Avoiding “Cyber M.A.D.” through International Cyber Cooperation on Critical Infrastructure Protection
By Lydia Kostopoulos, PhD
The internet has become a global commons much like the sea and the sky. However, considering how much our society and the global economy rely on it, it could be argued that it is the most valuable global commons. It is in this cyber world where global-ecommerce flows, intellectual property is exchanged, ideas are shared, degrees are earned and sensitive government data is passed. However it is also a place where espionage, data theft, unauthorized intrusion and cyber-attacks take place.
The rapid escalation of cyber conflict and technological advances in offensive cyber capabilities among nation states have not been complemented with legal operational parameters. This has many ramifications – not just for military operations but also for corporations, who are still trying to wrap their heads around the cyber vulnerabilities threating their businesses. Equally concerning is the growing surface threat area for critical infrastructures as it too operates in the cyber global commons where many malicious threats exist.
While technology continues to advance and the internet challenges sovereign borders, the international legal infrastructure for state to state cyber operations is insufficient to meet the vulnerabilities and security concerns of our critical infrastructures today.
While much of the cyber domain operates under the classified Top Secret flag, countries need to come together in good faith to protect each other from Cyber M.A.D. (Mutually Assured Destruction ). Specifically, there is a dire need for internationally agreed upon “no attack zones” in the cyber world which affect the livelihood of civilian life and the economic prosperity of a nation.
A good starting point for this discussion among nations could be the protection of the following three infrastructures from any type of malicious cyber activity from another nation-state:
- water supply
- hospitals
- the electric grid
While cyber related negotiations among nations have been a sensitive, contentious and challenging issue, these three infrastructures have the potential to create a space of cooperation in the global cyber domain and protect very important critical infrastructures.
Cyber attacks on civilian infrastructure can have serious ramifications to international peace and prosperity and now is an excellent moment to bolster international efforts to be cyber-responsible with the new and evolving cyber capabilities and protect critical infrastructures from getting hit in the cyber battlefield crossfire between nations.
For the purpose of this post, the author has addressed attacks on critical infrastructure conducted only by nation states. However there are other cyber actors who do not abide by the law and do not operate under a nation state flag; these actors also pose a threat to critical infrastructures.
Dr. Lydia Kostopoulos is an international security specialist based in Washington DC, having lived and worked in cross cultural and multi-lingual environments across three continents. She is the Communications and Outreach Coordinator for the Cyber Security Forum Initiative (CSFI) and oversees its mission in Europe. On Twitter. she can be found at @LKCyber where she tweets on intelligence, cyber defense and national security.
Contribute to the WIIS blog! WIIS members are encouraged to submit blog posts of 500-1000 words. Email [email protected] with your submission, short bio and photo.