perm_phone_msgUNDER ATTACK? S.O.S. LINE 0114 354 0054

Top Categories

Spotlight

today03/12/2021

Cyber security TechRepublic

How well do you know your APIs? Not well enough, says Cisco

Many APIs are openly accessible online, and that means big chunks of your apps are, too. Cisco’s Vijoy Pandey has tools and tips to help businesses get visibility into their APIs. Image: Shutterstock/Den Rise There’s a slight problem in the world of app development, and it’s one that’s pretty fundamental [...]

Top Voted
Sorry, there is nothing for the moment.

USA signs internet freedom and no-hack pact it’s ignored since 2018

Cyber security The Register today11/11/2021

Background
share close

The United States has signed up for The Paris Call for Trust and Security in Cyberspace – an international effort to ensure the internet remains free and open, and an agreement to put critical infrastructure off limits to electronic attack by sovereign states and other actors.

The Paris Call was issued by French president Emmanuel Macron in 2018, as part of that year’s Internet Governance Forum held at UNESCO and alongside the Paris Peace Forum. The Call details nine principles, listed here and sketched by The Register:

  1. Protect individuals and infrastructure – a pledge not to attack information infrastructure that impacts people’s lives;
  2. Protect the internet – nations should keep their hands off the internet core;
  3. Defend electoral processes – don’t hack elections, please;
  4. Defend intellectual property – prevent hacking of trade secrets;
  5. Non-proliferation – especially of malicious software;
  6. Lifecycle security – ensure security is applied through the supply chain and for the lifetime of digital products;
  7. Cyber hygiene – the digital of basic public health campaigns;
  8. No private hack back – preventing aggression by private entities, and states using privateers as deniable attackers;
  9. International norms – promoting development and adoption of international norms for responsible online behaviour by states.

The document also calls for human rights and applicable laws to be extended into the online realm, for multilateral cooperation by nations that want to crimp online crime, and condemns “malicious cyber activities in peacetime, notably the ones threatening or resulting in significant, indiscriminate or systemic harm to individuals and critical infrastructure”. That’s diplo-speak for “hacking hospitals, telcos, and the electrical grid should be off limits because it harms too many innocents”.

The last item – international norms – also matters because parallel efforts are trying to define those, notably the Global Commission on the Stability of Cyberspace (GCSC) which is working to create rules that put internet infrastructure out of bounds during armed conflict.

The USA has not signed up to the GCSC but has ratified the Budapest Convention on Cybercrime – the most comprehensive multilateral treaty on cybercrime that aims to harmonize laws and facilitate cross-border investigations.

Putin

G7 nations call out Russia for harbouring ransomware crims ahead of Biden-Putin powwow

READ MORE

A White House statement explains that the USA’s decision to adopt the Call “reflects the Biden-Harris Administration’s priority to renew and strengthen America’s engagement with the international community on cyber issues”.

“This announcement builds on the United States’ continuing work to improve cybersecurity for our citizens and business,” the statement adds. Therefore it needs to be considered alongside US support for NATO’s revised infosec polices, efforts to have G7 countries crack down on nations that harbor cyber criminals, and the Biden administration’s recent anti-ransomware summit.

Russia wasn’t invited to that summit and China didn’t attend. By an interesting coincidence, those same two nations have not joined the Paris Call and have more or less ignored the GCSC.

The USA agreeing to the Call still matters, however, because it was conspicuous by its absence when the document was created – as were China and Russia.

One aim of efforts like the Call can be to isolate and criticise those who choose not to participate. The USA signing up for the document therefore means it’s now clearly in alignment with its major allies. Microsoft, Oracle, Google, Facebook, HPE and IBM – among other big tech players – have also agreed to support the Call.

With ransomware rampant in the USA, and the Biden administration having made multiple calls for international cooperation to stop it, the White House clearly sees supporting the Call as conferring some advantages.

The Call is also something of a signature diplomatic initiative for president Macron, and the USA needs him back onside after the formation of the US/UK/Australia AUKUS pact saw France lose a $65 billion submarine construction contract with Australia.

The USA’s support for the Call was therefore announced alongside deeper collaboration with France in space. America committed to joining the Space Climate Observatory (SCO) – an effort to gather data in space to assist terrestrial responses to climate change. The two nations will also collaborate on space-related security matters. ®

See the original article here: The Register

Written by: The Register

Rate it
Previous post

Designed by Cloud Boffins