BreachExchange mailing list archives
Seoul forum calls for international rules for cyber warfare
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 12 Nov 2013 23:50:53 -0700
http://english.yonhapnews.co.kr/national/2013/11/12/23/0301000000AEN20131112007100315F.html EOUL, Nov. 12 (Yonhap) -- As cyberspace is increasingly considered a viable new battle field, security advisers and experts who attended a regional defense forum on Tuesday discussed the need to establish an internationally acceptable code of conduct in cyber warfare. The cyber issue took center stage in the three-day Seoul Defense Dialogue, which brought together 180 senior military officials and security experts from 23 nations to discuss security issues in the Asia-Pacific region and ways to step up regional cooperation. Senior officials and security advisers from 23 nations attend the Seoul Defense Dialogue held in Seoul on Nov. 12, 2013 at Westin Chosun Seoul. (Yonhap) During the sessions in the forum, panels discussed the role of the military within the government of the national cyber security and direction of international rules on cyber security. "It is now quite obvious that cyber warfare presents a new and maybe potentially a more destructive form of threat than conventional warfare, although the implications of this form of threat are still not fully understood and appreciated," said Jia Qingguo, professor of the international studies school at Peking University. Jia said experts on cyber, law and international relations should work together to study the full implications of cyber warfare to identify a clearer definition of cyber warfare and establish engagement rules. "Those who engage in cyber warfare should make necessary efforts to avoid attacking civilian infrastructures that may harm the civilians," he said. "Major countries should work together to develop an agreement on a code of conduct in cyberspace and a set standards to judge its compliance on the basis of the results of the discussions." The Chinese professor addressed the challenge when restraining the powerful countries that are tempted to use their technological edge to launch pre-emptive attacks for what he called "self-claimed legitimate reasons." "If the U.S. can tap people throughout the world and get away from the Snowden case, as it appears to suggest, it would also be tempted to launch cyber attacks on others when it deems them necessary," Jia said, in a remark sharply pointed at the U.S. spy scandal in the biggest intelligence leak by former National Security Agency agent Edward Snowden. Lim Jong-in, professor at the graduate school of information security at Korea University, said several nations recognize cyberspace as a new battlefield, and they are aggressively seeking military measures of cyber threat including establishing cyber commands. According to a recent cooperative survey, 114 out of 193 countries have national cyber programs. Seoul especially faces greater threat of hacking attempts, Lim said, mentioning several attacks masterminded by Pyongyang in the past years. South and North Korea are technically in a state of war as the 1950-53 Korean War ended in an armistice, not a peace treaty. "The probability of a cyber war in South Korea is higher than at any other countries, so the importance of a military role of national cyber security in South Korea is higher than in other countries," Lim said. While there are growing calls to take national-level countermeasures against cyber threat, Lim said concrete and specific roles and responsibilities of the military are not being discussed enough in many countries. "It is true that the probability of an actual warfare is lower than that of cyber crime or other forms of cyber threats, and the risk of a cyber war is exaggerated a bit. But the risk of cyber warfare should not be ignored," Lim said, giving as an example a Stuxnet-style cyber attack on weapons facilities. A version of the Stuxnet comptuer virus was used to attack Iran's nuclear program in 2007. While senior military officials leaning toward a greater military role in tackling the growing cyber threat against governments and the private sector, some experts questioned the appropriate extent of the military involvement in national cyber security. "Cyber security will need to be a discipline that everyone in a country takes seriously, not something that citizens and private companies can expect to outsource to the military," said Ian Wallace, visiting fellow for cyber security at the Brookings Institution. "Any country that depends too heavily on the military for cyber security will likely find themselves reducing the incentives for the private sector to develop longer-term solutions for themselves."
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: # OWASP http://www.appsecusa.org # Builders, Breakers and Defenders # Time Square, NYC 20-21 Nov o()xxxx[{::::::::::::::::::::::::::::::::::::::::> Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- Seoul forum calls for international rules for cyber warfare Audrey McNeil (Nov 14)