Cybersecurity

Updates

The White House published the National Cyber Strategy of the United States of America, the first national cybersecurity strategy in fifteen years. According to the Strategy, the American people, homeland and way of life will be protected by protecting networks, information and critical infrastructure, by combating cybercrime and improving incident responding. American prosperity will be promoted by fostering a vibrant digital economy as well as domestic ingenuity, and developing a superior cybersecurity workforce. Peace will be preserved through strength, by enhancing cyber stability through norms of responsible state behavior and attributing and detecting unacceptable behavior in cyberspace. In that vein, the United States will launch an international Cyber Deterrence Initiative where a coalition of like-minded states will coordinate and support each other’s responses to significant malicious cyber incidents, including through intelligence sharing, buttressing of attribution claims, public statements of support for responsive actions taken, and joint imposition of consequences against malign actors. Lastly, American influence will be expanded by promoting an open, interoperable, reliable and secure internet, and by building international cyber capacity.

The Third ASEAN Ministerial Conference on Cybersecurity (AMCC) saw ASEAN countries agreeing that a formal ASEAN cybersecurity mechanism for cyber diplomacy, policy and operational issues should be established. It was recommended that the proposed mechanism also takes into account multiple dimensions, including economic considerations, and that it is flexible. Singapore has been tasked with the development of the proposal for the mechanism, which will then be tabled to ASEAN Leaders for consideration. ASEAN countries also decided to subscribe to the 11 voluntary, non-binding norms on behavior in cyberspace recommended in 2015 by United Nations Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UNGGE), as well as to focus on regional capacity-building in implementing these norms.

Facilitated by the International Telecommunication Union, twelve partners from intergovernmental and international organisations, private sector, academia and civil society - including Deloitte, Microsoft, the NATO Cooperative Cyber Defence Centre Of Excellence and the World Bank among others - developed the ‘Guide to developing a national cybersecurity strategy - Strategic engagement in cybersecurity’. The guide is a resource for the development of a national cybersecurity strategy targeting primarily leaders and policymakers, but also other national stakeholders involved in the development of the strategy and stakeholders in the international development community who provide assistance in cybersecurity. The Guide outlines the five phases that make the life cycle of a National Cybersecurity Strategy: initiation, stocktaking and analysis, production, implementation, reviews. It also presents nine cross-cutting principles that should be considered in all phases of the development process. Also presented in the guide are good practices, which identify the key elements and topics that should be considered during the development of a strategy. A list of resources to support countries in developing their National Cybersecurity Strategy is included as well.

The media reports that the data of around 130 million clients of the Huazhu Hotels Group in China is being sold at the Dark Web, for 8 bitcoins, which is around 56,000 USD. This price is considered very low having in mind the big amount of data that is being offered. The data for sale contains ID card numbers, phone numbers, bank accounts, login and passwords, check-in and departure times, hotel room numbers, room IDs, card numbers, and email addresses, as well as website registration information, check-in registration information, and booking information. The database is roughly 141.5 GB and contains 240 million records of 130 million clients. Shanghai police, who is currently investigating the case, released a statement confirming that they will ‘crack down any illegal information transactions’. The police also called for companies to strengthen their data protection. An initial investigation by Zibao cybersecurity group shows that the data might have been hacked in early August when the hotel’s programmers uploaded information to the GitHub.  Huazhu Group also started their self-inspection and has hired a tech company to verify the source of the information that is being sold online.

More than 7,500 MikroTik devices have been compromised by an attacker, NetLab researchers claim. The attacker is able to actively eavesdrop on these users, with their TZSP traffic being forwarded to some collecting IP addresses. The vulnerability the attacker exploited is the known Winbox Any Directory File Read CVE-2018-14847 vulnerability, which was exploited to maliciously enable Socks4 proxy on routers. It was patched by MikroTik in early August, but some users missed the update. Researchers claim that 370,000 MikroTik users are still CVE-2018-14847 vulnerable. It is recommended MikroTik users update their devices and check if the HTTP proxy, Socks4 proxy, and network traffic capture function are being maliciously exploited.

T-mobile confirmed that it suffered a data breach on its US servers on 20 August. According to a letter from the company, the breach may have resulted in the exposure of personal information of up to 2 million customers. The data leaked included customers’ name, billing zip code, phone number, email address, account number and account type (prepaid or postpaid). However, financial data, social security numbers and passwords weren’t compromised. The company has reported the breach to the authorities and has reached out to the customers affected.

Cybersecurity is among the main concerns of governments, Internet users, technical and business communities. Cyberthreats and cyberattacks are on the increase, and so is the extent of the financial loss. 

Yet, when the Internet was first invented, security was not a concern for the inventors. In fact, the Internet was originally designed for use by a closed circle of (mainly) academics. Communication among its users was open.

Cybersecurity came into sharper focus with the Internet expansion beyond the circle of the Internet pioneers. The Internet reiterated the old truism that technology can be both enabling and threatening. What can be used to the advantage of society can also be used to its disadvantage.

Today, the cybersecurity framework includes policy principles, instruments, and institutions dealing with cybersecurity. It is an umbrella concept covering (a) critical information infrastructure protection (CIIP), (b) cybercrime, and (c) cyberconflict.

As a policy space, cybersecurity is in its formative phase, with the ensuing conceptual and terminological confusion. We often hear about other terms that are used without the necessary policy precision: cyber-riots, cyberterrorism, cybersabotage, etc. In particular, cyberterrorism came into sharper focus after 9/11, when an increasing number of cyberterrorist attacks were reported. Cyberterrorists use similar tools to cybercriminals, but for a different end. While cybercriminals are motivated mainly by financial gain, cyberterrorists aim to cause major public disruption and chaos.

Cybersecurity policy initiatives

Cybersecurity is tackled through various national, regional, and global initiatives. The main ones are described below.

At national level, a growing volume of legislation and jurisprudence deals with cybersecurity, with a focus on combating cybercrime, and more and more the protection of critical information infrastructure from sabotage and attacks as a result of terrorism or conflicts. It is difficult to find a developed country without some initiative focusing on cybersecurity.

At international level, the ITU is the most active organisation; it has produced a large number of security frameworks, architectures, and standards, including X.509, which provides the basis for the public key infrastructure (PKI), used, for example, in the secure version of HTTP(S) (HyperText Transfer Protocol (Secure)). The ITU moved beyond strictly technical aspects and launched the Global Cybersecurity Agenda. This initiative encompasses legal measures, policy cooperation, and capacity building. Furthermore, at WCIT-12, new articles on security and robustness of networks and on unsolicited bulk electronic communications (usually referred to as spam) were added to the ITRs.

A major international legal instrument related to cybersecurity is the Council of Europe’s Convention on Cybercrime, which entered into force on 1 July 2004. Some countries have established bilateral arrangements. The USA has bilateral agreements on legal cooperation in criminal matters with more than 20 other countries (Mutual Legal Assistance in Criminal Matters Treaties (MLATs)). These agreements also apply in cybercrime cases.

The Commonwealth Cybercrime Initiative (CCI) was given its mandate from Heads of government of the Commonwealth in 2011 to improve legislation and the capacity of member states to tackle cyber crime. Dozens of partners involved with CCI assist interested countries with providing scoping missions, capacity building programmes, and model law outlines in the fields of cybercrime and cybersecurity in general.

The G8 also has a few initiatives in the field of cybersecurity designed to improve cooperation between law enforcement agencies. It formed a Subgroup on High Tech Crime to address the establishment of 24/7 communication between the cybersecurity centres of member states, to train staff, and to improve state-based legal systems that will combat cybercrime and promote cooperation between the ICT industry and law enforcement agencies.

The United Nations General Assembly passed several resolutions on a yearly basis on ‘developments in the field of information and telecommunications in the context of international security’, specifically resolutions 53/70 in 1998, 54/49 in 1999, 55/28 in 2000, 56/19 in 2001, 57/239 in 2002, and 58/199 in 2003. Since 1998, all subsequent resolutions have included similar content, without any significant improvement. Apart from these routine resolutions, the main breakthrough was in the recent set of recommendations for negotiations of the cybersecurity treaty, which were submitted to the UN Secretary General by 15 member states, including all permanent members of the UN Security Council.

Events

Actors

(EBU)

In an environment increasingly characterised by digital convergence, the EBU is working on supporting its memb

...

In an environment increasingly characterised by digital convergence, the EBU is working on supporting its members in their digital transformation processes, in promoting and making use of digital channels, and in identifying viable investment solutions for over-the-top (OTT) services. The organisation has a Digital Media Steering Committee, focused on ‘defining the role of public service media in the digital era, with a special focus on how to interact with big digital companies’. It also develops a bi-annual roadmap for technology and innovation activities, as well as a Strategic Programme on Broadcaster Internet Services, and it has a dedicated Project Group on OTT services.

(GCSP)

As part of its Emerging Security Challenges Programme, the GCSP has a

...

As part of its Emerging Security Challenges Programme, the GCSP has a cybersecurity cluster which tackles cybersecurity issues through education and training activities, as well as policy analysis and events. The cluster also provides a platform for dialogue and exchanges on cyber challenges, among cyber experts from the public, private, and civil society sectors. The training and education activities cover areas such as cybersecurity strategy formulation, cyber diplomacy, and broader capacity building initiatives (e.g. workshops and student challenges). Policy papers produced by the GCSP examine issues such as computer network defence, future challenges in cyberspace.

(ICT4Peace)

In the area of online content policy, the ICT for Peace Foundation is engaged in activities concerning the use

...

In the area of online content policy, the ICT for Peace Foundation is engaged in activities concerning the use of the Internet for terrorist purposes. The Foundation is organising events and producing publications on this issue, with the main aim of raising awareness and promoting a multistakeholder dialogue on possible solutions for countering terrorist use of the Internet. Together with the United Nations Counter-Terrorism Executive Directorate, the organisation runs a global engagement project working with other stakeholders to develop community standards around the prevention of violent extremism online, consistent with UN principles, including in the area of human rights.

(UNIDIR)

As part of its Emerging Security Issues Programme, UNIDIR carries out research and provides exp

...

As part of its Emerging Security Issues Programme, UNIDIR carries out research and provides expertise and support to advance policy processes in the area of cybersecurity. The Institute acts as expert consultant to the UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security. It also organises an Annual Cyber Stability Conference, which discusses possible steps towards a more stable and predictable cybersecurity environment. The research undertaken by the Institute focuses on new cybersecurity challenges, and it is mainly aimed at assisting states in better understanding these challenges as they span across traditional legal and national boundaries.

(WEF)

Within the framework of its Digital Economy and Society initiative, WEF has launched the

...

Within the framework of its Digital Economy and Society initiative, WEF has launched the Internet for All project, aimed at bringing online tens of millions of Internet users by the end of 2019, initially through programmes targeted at the Northern Corridor in Africa, Argentina, and India. In addition to this project, WEF also undertakes research on Internet-access-related issues. One notable example is the annual Global Information Technology Report and the related Networked Readiness Index, which measures, among others, the rates of Internet deployment worldwide. Internet access and the digital divide are also addressed in the framework of various WEF initiatives such as its annual meetings and regional events.

(GCSCC)

The Global Cyber Security Capacity Centre has developed the 

...

The Global Cyber Security Capacity Centre has developed the Cybersecurity Capacity Maturity Model for Nations, a model to review cybersecurity capacity maturity across five dimensions, which aims to enable nations to self-assess, benchmark, better plan investments and national cybersecurity strategies, and set priorities for capacity development. GCSCC is also developing a model for understanding the harm experienced by nations as result of a lack of capacities. The Cybersecurity capacity portal, developed by the GCSCC in partnership with the Global Forum on Cyber Expertise (GFCE), is a global resource for cyber capacity building which enables sharing of practices and experiences.

Interpol
(Interpol)

CyberGreen Initiative
(CyberGreen)

Microsoft
(Microsoft)

G20
(G20 )

Article 19
(Article 19)

Instruments

Conventions

Resolutions & Declarations

Wuzhen World Internet Conference Declaration (2015)
IPU Resolution on the Contribution of new information and communication technologies to good governance, the improvement of parliamentary democracy and the management of globalization (2003)

Standards

Recommendations

Other Instruments

2015 Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (2015)
2013 Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (2013)

Resources

IoT – Economic Opportunities and Security Challenges (2018)

Articles

Apple vs FBI: A Socratic Dialogue on Privacy and Security (2016)
The UN GGE on Cybersecurity: The Important Drudgery of Capacity Building (2015)

Publications

Internet Governance Acronym Glossary (2015)
An Introduction to Internet Governance (2014)

Papers

From Articulation to Implementation: Enabling Progress on Cybersecurity Norms (2016)
Expert and Non-Expert Attitudes towards (Secure) Instant Messaging (2016)
International Cybersecurity Norms. Reducing Conflict in an Internet-dependent World (2014)
A Security Analysis of Emerging Web Standards. HTML5 and Friends, from Specification to Implementation (2012)

Reports

Towards a secure cyberspace via regional co-operation (2017)
Technology, Media and Telecommunications Predictions 2017 (2017)
State of DNSSEC Deployment 2016 (2016)
Comparative analysis of the Malabo Convention of the African Union and the Budapest Convention on Cybercrime (2016)
Enabling Growth and Innovation in the Digital Economy (2016)
One Internet (2016)
Blue Skies Ahead? The State of Cloud Adoption (2016)
Cybersecurity Competence Building Trends (2016)
Automotive IoT Security: Countering the Most Common Forms of Attack (2016)
Stocktaking, Analysis and Recommendations on the Protection of CIIs (2016)
The Global Risks Report 2016 (2016)
Best Practice Forum on Establishing and Supporting Computer Security Incident Response Teams (CSIRT) for Internet Security (2015) (2015)
NI Trend Watch 2016 (2015)
OECD Digital Economy Outlook 2015 (2015)
Global Internet Report 2015 (2015)
Best Practices to Address Online, Mobile, and Telephony Threats (2015)
Global Cybersecurity Index & Cyberwellness Profiles (2015)
Security: The Vital Element of The Internet of Things (2015)
Cybersecurity Capacity Building in Developing Countries. Challenges and Opportunities (2015)
Riding the Digital Wave. The Impact of Cyber Capacity Development on Human Development (2014)
Best Practice Forum on Establishing and Supporting Computer Security Incident Response Teams (CSIRT) for Internet Security (2014) (2014)

GIP event reports

Session 3: Policy and regulation perspective – Privacy and beyond (2018)
StaTact, data and monitoring for resilient societies (2018)
Roundtable Discussion: AI for Development (2018)
Leadership Debate: Emerging Technologies for Digital Transformation (2018)
Opening Session and Session 1: AI and Cybersecurity – The State of Play (2018)
Session 4 – Ways forward and closing (2018)
Session 2: AI and IoT – Exploit the potential for building confidence and security in the use of ICTs (2018)
Applying Technology to Reinforce Security and Promote Development (2018)
Non-state Actors in Europe and Beyond: The True Shapers of Cybersecurity Norms?! (2018)
SME Cybersecurity: Let's Take Action! (2018)
The Proposal for a Digital Geneva Convention – Implications for Human Rights (2017)
GPW 2017: Summary of Discussions on Conflict Prevention and New Technologies (2017)
Roundtable Discussion: A New Digital Geneva Convention? (2017)
Recent Cyber Incidents - Patterns, Vulnerabilities and Concerns (2017)
Preventing Cyber Conflicts: Do We Need a Cyber Treaty? (2017)
Looking Ahead: What to Expect in the Cyber Realm (2017)
Launch of the SCION Pilot Server (2017)
How Can Technological Solutions Advance Cybersecurity? (2017)
DNS Abuse Discussions at ICANN60 (2017)
Geneva Digital Talks: What can Geneva offer in Global Digital Governance? (2017)
Digital citizenship, Integration, and Participation (2017)
At-Large Advisory Committee (ALAC) and Regional Leaders Wrap Up – Part 1 (2017)
Keynote Speech at EuroDIG 2017 – Göran Marby, ICANN (2017)
EuroDIG 2017 Welcoming Address (2017)
Alice in Wonderland – Mapping the Cybersecurity Landscape in Europe and beyond (2017)
Domain Names Innovation and Competition (2017)
Cybersecurity – The Technical Realities Behind the Headlines (2017)
Global Survey of Internet User Perceptions (2017)
Cybersecurity and Cybercrime: New Tools for Better Cyber Protection (2017)
Report for Symposium on The Future Networked Car (2017)
Report for World Economic Forum Annual Meeting 2017 (2017)
Report for Violent Extremism Online – A Challenge to Peace and Security (2017)

Other resources

Security and Privacy Handbook: 100 Best Practices in Big Data Security and Privacy (2016)
The CEO's Guide to Securing the Internet of Things - Exploring IoT Security (2016)
GSMA IoT Security Guidelines (2016)
Combating Spam and Mobile Threats - Tutorials (2016)
Cyber Security Guidelines for Smart City Technology Adoption (2015)
Symantec 2015 Internet Security Threat Report (2015)
Security Guidance for Early Adopters of the Internet of Things (2015)
DNSSEC: Securing your Domain Names (2014)
Symantec Monthly Threat Report
M3AAWG Best Practices
DNSSEC Deployment Report

Processes

Click on the ( + ) sign to expand each day.

UNCTAD 2018

WSIS Forum 2018

12th IGF 2017

WSIS Forum 2017

IGF 2016

WTO Public Forum 2016

WSIS Forum 2016

WSIS10HL

IGF 2015

IGF 2016 Report

 

The Best Practice Forum (BPF) on cybersecurity was an opportunity to link various communities, and mainly focused on discussions about the multistakeholder process (Best Practice Forum on Cybersecurity - Creating Spaces for Multistakeholder Dialogue in Cybersecurity Processes) and again looked at how to define cybersecurity from various perspectives (Best Practice Forum - Cybersecurity). Several other sessions also shared useful experiences from developing coun- tries in capacity, especially with regard to Computer Emergency Response Team (CERT) capabilities (Cybersecurity - Initiatives in and by the Global South - WS26) and awareness-raising campaigns (What Makes Cybersecurity Awareness Campaigns Effective? - WS113).

The role of the technical community and the private sector was outlined in assisting the implementations of cyber-norms and confidence-building measures by the UN, regional organisations, and governments. While the IGF was seen as the place to encounter all stakeholders, and the proposal made that a dedicated (possibly even main) session is scheduled at IGF 2017, it was suggested that the Internet governance community meets the security community within the framework of the Global Conference on Cyber Space (GCCS) in 2017, with support of the Global Forum on Cyber Expertise - GFCE (NetGov, Please Meet Cybernorms. Opening the debate - WS132).

The contribution of cybersecurity to economic development and the overall SDGs was recognised, and the roles the OECD and World Bank could play were emphasised (How do Cybersecurity, Development and Governance Interact? - WS115). The need to incentivise the Internet industry in implementing high Internet standards was noted, and the GFCE was suggested as a forum for discussion (Building Trust and Confidence: Implement Internet Standards - WS240). Security of the IoT was underlined, as was the strong link between human rights and encryption (On Cybersecurity, Who Has Got Our Back?: A Debate - WS196). A clear link between cybersecurity and human rights was reiterated throughout several sessions, and particularly by the contributions of the Freedom Online Coalition - FOC (Open Forum: Freedom Online Coalition - OF27).

WSIS Forum 2016 Report

 

As the demands of ICT-related SDGs need to be met with capacity-building initiatives, cybersecurity was identified as one of the eight core digital skills people need in the twenty-first century. Internet Governance, Security, Privacy and the Ethical Dimension of ICTs in 2030 (session 150) suggested that the interpretation of vast amounts of information and big data that Internet of Things (IoT) will bring could result in an innovative multi-trillion-dollar economy. Examples of solutions that can both boost the economy and increase security were raised in From Cybersecurity to ‘Cyber’ Safety and Security (session 172); these included the use of social media for managing disasters. 

Ensuring trust in cyberspace through collaboration between governments, the industry, and users was outlined as fundamental for utilising economic opportunities necessary for fulfilling the SDGs during discussions in Action Line C5 (Building Confidence and Security in the Use of ICTs) - National Cybersecurity Strategies for Sustainable Development (session 120). Such cooperation in the area of cybersecurity, however, should be built on trust between the public and private sectors. A Trusted Internet Through the Eyes of Youth (session 151) warned that trust on the Internet is highly fragmented due to the diverse interests of stakeholders, and especially due to surveillance programmes. Multistakeholder dialogue and shaping policies by consensus were mentioned as ways to strengthen mutual trust.

When it comes to practical suggestions for improving cooperation in cybersecurity, panellists of session 120 also suggested cooperation in incident response that can include both compulsory and voluntary reporting on cyber-incidents. Session 170 on The Contribution IFIP IP3 Makes to WSIS SDGs, with an Emphasis on Providing Trustworthy ICT Infrastructure and Services invited companies to invest more in education, professionalism, and security. Providing good quality legal and technical information and data to decision-makers was added to the list of suggested measures by the discussants of session 172. 

Various emerging risks were also discussed in several sessions. Session 172 raised concerns about the emerging face of terrorism which increasingly uses new technologies including commercial drones. 

Session 150 warned that big data should be accompanied by ‘big judgment’ and awareness of communities of the risks of ‘uberveillance’ - becoming possible due to brain-to-computer interfaces (BCIs) and and sub-dermal implants - that can have an irreversible impact on society. On the other hand, session 120 commented on encryption as a useful concept that can enhance individual security, and suggested that law enforcement agencies can benefit greatly from other digital evidence. 

IGF 2015 Report

 

With a rise in cybercrime and a sharper focus on cybersecurity by policymakers worldwide, it is no surprise that the issue was discussed at great length during the IGF 2015. Cyberattacks, which are on the rise and are evolving with the growth in infrastructure, mobile money transfers, and social media, affect the economic growth and sustainable development of many countries. The real economic cost of cyberattacks is considerable. However, as the discussion during Managing Security Risks for Sustainable Development (WS 160) concluded, it was hard to identify and calculate the cost of each cyberattack due to multiple tangible and intangible effects, with one of the consequences being the limited availability of global statistics on cyberattacks.

With regard to cybersecurity strategies, the speakers made reference to the OECD’s recommendation on Digital Security Risk Management for Economic and Social Prosperity which seeks to ensure that risk management is considered an important facet when decisions are made on digital issues. They said, however, that existing cybersecurity strategies are too focused on technology and are missing the human element. In Commonwealth Approach on National Cybersecurity Strategies (WS 131), the speakers agreed that cybersecurity should be tackled by governments in partnership with the private sector, regulators, and other governments. It requires legal frameworks, the use of technology to enforce cybersecurity, harmonisation of regional laws, and cooperation among states to tackle cross-border cybercrime.

The issue of trust (as well as other issues, such as privacy and freedom of expression, which are discussed below) was a main theme that intersected with security. Discussed predominantly during the main session dedicated to Enhancing Cybersecurity and Building Digital Trust, the panel agreed that multistakeholder approaches and private-public partnerships should be used to address the challenges. ‘If you want total security, go to prison’, said one panellist. On the other hand, surveillance and censorship cannot be used to justify cybersecurity. Surprisingly, a panellist in Cybersecurity, Human Rights and Internet Business Triangle (WS 172) revealed that 80% of actionable intelligence comes from publically available resources.

 

The GIP Digital Watch observatory is provided by

in partnership with

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top