Opinion: Why democratic countries need a cyberthreat sharing alliance
The cyberthreats countries face from criminals and terrorists are largely the same. We are stronger against them when we work together.
US Secretary of State John Kerry leaves Israel on Nov. 24, 2015.
Reuters/File
At a Tel Aviv cybersecurity conference in January, experts who gathered from all over the world all seemed to agree on one thing: Hackers don’t respect international borders.
The cyberthreats countries face from criminals and terrorists are largely the same. That's why it's urgent for democratic countries to work together to form an international coalition to work together to better defend against them.
Given the significant effort and resources allocated in recent years to keep countries' respective national security domains isolated from each other, such collaboration may seem exceedingly counterintuitive.
But bad actors — whether they're criminals, terrorists, or rogue nations— don't just take advantage of the deficiencies that plague both private and governmental systems. They exploit the lack of cooperation between the governments and the private sector in each country. And they take advantage of the current lack of cooperation on an international stage.
We are stronger against them when we work together.
The 'international safe house'
The US and Israel are well positioned to lead the efforts to form this international coalition. They are both democratic countries that are powerhouses in the cybersecurity space. Israel is second only to the US as the world's biggest exporter of cybersecurity products and services. The US and Israel could also bring together trustworthy countries such as Britain, Germany, Italy, Holland, and Sweden – to start.
First, the coalition would create what I like to call an "international safe house."
This would enable members of a trusted coalition to share information, technology, and tactics with each other in order to tackle global cyberthreats.
Terrorist cyberattackers won't restrict their operations to one country. An attack on one country almost always means another will fall victim soon. Simply put, an attack on an ally can be the first step to gathering information and preventing compromising similar weaknesses in your own country’s domain.
Second, each coalition member would build its own "cybergym" – a training space to build systems to defend their country's existing digital infrastructure, study cybersecurity best practices, prepare for emergency situations, and train its civilian and security institutions.
Each nation’s Computer Emergency Readiness Team (CERT) – the agencies usually responsible for analyzing and reducing cyberthreats and vulnerabilities, and for disseminating cyberthreat warning information – would lead the effort to set up these arenas.
United response to global threats
Each country would be able to take the information on real-time threats – and strategies to defeat them – from their cybergym and share them with its partners in the international safe house.
Every country has utility companies, telecommunication infrastructure, medical records and biometric data bases, airlines, civilian nuclear facilities, banking systems and even nationwide retailers that are all susceptible to attacks – and need to be protected. Some hackers into these systems are small and easily detected and stopped; other hackers have an international strategy, making them more dangerous. But regardless of which country a particular industry finds itself, the hackers’ tactics will be easily transferrable across international borders.
For example, let’s say the network of a large bank in one country has been targeted by a new strain of ransomware. The company could report the threats it’s facing with the cybergym – and this cooperation would enable other banks across the world to better protect themselves against that threat. What’s more, if other partners have already seen that threat, they could share their defense strategies with the targeted bank.
Just as a nation-state can no longer count on its military as its sole security defense, a nation cannot maintain the security of its public utility infrastructures’ and private sector’s cybersecurity needs if their defense strategies and product remain isolated. By working together with other trustworthy nations to share information, techniques and best practices, we can all put up our best defense at home.
Safeguarding civil liberties
At the same time, we are all worried about preserving privacy and protecting proprietary information.
Every time the idea of information sharing between the government and private sector is raised, so are questions about preserving citizens’ privacy. The US, for instance, finally passed a cybersecurity threat information-sharing bill late last year after a vigorous debate about sharing information between private companies and the government to prevent cybersecurity threats while also protecting people’s personal information and privacy.
We need to find a way to achieve international threat-intelligence sharing without exposing a country’s weaknesses or its most sensitive information, nor grossly undermining individuals’ privacy.
Industry leaders must be part of this process as well, explaining and ensuring that cyber-related regulations are balanced with basic freedoms of the individual. As has been seen in the US, there will be a complex balancing act and, at least initially, the private sector will have the stretch the limits of what they would be comfortable sharing.
However, the cost of delaying this cooperation and decisions over how the private and public sector interact, just because the right amount of compromise would be difficult to achieve, is no longer sustainable. Without an international safe house, these companies and governments are endangering their entire cyber networks.
An international coalition can maintain both privacy and the civil rights of countries and individuals by working towards setting global standards for governments and industry in these areas.
If there’s one lesson we can learn from the hackers, it’s this: Just as their cyberattacks hold no borders, we should also tear our walls down when it comes to cooperating in our defense against them.
Erel N. Margalit is a member of the Israeli Knesset, an entrepreneur, and a venture capitalist. Follow him on @Erel_Margalit.