Cybersecurity lessons from 2017: Election hack, fake news, data theft

Joe Burton, University of Waikato
Jeanette Manfra (R), assistant secretary of Homeland Security for Cybersecurity and Communication, and Thomas P. Bossert, assistant to the president for Homeland Security, deliver a briefing on North Korean involvement with WannaCry malware attack at the White House on December 19. Photo by Kevin Dietsch/UPI
Jeanette Manfra (R), assistant secretary of Homeland Security for Cybersecurity and Communication, and Thomas P. Bossert, assistant to the president for Homeland Security, deliver a briefing on North Korean involvement with WannaCry malware attack at the White House on December 19. Photo by Kevin Dietsch/UPI | License Photo

Dec. 27 (UPI) -- Cybersecurity played a prominent role in international affairs in 2017, with impacts on peace and security.


Increased international collaboration and new laws that capture the complexity of communications technology could be among solutions to cybersecurity issues in 2018.

U.S. election hack and the end of cyber skepticism

RELATED White House blames North Korea for WannaCry cyberattack

The big story of the past year has been the subversion of the U.S. election process and the ongoing controversies surrounding the Trump administration. The investigations into the scandal are unresolved, but it is important to recognize that the U.S. election hack has dispelled any lingering skepticism about the impact of cyberattacks on national and international security.

From the self-confessed "mistake" Secretary of State Hillary Clinton made in setting up a private email server, to the hacking of the Democratic National Committee's servers and the leaking of Democratic campaign chairman John Podesta's emails to WikiLeaks, the 2016 presidential election was in many ways defined by cybersecurity issues.

Many analysts had been debating the likelihood of a "digital Pearl Harbor," an attack producing devastating economic disruption or physical effects. But they missed the more subtle and covert political scope of cyberattacks to coerce changes in political behavior and subvert systems of governance. Enhancing the security and integrity of democratic systems and electoral processes will surely be on the agenda in 2018 in the Asia Pacific and elsewhere.

RELATED Russia's Kaspersky Lab sues U.S. government for software ban

Anti-social media

The growing impact of social media and the connection with cybersecurity has been another big story in 2017. Social media was meant to be a great liberator, to democratize, and to bring new transparency to politics and societies. In 2017, it has become a platform for fake news, misinformation and propaganda.

Social media sites clearly played a role in displacing authoritarian governments during the Arab Spring uprisings. Few expected they would be used by authoritarian governments in an incredibly effective way to sow and exploit divisions in democratic countries. The debate we need to have in 2018 is how we can deter the manipulation of social media, prevent the spread of fake news and encourage the likes of Facebook and Twitter to monitor and police their own networks.

RELATED Senate panel grills Equifax, Yahoo execs over recent cyberattacks

If we don't trust what we see on these sites, they won't be commercially successful, and they won't serve as platforms to enhance international peace and security. Social media sites must not become co-opted or corrupted. Facebook should not be allowed to become Fakebook.

Holding data to ransom

The spread of the Wannacry virus was the third big cybersecurity story of 2017. Wannacry locked down computers and demanded a ransom (in bitcoin) for the electronic key that would release the data. The virus spread in a truly global attack to an estimated 300,000 computers in 150 countries. It led to losses in the region of $4 billion -- a small fraction of the global cybercrime market, which is projected to grow to $6 trillion by 2021. In the Asia Pacific region, cybercrime is growing by 45 percent each year.

RELATED Bad Rabbit malware allegedly used NSA hacking tool

Wannacry was an important event because it pointed not only to the growth in cybercrime but also the dangers inherent in the development and proliferation of offensive cybersecurity capabilities. The exploit to windows XP systems that was used to spread the virus had been stockpiled by the U.S. National Security Agency. It ended up being released on the Internet and then used to generate revenue.

A fundamental challenge in 2018 is to constrain the use of offensive cyber capabilities and to reign in the growth of the cybercrime market through enhanced cooperation. This will be no small task, but there have been some positive developments.

According to U.S. network security firm FireEye, the recent U.S.-China agreement on commercial cyberespionage has led to an estimated 90 percent reduction in data breaches in the United States emanating from China. Cyber cooperation is possible and can lead to bilateral and global goods.

Death of cyber norms?

The final big development, or rather lack of development, has been at the U.N. The Government Group of Experts process, established in 2004 to strengthen the security of global information and telecommunications systems, failed to reach a consensus on its latest report on the status of international laws and norms in cyberspace. The main problem has been that there is no definite agreement on the applicability of existing international law to cybersecurity. This includes issues such as when states might be held responsible for cyberattacks emanating from their territory, or their right to the use of countermeasures in cyber self-defense.


Some analysts have proclaimed this to be "the end of cyber norms." This betrays a pessimism about U.N.-level governance of the Internet that is deeply steeped in overly state-centric views of security and a reluctance to cede any sovereignty to international organizations.

It is true that norms won't be built from the top down. But the UN does and should have an important role to play in cyber security as we move into 2018, not least because of its universality and global reach.

The NATO Cooperative Cyber Defense Center of Excellence in Tallinn, Estonia, recently launched the Tallinn Manual 2.0, which examines the applicability of international law to cyberattacks that fall below the use of force and occur outside of armed conflict.

These commendable efforts could move forward hand in hand with efforts to build consensus on new laws that more accurately capture the complexity of new information and communications technology. In February 2017, Brad Smith, the head of Microsoft, proposed a digital Geneva Convention that would outlaw cyberattacks on civilian infrastructure.

The ConversationIn all this we must recognize that cybersecurity is not a binary process. It is not about "ones and zeros," but rather about a complex spectrum of activity that needs multilevel, multi-stakeholder responses that include international organizations. This is a cyber reality that we should all bear in mind when we try to find solutions to cyber security issues in 2018.


Joe Burton is a senior lecturer at the Institute for Security and Crime Science at the University of Waikato.

This article was originally published on The Conversation. Read the original article.

Latest Headlines