New order, cooperation needed to combat cyber crimes: experts

(File photo)

This is a new battlefield. The law of the jungle and zero-sum games don’t apply here. Those who are strong are not a single bit safer than those who are weaker and the bigger the target the higher the risks are. This is cyberspace.

Cyber attacks could cause the world economy as much as $3 trillion by 2020, a McKinsey report warned in 2014. Citing the figure, David Chen, vice president of Microsoft, noted that billions of dollars would also be poured into defensive projects in many countries across the globe.

More than 50 countries have cyber defense capabilities; 38 have offensive cyber capabilities; 95 have or are about to set up cybersecurity legislation; and more than 70 have a national cyber strategy, Chen revealed.

The data were released at the Guanchao Cyber Forum at the China Internet Security Conference 2017 in Beijing on Tuesday.

Every nation seems to be readying itself for possible cyber war, which is invisible yet increasingly destructive. Unfortunately, cyber crime is becoming more and more prominent along the way. In China alone, cyber crimes make up 1/3 of all criminal activities in China, and it is growing at a staggering rate of 30 percent every year.

“No one is to blame as nations prepare cyber security strategies and actively build up their military to safeguard the security. But an excessive cyber arms race will end up with two possible consequences: exaggerate tensions among countries; and increase the likelihood of cyber warfare,” warned General Hao Yeli, vice president of the China Institute for Innovation and Development Strategy.

Addressing the Guanchao Forum, Hao raised the example of the WannaCry ransomware that took advantage of the EternalBlue vulnerability exploit in May. “Cyber weapons running out of control are like nuclear reactors and an arms race would only worsen the uncertainty in cyberspace,” Hao added.

The WannaCry ransomware attack on May 12 affected more than 200,000 people in some 150 countries and regions. The economic loss reportedly exceeded $5 million. In June, a variant of WannaCry hit again, causing damage to key information infrastructure around the world, including banks, communication facilities, and even hospitals, Qi Xiangdong, chairman of the 360 Enterprise Security Group, said at the forum.

Yet even the UN Group of Governmental Experts (CGE) failed in late June to develop a “common understanding” on how countries should behave in cyberspace.

Cyberspace is mostly for public uses instead of military ones. It is also operated and protected for the private sector. Yet connectivity means that any attack can have unimaginable influence on civilians and companies alike. It is therefore necessary to reduce risks through a Digital Geneva Convention, according to Chen.

The Digital Geneva Convention proposed by Microsoft in April aims to commit governments to protecting civilians from cyber attacks.

In addition, Hao suggested that a cyber arms control committee under the UN framework be set up with an international convention on the non-proliferation of cyber weapons and a negative list on cyber warfare and cyber attacks. The general also called to establish an intelligence sharing mechanism to promote security threat information exchange globally.

“The traditional security strategy based on nuclear deterrence does not apply to cyber. Unlike nuclear deterrence, which can be traced, attackers in cyberspace are relatively invisible. Meanwhile, cyber deterrence makes all countries feel insecure, because defense can be turned into offensive,” Hao pointed out.

“The traditional battlefield sees rivalry between countries, but the battlefield in cyberspace should see all responsible countries join hands to combat the real enemy. No matter what kinds of terrorists exist in the cyberspace, there will be stability in the world so long as we maintain cooperation,” said the general.