More and more incidents on and around the Internet make headlining news. In a general fashion these can be categorised as “ordinary” criminality and hacks of computer systems, e.g. by so called hacktivists and criminals, but more often also by state actors. A good example is the letter Dutch minister for Security and Justice, I. Opstelten sent to the Dutch parliament. Online incidents cause damages from an economic and financial point of view, while security in general decreases, as computer(systems) and mobile devices become a part of botnets. To make matters worse, quite often online incidents cause a severe breach of privacy. Despite the fact that incidents are on the rise or at least more visible to the general public, a central alerting place, a “112 digital” is lacking in most if not all countries.
Why creating a “112 digital” is a smart thing to do
Instating one central spot to report (preferably a website) for online incidents would create clarity in two aspects: 1) the lack of overview (on many not reported incidents and the damages suffered) of the side of the government; 2) the misconception that alerting government agencies to digital burglaries and incidents are upfront a breach of the privacy law. At present it is completely unclear for the general public how and where to report. Also it is not the standard to do so for people, companies and institutions. This is not the blog post to speculate on the why of this.
In the analogue world it’s completely normal to report burglaries, accidents, fires, etc., to 112 or directly to the involved entity itself. No one asks himself (or her) the question that whether through reporting he’s in violation of the privacy law. The national Data Protection Agency does not start an investigation on the basis alerting of someone reporting incidents or accidents to the authorities. On the contrary, police, ambulances and the fire department ride out as first movers and experts. If necessary police detectives follow should the circumstances call for an investigation. No one gives it one thought that the privacy of those involved was breached. An incident is reported, authorities respond.
Reporting incidents on the Internet does not seem as obvious though. Breaking and entering or attacks on computer systems owned or hired by companies and governments, but also personal ICT devices, occur on a daily basis, but are seldom reported. Also or especially not by a third entity that notices the breach, e.g. the ISP. Quite often the argument used is that it is a breach of privacy. “The privacy of the end user is in danger of being breached”. Is this really so? (I leave the question of the dangers the end user is exposed to because of not reporting aside.) There is no problem if someone reports a burglary in process at the home of this same end user. Is there when his computer or mobile device is broken into (hacked)? The answer is no, one reports a (digital) burglary to the proper authorities directly or through an intermediary, “112 digital”.
As a mind experiment I’d like to take you one step further. At the break in of the end user’s computer a virus was left behind, so the computer is now a part of a large botnet. This was noticed, but not reported. In a worst case scenario this computer, together with many others, is used to attack a nuclear power plant. This attack is so successful that the plant explodes. Later investigation showed that the final command was sent through this specific hacked computer. There are not many countries in the world that allow their citizens to have offensive weapons of war in the home. This appears to be somewhat different where infected computers are concerned. Suspicious analogue behaviour is reported, online it is not so common. Not doing so can have far reaching consequences for individuals, organisations and governments alike and on a daily basis have. Damages do not need to be so grave as in the example above to have a grave impact on people and organisations.
By creating a website “112 digital” every one can report digital incidents, attacks and “fires”. Preferably under the same circumstances as under the present 112 system. The parties behind this interface can take immediate and appropriate measures concerning security and safety. In the follow up investigations can start. Just like at the present 112 it is clear up front who needs to be involved, alerted, where this presently may be totally unclear to the average civilian and official not apt in “cyber”. Governments could also look into a central, online way to file reports of online threats and incidents next to the alert function of “112 digital’. This is one step further than alerting, but several arguments used here work just as well for online report filing to the police.
The state offers protection online
One of the tasks of a state is to offer protection to “us”. This goes as much for the online world as the offline one. Creating a “112 digital”, e.g. at a national cyber security centre, contributes to the normalisation of reporting online incidents. It will not only facilitate the protecting task of the state, but will make this clear to the public beyond doubt. In addition to this the reporting centre will provide data in abundance so that government agencies can prioritize better on security, enforcement and preventing online incidents. For the well-being of the greater good, for “us”.
Wout de Natris, De Natris Consult
Leiderdorp 11 February 2013