Governments Need to Rethink Cyber Defence

Describing online attacks as 'cyber warfare' is a mischaracterisation that could be dangerous to governments and large enterprises, according to researchers from the University of Oxford and the London School of Economics.

The report, conducted for the Organisation for Economic Cooperation and Development, suggested that governments should avoid approaching online security breaches and attacks as they would real-world military incidents.

"We don't help ourselves using 'cyber war' to describe espionage or hacktivist blockading or defacing of web sites, as recently seen in reaction to WikiLeaks," said London School of Economics professor Peter Sommer.

"Nor is it helpful to group trivially avoidable incidents like routine viruses and frauds with determined attempts to disrupt critical national infrastructure."

Attacks on government sites and IT infrastructure have become more common in recent years, and the US and EU have run drills to simulate the response to a large-scale cyber attack.

The researchers suggested that, while governments and large enterprises should take the possibility of online attacks seriously, systems must be put in place to distinguish between different types of incident and the risk levels they carry.

"We think that a largely military approach to cyber security is a mistake. Most targets in the critical national infrastructure of communications, energy, finance, food, government, health, transport and water are in the private sector," said Oxford University professor Dr Ian Brown.

"Because it is often difficult to be certain who is attacking you from cyber space, defence by deterrence does not work."

print this article

Return to internet news headlines
View Internet News Archive

Share with: