At a conference in Munich, security experts discussed a world full of digital dangers. One conclusion is that risks are inevitable. But you can limit it.
The approximately 250 listeners had to wait exactly 97 minutes before the name of the Chinese network supplier Huawei was mentioned for the first time. It was the name everyone had been waiting for. When it comes to Huawei, the opinions of security experts around the world – many of whom attended the Munich conference on cybersecurity – diverge.
The Trump administration in the United States, for example, is demanding that other countries exclude Huawei from expanding their telecommunications networks. The new 5G mobile network is so fast that many new things such as autonomous driving or surgical robots are possible in hospitals. And that is why, Washington argues, it is all the more important to be able to rely on the infrastructure. Many politicians in Europe are less rigorous. Chancellor Angela Merkel’s CDU also demands high security standards, but does not want to rule out Huawei from the outset.
The UK government only wants to keep Huawei away from certain parts of the UK network. Ciaran Martin, head of the cybersecurity department at the UK Home Office, sounded almost apologetic at his lecture in Munich when he said: “This is a decision that only applies to the UK and at this time. We are not asking anyone to do the same . ” And he added a fundamental insight: “We believe that any part of the infrastructure, no matter who made it, no matter what it is for, can fail, either accidentally or through manipulation.” You have to weigh the risks.
The well-known unknown
The dangers of possible infrastructure failure played an important role in this year’s conference on cybersecurity, a one-day meeting just before the Munich security conference. There is concern that artificial intelligence may be too intelligent, that adulteration of the truth may be too credible, that things from pacemakers to self-driving cars may become too vulnerable to manipulation over the Internet. Experts from business, authorities and universities have argued about the “protection of critical infrastructure” and the “known unknown” of the Internet.
Earlier, EU Vice-President Margaritis Schinas complained that the EU was too “fragmented” in tackling such security problems. He sees attempts to influence elections, steal data from companies and individuals, and disrupt social peace. No country, says Schinas, can solve the problem alone.
While some autocratic countries build national networks and disconnect from the Internet, democracies usually rely on cooperation here. Schinas called for a culture of sharing on network security issues. The new commission under Ursula von der Leyen will launch an initiative for more cyber security later this year. The problem is that states don’t necessarily want to show their weaknesses by sharing data about them. “We have to build trust,” said Schinas.
Everything is related to everything
However, the conference not only gave examples of digital vulnerability, but also of its possibilities. Schinas predicts a world of 500 billion interconnected devices where “practically everything is connected to everything”. For this, the EU must create a center that protects the economy against attacks.
Google’s Kristie Canegallo said her group had seen countless states phishing in the European and Indian elections. Cards were forged so that polling stations were marked in the wrong places, and even candidates were incorrectly reported as deceased. But, Joyce says, you can do something about it. “We have teams around the world who monitor and disrupt adulteration, disinformation campaigns, coordinated attacks and other forms of abuse around the clock.”
The participants in the conference on cybersecurity admit that the digital world is fundamentally vulnerable and attracts shady actors, regardless of whether their motives are political or financial or whether they simply want to create chaos. The answers to this fluctuate between more regulation and better technology. Juhan Lepassaar of the European Cyber Security Agency admits that an attacker on the 5G network could choose the site of the attack while the defender doesn’t know where it is; that creates an imbalance. “But by generally strengthening resilience, you can win the battle.”