Call for 'digital Geneva Convention'

Closing embassies and expelling spies is a 19th-century response to a 21st-century problem – a cyber threat so great it needs its own digital Geneva Convention. That’s the view of David Sanger who says there is a growing concern that soon the North Koreans or the Russians will improve on the two huge cyber-attacks they pulled off last year. In a Cape Argus analysis, he notes that the US has the most fearsome cyberweaponry on the planet but won’t use it for fear of what will come next. ‘One temporarily crippled the British healthcare system and the other devastated Ukraine before rippling across the world, disrupting shipping and shutting factories. The fact that no intelligence agency saw either attack coming led a group of finance ministers to simulate a similar attack that shut down financial markets and froze global transactions. By several accounts, it quickly spun into farce. No one wanted to admit how much damage could be done or how helpless they would be to deter it. Cyberattacks have been around for two decades. But something has changed since 2008, when the US and Israel mounted the most sophisticated cyberattack in history on Iran’s nuclear programme, in the hope of forcing Iran to the bargaining table. (The two countries never acknowledged responsibility.) In less than a decade, the sophistication of cyberweapons has so improved that many of the attacks that once shocked us – like the attacks Iran mounted against Bank of America, JPMorgan Chase and other banks in 2012, or North Korea’s hacking of Sony in 2014 – look like tiny skirmishes.’ Sanger notes that the US has often been its own worst enemy in this arms race. ‘Because our government has been so incompetent at protecting its sophisticated cyberweapons, those have been stolen out of the electronic vaults of the National Security Agency and the CIA and shot right back at us.’

Full analysis in the Cape Argus (subscription needed)