Overview: Cyber Threats

Paul Meyer, Senior Fellow, The Simons Foundation Canada; Chair, Canadian Pugwash Group; Senior Advisor, ICT4Peace

Cyberspace, the broad term for the system of networked computer systems for which the Internet is the chief embodiment, is a unique, human-created environment. The potential of information and communication technology to benefit humanity is vast and the growth in its use world-wide has been exponential. Today close to four billion people are connected to the Internet and a community of “netizens” has emerged.

Unfortunately, the growth of cyberspace has not been matched by a similar development of global governance for it. Even more worrisome, is the degree to which cyberspace has become “militarized” with states developing capabilities, not only for the defence of their own systems, but also offensive capabilities that threaten damage and destruction to entities beyond their borders. These trends within national security establishments of leading cyber powers have accelerated and the detrimental impact of cyber operations on civilian interests has grown. A narrative of “cyber war” has been espoused by major states, depicting this remarkable product of human ingenuity as just another “war-fighting domain”.

Fortunately, amid these disturbing developments there has also emerged a constituency advocating for maintaining cyberspace for peaceful purposes. Embracing stakeholders from government, civil society and the private sector, various initiatives have begun to take shape to promote the goal of a peaceful cyberspace and to insist on norms of responsible state behaviour in cyberspace. In parallel, “netizens” are requiring the information technological industry to take full responsibility for ensuring the security of the products they sell to consumers.

Two key demands or planks of a platform for remedial action, one that reflects both the external and internal concerns over cyber security, are for states to commit to cooperative security arrangements and the industry to accept responsibility for what is put on the market. The first idea is for the United Nations and similar organisations to insist on a peaceful cyberspace and to hold states to account via binding arrangements specifying norms of responsible state conduct.

The second idea is to require manufacturers of cyber hardware and software to assume liability for negligent security failures in these products that cause significant harm.

As the overwhelming owners and users of the Internet it is incumbent on civil society and the private sector to press governments to take appropriate action to ensure that cyberspace is preserved for peaceful purposes in the interests of all.