The recent cyber-attack on the New York Times has again raised the question of what to do about the destabilizing capability of cyber-warfare – a capability to conduct raids, attacks and other forms of electronic subterfuge via the interconnected realm of cyber-space which leaves everybody vulnerable. For example, the pensioner who attempts to access funds that no longer exist due to a raid on a long held and ‘secure’ bank account by ‘parties unknown’, to a nuclear power station having its internal workings compromised, today’s interconnected world has given us the gift of proliferating instabilities. The sinews of commerce and the electronic fabric of modern society have been laid bare. Perpetrators, whether individuals or states, can cover their tracks so well that often they can ‘hit and run’ without leaving a trace of who they are and where they come from. Where perpetrators are uncovered – especially when it comes to states acting against each other – policy paralysis sets in. If a state attacks a business in another country, does this constitute an act of espionage or criminality? What is the appropriate response? If a state targets a government agency, is this an act of war? Are retaliatory counter-strikes the best way of deterring future cyber-attacks or do such measures simply ‘up the ante’? The more the Internet is compromised, the more it will get bottled-up with counter-measures, which slow financial and other critical transactions. It will, over time, cease to have meaning to the real world. Obviously, if the world wants this technology to remain relevant, then international rules on its use need to be crafted and implemented. Perhaps it will take a case of ‘cyber-carnage’ before any such code of conduct will be seriously entertained.
By Dr. John Bruni, Director SAGE International