China President Xi Jinping and US President Barack Obama will discuss cyber security between the nations at the upcoming meeting. Photo: Reuters
Leading cybersecurity experts have questioned whether the United Nations should play a more active role in preventing online attacks across country borders.
The comments came at a briefing of diplomats and security experts held by US think tank The EastWest Institute, ahead of an anticipated meeting between US President Barack Obama and China President Xi Jinping.
"Security is the traditional role of government but we need to think of new ways to coordinate internationally," said James Lewis, a security expert at the Centre for Strategic and International Studies and former US state department official.
"The foundation of how we treat cybersecurity must be based on international law and a UN charter to make this more stable, but how do we apply it?"
The US and Chinese leaders are expected to, among other things, discuss the issue of cyberattacks attributed to independent and state-sponsored groups in China.
The Australian Financial Review has revealed attack attempts made against federal agencies including the Reserve Bank, the Australian Bureau of Statistics and others, some of which are believed to be sophisticated and potentially state-sponsored.
DEBATE OVER INTERNATIONAL COOPERATION
But others involved in the discussion were not so welcoming of greater international cooperation.
"The US has done a lot of thinking and the most useful has been to treat cyber as another weapon, and the conventions apply and will guide our decisions," said Cherian Samuel, a cybersecurity expert at India's Institute for Defence Studies and Analysis.
"So other countries need to apply international law that was used to guide conflict. We didn't need to apply new treaties when airplanes and missiles were invented."
International regulation of cybersecurity is largely uncharted and murky. Where an attack is traditionally defined as causing death, destruction and casualty, many hacks to date have done no such thing.
Attribution of attacks to a particular country or group also remains difficult.
WARNING AGAINST MILITARISATION
Dr Sandro Gayken, a researcher at the Institute of Computer Science at the Freie Universität in Berlin and until recently a policy advisor to the German government, warned against the increasing militarisation of the internet by governments.
He said attempts to use online attacks as another form of weapon would inevitably result in a "practical end of privacy and freedom of speech on the internet".
"We have a change in situation because rise of highly sophisticated hackers," he said. "Military and secret services realised the offensive potential of this, because society is dependent on [the internet].
Sign up for CIO Asia eNewsletters.