Hackers now have international coalitions; we need the same to fight back

[tao]

The Internet has broken down national barriers and created a global economy with anyone, from almost any country, free to surf, shop, or engage in any other online activity on any site, anywhere in the world.

 

In parallel, the Internet has given hackers the ability to build or join worldwide criminal operations, swooping in on victims regardless of location, nationality, or any other formerly limiting factor.

 

If bad actors get together in an international online coalition to create cyber-havoc, then authorities responsible for ensuring cyber-safety and preventing cybercrime should be taking countermeasures. Unfortunately, they are not – and the way things are going, it may be quite a while before we see a truly coordinated international approach to fighting hackers, as countries, agencies, jurisdictions, and organizations jockey to defend and protect their own interests, even as hackers further their worldwide cooperation and expand the scope and aim of their attacks.

 

The sad truth is that there is currently no solid international cooperation or coordination between governments on tracking down and stopping hackers. There are, of course, many international hacker groups – the best known one is the amorphous entity that calls itself Anonymous – but over the years, we’ve seen that building an international coalition to battle such groups has been notoriously difficult. Instead of focusing on preventing attacks by going after hacker groups – something that would be far easier with international cooperation – countries remain stuck on the model of defending themselves, spending ever-larger sums of money to fend off the latest threat, even as hackers develop new tactics to break those defenses.

 

That’s not to say we’re not trying. The latest idea for international cyber-cooperation comes in the form of the Global Commission on the Stability of Cyberspace (GCSC), a public-private partnership between governments and some of the world’s top tech firms (including Microsoft) to develop “norms” —  rules that all governments and international agencies can agree on to prevent cybercrime. One norm, for example, resolves that all states respect the core of the Internet (the DNS system, international undersea cables, etc.), while another calls on governments to respect the process of online elections and to do everything they can to ensure they are executed without interference.

 

If that sounds a bit mild in the wake of what is going on out there, I can tell you that it’s been a lot more successful than the previous attempt to unite the world’s good guys in the fight against cyber-threats. The UN’s Group of Governmental Experts (UN GGE) tried mightily to convince governments that cooperation was the key to successful cyber-defense. However, that effort was rejected by the European Council on Foreign Relations, which took issue with how national sovereignty applies in cyberspace, how aggressive a country can be in its cyber-defense strategy, and whether or not international humanitarian law applies to cyber-operations. Had the UN GGE been successful, it would have provided the legal basis for international organizations like Interpol to more aggressively pursue cyber-criminals. But with the rules still up for debate, international law enforcement groups find they are stymied by the policies implemented by national governments that often obstruct investigations.

 

And yet there is hope; governments are slowly beginning to realize that with cyber-threat increasing, their institutions, citizens, banks, infrastructure, or other critical deployments could be next. Sooner or later, countries will come together to protect their common interests, at least against the lawless cyber-gangs that roam the internet, picking off banks and databases anywhere and everywhere – even in countries that themselves have been accused of sponsoring bank hacks.

 

Outlining the rules is going to be complicated; as the UN GGE showed us, nobody wants to give up anything, at least unless they get as much, or more, back. But the GCSC’s development of international norms is a good first step – and in fact, it has historical precedence. Much of the history of the 20th century is a history of nations with different interests coming together for a common goal — to eliminate disease, to encourage international trade, to prevent nuclear war erupting between the superpowers. It’s not a perfect system, but it shows how problems can be solved when the determination to do so is there. Will we see that process repeat itself in cybersecurity? Let’s hope so.

 

< Here >

[straycat19]

This article is so full of bad information it was either written originally 10 years ago or comes under the heading of fake news.  Just the other day an article was posted on nsane that showed internation cooperation in taking down and international hacking group.  Europol, Interpol, FBI, Secret Service, CIA, NSA, DIA, and other countries police and intelligence organizations have been working together for years.  The level of cooperation may not always be ideal, but the majority of countries realized years ago that they couldn't stop international hackers on their own.  Just because they haven't thrown up neon signs stating their cooperation doesn't mean it isn't happening. 

 

State supported hacking has been around for years.  This article acts like it is something new that those entities have targeted financial institutions.  Again old news.

 

The UN has nothing to do with international cybercrime fighting and can contribute nothing to that effort.  It is essentially a useless organization that most people would like to see go away.  It wouldn't even exist without the U.S. funding it, which shows how much other countries want 

 

[tao]

38 minutes ago, straycat19 said:

It is essentially a useless organization that most people would like to see go away.

Most people? Any reference old or new, real or fake?