Nations urged to co-ordinate response to cyber crime

Governments are in a "cyber arms race" with criminals and need to put processes in place that clarify their response to any attacks, according to the former US secretary of homeland security.

Michael Chertoff said at the RSA Conference Europe that a clear doctrine is needed from individual countries and through international treaties to determine how to deal with cyber fraud, espionage or outright attacks on systems.

"You need to make it clear to an adversary what the response to an attack will be, so you need a doctrine in place to stabilise the growing arms race between cyber criminals and people trying to defend against them," he said.

"If, for example, a platform can be identified as attempting to do something that could have an impact on human life, say targeting civil aviation systems, there should be measures in place to seek to attack and disable that platform."

Chertoff maintained that "strong obligations" should be placed on countries to police platforms within their jurisdiction and stop them being used for attacks.

However, Chertoff believes that, while lower level attacks still require a response, a degree of "proportionality" is needed so that espionage or fraud attacks do not lead to full-scale cyber war.

"In the physical world attacks by governments need to be as precise as possible and there is no reason why this should not be the same in the cyber world," he said.

Chertoff argued that a global agreement between nations could be possible, but acknowledged the difficulties of doing so when large numbers of cyber criminals operate outside the boundaries of jurisdiction.

"There are, of course, lots of issues that will be encountered in this sort of approach, but that does not mean it shouldn't be debated," he said.

Richard Clarke, a former presidential special advisor on cyber security, said yesterday at the RSA Conference Europe that the UK, US and European Union need to crack down on countries that allow hackers to carry out attacks from within their borders if they are directed outside the country.