Posted on 11/10/2017 12:32:34 PM PST by dayglored
Microsoft president Brad Smith appeared before the UN in Geneva to talk about the growing problem of nation-state cyber attacks on Thursday.
Smith, also Redmond's chief legal officer, last month publicly accused North Korea of the WannaCry ransomware attack.
During the UN session on internet governance challenges, Smith made the case for a cyber equivalent of the Geneva Convention. He started off by noting the sorry state of IoT security before arguing that tech firms and government each have a role to play in reining in the problem.
"If you can hack your way into a thermostats you can hack your way into the electric grid," Smith said, adding that the tech sector has the first responsibility for improving internet security because "after all we built this stuff".
Microsoft is doing its bit by using a combination of technology and legal action to seize hacked domains at the centre of attacks. Redmond has helped customers in 91 countries by seizing 75 such domains, Smith said.
In addition, Microsoft spends $1bn on security innovation a year.
International tensions are increasingly spilling out into cyberspace including alleged Russian meddling through leaks and social media propaganda during last year's US presidential election and attacks on banks hooked up to the SWIFT banking network and digital currency exchanges, supposedly by units of North Korean intelligence. Further back there's the infamous Stuxnet sabotage campaign against Iranian nuclear facilities, a joint US/Israeli operation.
"Nation states are making a growing investment in increasingly sophisticated cyber weapons," Smith said. "We need a new digital Geneva Convention."
"Government should agree not to attack civilian infrastructures, such as the electrical grid or electoral processes," he said, adding that nation states should also agree not to steal intellectual property.
Existing rules for political advertising in print and broadcast media should be extended to social media, Smith suggested. A framework to extend existing international law into the realm of cyber-conflict already exists in the shape of the Tallinn Manual.
Smith argued that tech companies needed to be neutral in cyber-conflict and help their customers wherever they might be.
Workers and consumers also have a part to play, particularly when it comes to resisting phishing emails.
"90 per cent of attacks begin with someone clicking on an email... We need to protect people from their bad habits," he noted. ®
So,... do we disable their email, or disable their mouse?
It's not like we haven't tried educating computer users...
Heaven protect us from those who think we need to be protected from ourselves.
> “Government should agree not to attack civilian infrastructures, such as the electrical grid or electoral processes,”
Would certainly be used in the future as an excuse for electrical grids to “save money” or “put off upgrades” or...
The problem is, it’s not governments we need to worry about.
It’s ISIS.
It’s the Russian mafia (doing what they think Moscow would like for future rewards).
It’s the “contractor” North Korea can pay now to “cause havok”.
And even if it is directly done by a government it’s not as obvious as a tank or plane or missile may be so they’re more likely to ignore an agreement.
We’d better find a way to harden our system, not hope that an agreement saves us.
> We’d better find a way to harden our system, not hope that an agreement saves us.
Absolutely. And does Brad not realize that in war, when bombing a city, isn't part of the point that you're intentionally "disabling civilian infrastructures" along with everything else?
First order of business: Make hacking a hanging offense.
The fact that this is still even an issue in 2017 is the fault of the operating system, as much if not more than idiot users. Yes, Microsoft, I'm pointing directly at you.
The Geneva Conventions had their origins in the US Army General Order 100, issued during the US Civil War.
“The Lieber Code of April 24, 1863, also known as Instructions for the Government of Armies of the United States in the Field, General Order Number 100, or Lieber Instructions, was an instruction signed by US President Abraham Lincoln to the Union Forces of the United States during the American Civil War that dictated how soldiers should conduct themselves in wartime. Its name reflects its author, the German-American legal scholar and political philosopher Franz Lieber.”
https://en.wikipedia.org/wiki/Lieber_Code
Participants in the international Hague Peace Conferences used Lieber’s text as the basis for negotiations which resulted in the Hague Conventions of 1899 and 1907. These two international agreements set forth laws of land and naval warfare.
“Subsequently, during World War I and World War II, many of these laws were broken. Following World War II, jurists at the Nuremberg Trials and the Tokyo Trials ruled that by 1939 the rules for armed conflicts, particularly those concerning belligerent and neutral nationals, had been recognized by all civilized nations and thus could apply to officials even of countries that never signed the Hague Conventions. Some features of the Lieber Code are still evident in the Geneva Conventions of 1949.”
World needs unicorns that poop gold too.
But even in the unlikely event that we get the unicorns, there isn’t going to be any gold, just poop.
Why compete when everyone can just hug and agree to play nice?
Why? Microsoft doesn’t follow the law or ethics as it is.
Microsoft steals user data.
Further back there’s the infamous Stuxnet sabotage campaign against Iranian nuclear facilities, a joint US/Israeli operation.
Pretty sure this is a suspected US/Israeli joint effort. I don’t believe it was ever admitted, was it?
Wartime "conventions" strike me in some ways like gun control laws. They restrict the law-abiding, and the criminals just ignore them.
Does Brad really believe that a bunch of effectively toothless conventions are going to stop enemy agent hackers, who know they are likely to never get caught?
Not officially, of course; but everyone knows that it was.
They already have it Brad....
It’s called the IEEE
Brad is a Technocrat that wants to bring in the Technocracy to run the world through a control grid. The control grid is the 5G.
5G will change the world as we know it. The public will first see it in April of 2018 or 5 months from now. By 2022 it will be everywhere like 4G.
By 2025 the public will see the world change from the 5G. It will give the world the bandwidth we do not have right now. It will bring in the A.I. (Artificial Intelligence), Drones, Robots, Auto Cars, trucks, ships, planes, Nanotech, Smart Dust, etc... Everything in your home will be connected online. This includes refrigerators, dish washer, dryers, washing machines, the heating and air, etc... The Smart Home in other words.
Just Google, Bing, Yahoo it or Youtube “5G Network”. It will tell you all about it.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.