The days when cyberspace could be regarded as a lawless wild west are long over. The Internet has become a critical part of our global infrastructure, and attacks against its core functions, especially in the context of the COVID-19 crisis, should be treated as the existential threats that they are.
WASHINGTON, DC/NEW DELHI – The COVID-19 pandemic has shown that the Internet is a critical – and uniquely global – part of our infrastructure. As challenging as the public-health lockdowns have been, their social and economic costs would be far greater in the absence of smoothly functioning digital networks.
Moreover, containing the pandemic itself will likely require better and more innovative uses of our collective data, all of which is generated online. Home offices, home schooling, and home life increasingly depend on our ability to use the Internet. Protecting cyberspace is therefore an increasingly urgent task, not least because it is facing a “pandemic” of its own.
Since early March, there has been an unprecedented global increase in malicious cyber activity. Phishing attacks seeking to steal money or secrets from home-office workers have more than doubled compared to last year, and in some places they are up sixfold. There have also been a number of attempted cyberattacks on critical infrastructure, including airports, power grids, ports, and water and sewage facilities. Even hospitals treating COVID-19 patients have been targeted, and the World Health Organization itself has reported a fivefold increase in attacks on its networks.
In a recent communiqué to a United Nations working group on cyber issues, the Dutch government spoke for many when it said it was “appalled” by this belligerent behavior, much of which is directed, supported, or at least tolerated by only a few governments, with Russia and China being the most reported examples. Likewise, Josep Borrell, the EU’s High Representative for Foreign Affairs and Security Policy, has condemned these attacks as “unacceptable.” Issuing a thinly veiled threat of sanctions, he has called on all governments to abide by international law and existing political agreements governing cyberspace, the most pertinent of which involve so-called “norms of responsible state behavior.”
Despite all the current mayhem, cyberspace is not a lawless domain. Like the seas, outer space, and other shared domains, it is subject to international law. The question is how exactly international law should apply. Countries like Russia and China have long advocated a new treaty-based approach, whereas liberal democracies have, for the most part, insisted that the entire body of existing international law should be the point of departure.
Since 2010, the compromise between these two camps has been to establish certain norms of behavior and rules of the road on how states should conduct themselves in cyberspace. These norms – which include an injunction against interfering with critical infrastructure in peacetime – have often been violated soon after having been agreed. Yet they represent the only international consensus on what constitutes responsible behavior in cyberspace, which means they are the only standard by which the global community can call out malicious state activity.
At a time when democracy is under threat, there is an urgent need for incisive, informed analysis of the issues and questions driving the news – just what PS has always provided. Subscribe now and save $50 on a new subscription.
Subscribe Now
In these uncertain times, we clearly need more standards of this kind. Academic research has shown that while it can take years for agreed norms to be routinely upheld, new norms can help reinforce existing ones.
Fortunately, there are already two negotiation tracks within the UN dedicated to debating and finalizing new norms for cyberspace. Both the Open-Ended Working Group and the Group of Governmental Experts are now considering several proposed norms that originated from the Global Commission on the Stability of Cyberspace, which we lead. One of the most prominent is also the most urgent: a prohibition on attacking the basic “public core” infrastructure of cyberspace, including the equipment, organizations, and processes that provide for a globally accessible, properly functioning Internet.
As the international community struggles to come together to fight COVID-19, political leaders and publics must recognize that the Internet has become the manifestation of our connectedness. It is what unites us as a global community, and it is the medium on which our economic, civic, and family lives all now depend.
We therefore call on all governments to adopt the norm against attacking “public core infrastructure,” not only to protect this essential global domain, but also to signal a clear commitment to our shared human future. As our dependence on digital technologies deepens, success or failure in protecting the Internet – a true global public good – will determine not only how fast and effectively we can contain the pandemic, but also what kind of world we will live in afterwards.
To have unlimited access to our content including in-depth commentaries, book reviews, exclusive interviews, PS OnPoint and PS The Big Picture, please subscribe
Recent developments that look like triumphs of religious fundamentalism represent not a return of religion in politics, but simply the return of the political as such. If they look foreign to Western eyes, that is because the West no longer stands for anything Westerners are willing to fight and die for.
thinks the prosperous West no longer understands what genuine political struggle looks like.
Readers seeking a self-critical analysis of the former German chancellor’s 16-year tenure will be disappointed by her long-awaited memoir, as she offers neither a mea culpa nor even an acknowledgment of her missteps. Still, the book provides a rare glimpse into the mind of a remarkable politician.
highlights how and why the former German chancellor’s legacy has soured in the three years since she left power.
WASHINGTON, DC/NEW DELHI – The COVID-19 pandemic has shown that the Internet is a critical – and uniquely global – part of our infrastructure. As challenging as the public-health lockdowns have been, their social and economic costs would be far greater in the absence of smoothly functioning digital networks.
Moreover, containing the pandemic itself will likely require better and more innovative uses of our collective data, all of which is generated online. Home offices, home schooling, and home life increasingly depend on our ability to use the Internet. Protecting cyberspace is therefore an increasingly urgent task, not least because it is facing a “pandemic” of its own.
Since early March, there has been an unprecedented global increase in malicious cyber activity. Phishing attacks seeking to steal money or secrets from home-office workers have more than doubled compared to last year, and in some places they are up sixfold. There have also been a number of attempted cyberattacks on critical infrastructure, including airports, power grids, ports, and water and sewage facilities. Even hospitals treating COVID-19 patients have been targeted, and the World Health Organization itself has reported a fivefold increase in attacks on its networks.
In a recent communiqué to a United Nations working group on cyber issues, the Dutch government spoke for many when it said it was “appalled” by this belligerent behavior, much of which is directed, supported, or at least tolerated by only a few governments, with Russia and China being the most reported examples. Likewise, Josep Borrell, the EU’s High Representative for Foreign Affairs and Security Policy, has condemned these attacks as “unacceptable.” Issuing a thinly veiled threat of sanctions, he has called on all governments to abide by international law and existing political agreements governing cyberspace, the most pertinent of which involve so-called “norms of responsible state behavior.”
Despite all the current mayhem, cyberspace is not a lawless domain. Like the seas, outer space, and other shared domains, it is subject to international law. The question is how exactly international law should apply. Countries like Russia and China have long advocated a new treaty-based approach, whereas liberal democracies have, for the most part, insisted that the entire body of existing international law should be the point of departure.
Since 2010, the compromise between these two camps has been to establish certain norms of behavior and rules of the road on how states should conduct themselves in cyberspace. These norms – which include an injunction against interfering with critical infrastructure in peacetime – have often been violated soon after having been agreed. Yet they represent the only international consensus on what constitutes responsible behavior in cyberspace, which means they are the only standard by which the global community can call out malicious state activity.
HOLIDAY SALE: PS for less than $0.7 per week
At a time when democracy is under threat, there is an urgent need for incisive, informed analysis of the issues and questions driving the news – just what PS has always provided. Subscribe now and save $50 on a new subscription.
Subscribe Now
In these uncertain times, we clearly need more standards of this kind. Academic research has shown that while it can take years for agreed norms to be routinely upheld, new norms can help reinforce existing ones.
Fortunately, there are already two negotiation tracks within the UN dedicated to debating and finalizing new norms for cyberspace. Both the Open-Ended Working Group and the Group of Governmental Experts are now considering several proposed norms that originated from the Global Commission on the Stability of Cyberspace, which we lead. One of the most prominent is also the most urgent: a prohibition on attacking the basic “public core” infrastructure of cyberspace, including the equipment, organizations, and processes that provide for a globally accessible, properly functioning Internet.
As the international community struggles to come together to fight COVID-19, political leaders and publics must recognize that the Internet has become the manifestation of our connectedness. It is what unites us as a global community, and it is the medium on which our economic, civic, and family lives all now depend.
We therefore call on all governments to adopt the norm against attacking “public core infrastructure,” not only to protect this essential global domain, but also to signal a clear commitment to our shared human future. As our dependence on digital technologies deepens, success or failure in protecting the Internet – a true global public good – will determine not only how fast and effectively we can contain the pandemic, but also what kind of world we will live in afterwards.