When Anonymous used DDOS attacks to render the web sites of corporations like Paypal and Mastercard unusable, many news outlets, including our own, used the term “cyberwar” to describe the turn of events. But according to a new study by the Organization for Economic Co-operation and Development (OECD), the term has been overused by the media and the chances of an actual cyberwar are small.
The 121-page report released by the duo on Friday addresses the issues of hacktivism, like the Anonymous defense of Wikileaks, and says that actions of that nature aren’t considered cyberwar because they do not persist for a long enough period of time, and do not capture public support for extended durations.
"We don't help ourselves using 'cyberwar' to describe espionage or hacktivist blockading or defacing of websites, as recently seen in reaction to WikiLeaks," said Professor Peter Sommer who co-wrote the report with Dr Ian Brown of the Oxford Internet Institute. "Nor is it helpful to group trivially avoidable incidents like routine viruses and frauds with determined attempts to disrupt critical national infrastructure," added Professor Sommer
Sommer also points out to ZD Net that long-term, threatening malware like the Stuxnet worm that has been spreading and threatening power plants around the world, is the exception rather than the rule.
"There are many scare stories, which, when you test, don't actually pan out," Sommer said. "When you analyze malware, a lot is likely to be short term, or fail."
And for all of the threats that are out there, Sommer and Brown believe that we are unlikely to ever experience the type of threat that has "the characteristics of conventional war but fought exclusively in cyberspace."
"Contrary to much recent writing, single hazards and threats in the cyber domain will probably not propagate into a full-scale global shock," the report states. "However there are several plausible scenarios which if realized will have significant impact at the level of the nation state as well as causing long-term damage to businesses and individuals." The most likely scenario outlined is "cyberweaponry acting as a disrupter or force multiplier."
Unsurprisingly, the report concludes that improvements to the security of software and communication systems are “urgently required”. One of the biggest threats to our systems that would require such measures, however, isn’t man made at all. The report warns that an “exceptionally energetic solar flare” would have the power to take down certain sensitive “always on” systems, and that we need to take safeguards to identify and protect those units.
Maybe the full-scale “cyberwar” threat that we all envision is highly unlikely, however it is quite unsettling when you consider the level of reliance we all have on computer systems these days in every aspect of our lives. When you consider how many of us rely on electronic systems to access our bank accounts and do our jobs, it’s a scary thought indeed to imagine them inaccessible for any length of time. Whether our greatest threats our manmade or natural disasters, we definitely need to begin taking greater steps toward protecting our systems before the worst case scenario plays out.
