Containing cyber attacks need attention
Ambassador Muhammad Zamir
There is general consensus all over the world that coordinated and serious attention needs to be given towards responding to cyber attacks. Malevolent cyber activities have become a growing threat. Cyber attacks are posing a number of challenges, both technical and political. Many countries are also discovering that they lack the required cyber and intelligence capabilities, and the political and administrative processes necessary to properly attribute cyber attacks. In addition, it is also becoming clear that attribution of such attacks remains a political decision for national leaders. It has also become evident that like most foreign policy decisions, the connotation of attribution to a great degree is directly and indirectly influenced by varied geo-political considerations.
It is also apparent that in some regions, like the European Union or Southeast Asia, some decisions will require collective action and unanimity. For this to happen, the first step will have to be towards upgrading of information sharing and the creation of what is now popularly known as the Cyber Diplomacy Toolbox. There is now general consensus all over North America and also Australia and the countries of the Far East that all countries who are slowly moving into the digital paradigm need to take necessary strengthening of cyber capabilities, both defensive and offensive. It is also understood that such measures will require investment not only in human and technical capacities but also in the creation and updating of internal procedures. This step will enable personnel involved with cyber security to be also associated with the political decision-making process. This requirement will be very sensitive and challenging. However, every country in question will have to take these steps before attributing cyber attacks or adopting subsequent action in the form of possible sanction against the institution or country in question. The possibility of use of sanctions will also have to be wielded carefully, based on strong compelling evidence. Mere allegation or indictment might not help.
Strategists, in this regard, have also highlighted that cooperation with the private sector and with international partners need to be pursued. It has been pointed out by political analysts in this regard that the EU is bound to end up facing several constraints after Brexit has come into full operation. Both the EU and Britain have been mentioning continued subsequent cooperation in many areas of national governance. However, till today, it is very vague whether such cooperation will tackle the question of cyber security in all its dimensions. Both parties need to realize that they will need to set up enhanced paradigms of cyber security cooperation and also further develop EU-NATO cooperation within this dimension. It needs to be noted here that geo-political tensions currently existing in several socio-economic political arenas- between Russia and the European Union, between the USA and Russia, between the USA and China, between India and China, between the USA and Iran, between North Korea and a few adjacent countries and also between some other countries in the Middle East- are creating their own repercussions and anxiety. It is consequently being suggested that the post- Pandemic world will need to seriously consider investment in confidence building measures, in the creation of norms at the UN level. In addition, there is also need to convene global, regional and bilateral cyber dialogues pertaining to the identifying of least common denominators regarding cyberspace. This format needs to be pursued because attributing cyber attacks or adopting sanctions on another country or an institution can potentially worsen relations with the other party. It needs to be remembered that acting together would permit States to be more credible. It will also help to send a stronger deterrent message.
By responding to cyber threats as a united actor, countries will be better placed to defend their security, their political and economic interests. It will also further augment their credibility as international actors. We might not like it, but breakdown of cyber security has begun to affect the proper functioning of several areas of functioning in many countries. This has been apparent all over the world- including several sub- regions in South Asia. In some cases, we have noticed malicious cyber hacking leading to Hospitals being forced to cancel their operations, factories temporarily shutting down and global companies being put off line by some of their competitors.
This has led to affected institutions incurring huge losses. Unfortunately, this development has become an unwelcome reality. Digital hacking through cyberspace is not constrained because of geographical borders. It can, and does, compromise ICT systems and can result in massive damage. Cyber security incidents have become a daily occurrence. In this context one needs to recall the osmotic effect of the two massive global cyber attacks in 2017 that affected Europe as well as several other international institutions and infrastructures. Recognizing the reality of the threat, the EU have worked to strengthen cyber security in Europe and tackle cyber attacks against infrastructures, cyber espionage, intellectual property theft, and hybrid threats using cyber means. The Union has primarily invested in increased prevention, early warning mechanisms, resilience and coordination. One needs to hardly reiterate that these steps will greatly help post-Pandemic and post-Brexit Europe which will rely greatly on digital marketing and e-commerce. One hopes that Bangladesh will also move forward in this direction. We should also consider working together on this issue within South Asia. This will help all of us to move forward together. Our economic front in particular has many obstacles. There are divergent opinions on practically most issues. Creating cyber security will consequently not be very easy. Nevertheless, today, after the emergence of the Pandemic, everyone in South Asia, instead of blaming each other and attributing narrow objectives need to respond proportionate to the scope, scale, duration, intensity, complexity, sophistication and impact of every country’s cyber activity. The procedures that are being adopted in other regions of the world should be studied very carefully by the Information Technology sector in Bangladesh.
(Muhammad Zamir, a former Ambassador, is an analyst specialized in foreign affairs, right to information and good governance, can be reached at <[email protected]>)