The Edward Snowden saga has cast light into the murky world of cyber espionage and cyber conflict and raised questions about the security of our online systems and data.
Cyber conflict or warfare is often presented to the public as a disaster waiting to happen. Often prognosticators of cyber doom repeat the same story, Stuxnet being a favorite example, to spread their warnings to a fearful public. The other common method is to tell stories of the worst-case scenarios based on speculation and imagination, with little evidence to back up claims. We hear stories of a cyber Pearl Harbor where the critical infrastructure of a country will be taken down by malicious hackers bent on destruction.
The problem with these warning is they are based on very little evidence of how the international system really works. Purveyors of cyber doom are taking advantage of the fear that comes from cyberspace because of our dependency on networked communications, and dependency makes us vulnerable.
Fear alone should not drive policy or action because the evidence of cyber conflict in the international sphere is scarce at best. States are restrained in their malicious cyber actions because generally there is very little to be gained from the tactic and escalating cyber conflicts will only bring the collective wrath of the international community on the violator. The real danger in cyberspace comes from the weaknesses laid bare in the targets themselves: vulnerabilities of our own making.
Basic cyber hygiene is the first step. We need to build systems that are safe and protected. Critical systems need to be cut off from global networks and those with access to these systems need to be controlled and monitored. As the Edward Snowden case shows, the danger here is not from governments spying on individuals – governments have very little time or inclination to sift through these massive databases of information without cause – the real problem is that this information is now collected and easy to access, even for a contractor based out of Hawaii. That Mr Snowden was able to get access to so much information, so easily, is the true risk to our cyber future.
We have become complacent about how we interact in cyberspace. The interesting development in cyberspace is not the threat that comes from this arena, but the trust we place daily in the system with our information, finances, and personal details. Everything one can possibly want to know about an individual can likely be found on a laptop or tablet. This trust we place in how we share and communicate information is a weakness. The danger is not from the tactic of cyber war, but rather from the temping nature of the target.
The vulnerability we exhibit in cyberspace is often of our own making. When a target is as juicy as the complete development project of critical weapons system, the entirety of digital communications of everyone in the United States, or the financial details of the New York Stock Exchange, how can an enemy not take the bait?
Mr Snowden has laid bare the weaknesses inherent in our systems and trust we place in the digital sphere.
There are two responses to this process. First we have to be more careful with digital security. The new step by the US government is to make information access much like nuclear weapons access and require two individuals to consent for secure information requests. This is the right step that needs to be replicated in the UK.
Secondly, we also need to reconsider who our enemies are and how we treat other international actors. Conflicts in cyberspace are directly connected to normal international relations disputes and issues. It is now more critical than ever to ensure that co-operation is the norm, rather than conflict.
These steps need to be taken to ensure our future, both in the digital sphere and the physical sphere. Security is not assured, but it is common if simple steps are taken to avoid the worst abuses system.
Dr Brandon Valeriano is a lecturer in global security at the University of Glasgow.
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules hereComments are closed on this article