In some respects we are starting to see the advent of open cyber warfare between competing sovereign nations and unless someone steps in the problem is only going to escalate.


Last year cyber the rise of warfare prompted the US Government to implement a DEFCON scale for cyber attacks, and now, after yet another “global attack,” when the WannaCry ransomware exploit spread across 150 countries and over 200,000 machines the blame for some of these attacks has spread wildly too. As a consequence, and in the aftermath of one of the most destructive ransomware attacks ever Microsoft has used cybersecurity’s latest headline grabbing moment to call for a “Digital Geneva Convention” to limit and defang future cyberattacks.


Anthropic explain how they use an AI Constitution to protect their AI from attacks


Redmond has also received some share of the blame. Although Microsoft released a security patch in March that closes the hole the attack exploited it’s thought that thousands if not hundreds of thousands of Windows XP machines are still at risk – at least until that it they’re patched.

On the other hand, said company president Brad Smith the WannaCrypt exploit drew on vulnerabilities the NSA stockpiled but didn’t publicise or even report covertly to Redmond. Instead, hackers stole those vulnerabilities from NSA and the reportedly used them to make WannaCry.

In addition to blaming the spooks, IT departments have also been rapped for being slow to respond to patched vulnerabilities, but above the entire chorus of blame, Microsoft is now also promoting clearer cybersecurity expectations and responsibilities for companies and governments.


New airborne city wide surveillance systems watch your every move


“It’s time,” said Smith, “to take a page from the atomic age. What the world needs is a new independent organisation, a bit like the International Atomic Energy Agency that has addressed nuclear non-proliferation for decades.”

“We need an agency that has the international credibility not only to observe what’s happening, but to call the question and even identify the attackers when nation-state attacks happen. That is the only way that governments will come to recognise that this is not a program that will continue to pay off.”

“What we need now is a Digital Geneva Convention,” he added, “we need a convention that will call on the world’s governments to pledge that they will not engage in cyberattacks on the private sector, that they will not target civilian infrastructure, whether it’s of the electrical or the economic or the political variety. We need governments to pledge that, instead, they will work with the private sector to respond to vulnerabilities, that they will not stockpile vulnerabilities, and they will take additional measures.”


China plays catch up as AI trounces PLA's best fighter pilots in simulated combat


Hans Klein, Associate Professor at Georgia Institute of Technology’s School of Public Policy, though says Microsoft is taking some risk in being as pro-active as they are.

“In some ways it’s a daring move by Microsoft,” Klein says, “it opens up the question of global regulation of companies like Microsoft. If we start talking about global public policy, and Geneva Conventions and industry agreements, suddenly it might not just be the governments that are being asked to behave better, and possibly with sanctions backing that up. The companies might be asked or required to behave better too. And that might not be a bad thing.”

For instance, Klein says, what if Windows XP, whose support was cut off back in 2014, is so broadly adopted around the world that governments begin requiring Microsoft to continue supporting XP regardless of its profitability or un-profitability for the company? What if, in other words, Windows XP has become something closer to a public utility?


Microsoft is turning Azure into the world's largest supercomputer


“When it happened, I thought it was pretty noteworthy that a company could declare that it would no longer support a product like Windows XP,” said Klein, “apparently there was some limited debate [in 2014] but a little less than I expected. But since WannaCry, [the XP debate] might come back. When the hospitals are getting hit hard, maybe there’s a social and public responsibility for Microsoft.”

About author

Matthew Griffin

Matthew Griffin, described as “The Adviser behind the Advisers” and a “Young Kurzweil,” is the founder and CEO of the World Futures Forum and the 311 Institute, a global Futures and Deep Futures consultancy working between the dates of 2020 to 2070, and is an award winning futurist, and author of “Codex of the Future” series. Regularly featured in the global media, including AP, BBC, Bloomberg, CNBC, Discovery, RT, Viacom, and WIRED, Matthew’s ability to identify, track, and explain the impacts of hundreds of revolutionary emerging technologies on global culture, industry and society, is unparalleled. Recognised for the past six years as one of the world’s foremost futurists, innovation and strategy experts Matthew is an international speaker who helps governments, investors, multi-nationals and regulators around the world envision, build and lead an inclusive, sustainable future. A rare talent Matthew’s recent work includes mentoring Lunar XPrize teams, re-envisioning global education and training with the G20, and helping the world’s largest organisations envision and ideate the future of their products and services, industries, and countries. Matthew's clients include three Prime Ministers and several governments, including the G7, Accenture, Aon, Bain & Co, BCG, Credit Suisse, Dell EMC, Dentons, Deloitte, E&Y, GEMS, Huawei, JPMorgan Chase, KPMG, Lego, McKinsey, PWC, Qualcomm, SAP, Samsung, Sopra Steria, T-Mobile, and many more.

  • Maggie Kennedy#1

    14th December 2017

    Its an approach….but crikey we leave ourselves so open;)

    Its totally charming when things “work out of the box” when its “idiot-proof”.But anything….anything secure will need a little bit of thought about configuration, change, access & access lists.

    What do we do about all the dumb “smart devices” out there (not just kettles,toasters,smart-meters,cutouts,switches,pressure sensors & valve openers but including all the new but stunningly insecure car-keys,cctv,home-hubs & home entertainment systems people are rushing out to buy…)

    Dump them or have a governmentally supported “Janitor”(as in the benevolent UK dictator-hacker who knocks out dumb devices)?

    I’m still working on it ……but meantime get a new router and get busy with the black tape in between work & holiday skype & facetime sessions;)


Your email address will not be published. Required fields are marked *