ihs.com
Jane's Intelligence Review
[Content preview – Subscribe to IHS Jane’s Intelligence Review for full article]
Efforts made to improve global cyber-security
Multilateral meetings are set to explore how to tackle cyber-security, but international co-operation is
far from straightforward. Tim Maurer looks at the potential challenges in finding common ground amid
an increase in cyber-attacks in 2014.
According to a report published by Germany's Federal Office for Information Security (Bundesamt für
Sicherheit in der Informationstechnik: BSI) in December 2014, a cyber-attack against an industrial iron
plant had caused "massive" damage, although exact details of the nature of the attack and its timing were
not made public by the German authorities. The incident - an example of a trend of cyber-attacks causing
physical damage - capped a year of high profile cyber-attacks, demonstrating a worsening security
environment.
Most famously, in his year-end press conference on 19 December, United States president Barack Obama
publicly accused North Korea of responsibility for hacking Sony Pictures Entertainment. The company's
computer systems had been compromised and confidential data - including employees' personal
information and unreleased films - had appeared in the public domain. Moreover, the hackers allegedly
issued a threat to cause physical harm if Sony did not cancel the release of The Interview , a comedy about
the assassination of the North Korean leader. The hack, and the US government's subsequent response,
elevated cyber-security to an unprecedented level of public attention, even though exact attribution of the
attack remains disputed.
© Copyright IHS and its affiliated and subsidiary companies, all rights reserved. All
trademarks belong to IHS and its affiliated and subsidiary companies, all rights reserved.
Article 1 Page 1 of 8
ihs.com
The Heartbleed Bug information website is displayed on a mobile phone and laptop. The bug is a
vulnerability allowing access to encrypted communications. (PA)
1629140
[Continued in full version…]
Cyber-security diplomacy
Diplomatic cyber-security efforts can be grouped into three categories: norm translation, norm
contestation, and norm emergence.
The translation of existing norms into cyberspace is of fundamental importance. This exercise essentially
relates to the discussions regarding how to interpret existing international agreements and how they
should apply to this new domain of strategic engagement.
[Continued in full version…]
Mapping global efforts
The negotiations relating to these three categories play out across a variety of regional and global forums.
The United Nations has been one of the main institutions at which countries have attempted to either
contest or affirm existing norms. Diplomats have been discussing cyber-security since the late 1990s, when
Russia introduced a draft resolution on the topic in the UN General Assembly's First Committee on
Disarmament and International Security.
However, the topic lay fairly dormant on the agenda until events such as the DDoS attacks against Estonia
in 2007 made it a greater priority, leading to the creation of the 15-member UNGGE. The advantage of this
© Copyright IHS and its affiliated and subsidiary companies, all rights reserved. All
trademarks belong to IHS and its affiliated and subsidiary companies, all rights reserved.
Article 1 Page 2 of 8
ihs.com
group is that narrowing the number of participants makes it easier to find consensus language as a
stepping stone towards broader norms.
[Continued in full version…]
Bigger picture
The major hurdle to more significant diplomatic achievements is that cyber-security is even more
complicated than it might appear at first sight. Some countries, such as China, perceive cyber-security to be
not just about security, but also about regime stability. The terminology debate illustrates this complexity:
for example, most UN documents tend to avoid the terms 'cyber-security' and 'information security'.
Instead, because of the politicisation of the terminology, complicated paraphrases are used that usually
refer to the use of information and communications technology.
For others, the Chinese and Russian governments' definition and use of 'information security' are
disconcerting. Their definition suggests that information undermining a country's social stability could be
considered a security threat. This framing has been criticised by other governments and by nongovernmental organisations (NGOs) for potentially breaching human rights such as the freedom of
information and freedom of speech, and consequently many governments, including those of Australia,
Canada, the US, and European states, have been careful to use the term 'cyber-security' instead of
'information security'.
[Continued in full version…]
Outlook
The various agreements of 2013 demonstrated that international co-operation is possible on cybersecurity. The bilateral agreements that the US concluded with Russia and China, the success of the OSCE at
the regional level, and the consensus language agreed under the auspices of the UN were all examples of
such a trend. However, the geopolitical landscape became significantly more contentious in 2014, and it is
unclear if similar progress can be achieved in 2015.
[Continued in full version…]
Copyright © IHS Global Limited, 2015
© Copyright IHS and its affiliated and subsidiary companies, all rights reserved. All
trademarks belong to IHS and its affiliated and subsidiary companies, all rights reserved.
Article 1 Page 3 of 8
ihs.com
For the full version and more content:
IHS Jane's Military & Security Assessments Intelligence Centre
This analysis is taken from IHS Jane’s Military & Security Assessments Intelligence Centre, which delivers
comprehensive and reliable country risk and military capabilities information, analysis and daily insight.
IHS country risk and military capabilities news and analysis is also available within IHS Jane’s Intelligence
Review. To learn more and to subscribe to IHS Jane’s Intelligence Review online, offline or print visit
http://magazines.ihs.com/
For advertising solutions contact the IHS Jane’s Advertising team
© Copyright IHS and its affiliated and subsidiary companies, all rights reserved. All
trademarks belong to IHS and its affiliated and subsidiary companies, all rights reserved.
Article 1 Page 4 of 8