Blog

In January 2011, the OECD released a report arguing that much of the current rhetoric and poor analysis about cyber warfare is unhelpful in the pursuit of governments to plan for increased cyber protection.

Internet security has been an issue almost as long as the internet itself has been in existence and it has added new dimensions to the types of crimes perpetrated today. Without adequate security, it is all too easy for hackers or other malicious types to send viruses out into the ether to infect the computers of ordinary web users, break into online databases to steal information, spy on people’s computers to find out their secret information and a whole range of other web-based crimes.

This means that one of the longest running challenges for web designers, software developers and code writers has been to develop systems that can stand up malicious attempts to access them and keep the details of all web users safe. This doesn’t always work: there are thousands of viruses and Trojan horses that infect people’s machines on a daily basis. There is, however, an increasingly good range of internet security packages available for common web users to install in order to protect themselves against all known viruses, with databases that are regularly updated as new threats are identified.

Hacking is another issue that needs to be considered when websites are designed as this can lead to the loss of important data and the effective crippling of online businesses. A couple of recent examples demonstrate this well: in January 2011, the retailer Lush reported that many of its online customers’ data was at risk due to security problems. On a larger scale, the ‘hacktivist’ group called ‘Anonymous’ targeted certain websites following the WikiLeaks scandal for cutting off funding to the organisation.

These are the sorts of challenges that web designers can and do work to avoid, but what of the larger issue of cyber warfare? This is what the report from the OECD was about, arguing that lumping together computer viruses and relatively small time hacking incidents under the banner of cyber warfare doesn’t help in the fight against the much bigger issue at stake, one that can’t simply be solved through good web design. This is a growing concern as an extensive, coordinated cyber attack would not only easily get through even the best of defences installed by internet security specialists and web designers, but could also take down the entire infrastructure of a country. As recently as September 2010, Iran reported that its nuclear reactor had been infected with the Stuxnet virus and, while no serious damage was done, it shows the potential magnitude such attacks could have. The really frightening thing is that it’s possible for such viruses to be sent to similar locations or to disable key equipment such as fighter planes completely anonymously.

This potential for disaster in such key parts of countries’ infrastructures is a particularly large problem as many of the services cyber attacks would target are in the private sector (such as communications, energy, food, finance, transport and water) and so taking a ‘military’ approach to the problem wouldn’t be able to solve it. This, plus the fact that it’s often extremely hard to work out who has launched such an attack, means that it’s even more vital recovery systems are created so the infrastructure could recover.

It is for reasons such as this that the British Government is currently investing a lot of money in cyber security - £650m to be precise. It’s clear that the government sees it as a priority issue – they’ve also ranked cyber attacks as ‘Tier 1’ threats, along with terrorism, conventional warfare and natural disasters – and are massively upgrading the country’s capabilities to deal with cyber attack.

As well as a role for governments in upgrading online security, there’s also a growing role for what are known as ‘ethical hackers’. These are people with the skills to hack into heavily secured internet systems, databases and company accounts. The purpose is for them to work out where the weaknesses are in the system, so that they can be dealt with properly before a less ethical hacker works out how to exploit them. The thinking here is that it’s much better to have the hackers on the side of the nation, defending its interests, than it is to have them tempted by terrorist exploits.

One of the best, most popular and defining features of the online world as been the fact that it is so free and democratic. With the ever growing threat of cyber terrorism, virus attacks and new malware being developed with astonishing regularity and precision, let’s hope it’s not also the thing that turns out to be its biggest weakness. There is a growing awareness of and action on the issue, though, so even as we become increasingly dependent on the internet in our everyday lives, there is still much that can be done by all of those who work in online services to help protect infrastructure and individuals against cyber attack.

By Chelsey Evans

Follow @AmpheonLtd