Tuesday

21st Nov 2017

Opinion

Lessons for EU to protect against next cyber attack

As the latest ransomeware attack 'Bad Rabbit' spreads through Europe, it is again clear that there are few degrees of separation between malware targets and global information technology networks.

Initially aimed at Ukraine's Ministry of Infrastructure and Kiev's public transportation system, the current ransomware blitz has now spread to Turkey and Germany, compromising a growing list of international businesses, government interests and thousands of personal computers.

The explosive growth of cloud-based and on-demand data systems has pushed vital sectors such as business, banking, and healthcare into risky relationships with IT infrastructure that exposes them to unexpected threats. But governments have even more at stake. Their need to house sensitive citizen data and protect national security has made them ideal targets for cyber-attacks.

Many countries are actively developing e-governance strategies — digital initiatives centred on citizen needs that are meant to promote service efficiency, productivity, transparency, and technological innovation. But these actions have also introduced a range of potential security risks, which need to be met with coordinated cybersecurity frameworks.

High-profile government hacking incidents, such as the 2015 breach of more than 22 million employee profiles in the US Office of Personnel Management database (including extensive security clearance files and personal backgrounds) are alarming examples of the holes being exploited by cyber criminals and state-sponsored hackers.

What can governments do to safeguard their data systems and citizens, and to reduce the spread of global 'e-pidemics'?

Three steps

First, they must shift to holistic approaches that progress beyond suites of technical tools such as firewalls, intrusion detection systems and spam filters. They must embrace organisational and behavioural change. By integrating a 'prevention is better than cure' strategy, governments can create interagency knowledge networks and focus on training computer users to be aware of cyber risks, how to avoid them, and how to be first responders when attacks strike.

One such example is the Australian Cyber Security Centre (ACSC) — a government "hub for private and public sector collaboration and information-sharing to combat cyber security threats". The centre aggregates cybersecurity and cyberdefence capabilities from a wide range of government departments, police units, crime commissions, the private sector, academia, local government, and international partners.

ACSC plays a pivotal role in raising awareness of cybersecurity issues, reporting incidents, analysing and investigating attacks and threats, and coordinating national security operations to respond to cyber-attacks.

Second, governments must have a clear cybersecurity strategy and make a deliberate investment in building capacity to deal with cybercrime. This begins with a broad assessment of government organisations to fully understand all aspects of their operations in cyberspace (e.g. open doors, levels of data-sensitivity, user authentication, encryption of sensitive data, etc.). Only then can comprehensive security policies and best practice guidelines be developed to ensure that overarching cybersecurity defences are effectively scaled to protect critical information and infrastructure.

But strategies must also be built on a reliable foundation of focal points in relevant government agencies, authorities and civil society. These human resources are crucial links to wider detection of, and recovery from, cyber-attacks.

Third, while the responsibility to develop strong legislation that discourages cyber-attacks falls on the shoulders of governments, they should look to impartial advisors and international organisations such as the United Nations, who are dedicated to enhancing cybersecurity culture and building awareness at policy levels.

UN research centres, like those of the United Nations University, are well positioned to bring partners to the table to find solutions. For example, development of an internet governance model and an international treaty harmonising national laws against cybercrime such as copyright infringement, fraud, child pornography, hate crimes, and cybersecurity breaches with supervision of related UN agencies would be welcome by member states.

Effective cybersecurity is a complex transnational challenge that requires strategy and cooperation at all levels and among states. There is a long way to go to build a coordinated response to computer crimes, but with new exploits being developed every day, there is no time to wait. Our short-term solutions must be devised as building blocks of a collaborative effort to fight global cyber-attacks.

Nuno Lopes and Jose Faria are researchers at the United Nations University operating unit on policy-driven electronic governance.

EU unsure how to 'make most' of AI

Whoever controls AI, 'will become the ruler of the world', according to Russian president Vladimir Putin. EU leaders want to move quickly to harness the opportunities of the technology.

EU must confront Poland and Hungary

Curtailing NGOs and threatening judicial independence are the hallmarks of developing-world dictators and authoritarian strongmen, not a free and pluralistic European Union.

Mind the gap: inequality in our cities

Minimum wages, 'living' wages and a universal basic income are all part of the ongoing mix to find ways to reduce social inequality across the EU.

EU's eastern partnership needs revival

A week before a summit with EU eastern neighbours, Sweden and Poland's foreign ministers propose "a way ahead" for the relationship that is more focused on people's needs.

Stakeholders' Highlights

  1. Bio-Based IndustriesBio-Based Industries: European Growth is in Our Nature!
  2. Dialogue PlatformErdogan's Most Vulnerable Victims: Women and Children
  3. UNICEFEuropean Parliament Marks World Children's Day by Launching Dialogue With Children
  4. European Jewish CongressAntisemitism in Europe Today: Is It Still a Threat to Free and Open Society?
  5. Counter BalanceNew Report: Juncker Plan Backs Billions in Fossil Fuels and Carbon-Heavy Infrastructure
  6. Nordic Council of MinistersNordic countries prioritise fossil fuel subsidy reform
  7. Mission of China to the EUNew era for China brings new opportunities to all
  8. ACCASmall and Medium Sized Practices Must 'Offer the Whole Package'
  9. UNICEFAhead of the African Union - EU Summit, Survey Highlights Impact of Conflict on Education
  10. Nordic Council of MinistersNordic Council Calls for Closer Co-Operation on Foreign Policy
  11. Swedish EnterprisesTrilogue Negotiations - Striking the Balance Between Transparency and Efficiency
  12. Access EuropeProspects for US-EU Relations Under the Trump Administration - 28 November 2017

Stakeholders' Highlights

  1. Nordic Council of MinistersSustainable Growth the Nordic Way: Climate Solutions for a Sustainable Future
  2. EU2017EEHow Data Fuels Estonia's Economy
  3. Mission of China to the EUChina and EU Step Up Water Management Cooperation
  4. CECEMachinery Industry Calls for Joint EU Approach to Develop Digital Construction Sector
  5. Nordic Council of MinistersMale Business Leaders Gather in Copenhagen to Advance Gender Equality
  6. EnelNo ETS Deal Means It Can Still Be Strengthened
  7. EU2017EEEstonia Anticipates More Digital Cooperation With Sweden
  8. Mission of China to the EUChina Launches Campaign to Protect IPR of Foreign Companies
  9. European Jewish CongressEJC Condemns Attacks on Ruta Vanagaite and the Shredding of Her Books in Lithuania
  10. Bio-Based IndustriesDiscover the Future of the Bio-Based Economy. Register Now for the BBI Stakeholder Forum!
  11. European Free AllianceWelcome Catalonia!
  12. UNICEFGrowing Number of Unaccompanied Refugee Children in Greece in Need of Shelter