A brief analysis of its social, economic implications
The cyber space is becoming increasingly relevant for the world, bringing with it newer possibilities and growth. However it also brings with it a new form of threat, a cyber threat which requires a cyber security to confront it. The U.S with its vast information infrastructure, where people rely on it more than that in any other country, is particularly vulnerable. A cyber attack has ripple effects and an impact on one can have consequences for others. Several sectors in the U.S would have catastrophic consequences in case of a successful attack. The law enforcement agencies supported by legislations are constantly trying to meet evolving cyber threats, which can cause potential, economic and social breakdowns. The public require primarily, understanding the attributes of cyber security and assuming a shared responsibility.
Cyberspace may be defined as the electronic medium involving computer networks that facilitates online communication. The Internet has today transformed to being a massive network of interconnected economic, social and legal networks used by individuals, governments, businesses and institutions all around the world. The growth of the Internet has revolutionized the way, individuals and nations conduct business. The Internet is increasingly sought for various purposes including communication, education, research and entertainment. Today the Internet is an extended infrastructure of information and communications that supports a multitude of services. With 171 million hosts on the Internet and each host having a network of 254 million computers, the expansion and Internet traffic has already exceeded the estimates predicted by experts.
Although the development of computer technology has rapidly expanded the communications and information markets, it has come with immense social and economic costs. The same technology that benefits through it useful abilities, is also sought for criminal purposes. The opportunities to indulge in computer crimes and the technical competencies of these criminals are mostly ahead of the law enforcement agencies trying to control them. The global interconnectivity of the Internet has allowed cyber attackers to prey on victims, across all geographical borders, while easily maintaining anonymity. Cyber threat from criminal groups, hackers and terrorists can not only affect computers and networks, but also affect individuals and organizations at a personal, social, financial and legal level.
Many crimes committed through the Internet may not be new but a modification or development of an existing version of fraud, trespassing or property destruction, through newer technology. Among the common forms of cyber crimes are intellectual property theft, illegal copying of proprietary music or software, hacking, identity theft, distribution of malware, phishing, online prostitution and pornography, and cyber stalking.
The U.S is particularly at risk for cyber attacks due to several factors. The U.S has a precarious position with regard to the Middle East with radical Islamic groups like the Al Qaeda and the Hezbollah perceiving the U.S as an enemy. Recent events like Israeli-Palestinian conflict, Iraq and Afghanistan roles have contributed much to the anti-American sentiment (Taylor, 2006). Many of these groups have the capability to launch cyber attacks. Apart from Islamic fundamentals, anti-capitalists movements like those in China and North Korea are also capable of cyber attacks on American targets.
It must be noted here that the U.S is the most infrastructure reliant nation on the earth, and therefore very vulnerable to a cyber attack, with susceptibility on several fronts. The U.S information infrastructure is primarily composed of five components, namely:
Communication networks like that for phones and satellites
Equipment used for providing information like those for television and radios
Information resources including educational or medical programs or relevant databases
Applications like those used for e-commerce or digital libraries, and
the people
Critical infrastructure is a very attractive target for terrorists, as it can cause large scale economic and operational damages, as that associated with any major breakdown. About eight areas of infrastructure functioning has been identified as a virtual, national life support system even by the early Clinton administration. These domains include telecommunications, banking and finance, electrical power, oil and gas distribution and storage, water supply, transportation, emergency services and government services. Since many of these are inter-dependent, the effects of breach in anyone are magnified on the other.
Hacking has been a major cyber threat for the U.S that had even succeeded in making data changes to the CIA website as well as causing organization-wide data breaches as seen to Epsilon and Sony in 2011. Hacking is the unauthorized access and use of another’s computer systems. Such incidents expose the vulnerabilities in a computer system, damaging the information infrastructure and the integrity of the organization owning it. Hacking of an organization’s computer system has several implications for its associates and customers. The customers would be wary of their association with the organization, and may cease to do business with it. Each year several organizations like businesses and corporations report unauthorized intrusions in to their information systems. A common way by which hackers get access to computer accounts is through a process called ‘social engineering’ which mean tricking individuals to release critical information to a stranger, through flattery, deception or intimidation (Ross, 2010). Once a hacker has access to the system, he or she gains access to secret information and are also able to destroy the information setup or even sabotage the system.
The effects of cyber security compromise are immense and have ripple effects. In a new world economy of international transactions and funds transfer, the banking sector is highly sought by hackers. The banking and financial institutions depend heavily on networks and are therefore vulnerable to infrastructure attacks. A breach in one system can seriously impact all other connected systems. However the vulnerability in this sector is mitigated by the fact that most of these banks are private with limited external access. Nonetheless a successful attack can be disastrous.
Electrical power and water supply systems are another domain that relies much on sophisticated sensors that help in maintaining safe levels. Manipulation of these remote sensors through a network intrusion is a threat that can have serious consequences or disruption of services that can bring life to a standstill. Transportation infrastructure is also a major concern particularly with regard to civil air traffic control. Aircraft maintenance, parts manufacturing and flight management systems are increasingly being reliant on automation and thus more vulnerable to threats. The civil aviation security is again heavily reliant on other infrastructures too. Air traffic control centers depend on electricity, communication systems and government services like Federal Aviation Administration, which if attacked could have catastrophic consequences in the transport sector.
Another cyber crime that involves huge economic implications for the U.S is online piracy. Intellectual property fundamentally takes the form of ‘intangibles’ like ideas, information, inventions and signs. However laws covering ‘real’ property establish rights over ‘tangibles’. Proprietary rights over the original forms of intellectual production are facilitated through IP laws, which encompass patents, trademarks, trade secrets, designs etc (Yar, 2006). The holder’s rights are established through copyrights. Copyrighted objects include music, paintings, drawings, audio-visual recordings etc. Online piracy which is the unauthorized downloading, copying, distribution and sale of the copyrighted content, causes huge losses to these industries in the U.S. With the U.S having a forefront position in the global market for software and media products, much of these products emanate from the U.S. Therefore piracy of these can not only have huge implications for the digital industry in the U.S, but also a loss in revenue for the government.
According to the International Federation of the Phonographic Industry (IFPI) over 28% of the global Internet users engage in digital piracy by accessing unauthorized services every month. To meet this threat IFPI suggests a combination of several effective responses including site blocking, with the cooperation of online intermediaries (IFPI, 2012). The music industry allocates considerable resources towards anti-piracy efforts including public education campaigns. Anti-piracy involves enforcement of rights, education and legal backing and is therefore multi-faceted. The IFPI had successfully removed about 1.5 million Internet links in 2011 which were associated with online piracy.
Perhaps the biggest cyber security challenge to the U.S is the threat of terrorism emanating from it. Terrorists use Internet in a multitude of ways that are very deceptive and difficult to control, for the law enforcement agencies. As the Internet is easy to access, not completely regulated, involving huge audiences and enabling a quick flow of information, terrorists exploit it to meet their objectives. Terrorist organizations and their supporters have hundreds of websites that appear suddenly and also disappear quickly. They retain their content while frequently changing their IP. Targeting prospective supporters, international public opinion and their enemies, they use the Internet to raise funds, recruit and coordinate their terrorist activities and psychological warfare.
A major challenge for the U.S cyber security with regard to terrorism is determining materials like instructions and manuals hidden in the form of coded messages or encrypted files. Earlier the terrorists could only use the television, radio and print media for their campaigns which were regulated and therefore not very effective for terrorists. These could not be used at their free will, as there were content acceptability criteria. But with the advent of Internet, they have full control over their content that they could freely manipulate. Although it is possible to track down and access emails that look suspicious, the communication terrorists use can beats this detection. By using a shared mail id and a password, they communicate with each other by only saving their message in the draft folder. This way communication occurs across borders, despite no emails being sent, which is highly undetectable.
Identifying the major weakness in the U.S cyber security is a matter of much controversy. This may be attributed to the fact that any element of cyberspace could be at risk, and given the connection of such elements, establishing the optimum level of cyber security framework is difficult. Cyber security weaknesses can be addressed by the adoption of standards and certifications, implementing best practices and guidelines, regular auditing and benchmarks, and through education and training. Each of these approaches has their own strengths and weaknesses as to how they would contribute to a cyber security national framework (Fischer, 2005). This framework can only be established through efforts from all sectors.
On the legal front, U.S legislations and laws are constantly reviewed and updated to enable law enforcement curb cyber threats. In the early years of prosecution against hackers, the legal systems depended on charging the offenders with just criminal trespass, violation of private property etc. that were very much associated with general crimes. With the increasing failure to secure convictions, it became evident that the existing laws were insufficient. Cyber crime legislation is comparatively a recent development for most nations that have their own legislations. However, the U.S was among the first countries to introduce laws on cyber crime. The Congress passed the ‘Computer Fraud and Abuse Act’ in 1986 through it made known that knowingly accessing a computer without authorization is a crime.
The cyber crime legislations in the U.S are comparatively more exhaustive and harsher when compared to that in most countries like the UK, emphasizing that the U.S sees cyber crime as a larger crime. For instance the US legislations under Section 2701a (1) views as offense any intentional access to an electronic communication facility without authorization. It also evaluates authorization limits and views over-authorization as also a crime. However in the UK under its Sections 1.1a to 1.1c, a person is guilty of unauthorized access to electronic material only if he uses a computer to gain access to data held. Also the individual is only guilty if he or she knows that the access is unauthorized (Global Cyber Law Database, 2012). In terms of punishment too, the intruder under the U.S laws can be punished by 5 years for the first instance and 10 years in subsequent instances. This is in comparison to the England and Wales legislations that have prison terms of not over 12 months for the same offence, and it is just 6 months for Scotland.
There is no doubt that the government is constantly working to meet the challenges of cyber security for all its sections. To deal with the increasing threat from cyber space, the U.S federal government has established policies and strategies in an effort to address cyber security issues on a global basis. The ‘Cyberspace Policy Review’ by President Obama emphasizes that the U.S needs a strategy for cyber security. The Department of Justice (DOJ) is the primary law enforcement agency in the U.S that is responsible for cyber related offences and crimes. The DOJ with the cooperation of other federal agencies works with other countries and international organizations to strengthen vital infrastructure and resources of the U.S.
The cyber economy of $110 billion is today most vulnerable to crimes and threats than at any time before. Securing the Internet against attacks require the expertise of the industry and allied services and that of the government agencies. With the U.S more interconnected today than at any point before, thanks to the Internet, people rely on it even for their day-to-day needs. The risk of crime makes cyber security, one of the country’s top most security priorities. To raise awareness for cyber security, President Obama had designated October as the ‘National Cyber Security Awareness Month’ (NCSAM). Engaging and educating private and public sector affiliates through awareness campaigns, is the main goal of NCSAM (USDHS, 2012). This is the ninth annual NCSAM undertaken by the Department of Homeland Security together with the National Cyber Security Alliance, which intends to increase the resiliency of the country, in case of a cyber incident.
But as NCSAM reminds public, cyber security is a shared responsibility and that newer cyber threats require coordinated engagement of the entire American communities, from governments to public sectors and the members of the public. Maintaining a safe and resilient cyber space is vital to sustenance and growth. Americans should learn to keep their personal information and assets, safe online. These can be achieved through strong passwords that are not shared, installing updates to the operating system, browser and critical software.
IFPI (2012) Digital music report 2012. Retrieved fromhttps://docs.google.com/viewer?a=v&q=cache:FEzWYZkTfB8J:www.ifpi.org/content/library/DMR2012.pdf+online+piracy+statistics+2012+for+the+U.S&hl=en&gl=in&pid=bl&srcid=ADGEESiLV9Mgb2QmYJn2m0Ywr-DYj2KhvimvTsg4sjF2-W044NQiAsJ5V2dtMQuIQmLP2GbfaEim2ObTJfvMJtZUFDD5nXzAl1_UAafrtxic-apRGtKuumkIGag-1Y-bxg4kdadwcrJc&sig=AHIEtbQUGS8IH5OMz2SaI6DP7SZI58SgKg
Global Cyber Law Database (2012) Unlawful access to stored communications. Retrieved from http://cyberlawdb.com/docs/usa/2701.pdf
USDHS (2012) National Cyber Security Awareness Month. Retrieved from
http://www.dhs.gov/national-cyber-security-awareness-month
Fischer E.A (2005) Creating a national framework for cyber security: An analysis of issues and options. Quoted in Choi L.V (ed) Cyber security and homeland security Nova Science Publishers (3-10) New York
Yar M (2006) Cybercrime and society. London Sage Publications.; pp 64-70
Ross J.I (2010) Criminal investigations: Cybercrime (pp40-44)New York. Chelsea House Publications.
Taylor R.W et al. (2006) Digital crime and digital terrorism (pp 23-25). New Jersey. Pearson Prentice Hall