to $15 million, and only nation states have such capital to perpetrate them to others, Raiu noted.
Such weapons have led to the inception of cyberterrorism or the use ICT to launch cyberattacks, he observed. While cyberterrorism is not proliferating yet and merely “at the top of the iceberg”, it is an emerging threat which nations and the IT security industry will soon struggle against, he warned.
Another communicative problem governments have yet to solve is failing to agree on a fixed definition of cyberterrorism, Zahri pointed out. This leads to confusion over the classification of such crimes because “one man’s terrorist is another man’s freedom fighter”. This can ultimately hinder actions taken by governments to safeguard their nations against cyberterrorism, he explained.
Internally, there are also communication roadblocks between the public and private sectors. Another speaker Carolyn Patteson, executive director of Computer Emergency Response Team (CERT) Australia, revealed one of the challenges it faced was managing expectations from the private sector. CERT disseminates IT security related information to businesses.
Many organizations thought of CERT Australia as “their personal internal CERT team” and failed to understand its actual role as a national IT security team, Patteson explained.
Define security terms, update legislations
With cyberterrorism, the biggest debate among governments is the difficulty in establishing whether cyberwar is part of cyberterrorism and vice versa, Raiu told ZDNet Asia at the sidelines of the event.
He clarified that cyberwar is the work of nation states, while cyberterorrism is committed by individuals. From here, governments should define legislations, preventive measures, and take action against cyberterrorists.
With the proliferation of cyberweapons, Raiu added there should also be agreements on the usage of such tools. He explained that, currently, while there are rules and regulations governing the use of nuclear and chemical weapons, there are none for cyberweapons to establish how they can be designed and used, and which nations they come from.
Caitriona Heinl, research fellow at Center of Excellence for National Security at NTU’s S. Rajaratnam School of International Studies, observed the speed at which cyberattacks evolve has also posed challenges regarding cybercrime legislations, making it difficult to implement policies in a timely and effective manner.
As such, governments should update legislations rapidly and work closely with related agencies and the security industry, to implement new laws on cyberattacks once they have taken place, Heinl explained.
Above all, countries need to form alliances to combat cybercrime because it is not constrained by borders, she said, adding there should be clauses to aid each other if a member country is subjected to serious cyberattacks.