January 17, 2011

Cyber Attacks Have Potential To Cause Global Catastrophe

The Organization for Economic Cooperation and Development (OECD) said in a report on Monday that cyber attacks now have the potential to cause global catastrophe, but only in combination with another disease.

The study said there were very few single "cyber events" that could cause a global shock.

Examples were a successful attack on one of the technical protocols on which the Internet depends, or a large solar flare that could wipe out key communications components like satellites.

The study, which is part of a wider OECD project examining possible "Future Global Shocks", said a combination of events like coordinated cyber attacks should be a serious concern for policy makers.

"In that eventuality, 'perfect storm' conditions could exist," said the report, written by Professor Peter Sommer of the London School of Economics and Dr Ian Brown of Britain's Oxford University.

Governments are increasingly emphasizing the importance of cyber security.

The U.S. is preparing itself for cyber attacks and has launched its own military cyber command.

Last October, Britain rated cyber attacks as one of the top external threats, promising to spend an extra $1 billion on the issue.

The New York Times reported on Saturday that the Stuxnet computer worm, which was seen as an attack on Iran's nuclear program, was a joint U.S.-Israeli effort and had been tested at Israel's Dimona nuclear plant.

The OECD study concluded that cyber attacks would be ubiquitous in future wars, and that cyber weaponry would be "increasingly deployed and with increasing effect by ideological activists of all persuasions and interests."

"There are significant and growing risks of localized misery and loss as a result of compromise of computer and telecommunications services," the report said.

However, it concluded that a true "cyberwar" was unlikely as many critical systems were well protected and the effects of attacks were difficult to predict.

Brown said adopting a largely military approach to cyber security was a mistake because most targets in the critical national infrastructure were in the private sector.


On the Net: