Cybercrime as a security issue.


I’m presently doing a bit of reading into the concepts of cyber warfare and international security. It’s a fascinating and fairly new field and my reading comes at a time when the Australian PM, Julia Gillard, has specifically articulated threats emanating from cyberspace as a security priority for Australia within the next decade. Gillard’s speech and the government’s subsequent paper has actually drawn quite a bit of international attention.

Personally, I find the idea of cyber warfare as a security issue somewhat controversial. No doubt that malicious Internet activity impacts many, many people, but does it impact nation-states to the extent articulated by many politicians and policymakers? The empirical evidence as well as the historical ledger seem a bit thin here, particularly when you consider the social and financial costs of other security issues (namely, the health of biosphere) are getting pushed aside for what may be a fashionable potential security issue in cyber warfare and cyber crime.

One thing that is obvious to me regarding the nexus between concepts of ‘security’ and the computer networks that power the Internet, is the lack of understanding of the nature of these networks and how they operate that many politicians and policymakers seem to demonstrate. Case in point is British MP Keith Vaz, a self-confessed technological ‘dinosaur’ and Chairman of the Home Affairs Select Committee, who have been considering the potential impact of malicious internet activity on the security of Britain. He was interviewed by Al Jazeera on cyber crime, and continually spoke about such activities in terms of malicious activity by nation-states before confusing the viewer by talking about non-state actors, including individuals.

He then continued on to frame cyber crime specifically in terms of fraud (such as stealing credit card numbers) as well as email hacking, and failing to articulate why exactly cyber crime or cyber warfare (whatever that may be) should be considered a security issue rather than a criminal activity. Not to criticise Vaz too much (fraud and cyber crime are a serious issue after all) but it does seem to me that politicians are fond of framing a hacker, individual or otherwise, as something that should require the full gaze of a state’s security resources, rather than let legal or other processes deal with these issues.

This strikes me as strange – how can the malicious and online actions of individuals, or even a large collection of individuals be equivalent to interstate warfare? This is where the whole cyber warfare as a pressing security issue falls down. Malicious cyber activity is probably better conceptualised in terms of globalised crime rather than an explicit and existential threat to human existence.

Thinking back to Gillard’s speech at ANU on cyber activity as a security issues recalls Buzan and Waever’s ideas of securitisation – where state’s talk about threats in terms of security in order to justify certain emergency measures. It’s actually the lack of boundaries, the lack of control on citizen discourse that may be a bigger threat to states and their governments rather than identity theft or hacker intrusion. The Internet allows open discourse and allows citizens to question the leviathan, and subsequently threatens their legitimacy. You can see evidence of that given the treatment of Julia Assange and the power of Wiki leaks.

Regardless, there seems to be more pressing security issues than cyber attacks. Ben Eltham’s New Matilda piece regarding environmental security gives a good Australian perspective.

There could be a day when my sentiments are proved wrong and where malicious cyber-attacks can be attributed as cause for loss of life or social disruption. I’m yet to see actual evidence of that yet, so I’m content to remain skeptical.

It’s funny, as I write this (though probably not funny for the people being effected); Bundaberg citizens are getting airlifted from their homes due to flooding cause by yet another extreme weather event. The cost of these events to Australia will be substantial, dare I say significantly more than computer crime. One gets the feeling that environmental security may have been put in the too hard basket, but that’s another consideration for another day.