Nations can no longer afford to go it alone on cyber-security

Cyber-crime knows know borders, so nor should our defences.

Senior representatives from more than 90 governments met in Seoul recently to discuss cyber-space, including cyber-security and cyber-crime. It was the third in a series of international conferences that has followed a push from the UK government to bring a more international perspective to discussions about how to keep cyber-space open while addressing threats.

Cyber-crime does not operate in a world confined by national borders so an international response is our only option. We need to cooperate to protect devices and information infrastructures from malicious entities seeking to steal secrets, deny access to critical services and exploit our identities to commit crimes.

Vulnerable businesses
There is much work to be done. Weaknesses in infrastructures, policy and operations leave us vulnerable and threats to businesses and individuals are frequent and damaging. For example, a sophisticated malicious software recently infected a PC at a small British bakery, then managed to bypass all of the business’s online banking security software and steal £20,000. There is no end to the news of malware, viruses and spam that affect online accounts and home computers.

Recent research indicates that four in five of the UK’s largest quoted companies are unprepared for cyber attacks. The widely reported threats to systems within finance and banking are an uneasy reminder of our vulnerability – and a key priority of the Bank of England and other financial regulators. Even those companies that you might expect to see outsmarting cyber-criminals are not immune. Just a few weeks ago software company Adobe admitted that its system had been hacked and that data from nearly 3 million customers had been stolen. Now there are reports of ransomware attacks across companies in East London’s hi-tech cluster of businesses.

Currently, too many decisions relating to cyber-security rely on inadequate evidence, inconsistent data, deficient reporting and varying rules across networks and systems. This inconsistency on data is apparent in UK government. Two years ago the UK Cabinet Office published a study by Detica, which estimated that cyber-crime costs the UK economy £27bn per year. It gave a breakdown by business sector and type of crime. This type of data is critical for governments, businesses and technology companies to plan appropriate security responses. However, a 2012 study undertaken by Professor Ross Anderson and colleagues for the Ministry of Defence calculated that a more realistic estimate would be closer to £12bn, distributed in significantly different ways to the Detica claims. This would suggest a different pattern of appropriate responses.

Defence beyond borders
A report to which I contributed, Now for the Long Term calls for the creation of an information exchange - CyberEx - to start tackling these issues. It could be funded by governments and businesses with an interest in collecting and analysing data on cyber-attacks to inform their own decisions about cyber-security. Each could share their own information and coordinate with others on responses to international threats. CyberEx could identify weaknesses in the global system, flag up suspicious Internet traffic and malicious software and help countries and businesses develop technical standards for their cyber-security efforts.

It could seek to minimise common vulnerabilities that enable the theft of sensitive information and the distribution of spam through systems, and work closely with international and domestic agencies to prevent common system attacks. The platform could also provide a useful mechanism for stakeholders to work together on responses to collective concerns, such as privacy protection. By providing an accessible, open platform for information exchange, CyberEx could help governments, businesses and individuals to better understand common threat patterns, identify preventative measures and minimise future attacks.

But you are only as strong as your weakest link, so CyberEx would also need to help developing countries improve their cyber infrastructure. For example, Professor Anderson’s MoD study concluded that significant numbers of “stranded traveller” scams and Advance Fee Frauds originate in West Africa, particularly Nigeria.

We are at the start of conversations with interested parties on the potential for CyberEx, so the details of how and where the exchange would be hosted are still to be worked out. The report’s recommendation is a starting point but it is an important one. It could move us closer to using an exchange platform to counter common but high-risk cyber threats. It is a conversation that must continue if we are to meet the challenges posed by increased societal dependence on information infrastructures.

Ian Brown receives funding from the UK Research Councils (currently EPSRC), the European Commission, and BT. He is on the advisory councils of the Open Rights Group, Privacy International and the Foundation for Information Policy Research.

This article was originally published at The Conversation. Read the original article.

The Conversation

We can't fight cyber-crime by ourselves. (Photo: Getty)
Chicago Daily News
Show Hide image

7 adorably wrong retro visions of the future

With the future looking gloomier than ever, let's take a look at what could have been.

Ah, the future. The golden, glorious future. A time when food will be replaced by pills, walking will be replaced by hovering, and someone will have finally invented a printer that will print your black and white theatre ticket even though (even though!) you have an empty magenta ink cartridge. Who can wait? 

Unfortunately, what with the end-of-the-world-as-we-know-it (see: Trump, Donald J) the future seems less and less spectacular everyday. Is it time to build an underground bunker? Who can say? I can. The answer is yes.

But while you're waiting for your Spaghetti Hoops to heat up in your concrete hidey-hole, you'll need something to read. Here are seven futures that we could have had, if it wasn't for fascism (and also, I guess, the fact that some of these are really dumb).

1. Commuter helicopters

Popular Mechanics (1951) via Flyingcarsandfoodpills.com

What they predicted: Personal helicopters which would transform commuting forever. 

Why it didn't happen: Because apparently Future Us are sufficiently advanced enough to create mini, personal helicopters, but not smart enough to have grasped the concept of a helipad. 

2. Instantly-cookable food

Via Reddit u/Jaykirsch

What they predicted: Food that can be heated or chilled instantly within its packet, by the turn of a knob.

Why it didn't happen: Remember in 2005 when Walkers Worcester Sauce crisps were recalled because it was thought they'd give you cancer? Yeah, that. 

3. Space puppies

Amazing Science Fiction (1958) via Pulparchive.com 

What they predicted: Space puppies. Puppies in space.

Why it didn't happen: Because God enjoys our pain.

4. The "Dinosaur Truck" elevated bus

The Practical Science For Boys And Girls (1949) via Darkroastedblend.com

What they predicted: Buses that could seamlessly glide over cars, carrying us onwards to a new and better future.

Why it didn't happen: It did! China have it. Well done China.

5.  A radio that prints newspapers

Radio Craft (1934) via Tarzan.org

What they predicted: A radio that could print out your morning newspaper, with some kind of nice little red thing on top.

Why it didn't happen: All media is obsolete. You are not even reading these words. Unless you're my mum. Hi mum. 

6. A robot that hits children on the head if they don't listen in class

Computopia (1969) via Pinktentacle.com

What they predicted: A robot that hits children on the head if they don't listen in class.

Why it didn't happen: Whilst our robotics are advanced enough, it turns out so too are our morals. Bummer.

7. Wrist computers

Byte (1981) via archive.org

What they predicted: Little computers that will sit on your wrist, like a watch.

Why it didn't happen: You might be gaping and gawping that someone in 1981 successfully managed to predict the Apple Watch, but you'd be wrong. Take another look - see that tiny keyboard? No one could use that tiny keyboard. What were our ancestors thinking? Idiots. 

Amelia Tait is a technology and digital culture writer at the New Statesman.