Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/18/2011
05:37 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Not All Nations A Slam Dunk For U.S. Global Internet Cybersecurity Policy

Fighting cybercrime and cyberattacks at home isn't easy for countries that lack the necessary legal power and resources

The U.S. and China were able to find common ground on antispam efforts, but don't expect them to do the same when it comes to the complex cat-and-mouse game that is cyberespionage. And that's just one of the challenges the White House faces in implementing its new global cybersecurity policy, which calls for international cooperation among nations in defining the norms of online behavior and consistently enforcing unlawful activities.

The White House on Monday published its historic policy document, which drew a line in the sand for how the U.S. envisions keeping the Internet secure, open, interoperable, and reliable worldwide. The "International Strategy For Cyberspace: Prosperity, Security, and Openness in a Networked World" policy document also makes it clear that, when necessary, the U.S. will defend itself from cyberattacks, including drawing on its military might.

A cornerstone of the policy is the U.S.'s plan to reach out to other nations in an effort to keep the Internet safe, secure, and open, and to better protect it from cybercriminals, cyberattacks, and cyberespionage. The policy has been applauded by security experts.

While traditional U.S. allies, such as Western Europe, are likely to follow suit with their own policy documents that echo some of the same themes, experts say, it won't be so easy to get those nations on board that traditionally have been home for cybercrime and cyberespionage, or have turned a blind eye to that activity in their countries.

Jeff Moss, vice president and CSO of the Internet Corporation for Assigned Names and Numbers (ICANN) and founder of Black Hat, says there are a couple of security issues that most countries can agree on. "I don't think you're going to find any government standing up for spam. [Most] agree that botnets and spam are bad. So those are two good starting points," Moss says. Those two issues could initially be identified as international "norms" of misbehavior on the Internet, he says.

China and the U.S. recently formed a bilateral arrangement to quell spam between the two countries, but the news came with little fanfare. At the time of the announcement, Karl Frederick Rauscher, CTO of think tank EastWest Institute, who brokered the bilateral arrangement along with Yonglin Zhou, director of the network security committee of the Internet Society of China, said that the antispam efforts were part of a larger initiative between the two cyberpowers.

While the think tank considers this a first step in talks between the two nations on cybercrime issues, moving beyond antispam efforts is a much taller order. Chinese hackers have been implicated in so-called targeted, advanced persistent threat (APT)-type attacks against U.S. government agencies for years and, most recently, against U.S. businesses, such as Google, Intel, Adobe, and others.

It's too soon to tell whether the U.S.'s new global policy will at all meaningfully pressure Eastern Europe to crack down on cybercrime, or get China to acknowledge or make changes to its worst-kept secret of hackers within its borders, who have been stealing intellectual property from U.S. government agencies and companies, for instance.

Eric Rosenbach, principal and lead for the cybersecurity practice at Good Harbor Consulting, says even if a particular country is interested in fighting cybercrime within its borders, for example, it may not have the legal infrastructure do so. "But it's a great idea to start at it and keep grinding away, and hope that it bears fruit," he says. "But no one in the administration is naive" to believe that this global initiative will kill cyberespionage," for example, he says.

The bottom line is that setting a policy is a big step. "It's very important and has been lacking until now. It's extremely significant that this strategy was unveiled [together] by five cabinet secretaries," Rosenbach says.

ICANN's Moss expects the U.S. policy to spur more of a global debate on cybersecurity and Internet openness issues. "The U.K., France, The Netherlands, and Australia, [for instance], will want to respond" with their own written policies, he says.

There have been some successes in multinational efforts in the past year, including botnet takedowns that relied, in part, on cooperation from across the pond. Attorney General Eric Holder pointed to those efforts at the rollout of the U.S. International Strategy for Cyberspace.

"In recent months, the Justice Department has announced takedowns of significant criminal groups operating from Romania, Egypt, and elsewhere that had been victimizing American businesses and citizens -- including children. We’ve also brought multiple criminal conspirators to justice for their roles in coordinated cybercrimes that, according to court documents, netted nearly 1.5 million dollars from U.S. victims," Holder said. "And, just a few weeks ago, we announced an operation to disable an international criminal network that had infected more than 2 million computers worldwide with malicious software. Until we stepped in -- with the help of industry and security experts, as well as key international partners -- this malware was allowing criminals to capture bank account numbers, user names, and other sensitive and financial information online."

But Holder said it's time to take the global fight to "to the next level." The U.S. policy basically reiterates support for the so-called Budapest Convention initiative to create a rule of law on the Internet, he said.

Another loose end is the U.S. Defense Department's policy on defending cyberspace. "The DoD will be coming forward in a month with its updated vision based on [the White House policy document]. That will attempt to help clarify their thinking as well as align with this," ICANN's Moss says.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Dan Blum, Cybersecurity & Risk Management Strategist,  5/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13485
PUBLISHED: 2020-05-25
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
CVE-2020-13486
PUBLISHED: 2020-05-25
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.
CVE-2020-13482
PUBLISHED: 2020-05-25
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
CVE-2020-13458
PUBLISHED: 2020-05-25
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
CVE-2020-13459
PUBLISHED: 2020-05-25
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action.