Paradox of cyber security is cumulating foreknowledge of vulnerabilities

Posted On February 18, 2015 , 12:03 AM Contador HarrisonPeriscope

Since Edward Snowden revelations, multiple Governments across the world have been announcing formation of Cyber Agencies to defend themselves from cyber attacks.Such agencies are seen as imperative if a country is to be resilient against future cyber threats although most of them are currently vulnerable to cyber attacks. In Western Europe, such agencies possess a common perspective and understand that cyber attacks cannot be addressed by a single agency alone, but rather through coordinated policy and operations. The aim underpinning such Cyber security agencies is to build a stronger sense among all national agencies that cyber attacks pose a threat across a range of national interests and stakeholders unless addressed in a coordinated manner.Security experts have found that malicious traffic is not attributable to a sudden increase in hacker’s hacking prowess, but rather instead its the security naivety and vulnerability to exploitation by hackers, who use poorly secured servers anywhere in the world as a base from which to launch their attacks.It is important to understand that, paradoxically, national security in countries across the World is conceptualized principally in terms domestic issues, with external threats only factoring in a broader, secondary concept of national security.

Threats to national security for most countries have become widespread both internally and externally issues.The primary objective of any country’s national defense is to counteract traditional as well as non-traditional security threats. The decisions by Governments across the world to form Cyber security agencies are a reflection of the need to emphasize the external dimension of national security. Cyber threats are one type of non-traditional threat are growing very fast and on which national defense forces need to focus.The paradox of cyber defense and security, however, is that cumulating foreknowledge of one’s own software vulnerabilities and others’ capabilities is tantamount to stockpiling offensive weapons.Notably, the very knowledge of an exploitable vulnerability in one’s own systems, if kept secret and therefore un-patched, can be used as a clandestine offensive weapon against enemies, since virtually the entire world shares hardware and software systems in common. Last Friday, While visiting Stanford University, US President Barack Obama announced he was signing an executive order meant to encourage the sharing of information, regarding cyberthreats, between private sector companies and the government. The order was signed at the first summit on Cybersecurity and Consumer Protection, which focused on consumer protection and private-public partnerships against cyberthreats.

In my research study on this hotly debated topic, Cyber threats, I have learned it can be asymmetrical, where conflicts take place between one country, whose cyber unit is developing, and another country’s, whose is already very advanced. That would be an apt description of African countries present situation; the region is astonishingly vulnerable according to a new research conducted last year and currently sits at the low end of the scale in terms of cyber security awareness and preparedness. It is against such background African countries should aim to strengthen their cyber defense capabilities.Several African countries already have their own armies to handle cyber threats. Contador Harrison thinks that Cyber terrorism will be especially challenging to prevent, and risks ruining the international image of many countries, not to mention undermining their national stability. To fulfill the promise of a robust defense against cyber threats, African governments must work toward assessing their country’s vulnerabilities and develop response scenarios base on probable and credible threats.They should also improve the security of government and private sector’s IT infrastructure. Lack of awareness, lax security procedures and misconfigured systems have likely left gaping vulnerabilities to key systems that remain ripe for exploitation by foreign hackers or foreign security agencies looking for trade secrets and economic blue prints.However, there will always be surprises, no matter how effectively, systematically and carefully any government aims to protect its national security.