Saturday 30th January 2010 - 9:00am - 10:00am
A new piece of malicious software is introduced every 30 seconds.
What must be done to decrease the vulnerability of the Internet?
• It is difficult to target cyber crime when criminals have no identity, country or boundaries
• Cyber attacks have gone from computer hacking for the sake of being malicious to making money through fraud to state involvement and espionage
• More international cooperation is needed to investigate cyber attacks and try to solve the attribution problem
Over 2 million viruses, worms, back doors or Trojans have emerged over the past two years, and the threats are constantly growing. People used to hack computers for notoriety, and then as a criminal activity. Today, companies and nation-states are also behind cyber attacks, in the form of industrial and military espionage, respectively.
Attribution is a fundamental issue. The biggest challenge is identifying who is behind a cyber attack and from where it comes. Cyber criminals are anonymous and operate without boundaries.
There are at least 10 countries with national intelligence services sophisticated enough to launch an attack and make it appear as if it came from elsewhere. The question is, at what stage does a cyber attack constitute an act of war? How does one retaliate, and what deterrence plans can be put in place? What is the government’s role in protecting non-military assets?
More international cooperation is needed to investigate cyber attacks and try to solve the attribution problem. With 4.5 billion users around the world, an international framework may be one way to address the issue.
Such a framework or treaty should ensure that countries commit to protecting their citizens, freedom of access and information sharing, and that no country harbour (cyber) terrorists. As the biggest user group, children are most likely to give away information, often naively; they need to be protected.
Traditionally, cyber security has been about building defensive “castles and bigger moats” to block viruses. But, as attacks become more sophisticated, there is a need to use cyber tools to respond; a small attack requires a big response.
In the future, users may need to have an authenticated “driver’s license” when cruising the Internet superhighway. Although the Internet is a place of freedom that allows anonymity, a price may have to be paid for increased security. Finding the right balance between security and privacy is a constant challenge.
Susan M. Collins, Senator from Maine (Republican), USA
André Kudelski, Chairman of the Board and Chief Executive Officer, Kudelski Group, Switzerland
Craig Mundie, Chief Research and Strategy Officer, Microsoft Corporation, USA
Paul Sagan, President and Chief Executive Officer, Akamai Technologies, USA
Hamadoun I. Touré, Secretary-General, International Telecommunication Union (ITU), Geneva; Global Agenda Council on the Future of Mobile Communications
Jonathan Zittrain, Professor of Law, Harvard Law School, Berkman Center for Internet and Society, USA; Young Global Leader; Global Agenda Council on the Future of the Internet
This summary was prepared by Mark Schulman. The views expressed are those of certain participants in the discussion and do not necessarily reflect the views of all participants or of the World Economic Forum.
Copyright 2010 World Economic Forum
No part of this material may be copied, photocopied or duplicated in any form by any means or redistributed without the prior written consent of the World Economic Forum.
Saturday 30 January
Keywords: Internet users, cyber attack, security, privacy
Recommended reading for: World Economic Forum Information Technology & Telecommunications Industry Partners, Technology Pioneers, Members of the Global Agenda Councils on International Security Cooperation, the Future of the Internet
Senior Adviser to the Chief Executive Officer, Microsoft Corporation, USA
Bachelor's, Electrical Engineering and Master's, Info. Theory and Computer Science, Georgia Tech. Ha...
XIR and Partner, General Catalyst Partners, USA
1981, BSJ, Northwestern University. 1981-91, positions with CBS, including Director of News, WCBS-TV...
Chief Executive Officer and Chairman of the Board, FireEye, USA
BSc in Computer Science and Electrical Engineering, University of Delaware. Formerly: Vice-President...
Chairman of the Board and Chief Executive Officer, Kudelski Group, Switzerland
Degree in Physical Engineering, Ecole Polytechnique Fédérale de Lausanne, Switzerland. With Kudels...
Susan M. Collins
Senator from Maine (Republican), USA
1975, degree, St. Lawrence University, Canton, New York. Formerly: 1975-87, with Capitol Hill staff ...
Hamadoun I. Touré
Secretary-General, International Telecommunication Union (ITU), Geneva
Master's in Electrical Engineering, Technical Institute of Electronics and Telecommunications, Lenin...
Professor of Law and Professor of Computer Science, Harvard University, USA
BSc in Cognitive Science and Artificial Intelligence, Yale; MPA, JD, Harvard. 1986-90, Editorial Col...