The WannaCry cyberattack in May 2017 highlighted the major problems that bedevil the various nations affected by devastating ransomware crime. Namely, that targeted nations are often slow to track down the source of such cyberattacks—and once they have done so, they also lack any effective means to punish the perpetrators. Technology experts quickly determined the WannaCry source—almost certainly North Korea—but the British and American governments took five to six months to come to the same conclusion. As for penalties for those responsible, neither country was able to effectively force the North Korean government to change their tactics.
Therefore, it’s no surprise that The World Economic Forum, which recently took place in Davos, Switzerland, announced the formation of a new group, The Global Centre for Cybersecurity. This is an effort to tackle cybercrime through faster, more effective information sharing between nations and private technology companies. Expected to be fully operational in March, the organization, which seeks voluntary participation, has already gained the support of BT Group (a major British telecommunications company); U.S. microchip maker Qualcomm; the Russian financial institution, Sberbank; and Interpol, an international crime fighting organization.
Few would argue with the idea that a truly collaborative effort based on common standards is needed to successfully counter organized digital crime. What remains to be seen is how this will work in a global community that lacks consensus on the following key issues:
- Putting Rules in Place – Cybercrime is the cheapest way for nations to undercut and disrupt other countries they deem adversaries. President Obama called cyberspace the “Wild, Wild West,” an accurate comparison considering the lack of accountability, the lawlessness and the anarchy that presides. To date, the nations of the world have yet to agree about what should be off-limits and what should be allowed. If that sounds strange, consider this: the United States and European nations raised the alarm when they found foreign “implants” in their networks (e.g., tampering with last year’s elections) but they don’t want to see rules imposed that might limit their own espionage efforts. It is no secret that the Obama and Bush administrations both infiltrated Iran’s nuclear network with the so-called Stuxnet code. It remains to be seen how the new Global Centre for Cybersecurity plans to address this double-standard.
- The Role of Technology Companies in Monitoring Content – British Prime Minister Theresa May took technology leaders to task in Davos, accusing them of not doing enough to collaborate with world governments to police social networks. Ms. May decried social networks for failing to police their platforms for content that supports terrorism and child abuse (pornography). She urged investors to pressure entities like Facebook and Twitter to use their significant resources to better monitor for fake news, hate speech and other forms of abuse. While this might appear to be a reasonable goal, giving governments the right to step in to determine what “fake news” is has obvious dangers. Likewise, the call for social networks to reveal real identities on the internet might be abused by authoritarian governments wishing to crack down on dissent and free speech.
This new global initiative is a step in the right direction. However, an effective cure for cybercrime has been elusive to date and may prove a significant challenge to this new international agency.