From Tunisia to Wikileaks to the Stuxnet worm, a cascade of cyberevents

Digital advances such as the Internet are pushing events ever faster, for good or ill. The world needs to get ahead of this train to determine its path.

January 24, 2011

The number of major “cyberevents,” to use a new term, seems to be accelerating with the speed of a cyclotron. Consider just these recent few:

1. The popularity of Facebook and Twitter in Tunisia helped rally the people in that Arab country this month to overthrow a police state – one of many revolutions driven by the Internet’s rapid connectivity, including social media.

2. With a small memory card, a low-level soldier was allegedly able to download classified US documents and give them to the website WikiLeaks, exposing embarrassing diplomatic secrets.

3. A computer worm known as Stuxnet has reportedly destroyed many Iranian centrifuges enriching uranium. The cyber-attack may have delayed that country’s nuclear ambition by years.

The world can expect more such digital tipping points in the future. Cyberevents will be capable of altering the course of history, some for good, some for ill. They may often be unseen, often without anyone taking credit, often the tool of the weak against the strong.

They can be driven by governments, human rights groups, criminal cartels, or anyone on top of the latest software advances. These events also come with their own terms of art: hactivists, Internet off-switch, malware, logic bombs, botnets, zero-day exploits, and so on.

The phenomenon is so relatively new that it is difficult to comprehend in all its aspects. It’s also difficult to predict the next big “event.” And it’s difficult to guard against or to guide these immense capabilities.

“The remarkable speed of change in the cyberworld – hardware, software, interconnectivity – and the ever-new social, cultural and economic structures being created – makes it essential that there is frequent re-assessment of the associated patterns of threat,” concludes a January report by the OECD, a group of 34 wealthy nations.

The report also makes this warning: “Unfortunately too many published assessments have favored sensationalism over careful analysis.”

Indeed, a less-sensational approach is needed to counter the new fears over negative cyberevents: cyberwar, cybercrime, cyberanarchy, or cyberterrorism. Individual users of electronic products and the Internet need calm directions on how to safeguard their privacy. Businesses need accurate information on the risks of cyberattacks, and how to manage them.

Governments are only beginning to act. President Obama set up a Cyber Command in the Pentagon. Britain has a Cyber Security Operations Centre.

The issue of cyberwarfare was on the agenda last week during a Chinese-US summit. It appears the two leaders made little progress. Instead, they may need to take their respective concerns to the United Nations, where steps toward negotiations on a computer security treaty began only last year.

One difficulty lies in balancing the benefits of the digital age with its abuses. Pushing openness on the Internet – such as allowing free use of social media in closed countries – must be weighed against concerns about privacy, crime, even warfare that can knock out a nation’s electronic infrastructure.

Internet freedom lies at the heart of US diplomacy to promote freedom, says Secretary of State Hillary Rodham Clinton. And yet, US Secretary of Defense Robert Gates stated in a Jan. 17 speech: “Just as no one in 1960 could have predicted the need for cyber-security or the challenges of a truly global economic order, we can’t know with certainty what next threats and opportunities our nations will face.”

Cyberspace, warns Adm. Mike Mullen, chairman of the Joint Chiefs of Staff, has no rules and no boundaries. “It’s an enormously complex and critical area that all of us need to understand a lot better and do a lot more about.”

The machine age of the 19th and 20th centuries produced both good and bad results – disastrous wars but better standards of living. How will mankind direct the digital age of the 21st century to avoid the negative consequences of cyberevents?