Politics and Governance
Resetting the System
The EastWest Institute has released a new discussion paper, Resetting the System: Why Highly Secure Computing Should Be the Priority of Cybersecurity Policies, which calls for a radically new approach to countering the vast and still growing array of today’s cyber threats.
Authors Greg Austin, professorial fellow at EWI, and Sandro Gaycken, senior researcher in computer science at the Free University of Berlin, outline specific steps to be taken to protect Internet infrastructures around the globe.
“We call for a new ecology of cybersecurity. It is based on the disruptive concept of highly secure computing, which relies primarily on much stronger passive security measures, independent of attack attribution,” they write. “This approach also helps to preserve freedom and privacy.”
Austin added: “The time has come for government and commercial customers to work with industry to set much higher standards for the security of software products, computers and IT services to reduce the potential exposure of citizens and businesses to serious intrusions on privacy or high risk damages.”
According to Gaycken, “Highly secure computing could help ease the tensions created by the current prevalent active defense approaches of several leading countries. We have to find a new common path.”
To start on that new path, governments need to work together more than they have up till now. “They should cooperate internationally to realize this new paradigm quickly and before high-end cyber attackers inflict more serious damage,” the report concludes.
Resetting the System offers bold recommendations, but admits that the necessary changes are expensive and the traditionally free, mostly unregulated market may balk at some of them. Governments can create the incentives for this new approach to cybersecurity, but the private sector will need to take the lead in implementing them.
To download the report, click here. To comment on the report, click here.
_
Writing for CIO Insight, Karen Frenkel summarizes the key findings of Resetting the System in an engaging slideshow. Click here to view.
Greg Austin advocates Resetting the System in The Globalist.
Return to EWI Now.
Sehgal on Pakistan's State of Insecurity
Writing for The News International, EWI Board Member Ikram Sehgal traces the social, political and economic factors affecting Pakistan's current state of insecurity.
"The fine line between crime and democratic aspirations has disappeared, leading to anarchy," Sehgal says. "Effective steps must be taken to contain this anarchy from spreading."
Read the full article in The News International.
Leaders, Soldiers, Hackers and Spies
With the New Year approaching, several EWI staff and fellows offered their lists of what they believed were the most significant events of 2013.
Piin-Fen Kok, Director, China, East Asia and United States Program
Xi’s Country
The leadership transition is completed with the state leadership reshuffle and Xi Jinping’s assumption of the presidency. Xi moves decisively to consolidate power and control. The 18th CPC central committee holds its third plenum and announces the most comprehensive set of economic, political and social reforms since 1978.
These various developments will have ramifications for China’s domestic and foreign policies in the coming years, as Xi is expected to remain in power until 2022.
America’s Image Takes a Beating
The U.S. government shuts down for the first time in decades over a debt/deficit impasse, prompting calls from China for “a de-Americanized world.” Edward Snowden's revelations affect U.S. relations with its allies and transform the nature of international political discourse and diplomacy on cyber hacking, especially with China.
The moral high ground of the world’s superpower has been eroded—it’s shown to the world that it cannot keep its own house in order, and it now needs a new approach to lecturing others about cyber intrusions.
Whatever Happened to the Axis of Evil...?
A new deal is reached with Iran, part of a breakthrough in relations with the United States. Meanwhile, North Korea conducts another nuclear test, and Kim Jong-Un executes his uncle.
The world will watch with bated breath to see how these developments will affect regional and nuclear security—for different reasons.
Maritime Security Tensions in East Asia
China-Japan relations sink to a new low. Warplanes circle the skies in China’s ADIZ (Air Defense Identification Zone). U.S. and Chinese warships narrowly avoid a collision in the South China Sea.
The risk of military conflict, whether inadvertent or deliberate, is real, and the U.S. rebalancing strategy is tested, as is China’s claim of peaceful intentions. This is also raises the question whether Japan will finally be compelled to acknowledge a dispute over the Diaoyu/Senkaku islands.
Syria’s Chemical Weapons Deal
The deal stemmed a dreadful scenario of chemical war within Syria and spotlighted Russian diplomacy. The civil war, though, within the country hasn’t stopped.
Greg Austin, Professorial Fellow
U.S. Demand on China to Stop Cyber Espionage
In February, the United States laid down an unusual public demand on China to curtail its cyber espionage against American targets. Within a short time, it also imposed retaliatory measures on associated Chinese corporations by barring their products from government procurement contracts for selected federal departments. This came after President Obama criticized cyber “enemies,” which was a thinly veiled broadside at China. The adversarial positioning by the United States is understandable at one level, but it marked yet one more serious step downwards in the bilateral relationship arising from unchecked militarization of cyberspace.
Snowden Revelations
While the information itself was no surprise to professional diplomats, the Edward Snowden leaks represented the most serious U.S. intelligence breach in several decades and dealt a serious blow to its credibility, not least its position on a free and open Internet. Allied intelligence agencies, especially in the United Kingdom, were outraged by what they saw as American incompetence in compromising some of their most sensitive national secrets, some 52,000 top secret documents. The world suddenly felt like “We are all American targets now.” United States preeminence in cyber espionage was confirmed, if there was ever any doubt. The damage will take years to repair.
Syrian Chemical Weapons Attack and Subsequent Diplomacy
The events in Syria are momentous. First, the Assad regime was directly implicated in what was a war crime, but no major state has yet taken any significant steps against it as a result. Second, Russia knocked normally nimble-footed Western diplomats off their stride by quickly brokering a chemical disarmament deal with the Syrians. Third, the diplomacy coincided with a clear shift in Western attitudes to the opposition in Syria as concerns rose about the influence of the extremist militias.
Iran Agreement with 5+1 on Nuclear Issues
After more than ten years of threats by the United States and Israel that a military attack on Iran might be needed to prevent it from acquiring nuclear weapons, diplomacy appears to have succeeded in forging a preliminary breakthrough. The outcome resulted from a historic shift by the United States and its negotiating partners from a policy of “mostly sticks, some carrots” to one of “let’s just talk in good faith about the result we both need.”
Naval Arms Race Emerges between Japan and China
Japan’s long term defense plan and the associated naval procurement decisions set that country on a course for expansion of its navy, calibrated against Chinese naval forces. The decisions mark the culmination of two decades of rising concern in Japan about China’s defense modernization, combined with the return to power in December 2102 of an unapologetically assertive Prime Minister, Shinzo Abe. Japan’s decisions have been influenced by China’s escalation of rhetoric and activities around the disputed Senkaku/Diaoyu Islands, but they do not depend on that.
Kevin Ching, Davis Fellow
Snowden NSA Leaks
The scale and scope of activities by intelligence agencies across the globe was a staggering revelation, the full impact of which is yet to be seen. It has propelled a public debate on the balance between privacy and safety to the fore, and also has significant repercussions for U.S. tech companies.
China’s Growing Assertiveness
Territorial disputes continue to flare in the South and East China Seas, as China’s neighbors argue that such aggression belies Beijing’s claims of a peaceful rise. The situation has come to a head with Beijing’s surprising declaration of an ADIZ that covers a string of islands hotly contested by Japan and China.
Shale Gas Revolution
Technological advances have allowed the U.S. to exploit its shale gas reserves, making it the world’s largest producer of natural gas. This has had a massive effect on the U.S. energy market, with reverberating economic and geopolitical implications in Asia, the Middle East and the rest of the world.
_
Dr. Beate Maeder-Metcalf Spoke at High Level Conference on Afghanistan and Central Asia
Nextgen's Second Essay Competition Winner Announced
The EastWest Institute’s nextgen essay competition, seeking submissions of at most 800 words from under-35s, was held for the second time this November. The primary criteria set by the judges were the originality, creativity and viability of the ideas presented in each essay, together with the popularity of each entry among EWI Facebook fans. This year's theme focused on the global challenge of securing cyberspace and entrants were asked how they would make cyberspace safer.
The winning entry was written by Svenja Post (age 30) and Alexis Below (age 28), who are both currently working as junior research fellows at the Brandenburg Institute for Society and Security (BIGS). In awarding Ms. Post and Mr. Below first place, the EastWest Institute hopes to draw attention to this kind of thinking from the next generation, enhancing such efforts to make the world a safer and better place.
THE WINNING ESSAY:
Towards Closing the Cyber Sanitation Gap - Campaigning for Digital Hygiene
While the revelations of former NSA contractor Edward Snowden about state-sponsored intrusions into online privacy have been deeply unsettling to many, the growing everyday threats to our online activities posed by cyber criminals receive little public attention. Yet, in reality, the chances of someone you know being actively monitored by the NSA or its European counterparts are rather slim. The hacking of a friend’s or perhaps your own email, social media or online banking account are, to the contrary, instances of cyber crime that probably most of us have come in contact with. Personal consequences can be unpleasant (i.e. sending a round of spam emails to your digital contacts) or wholly devastating (in the case of online identity theft or serious financial loss). Although public policy and business practices have an important role to play in combating such malicious cyber activity, the key to making cyberspace safer is the adoption of effective digital hygiene habits by all of us.
In the debate about cyber security, one is faced with a multifaceted calculus of social, technological and institutional problems. But just as cyber crime affects everybody, every internet user plays a crucial role in the aggregate. Individuals may both become victims as well as involuntary helpers of cyber criminals. Once compromised, users can unknowingly spread malware, become part of a malicious botnet or have their personal information exploited for targeted phishing attacks on friends or colleagues. However, the best cyber security defenses of banks, retailers and social media sites are useless if individuals use weak passwords or the same one for all online accounts. Thus, effective long-term commitment to increase cyber security has to harden the weakest link: human users.
The explosive growth in the adoption of electronic devices by the general population has created an environment which is comparable to the health situation at the beginning of the 19th century when life expectancy was significantly shorter due to infectious disease, plagues, unclean food and water. The role of personal hygiene in maintaining good health was neither understood by the public nor by governments. A similar situation has arisen in cyberspace today: poor digital hygiene is the major factor contributing to increasing danger to cyber security and online privacy. More than technological advancements and governmental regulations, it was a change in human behavior that precipitated the dramatic decrease in infectious diseases until the 20th century. The history of disease and the role personal hygiene had in driving better health outcomes should be translated to the cyber security context of today.
In view of these circumstances, it is surprising how few resources are devoted to increasing digital hygiene and raising awareness among the general population. Organizations and individuals are not just poorly equipped to recognize security breaches. Moreover, internet users are not conscious of the need to protect themselves at all times. When shopping, sharing and banking online are only a click away, security often takes a backseat to convenience. To increase cyber security, users firstly have to accept that digital hygiene is important and that a set of practices have to be undertaken for the preservation both of their own and, ultimately, the public’s health.
Thus, perhaps even more than developing grand strategies and new governance arrangements for cyber security, it is important to raise awareness and strengthen cyber security skills of users. It is necessary to establish a common social understanding of how to keep users and systems safe when interacting with computers and networks. People and institutions have to make cyber security as high a priority as other day-to-day tasks. To quote Albert Schweitzer: “To me, good health is more than just exercise and diet. It’s really a point of view and a mental attitude you have about yourself.”
Governments should integrate digital hygiene into educational curricula and implement targeted “cyber sanitation” campaigns. Companies, especially those handling sensitive personal data, must educate and constantly remind not only their employees but especially their customers about digital hygiene needs. Through these public and private initiatives, we must integrate an effective digital hygiene routine into everyday digital life—and constantly adapt. Just as diseases continue to exist and germs have changed with the development of new medicine, malicious software will continue to evolve.
The internet has transformed our world and revolutionized our daily lives. While insecurity in cyber space may not (yet) put your life at risk, it can make your life and the lives of those around you quite uncomfortable. As personal hygiene is essential for good health, digital hygiene is crucial for a safe and enjoyable online experience. In the end, the old health motto also applies to the cyber realm—you can’t enjoy wealth if you’re not in good health!
This essay was also published by the American Institute for Contemporary German Studies (AICGS) at Johns Hopkins University. Read the published article, here.
_
Svenja Post has been a Junior Research Fellow at BIGS since September 2013, where she is working on comprehensive crisis management issues and emerging security challenges. Svenja Post holds a graduate degree in political science, law, and peace and conflict studies from the Philipps University in Marburg. She is a doctoral candidate at the Helmut Schmidt University of the Federal Armed Forces in Hamburg. In her PhD thesis, which is under review at the moment, Svenja Post looks at the challenges comprehensive crisis management poses for the European Union and its member states. She also was a guest researcher at the German Council on Foreign Relations and DAAD Research Fellow at the American Institute for Contemporary German Studies (AICGS) at Johns Hopkins University in Washington DC. Before the start of her PhD, she assisted the European and Transatlantic Security Programme of the Stockholm International Peace Research Institute (SIPRI). Svenja Post also is an active member of Women In International Security Germany (WIIS.de).
Alexis Below has been a Junior Research Fellow at BIGS since August 2012, where he is working on selected issues at the interface between foreign, development and security policy. He studied International Relations, International Economics and Conflict Management in Dresden, Beijing, Bologna and Washington, D.C., receiving his Master of Arts from the Johns Hopkins University School of Advanced International Studies (SAIS) in 2011. Prior to joining BIGS, Alexis Below worked for the nongovernmental organization Partners for Democratic Change and as a consultant for the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ). He also gained professional experience working for, among others, the German Council on Foreign Relations (DGAP), the Federal Foreign Office, and The German Marshall Fund of the United States (GMF). At BIGS, Alexis Below works on the collaborative research project fit4sec, the competence center for security and technology, funded by the German Ministry of Research and Education, where he is focusing on vocational training and university-level education for civil security.
The EastWest Institute would also like to congratulate the two other finalists:
Ben Van Meter
Click here to read Ben's essay.
Nicolas Zahn
Dr. Hu Yuandong
5th U.S.-China Sanya Dialogue
The Diaoyu/Senkaku Islands
EWI has compiled recent updates on the century old dispute between China and Japan over the uninhabited, rocky and most likely oil-rich islets of Diaoyu/Senkaku.