31 views
0

WHY THIS MATTERS IN BRIEF

In some respects we are starting to see the advent of open cyber warfare between competing sovereign nations and unless someone steps in the problem is only going to escalate.

 

Last year cyber the rise of warfare prompted the US Government to implement a DEFCON scale for cyber attacks, and now, after yet another “global attack,” when the WannaCry ransomware exploit spread across 150 countries and over 200,000 machines the blame for some of these attacks has spread wildly too. As a consequence, and in the aftermath of one of the most destructive ransomware attacks ever Microsoft has used cybersecurity’s latest headline grabbing moment to call for a “Digital Geneva Convention” to limit and defang future cyberattacks.

 

RELATED
Panasonic unveil an invisible TV that doubles as the heart of your connected home

 

Redmond has also received some share of the blame. Although Microsoft released a security patch in March that closes the hole the attack exploited it’s thought that thousands if not hundreds of thousands of Windows XP machines are still at risk – at least until that it they’re patched.

On the other hand, said company president Brad Smith the WannaCrypt exploit drew on vulnerabilities the NSA stockpiled but didn’t publicise or even report covertly to Redmond. Instead, hackers stole those vulnerabilities from NSA and the reportedly used them to make WannaCry.

In addition to blaming the spooks, IT departments have also been rapped for being slow to respond to patched vulnerabilities, but above the entire chorus of blame, Microsoft is now also promoting clearer cybersecurity expectations and responsibilities for companies and governments.

 

RELATED
An AI upgrade for your brain, Elon Musk teases the Neural Lace

 

“It’s time,” said Smith, “to take a page from the atomic age. What the world needs is a new independent organisation, a bit like the International Atomic Energy Agency that has addressed nuclear non-proliferation for decades.”

“We need an agency that has the international credibility not only to observe what’s happening, but to call the question and even identify the attackers when nation-state attacks happen. That is the only way that governments will come to recognise that this is not a program that will continue to pay off.”

“What we need now is a Digital Geneva Convention,” he added, “we need a convention that will call on the world’s governments to pledge that they will not engage in cyberattacks on the private sector, that they will not target civilian infrastructure, whether it’s of the electrical or the economic or the political variety. We need governments to pledge that, instead, they will work with the private sector to respond to vulnerabilities, that they will not stockpile vulnerabilities, and they will take additional measures.”

 

RELATED
The F-35 could be the first US aircraft to be outfitted with laser weapons

 

Hans Klein, Associate Professor at Georgia Institute of Technology’s School of Public Policy, though says Microsoft is taking some risk in being as pro-active as they are.

“In some ways it’s a daring move by Microsoft,” Klein says, “it opens up the question of global regulation of companies like Microsoft. If we start talking about global public policy, and Geneva Conventions and industry agreements, suddenly it might not just be the governments that are being asked to behave better, and possibly with sanctions backing that up. The companies might be asked or required to behave better too. And that might not be a bad thing.”

For instance, Klein says, what if Windows XP, whose support was cut off back in 2014, is so broadly adopted around the world that governments begin requiring Microsoft to continue supporting XP regardless of its profitability or un-profitability for the company? What if, in other words, Windows XP has become something closer to a public utility?

 

RELATED
Pentagon mulls putting the whole US military onto blockchain

 

“When it happened, I thought it was pretty noteworthy that a company could declare that it would no longer support a product like Windows XP,” said Klein, “apparently there was some limited debate [in 2014] but a little less than I expected. But since WannaCry, [the XP debate] might come back. When the hospitals are getting hit hard, maybe there’s a social and public responsibility for Microsoft.”

About author

Matthew Griffin

Matthew Griffin, Futurist and Founder of the 311 Institute is described as “The Adviser behind the Advisers.” Among other things Matthew keeps busy helping the world’s largest smartphone manufacturers ideate the next five generations of smartphones, and what comes beyond, the world’s largest chip makers envision the next twenty years of intelligent machines, and is helping Europe’s largest energy companies re-invent energy generation, transmission and retail.

Recognised in 2013, 2015 and 2016 as one of Europe’s foremost futurists, innovation and strategy experts Matthew is an award winning author, entrepreneur and international speaker who has been featured on the BBC, Discovery and other outlets. Working hand in hand with accelerators, investors, governments, multi-nationals and regulators around the world Matthew helps them envision the future and helps them transform their industries, products and go to market strategies, and shows them how the combination of new, democratised, powerful emerging technologies are helping accelerate cultural, industrial and societal change.

Matthew’s clients include Accenture, Bain & Co, Bank of America, Blackrock, Booz Allen Hamilton, Boston Consulting Group, Dell EMC, Dentons, Deutsche Bank, Deloitte, Deutsche Bank, Du Pont, E&Y, Fidelity, Goldman Sachs, HPE, Huawei, JP Morgan Chase, KPMG, Lloyds Banking Group, McKinsey & Co, PWC, Qualcomm, Rolls Royce, SAP, Samsung, Schroeder’s, Sequoia Capital, Sopra Steria, UBS, the UK’s HM Treasury, the USAF and many others.

Comments
  • Maggie Kennedy#1

    14th December 2017

    Its an approach….but crikey we leave ourselves so open;)

    Its totally charming when things “work out of the box” when its “idiot-proof”.But anything….anything secure will need a little bit of thought about configuration, change, access & access lists.

    What do we do about all the dumb “smart devices” out there (not just kettles,toasters,smart-meters,cutouts,switches,pressure sensors & valve openers but including all the new but stunningly insecure car-keys,cctv,home-hubs & home entertainment systems people are rushing out to buy…)
    well………..

    Dump them or have a governmentally supported “Janitor”(as in the benevolent UK dictator-hacker who knocks out dumb devices)?

    I’m still working on it ……but meantime get a new router and get busy with the black tape in between work & holiday skype & facetime sessions;)

    Reply

Your email address will not be published. Required fields are marked *