The use of social media by extremist groups continues to trouble policymakers and police forces across the globe. The sophisticated use of online platforms by groups such as ISIS have spurred governments in Europe to call on US tech companies to pre-emptively filter terrorist-related material. ‘Online jihad 3.0’ has drawn serious government concern about freedom of speech, as well as liability, and more creative solutions might be prudent. For instance, social media users in Japan have taken to mocking ISIS’ attempt to hijack Japanese hashtags following the kidnapping of two Japanese citizens.
Although its links to ISIS remain dubious, the self-proclaimed Cyber Caliphate has made Malaysia Airlines its latest high-profile victim by hacking the company’s website. While such attacks can be brushed off as a cosmetic inconvenience, the hacks can have serious consequences for a company’s bottom line and reputation, as well as for consumer confidence. More serious cases have included hacks of CENTCOM, the Tennessee Valley Authority, and the White House. And although directed at third or fourth party platforms, those attacks fed at fear of cyber vulnerability in the military and energy infrastructure. It’s critical that supply-chain and third-party cyber security is considered when assessing cyber risk and such high profile attacks highlight the tricky cost–benefit balance of trusting one’s public face to external platforms.
While the controversial NETmundial Initiative launch was scrapped from this year’s World Economic Forum meeting in Davos, Internet Governance and cyber policy remained prominently on the agenda. With last year’s string of hacks against major corporations, that top-level executives now take notice of cyber issues is an expected, and much needed, development. However the rights and responsibilities of businesses in regards to security in cyberspace remain murky. In response, major banks represented at Davos called for free reign to actively defend themselves against cyber criminals—a tactic with questionable merits.
Some remain sceptical about North Korea’s culpability in the Sony hack, but Dennis Rodman’s defensive prowess might not extend to cyberspace. Regardless of attribution, state reactions should be watched closely: each escalation of tension could set a dangerous precedent for future cyber activities.
Speaking of which, the United States is certainly watching the cyber policy space closely, with Chairman of the Joint Chiefs of Staff General Martin Dempsey highlighting cybersecurity among his highest priorities and calling for information-sharing legislation. This echoed the calls made by his Commander-in-Chief the previous evening during the annual State of the Union Address. The President urged lawmakers to ‘finally pass legislation we need to better meet the evolving threat of cyber attacks’ and integrate ‘intelligence to combat cyber threats, just as we have done to combat terrorism.’ With the US continuing the push for major cyber initiatives, it’s prudent to ask whether Australia is keeping up…
At a recent event at the Brookings Institute, Foreign Minister Julie Bishop spoke of cyber as a shared challenge for the US and Australia. At the same event US Undersecretary for Defense for Policy Christine Wormuth praised the US–Australia alliance, including cooperation including ‘a variety of initiatives in the cyber domain.’ On Australia’s cyber activism, a recent article went so far as to suggest that Australia has launched ‘cyber-weapons in global counter-terrorist operations.’ Although this allegation isn’t fully fleshed out, there’re plenty of signs that Australia is highly capable on the technical front.
However, on thE policy-side ICPC analyst Jessica Woodall suggests ‘we are falling behind our allies.’ Although the launch of a cybersecurity review is a solid first step, she argues that ‘not having an updated strategy inhibits us from forward planning’ and under-defined roles and responsibilities create confusion both within government and for the private sector and international partners.