It’s not quite as cool as Bond in his Tom Ford suit leaning on his wonderful Aston Martin while he plots his next move to unseat some despot. All the same, Germany’s recent apparent spate of typewriter purchases points to a renewed sense of fear of being overheard and compromised in an era of digitally pervasive content, vulnerable networks and indelible conversations. Spying and intelligence concerns coalesced with subject matter we’ve previously written about – including online privacy, governance, security and the internet of things – in a special report in last week’s The Economist, which produced eight articles on the subject of security in a digital landscape. Some highlights:
- Cybercrime is costly. The Centre for Strategic and International Studies estimates the annual global cost of digital crime and intellectual-property theft at $445 billion – a sum “roughly equivalent to the GDP of a smallish rich European country such as Austria”.
- Focus on prevention rather than reaction. As with many things, the best way to make sure cyberattacks aren’t too damaging to your business is to make sure they never happen in the first place. It’s more difficult (and costly) with digital security because the process can easily feel like a Sisyphean struggle; businesses invest in new technology only to see it circumvented by more hacking, perhaps exposing a different loophole or vulnerability. But an iterative approach is better than leaving the door open and spending more money after the fact.
- Honesty is the best policy. After being hacked, a company can find it hard to admit it. This is understandable. Not only is it somewhat embarassing, it admits to customers and shareholders that the company is vulnerable, but it also suggests that their data is not safe with said company; perhaps they should shop elsewhere. However, transparency in such a situation is paramount if others are to learn how to combat such attacks. One suggestion is that the US government “create a cyber-equivalent of the National Transportation Safety Board, which investigates serious accidents and shares information about them”.
- Who to complain to? The perpetrators of cybercrimes are no longer limited to the teenaged hackers of yesteryear. Though ideological groups like Anonymous serve as a disruptive influence, often the biggest problems are caused by the governments charged with protecting things like individual privacy, security and freedom of speech. From the US to China, authorities “do not hesitate to use the web for their own purposes, be it by exploiting vulnerabilities in software or launching cyber-weapons such as Stuxnet, without worrying too much about the collateral damage done to companies and individuals”.
- External trends point to a worsening of the problem. The Internet of Things as a trend will have billions of devices connected to each other via the Internet over the next few years. With one of the fundamental ideas being that the user isn’t really aware of the connection, the likelihood of spotting a hacked device becomes all the smaller. This isn’t a huge problem in cases like a connected fridge receiving spam email, but it becomes more of a problem when hackers can gain remote control of your car. One of the barriers to improved security for everyday devices is that the margins are razor-thin, as are the chips to connected to the devices, in order to keep the product small. Any added security software or hardware and the cost and size of the product increases.
Zeitgeist believe the risk to IoT devices will be one of the key areas that businesses and regulators will need to focus their efforts in the future. Because it is still a relatively fledgling sector, the issue is not being discussed yet in many places. Deloitte, in association with the Wall Street Journal, recently reported on the nature of cyberrisks and how companies can help mitigate them. Well worth a read.
If you’ve been living in or aware of any of the news coming out of the Middle East of late, you’re probably cognisant of the fact that the status quo as we have, for generations, known it, is coming to an end. If you’re living in a major city somewhere in parts of the world governed by more democratically representative institutions, you’re probably aware that similar tremors of discontent our rocking the foundations there, too. Just as important, however, is the state of disarray the internet finds itself in currently.
What began in New York with the Occupy Wall Street movement has since spread, across the US and across the world, including the streets of London, where squatting protesters have led to St. Paul’s closing for the first time since World War II. Social media, as with the protests in Tunisia, Egypt and other regions, has played a significant part. The protests in the West, while photogenically and aesthetically pleasing (the artwork Banksy donated to the London protest being one such example), not to mention emotionally charged and influential, have thus far produced little in the way of results. Perhaps this is due in part to the incoherence of the messages being broadcast from the panoply of protesters.
There are, realistically and practically speaking, for better or worse, few immediately attractive alternatives to capitalism. What matters, however, is the way the capitalism is operated and governed. For though the protest in New York focused on the epicentre of the financial district in Manhattan, the focus is a misnomer. According to a poll shown recently on Meet the Press, more people apportion blame to the government than on financial corporations. So is the problem one of governance then?
While such debates rock the material world, discussions just as important are flaring up surrounding the digital world. Who should be in charge of regulating content in the virtual sphere? Moreover, should some content or users or providers be prioritised over others?
The net neutrality debate has been under discussion for years. Its concerns revolve around the notion that anyone, anywhere should be able to access any content they choose at at the highest speed possible. It favours no particular user or website. The risk is that your access is arbitrarily regulated, both in terms of just what you can see, and also how easy it is to get to it. Some major players, be they countries like China – which recently banned the search term “occupy” – or large media corporations like Comcast, are already breaking this unspoken rule advocated by the founders of the Internet. Last month, the FCC announced new net neutrality rules, which didn’t please either side of the issue very much. Mashable writes that “while new rules do prevent fixed broadband providers from blocking access… they are different for wireless providers”. This latter exception dovetails nicely with Amazon’s release of its latest product, the Kindle Fire, which debuted recently. An article published in Politico last week quotes various pundits who accuse the device – which uses Amazon’s cloud-based servers – of optimising Amazon content over others, essentially making it more attractive and easier to access. Proponents of net neutrality should be wary, but what is there to do without a centralised, independent governing body with teeth to reach out to?
A recent article in The Economist noted that the internet is “shambolically governed”. This is due in no small part to the fact that at its inception, those who founded the world wide web could never have dreamed it would grow to become the network of networks it is today. However that is no excuse for action not to be taken now. One drastic notion was recently mentioned in an article appearing The Financial Times. Ori Eisen of 41st Parameter, a security company that defends banks against online crime, believes that efforts to create a wholly secure environment online are “in the long run… essentially hopeless”. Vint Cerf, described in the article as “one of the fathers of the internet”, has voiced his own concerns about the lack of security online, saying that more should have been done at the outset. He concedes that he is “actually quite interested in the clean-slate ideas”. Mr. Eisen has set out plans for Project Phoenix that revolve around creating an Internet 2.
“Included in his blueprint are biometric identification, encryption of all keystrokes and virtual machines created for every transaction.”
Such a radical overhaul has piqued the interest of Michael Barrett, head of security at PayPal, and the Pentagon’s DARPA – whom Zeigeist have written about before – are also passing around ideas for a redesign. Any such redesigns though would “be doomed without a government mandate or a consortium of banks or telecommunications companies stepping in”. This leads us on to our investigation of governance.
While the regulation of the internet may be chaotic, it has also helped foster a great deal of innovation in the absence of restrictive regulation. In keeping with this freedom of expression, the 2,000 people from 100 countries who met in Nairobi this week for the Internet Governance Forum “all had the same right to take the floor… decisions are made by ‘rough consensus'”. While the American-baked ICANN currently regulates the internet address system, other countries such as China and Russia are pushing for alternative bodies to be created, the upshot being that national governments have more of a say in how the internet is run. This kind of thinking is dangerous, but it does remind us that currently the system is almost entirely under the purview of the US government.
For the world outside the internet, the opportunities for change and development in democracy are not encouraging. The protesters at St. Paul’s cathedral in London have been allowed now to stay until New Year. Then what? What will it take to happen for the inchoate protesters to consider their work done? Any such practical remedies to be taken will surely involve government investment and expenditure. Yet this is precisely what the government is in short supply of. In the US, the judicial system is becoming underfunded to the extent that the process and execution of the law is becoming weakened. Emergency loans are having to be made by courts, so that processes that currently take twice as long as they should, do not end up taking three times as long. This lack of government is effecting lives now. The situation is similar in China, where suddenly workers in the private and public sector are finding themselves without pay;
“Work has all but ground to a halt on thousands of kilometres of railway track, and many of the network’s six million construction workers have been complaining about not being paid for weeks or sometimes months.”
One bright light might be suggested, of all places for a democratic wellspring, in Russia. Wikivote allows users, with particular priority given to heavy users and invited experts, the chance to reshape, comment and question draft laws and vote on the suggestions.
What the internet needs, suggests The Economist, is “a proper constitution, complete with a bill of rights for stakeholders and a separate board of review”. The difficulty will be in first creating such a document and body that functions efficiently without drowning in compromise. More importantly, it will have to ensure that the rules it enforces do not hamper the very innovation that has made the internet one of the most creative, inventive and revolutionary mediums ever.