Cyberstability Updates – April 2018

The GCSC in the News

RSA 2018: Behind the lines

The article featuring the GCSC and authored by Stephen Cobb was published on 27.04.2018 in WeLiveSecurity

The companies that signed the Tech Accord had their first meeting during RSA 2018 but they were not all tech firms, reinforcing the perception that the tech sector as a whole, and not just the cybersecurity industry, now accepts that action at the highest level is needed to deter all forms of what Cameron Camp calls “cyberbadness.”

That highest level includes the governments of the world and the various groups to which they belong, from the UN to NATO, APEC to the EU, and so on. It may well include novel forms of international public-private partnership, born of the need to bring norms and the rule of law to cyberspace (see, for example, the Global Commission on Stability in Cyberspace).

Read the full article here.


 Internet Pioneers Awarded Franklin Medal

The announcement by the Franklin Institute featuring the GCSC Special Advisor Vint Cerf was published on 26.04.2018.

Vint Cerf and Bob Khan have been presented with Franklin Institute Awards for the part they played in the creation of the Internet.

Since 1824 (77 years longer than the Nobel Prizes), The Franklin Institute has been recognizing scientists and engineers who have changed the world — and our lives. Since its inception the awards program has honored more than 2,000 of the most impactful scientists, engineers, inventors, and entrepreneurs.

Read the full announcement here.


 Ansip surprises with proposal to step up work with US on cybersecurity

The article featuring the GCSC Commissioner Marietje Schaake was published on 20.04.2018 in EurActiv

Dutch Liberal MEP Marietje Schaake said that despite clear “tensions and concerns” clouding transatlantic relations since President Trump took office in 2017, the EU and US should cooperate more on digital security.

“While attacks on the EU and on fundamental rights need to be challenged, the US is more than the White House, and we see a new appreciation for the European approach to regulation of the digital world in the public interest,” she said.

Schaake described the EU’s comparatively tough regulation on several technology issues as evidence that the bloc is “setting norms that would ideally be transatlantic and even global norms”.

Read the full article here.


The West’s Crisis of Confidence

The article by the GCSC Special Advisor Carl Bildt was published on 19.04.2018 in Project Syndicate.

In an age defined by US President Donald Trump’s rage, Russian President Vladimir Putin’s revisionism, and Chinese President Xi Jinping’s unbridled ambition, the international order is becoming increasingly disorderly, dysfunctional, and even dangerous. How did we arrive at this state of affairs? And how can we leave it behind?

Read the full article here.


Staff changes upend White House cyber team

The article featuring the GCSC Commissioner Chris Painter was published on 19.04.2018 in The Hill.

“We’re certainly not in the position now given all the threats we are facing, particularly nation states, to have any gap or uncertainty,” said Chris Painter, who served as the State Department’s cyber diplomat under President Obama and during the early months of the Trump administration.

Read the full article here.


Why American leadership in Asia will survive

The op-ed by the GCSC Commissioner Joseph Nye was published on 16.04.2018 in Today Online.

As for the rise of China, contrary to current pessimism, the US will retain important power advantages that will last longer than even an eight-year presidency, should Mr Trump be reelected.

The first is demography. According to United Nations data, the US is the only developed country expected to contribute to global population growth by 2050. China, the most populous country now, is projected to lose the top spot to India.

The second advantage is energy. A decade ago, the US seemed hopelessly dependent on imported energy. Now the shale revolution has transformed it from an energy importer to an exporter, and North America may be self-sufficient in the coming decade at the same time that China is becoming more dependent on energy imports.

Technology is a third advantage for the US. Among the technologies that will convey power in this century are biotechnology, nanotechnology, and the next generation of information technology, such as artificial intelligence and big data.

According to most experts, while China’s capacity is improving, the US remains the world leader in research, development, and commercialisation of these technologies.

[—]

A fifth American advantage that is likely to outlast the Trump era is the role of the dollar. Of the foreign reserves held by the world’s governments, just 1.1 per cent are in renminbi, compared with 64 per cent for the dollar.

[—]

Sixth, the US has geographical advantages that China lacks. The US is surrounded by oceans, and Canada and Mexico remain friendly, despite Trump’s mistaken policy of undercutting the North American Free Trade Agreement. China, on the other hand, has borders with 14 countries and territorial disputes with some of the most important, such as India, Japan, and Vietnam.

Read the full article here.


Critical Infrastructure Cyber Scare–Yada Yada…

The article featuring the GCSC Co-Chair Michael Chertoff was published on 12.04.2018 in MeriTalk.

We heard from the usual cast of characters–including Michael Chertoff, the former secretary of Homeland Security who now heads a security consulting firm; and retired Gen. Keith Alexander, now CEO of IronNet Cyber Security, who told the Congressman what everybody in America already knows. America’s critical infrastructure is wide open to abuse.

“As far as the private sector is concerned, you’ve got widely distributed ownership and control of infrastructure and uneven capabilities and knowledge about how to defend that infrastructure,” said Michael Chertoff. Within that infrastructure are countless systems that human lives depend on. Each is a potential target.

Read the full article here.


Cyber needs to be centre stage for every world leader, minister and business CEO

The op-ed authored by the GCSC Commissioner Chris Painter was published on 07.04.2018 in The Strategist.

It seems every day brings news of another high-profile cyberattack or intrusion affecting our personal data, national security or the very integrity and availability of the institutions and infrastructure on which we depend. These cyber threats come from a range of bad actors including ordinary criminals, transnational organised criminal groups and nation-states.

Indeed, in mid-February, Australia, the United States, the United Kingdom and several other countries attributed the devastating NotPetya ransomware worm—that caused billions of dollars of damage across Europe, Asia and the Americas—to the Russian military as part of the Kremlin’s efforts to destabilise the Ukraine.

At the same time, special counsel Robert Mueller in Washington unveiled a remarkably detailed criminal indictment charging a range of Russian individuals and organisations with a concerted effort to undermine the 2016 US elections.

Although active, Russia is hardly the only prominent nation-state threat actor in cyberspace. North Korea orchestrated the attacks on Sony Pictures and was responsible for the recent WannaCry ransomware that seriously affected the UK’s health-care system. Iran was responsible for attacks on US financial institution websites. And China conducted a prolonged campaign of cyber-enabled theft of trade secrets that targeted businesses in Australia, the US and many other countries.

Read the full article here.


Michael Chertoff Announced as Guest Speaker for Dublin Tech Summit 2018

The announcement featuring the GCSC Co-Chair Michael Chertoff was published on 04.04.2018 in The Irish Tech News.

Dublin Tech Summit are pleased to announce that the second United States Secretary of Homeland Security, Michael Chertoff, has been confirmed as a headline speaker at the technology conference set to take place in the CCD on April 18 & 19 2018.

Read the full announcement here.


At stake in Cambridge Analytica scandal? Not just privacy, but freedom itself: Chertoff

The op-ed by the GCSC Co-Chair Michael Chertoff was published on 03.04.2018 in the USA Today.

What the Cambridge Analytica story demonstrates first is that the data about us that is regularly harvested is not just what we wittingly post or transmit on line. The entering wedge of Cambridge Analytica’s data collection was an apparently limited request by a developer to have Facebook users complete an online survey. Slightly over a quarter of a million did so. But by downloading the survey, they opened the door to collection of data about all their friends and their other on-line interactions. As a result, data relating to approximately 50 million individuals was captured. The vast majority of these people did not know that their information was being used.

Read the full article here.


Norms in the Cyberspace

Building trust in cyberspace

The article by Farlina Said was published on 01.05.2018 in the New Straits Times.

In great power rivalry, investment in the tech sector can ring alarm bells particularly where norms of state behaviour and confidence-building measures are not developed. Also a product of the 32nd Asean Summit is the Asean Leaders’ Statement on Cybersecurity Cooperation that addresses the need for international voluntary cybersecurity norms, an expression of commitment for a multi-stakeholder process across different domains and greater regional cybersecurity cooperation and capacity building to address cybersecurity and cybercrimes.

Read the full article here.


ASEAN leaders issue statement on cybersecurity cooperation

The article by Nicky Lung was published on 30.04.2018 in OpenGov.

While ASEAN recognises the cyber domain potentially represents an opportunity for significant regional economic and technological development and can also serve as a significant source of employment, it also recognises that cybersecurity is a cross-cutting issue that requires coordinated expertise from multiple stakeholders from across different domains to address effectively.

As such, this ASEAN leaders’ statement acknowledges that the promotion of international voluntary cyber norms of responsible state behaviour is important for cultivating trust and confidence and the eventual development of a rules-based cyberspace.

Read the full article here.


Video: Norms in  Cyberspace

The video by Kelsey Atherton was published on 18.04.2018 in the Fifth Domain.

Reporter Kelsey Atherton gives insight on a panel by Department of Homeland Security Secretary Kirstjen Nielsen.

Access the video here.


Tech giants vow to fight state‑sponsored hacking

The article by Blake Sobczak was published on 18.04.2018 in E&E News.

A consortium of 34 technology companies has agreed to a “Digital Geneva Convention” aimed at thwarting all kinds of hackers, even those backed by the United States.

“We will not help governments launch cyberattacks against innocent citizens and enterprises from anywhere,” the companies said in a four-point “Tech Accord” first proposed by Microsoft Corp. last year.

The signatories include technology giants like HP Inc., Facebook Inc. and Oracle Corp., as well as global cybersecurity firms such as FireEye Inc., Symantec Corp., the Finnish company F-Secure Corp. and Japan-based Trend Micro Inc.

“The real-world consequences of cyberthreats have been repeatedly proven,” said Kevin Simzer, chief operating officer at Trend Micro. “As an industry, we must band together to fight cyber criminals and stop future attacks from causing even more damage.”

Read the full article here.


Cisco, Microsoft and 32 big vendor pals join ‘Accord’ to improve security by doing … security stuff

The article by Simon Sharwood was published on 18.04.2018 in The Register.

To chase the fourth principle the group “will establish formal and informal partnerships with industry, civil society, and security researchers, across proprietary and open source technologies to improve technical collaboration, coordinated vulnerability disclosure, and threat sharing, as well as to minimize the levels of malicious code being introduced into cyberspace”.

Nothing in the paragraph above sounds new, but it could hint at interesting efforts like the Microsoft-supported Global Commission on the Stability of Cyberspace’s efforts to make a diplomatic end-run around the US, Russia and China. Absent any specifics on the type of collaborations and partnerships, this appears to be the tech industry saying it will carry on as usual.

Read the full article here.


Russia testing new cyber norms

The article by Stuart Kennedy was published on 17.04.2018 in Innovation Aus.

“What have we seen? Certain countries who have signed up to these norms and legal understandings in the blink of an eye have conducted activity which directly contravenes the agreements they have just signed.”

This problem has raised the issue of cyber deterrence, especially against nations such as Russia that have violated cyber agreements.

“Deterring malicious cyber activity is really important to preserving the stability of cyberspace.

Read the full article here.