The release of an OECD study as part of the wider 'Future Global Shocks' project comes at a most appropriate point in social engagement with potential cyber warfare. Following the WikiLeaks episode, and the 'Anonymous' hacking of various high-profile company domains, the theme of cyber crime is fresh in the collective mind.
The report, despite its complex discussion of potential threats, and the prerequisite systems required to protect against such risks, reassures its audience that:
“It is unlikely that there will ever be a true cyber war.”
In their attempts to define a “global shock”, the study focuses not only on the now familiarised area of internet hacking, but also on the cumulative effects of other global disasters. Events such as the financial crisis would represent such an international dilemma, the effects of which were to be felt across borders and cascade into numerous aspects of everyday life.
The authors of the study, Peter Sommer and Ian Brown, stipulate that a significant attribute of such a global shock is the inability of the nation from which the catastrophe originated to address the situation alone. International assistance is necessary. This concept of international co-operation is an important one, and one which threads throughout the study.
The general consensus from the authors concludes that, although a concerted “cyber-event” capable of causing such worldwide disturbance is highly unlikely, a very real threat is posed by one of two scenarios: the co-incidence of a natural or man-made crisis alongside an opportunistic cyber attack on a temporarily vulnerable state, or the simultaneous implementation of two or more cyber attacks.
The OECD study discusses the problems inherent in any discourse surrounding information security; that of a lack of precedence. In the ever-changing digital landscape, historic events can offer little guidance on future crisis scenarios should they arise. For this reason, the report reminds us that:
“...long term hardware and demographic trends are more predictable than those related to software and social change.”
The authors, despite their belief that a truly global future shock is not likely, recommend that governments take the necessary precautions to shield themselves from possible cyber attacks, as well as implementing contingency plans designed to aid a recovery from a wide variety of cyber events.
Already the UK has created the OCSIA (office of cyber security and information assurance), whilst a European equivalent exists in the form of ENISA (European network and information security agency). Such creations over the past couple of years have been the direct result of a growing concern regarding cyber threats, and the growing multiplicity and complexity of potential cyber events.