Connect with us

Science & Technology

Business in Need of Cyber Rules

Published

on

For more than 20 years, countries have been struggling to introduce a set of rules of conduct and liability requirements for digital space users. Progress in designing a code of cyber conduct is all the more relevant since digitalization is sweeping the planet at breakneck speed, creating new risks along with new opportunities. Businesses that are confronted with new challenges and threats in the digital space are putting forward their own initiatives, thereby pressing governments to speed up the process of adopting an international cyber code.

Why is the business community interested in setting rules in the cyber environment? There are many reasons for this.

Firstly, the quantity and quality of hacker attacks on the private sector increase every year. Hackers target any enterprises — whether they are small enterprises or technological giants. Attacked by the NotPetya virus, the world largest container carrier Maersk sustained $300 million damage and had to shell out nearly $1 billion for restoration. In total, according to Sberbank’s estimates, the damage to the global economy from hacker attacks in 2019 can reach about $2.5 trillion, and by 2022 — as much as $8–10 trillion.

Secondly, many technology-oriented companies, facing a lack of trust on the part of government agencies, experience severe difficulties in promoting their business projects abroad. At present, the UK, Norway, Poland, and other countries are involved in a debate about whether Huawei should be allowed to build fifth-generation mobile communication networks (5G). Huawei is suspected of stealing intellectual property and espionage. The US, Australia, New Zealand have introduced a ban on the use of 5G equipment from Huawei.

Not only Chinese companies face distrust. Google, Apple, Microsoft, Kaspersky Lab, and many others are often accused of illegally spying on people.

Thirdly, IT companies are forced to pay huge sums to protect their customers against hacker attacks and guarantee information security. Microsoft allocates more than $1 billion for this purpose yearly.

In the absence of a political solution to ensure international information security, private companies, which are keen to safeguard themselves and their customers, have chosen to conduct negotiations with each other on information security cooperation and are launching their own initiatives. Thus, coming into existence is a business information security track running parallel to the government.

In February 2017, Microsoft’s President Brad Smith launched the Digital Geneva Convention initiative. The Convention is expected to oblige governments not to take cyber attacks on private sector companies or the critical infrastructure of other states, and not to use hacker attacks to steal intellectual property.

Overall, the document formulates six basic principles of international cybersecurity:

  1. No targeting of tech companies, private sector, or critical infrastructure.
  2. Assist private sector efforts to detect, contain, respond to, and recover from events.
  3. Report vulnerabilities to vendors rather than to stockpile, sell, or exploit them.
  4. Exercise restraint in developing cyber weapons and ensure that any developed are limited, precise, and not reusable.
  5. Commit to non-proliferation activities to cyber weapons.
  6. Limit offensive operation to avoid a mass event.

However, while the Digital Geneva Convention is still on paper, 34 technology companies, including Microsoft, without waiting for decisions at the government level, signed the Cybersecurity Tech Accord in April 2018. Thus, the largest ever group of companies have become committed to protecting customers around the world from cybercriminals.

Cybersecurity Tech Accord members have called for a ban on any agreements on non-disclosure of vulnerabilities between governments and contractors, brokers, or cybersecurity experts; they also call for more funding for vulnerability detection and research.

Besides, signatories of the agreement have come up with a series of recommendations to strengthen confidence-building measures, which are based on the proposals of the UN and OSCE.

Such measures include:

-Develop shared positions and interpretations of key cybersecurity issues and concepts, which will facilitate productive dialogue and enhance mutual understanding of cyberspace and its characteristics.

-Encourage governments to develop and engage in dialogue around cyber warfare doctrines.

-Develop a list of facilities that are off-limits for cyber-attacks, such as nuclear power plants, air traffic control systems, banking sectors, and so forth.

-Establish mechanisms and channels of communication to respond to requests for assistance by another state whose critical infrastructure is subject to malicious ICT acts (organizing, i.e. tabletop exercises).

By now, Cybersecurity Tech Accord has been signed by 90 companies, including Microsoft, Facebook, Cisco, Panasonic, Dell, Hitachi, and others.

Another initiative was presented in 2018 by Siemens, which came up with the Charter of Trust. The Charter, which was signed by 16 companies, including IBM, AIRBUS, NXP, and Total, urges companies to set up strict rules and standards to foster trust in ICT and contribute to further development of digitalization.

Facebook has become part of the process too. In late March 2019, Mark Zuckerberg — the founder and CEO of Facebook — urged governments to become more actively involved in regulating the Internet. In particular, Zuckerberg spoke in favor of introducing new standards related to the Internet and social networks. These standards would come useful to guarantee the protection of personal data, prevent attempts to influence elections or disseminate unwanted information, and would assist in providing a solution to the problem of data portability.

Another initiative worth mentioning is the creation in 2014 of the Industrial Internet Consortium TM, IIC, which was founded on the initiative of AT & T, Cisco, GE, IBM, and Intel. This is a non-profit open-membership group that seeks to remove barriers between different technologies in order to maximize access to big data and promote the integration of physical and digital environment.

Some initiatives are coming from the Russian private sector. In particular, since 2017, Norilsk Nickel has been active on the international scene promoting the Information Security Charter of critical industrial facilities. The Charter’s main provisions include condemnation of the use of ICT for criminal, terrorist, military purposes; supporting efforts to create warning and detection systems, and assist in the aftermath of network attacks; and sharing best practices in information security.

In turn, Sberbank has launched an initiative to hold the world’s largest International Cybersecurity Congress. Last year, such a congress took place with the participation of 681 companies from 51 countries. The second such Congress is scheduled for this June. The Forum serves as an inter-sectoral platform that promotes global dialogue on the most pressing issues of ensuring information security in the context of globalization and digitalization.

Most business initiatives hinge on the fact that they all call for developing confidence-building measures and rules of conduct in the digital space. Besides, the business community welcomes the need to adjust international law to the new realities of the digital economy.

Private sector initiatives can perfectly be streamlined with initiatives put forward by countries within the framework of the UN. After all, by and large, governments pursue the same goals as business in this area. The use of ICT for peaceful purposes, confidence-building measures, the supply of information about vulnerabilities — all this is significant both for business and for most states.

Fortunately, the global discussion under the aegis of the UN on issues related to International Information Security is getting back on track after a pause of about one year. From now on, it will be attended by representatives of the private sector. According to the resolution (A/RES/73/27), the mandate of the future Open-Ended Working Group (OEWG) allows for the possibility of holding inter-session consultative meetings with representatives of businesses, non-governmental organizations and the scientific community to exchange opinions on issues within the group’s mandate. The first inter-sessional meeting with representatives of global business is scheduled for November 2019.

In conclusion, we would like to remark that the issue of information security is dynamic and for this reason, it can be adequately addressed only with the close cooperation of governments and technology companies, since it is the latter that keep pace with the development of technologies and are the drivers of the digital economy. Governments should keep a close eye on the initiatives of non-state actors and put the most useful proposals on the agenda of discussions at international forums. Moreover, once adopted and approved at the government level, these standards and regulations should have a legal force, rather than be recommendatory — this is the only way to guarantee the order in the cyber environment.

First published in our partner RIAC

Science & Technology

From nanotechnology to solar power: Solutions to drought

Published

on

While the drought has intensified in Iran and the country is facing water stress, various solutions from the use of solar power plants to the expansion of watershed management and nanotechnology are offered by experts and officials.

Iran is located in an arid and semi-arid region, and Iranians have long sought to make the most of water.

In recent years, the drought has intensified making water resources fragile and it can be said that we have reached water bankruptcy in Iran.

However, water stress will continue this fall (September 23-December 21), and the season is expected to be relatively hot and short of rain, according to Ahad Vazifeh, head of the national center for drought and crisis management.

In such a situation, officials and experts propose various solutions for optimal water management.

Alireza Qazizadeh, a water and environment expert, referring to 80 percent of the arid regions in the country, said that “Iran has one percent of the earth’s area and receives only 36 percent of renewable resources.

The country receives 250 mm of rainfall annually, which is about 400 billion cubic meters, considering 70 percent evaporation, there is only 130 billion cubic meters of renewable water and 13 billion cubic meters of input from border waters.”

Referring to 800 ml of average rainfall and 700 mm of global evaporation, he noted that 70 percent of rainfall in Iran occurs in only 25 percent of the country and only 25 percent rains in irrigation seasons.

Pointing to the need for 113 billion cubic meters of water in the current year (began on March 21), he stated that “of this amount, 102 billion is projected for agricultural use, 7 percent for drinking and 2 percent for industry, and at this point water stress occurs.

In 2001, 5.5 billion cubic meters of underground resources were withdrawn annually, and if we consider this amount as 20 years from that year until now, it means that we have withdrawn an equivalent of one year of water consumption from non-renewable resources, which is alarming.”

The use of unconventional water sources can be effective in controlling drought, such as rainwater or river runoff, desalinated water, municipal wastewater that can be reused by treatment, he concluded.

Rasoul Sarraf, the Faculty of Materials at Shahid Modarres University, suggests a different solution and states that “To solve ease water stress, we have no choice but to use nanotechnology and solar power plants.

Pointing to the sun as the main condition for solar power plant, and while pointing to 300 sunny days in the country, he said that at the Paris Convention, Iran was required to reduce emissions by 4 percent definitively and 8 percent conditionally, which will only be achieved by using solar power plants.

Hamidreza Zakizadeh, deputy director of watershed management at Tehran’s Department of Natural Resources and Watershed Management, believes that watershed management can at least reduce the effects of drought by managing floods and extracting water for farmers.

Amir Abbas Ahmadi, head of habitats and regional affairs of Tehran Department of Environment, also referring to the severe drought in Tehran, pointed to the need to develop a comprehensive plan for water management and said that it is necessary to cooperate with several responsible bodies and develop a comprehensive plan to control the situation.

He also emphasizes the need to control migration to the capital, construction, and the implementation of the Comprehensive Plan of Tehran city.

While various solutions are proposed by officials and experts to manage water and deal with drought, it is necessary for the related organizations to work together to manage the current situation.

Mohammad Reza Espahbod, an expert in groundwater resources, also suggested that while the country is dealing with severe drought due to improper withdrawal of groundwater and low rainfall, karst water resources can supply the whole water needed by the country, only if managed.

Iran is the fifth country in the world in terms of karst water resources, he stated.

Qanats can also come efficient to contain water scarcity due to relatively low cost, low evaporation rates, and not requiring technical knowledge, moreover, they proved sustainable being used in perpetuity without posing any damages to the environment.

According to the Ministry of Energy, about 36,300 qanats have been identified in Iran, which has been saturated with water for over 2,000 years.

In recent years, 3,800 qanats have been rehabilitated through watershed and aquifer management, and people who had migrated due to water scarcity have returned to their homes.

Water resources shrinking

Renewable water resources have decreased by 30 percent over the last four decades, while Iran’s population has increased by about 2.5 times, Qasem Taqizadeh, deputy minister of energy, said in June.

The current water year (started on September 23, 2020) has received the lowest rain in the past 52 years, so climate change and Iran’s arid region should become a common belief at all levels, he lamented.

A recent report by Nature Scientific Journal on Iran’s water crisis indicates that from 2002 to 2015, over 74 billion cubic meters have been extracted from aquifers, which is unprecedented and its revival takes thousands of years along with urgent action.

Three Iranian scientists studied 30 basins in the country and realized that the rate of aquifer depletion over a 14-year period has been about 74 billion cubic meters, which is recently published in Nature Scientific Journal.

Also, over-harvesting in 77 percent of Iran has led to more land subsidence and soil salinity. Research and statistics show that the average overdraft from the country’s aquifers was about 5.2 billion cubic meters per year.

Mohammad Darvish, head of the environment group in the UNESCO Chair on Social Health, has said that the situation of groundwater resources is worrisome.

From our partner Tehran Times

Continue Reading

Science & Technology

Technology and crime: A never-ending cat-and-mouse game

Published

on

Is technology a good or bad thing? It depends on who you ask, as it is more about the way technology is used. Afterall, technology can be used by criminals but can also be used to catch criminals, creating a fascinating cat-and-mouse game.

Countless ways technology can be used for evil

The first spear was used to improve hunting and to defend from attacking beasts. However, it was also soon used against other humans; nuclear power is used to produce energy, but it was also used to annihilate whole cities. Looking at today’s news, we’ve learned that cryptocurrencies could be (and are) used as the preferred form of payments of ransomware since they provide an anonymous, reliable, and fast payment method for cybercriminals.

Similarly, secure phones are providing criminal rings with a fast and easy way to coordinate their rogue activities. The list could go on. Ultimately, all technological advancements can be used for good or evil. Indeed, technology is not inherently bad or good, it is its usage that makes the difference. After all, spears served well in preventing the extinction of humankind, nuclear power is used to generate energy, cryptocurrency is a promise to democratize finance, and mobile phones are the device of choice of billions of people daily (you too are probably reading this piece on a mobile).

However, what is new with respect to the past (recent and distant) is that technology is nowadays much more widespread, pervasive, and easier to manipulate than it was some time ago. Indeed, not all of us are experts in nuclear material, or willing and capable of effectively throwing a spear at someone else. But each of us is surrounded by, and uses, technology, with a sizeable part of users also capable of modifying that technology to better serve their purposes (think of computer scientists, programmers, coding kids – technology democratization).

This huge reservoir of people that are capable of using technology in a way that is different from what it was devised for, is not made of just ethical hackers: there can be black hats as well (that is, technology experts supporting evil usages of such technology). In technical terms, the attack vector and the security perimeter have dramatically expanded, leading to a scenario where technology can be easily exploited for rogue purposes by large cohorts of people that can attack some of the many assets that are nowadays vulnerable – the cybersecurity domain provides the best example for the depicted scenario. 

Fast-paced innovation and unprecedented threats

What is more, is that technology developments will not stop. On the contrary, we are experiencing an exponentially fast pace in technology innovation, that resolves in less time between technology innovations cycles that, while improving our way of living, also pave the way for novel, unprecedented threats to materialize. For instance, the advent of quantum computers will make the majority of current encryption and digital signature methods useless and what was encrypted and signed in the past, exposed.

The tension between legitimate and illegitimate usages of technology is also heating up. For instance, there are discussions in the US and the EU about the need for the provider of ICT services to grant the decryption keys of future novel secure applications to law enforcement agencies should the need arise –a debatable measure.

However, technology is the very weapon we need to fight crime. Think of the use of Terahertz technology to discover the smuggling of drugs and explosives – the very same technology Qatar      has successfully employed. Or the infiltration of mobile phone crime rings by law enforcement operators via high tech, ethical hacking (as it was the case for the EncroChat operation). And even if crime has shown the capability to infiltrate any sector of society, such as sports, where money can be laundered over digital networks and matches can be rigged and coordinated via chats, technology can help spot the anomalies of money transfer, and data science can spot anomalies in matches, and can therefore thwart such a crime – a recent United Nations-sponsored event, participated by the International Centre for Sport Security (ICSS) Qatar and the College of Science and Engineering (CSE) at Hamad Bin Khalifa University (HBKU) discussed      the cited topic. In the end, the very same technology that is used by criminals is also used to fight crime itself.

Don’t get left behind

In the above-depicted cybersecurity cat-and-mouse game, the loser is the party that does not update its tools, does not plan, and does not evolve.

In particular, cybersecurity can help a country such as Qatar over two strategic dimensions: to better prevent/detect/react to the criminal usage of technology, as well as to advance robustly toward a knowledge-based economy and reinforce the country’s presence in the segment of high value-added services and products to fight crime.

In this context, a safe bet is to invest in education, for both governments and private citizens. On the one hand, only an educated workforce would be able to conceptualize/design/implement advanced cybersecurity tools and frameworks, as well as strategically frame the fight against crime. On the other hand, the same well-educated workforce will be able to spur innovation, create start-ups, produce novel high-skill products, and diversify the economy. 

In this context, Qatar enjoys a head start, thanks to its huge investment in education over the last 20 years. In particular, at HBKU – part of Qatar Foundation – where we have been educating future generations. 

CSE engages and leads in research disciplines of national and global importance. The college’s speciality divisions are firmly committed to excellence in graduate teaching and training of highly qualified students with entrepreneurial  capacity.

For instance, the MS in Cybersecurity offered by CSE touches on the foundations of cryptocurrencies, while the PhD in Computer Science and Engineering, offering several majors (including cybersecurity), prepares future high-level decision-makers, researchers, and entrepreneurs in the ICT domain  – the leaders who will be driving the digitalization of the economy and leading the techno-fight against crime. 

Continue Reading

Science & Technology

Enhancing poverty measurement through big data

Published

on

Authors: Jasmina Ernst and Ruhimat Soerakoesoemah*

Ending poverty in all its forms is the first of the 17 Sustainable Development Goals (SDGs). While significant progress to reduce poverty had been made at the global and regional levels by 2019, the Covid-19 pandemic has partly reversed this trend. A significant share of the population in South-East Asia still lacks access to basic needs such as health services, proper nutrition and housing, causing many children to suffer from malnutrition and treatable illnesses. 

Delivering on the commitments of the 2030 Agenda for Sustainable Development and leaving no one behind requires monitoring of the SDG implementation trends. At the country level, national statistics offices (NSOs) are generally responsible for SDG data collection and reporting, using traditional data sources such as surveys, census and administrative data. However, as the availability of data for almost half of the SDG indicators (105 of 231) in South-East Asia is insufficient, NSOs are exploring alternative sources and methods, such as big data and machine learning, to address the data gaps. Currently, earth observation and mobile phone data receive most attention in the domain of poverty reporting. Both data sources can significantly reduce the cost of reporting, as the data collection is less time and resource intensive than for conventional data.

The NSOs of Thailand and the Philippines, with support from the Asian Development Bank, conducted a feasibility study on the use of earth observation data to predict poverty levels. In the study, an algorithm, convolutional neural nets, was pretrained on an ImageNet database to detect simple low-level features in images such as lines or curves. Following a transfer learning technique, the algorithm was then trained to predict the intensity of night lights from features in corresponding daytime satellite images. Afterwards income-based poverty levels were estimated using the same features that were found to predict night light intensity combined with nationwide survey data, register-based data, and geospatial information. The resulting machine learning models yielded an accuracy of up to 94 per cent in predicting the poverty categories of satellite images. Despite promising study results, scaling up the models and integrating big data and machine learning for poverty statistics and SDG reporting still face many challenges. Thus, NSOs need support to train their staff, gain continuous access to new datasets and expand their digital infrastructure.

Some support is available to NSOs for big data integration. The UN Committee of Experts on Big Data and Data Science for Official Statistics (UN-CEBD) oversees several task teams, including the UN Global Platform which has launched a cloud-service ecosystem to facilitate international collaboration with respect to big data. Two additional task teams focus on Big Data for the SDGs and Earth Observation data, providing technical guidance and trainings to NSOs. At the regional level, the weekly ESCAP Stats Café series provides a knowledge sharing platform for experiences related to the impact of COVID-19 on national statistical systems. The Stats Café includes multiple sessions dedicated to the use of alternative data sources for official statistics and the SDGs. Additionally, ESCAP has published policy briefs on the region’s practices in using non-traditional data sources for official statistics.

Mobile phone data can also be used to understand socioeconomic conditions in the absence of traditional statistics and to provide greater granularity and frequency for existing estimates. Call detail records coupled with airtime credit purchases, for instance, could be used to infer economic density, wealth or poverty levels, and to measure food consumption. An example can be found in poverty estimates for Vanuatu based on education, household characteristics and expenditure. These were generated by Pulse Lab Jakarta – a joint innovation facility associated with UN Global Pulse and the government of Indonesia.

Access to mobile phone data, however, remains a challenge. It requires long negotiations with mobile network operators, finding the most suitable data access model, ensuring data privacy and security, training the NSO staff and securing dedicated resources. The UN-CEBD – through the Task Team on Mobile Phone Data and ESCAP – supports NSOs in accessing and using mobile phone data through workshops, guides and the sharing of country experiences. BPS Statistics Indonesia, the Indonesian NSO, is exploring this data source for reporting on four SDG indicators and has been leading the regional efforts in South-East Asia. While several other NSOs in Asia and the Pacific can access mobile phone data or are negotiating access with mobile network operators, none of them have integrated it into poverty reporting.

As the interest and experience in the use of mobile phone data, satellite imagery and other alternative data sources for SDGs is growing among many South-East Asian NSOs, so is the need for training and capacity-building. Continuous knowledge exchange and collaboration is the best long-term strategy for NSOs and government agencies to track and alleviate poverty, and to measure the other 16 SDGs.

*Ruhimat Soerakoesoemah, Head, Sub-Regional Office for South-East Asia

UNESCAP

Continue Reading

Publications

Latest

Arts & Culture1 hour ago

Can democracy save the environment?

In 13 short films, each roughly 5 minutes long, Nicolas introduces us to the individuals behind environmental and community-based groups...

Southeast Asia3 hours ago

Vietnam President Visit to US for UNGA Meeting

Following his visit to Cuba, Vietnam president Nguyen Xuan Phuc visited New York to attend 76th meeting of the UN (United Nations) General Assembly and participated in the deliberations...

Finance4 hours ago

5 Valuable Reasons Why You Should Care About Your Instagram Audience Engagement to Succeed

Have you ever wondered about the connection between successful social networking and audience engagement? If you are trying to impact...

Intelligence5 hours ago

The Curious Case of Russian Cyberattacks in India

As the world grapples with the COVID-19 pandemic, the technological shifts have made working remotely a reality for millions of...

Finance5 hours ago

Cryptocurrency Lending vs. Bank Lending

Cryptocurrencies have entered the mainstream, and they are redefining financial transactions. Today, these coins are lent and borrowed. This industry...

Europe7 hours ago

The neoliberal project strikes back: Upcoming regime-change in post-pandemic Bulgaria?

In the last few years, Eastern European politics has hit the headlines around the world rather often. However, commentaries on...

Economy9 hours ago

Future of Mid Size Business Economies & Bureaucracies of the World

The Agrarian age morphed into an industrial age over a millennia, sometime later industrial age advanced to computer age in another...

Trending