An interview with Uroš Svete
Cyberspace is becoming increasingly more important and integrated in all spheres of our lives. More and more critical services are related to information and communication sector, which means that financial, transportation, health care systems, systems for support for water and food, various industries and energy are interrelated and interdependent.
This critical infrastructure is mostly associated with the World Wide Web, automated functions and the ability to modify and control remotely. All this can allow intruders in most systems that are essential to our lives. More importantly, the question is how to protect ourselves against intentional and unintentional threats to the area dominated by decentralization, without clear borders and anonymity. We become aware of cyber threats only when there arouse problems, but unfortunately usually only temporary. It is also very difficult to evaluate our dependence on ICT (information communication technology).
Cyber power is playing important role and is based on Economist Intelligence Unit defined as the ability to withstand cyber-attacks and to deploy the digital infrastructure necessary for a productive and secure economy. It is a double-edged sword. On one hand is a key to progress and on the other due to dependence it creates new vulnerabilities and risks. Cybersecurity focuses on protecting computers, mobile devices, tablets, networks, programs and data from unauthorized access or manipulation. The number of internet users is growing and it had increased from year 2000 to 2014 for 741%. In a year 2014 42, 3% (3,036,749,340) of world population was active in cyberspace. Understanding cybersecurity is the first step to protecting yourself, your family and your organization. We talked with head of Defense Studies at Faculty of Social Sciences in Ljubljana Uroš Svete about cyber security and the effects it has on real life.
What does term cyber space mean and which are the main actors and most important organizations in this field?
I understand cyber space as a tie between electromagnetic sphere, interconnected devices (including Internet of thinks) and users. Without any doubts main actors are technological companies (like Apple, MS, Google), influenced IT experts (hackers), NATO, OECD, intelligence services (NSA, GCHQ, China). Supranational organizations can contribute to political awareness, technical standards, information and knowledge exchange (important for technologically less developed member states). Important are joint boards like ENISA or Cyber security Centre of Excellence as well.
Which are top cyber threats and how does and can cyber space affect real life?
Top cyber threats are threats to individual privacy, economic espionage, and critical infrastructure. The internet of things is the answer to the second question. With internet of things there will be no border between cyber space and real life anymore. The main targets of cyber-attacks are individuals (as part of BOTNET, phishing), private companies (in sense of espionage), Critical infrastructure. Cyber threat that made the most damage in real life so far is Stuxnet, Estonia under cyber-attack in 2007.
Does development in information communication technology and its’ greeter usage means also more vulnerabilities and threats? Is cyber war real or just a fiction?
Not necessary. Vulnerabilities and threats depend on technical mistakes and (intentional) misuse. We cannot stop technological development. So have to adapt to new reality. And one think more, technology is not good or bad. The human being is. At the moment cyber war is neither real nor fiction. It is possible but demands actors technologically developed at the same level. Today’s cyber war is more likely to the propaganda (psychological war) waging on the Internet. It is important part of modern conflicts but absolutely not decisive.
What can we expect in 2015 in realm of cyberspace and cybersecurity? What trends will be shown in the future and what are security predictions for years ahead?
Internetisation of conventional technology (Internet of things) Cars, refrigerators, and heat systems will become a part of cyber space. Physical money will disappear probably. But much more security relevant is 3D printing which will be expanded. It will change global production and state control over it.
According to ENISA (The European Union Agency for Network and Information Security) Threat Landscape report web web-based attacks are increasing and with it also number of data breaches, loss of tens of millions of data records, exposed identities and with cyber-crime and espionage big monetary annual global losses. The key recommendations for better protection from more and more sophisticated and numerous cyber-attacks that are occurring on daily bases based on Uroš Svete are better information security awareness of employees, a question of outsourcing (Apple decides to fire outsourcing company responsible for physical security), penetration tests and technological standards development. Since we cannot reach 100% security we need with comprehensive cyber policies, clear cybersecurity plans, laws, cybercrime response and enforcement authorities such as CERTs (computer emergency response team)minimize threats to cybersecurity. It is importantto encourage development of technical skills, education, awareness, innovations, government commitments and cooperation between public and private sphere.