News

Insights from practitioners in Information Management

Good Manners Matter: Norms and regulations in cyberspace and outerspace

I attended a morning presentation in May 2013 on the norms and regulations incyberspace and Outer Space.  I was attracted to it because the presenter worksin the area of cyber and outer space security and the fact that the talk was toaddress issues associated with how decision-makers attempt to make cyber spaceand outer space safe and secure for all of us.

Well, I initially thoughtI’d stumbled into a physics lecture when reference was made to spectrum (justthink radio waves); however, as I listened I discovered what some of the issuesare in this rapidly advancing world.  The first example was the company in theUS that wants to develop a broadband network using satellites and a block of thespectrum that sits very near to the block of the spectrum used for GPS.  Thereis the potential for the Light Squared project to jam GPs signals.  Needless tosay they haven’t been allowed to use that part of the spectrum but they arechallenging the decision.  Then there was the concept of “Choke Points”.  Thisrelates to the grey areas where we are not sure which jurisdiction isresponsible (think of the International Straits in maritime, or air routes andairports for flight).  In cyber space it’s the hubs, the power supplies anddomain name assignment and in outer space it’s the orbits.  A point I found ofinterest when considering orbits of satellites was that the likelihood of asatellite colliding with debris is calculated using a crude and inaccuratemethod known as “2 line sets”.  This means that if the owner of a satellite isnotified on the possibility of a collision they are more than likely to adopt a“cross your fingers and hope” mentality rather than spending valuable fuel onshifting the satellite’s orbit.

As the matter of cyber security wasraised the matter of the new Internet Protocol IPV6 was discussed  which nowallows for 128-bit addresses and given that combination allows for large numbersof ISP addresses to be created and used.  This then allows for illegalactivities to be conducted using an ISP address that may be used only once forthat one illegal activity and then discarded.  This alone will make it harderfor the activities to be tracked and multiple activities to be linked. Am Iworrying you yet?  Brett gave an example of Google Maps and street views, wherewe all accept that these images are taken at a moment in time and are not realtime and it is quite legal and in most cases very helpful to have such toolsavailable.  He then went on to show an image of a network map for a WAgovernment agency.  He explained that it was the equivalent of Google Maps butit was a cyber street view of the government agency, showing the routers andservers and connections.  This cyber mapping tool is legally available andeasily used.  So, following on with Brett’s sentiment he explained that when wedecide to get up in the morning and, still in our PJ’s, access the computerremember that whilst cognitively you are in a private space once you touch thekeyboard you are in a public space.

Putting these domains into the realmof defending our nations, Brett explained that most of our nations utilities areprivatized and no longer within the control of the government and all of theseutilities rely upon cyber space and outer space to function.  So we are allvulnerable.  He indicated that the USA defense forces are so dependent on GPSthat if it went down “the war would stop”.  He suggested that China wasn’t asdependent and as such the USA are encouraging them to become more dependent.  Asthis was presented it did seem to me that we were facing the equivalent of thearms race and the Cold War in cyber space and then Brett actually used the termthat was used throughout the Cold War “mutually assured destruction” which whenapplied to the Cold War

“..assumes that each side has enough nuclearweaponry to destroy the other side; and that either side, if attacked for anyreason by the other, would retaliate without fail with equal or greater force.The expected result is an immediate irreversible escalation of hostilitiesresulting in both combatants’ mutual, total and assured destruction. Thedoctrine further assumes that neither side will dare to launch a first strikebecause the other side will launch on warning (also called fail-deadly) or withsecondary forces (a second strike), resulting in unacceptable losses for bothparties. The payoff of the MAD doctrine is expected to be a tense but stableglobal peace” (Wikipedia).

So from the perspective of cyberspace we mustbelieve that if all nations are so heavily reliant on this technology then it isin no one’s interest to attack because they will expect immediateretaliation.

Whilst there has been no mention of records or informationthroughout this presentation it is a topic of significance to anyone working inthe information management field because our industry is now reliant oncyberspace.  Try and think how you would do your job without your computer andwhat could happen to your employer if the information that is stored incyberspace is accessed by others or is destroyed.