Cybersecurity needs global rules: British lawmakers
In a report, a committee of parliament's upper chamber said that creating a common European-wide approach, while a desirable step in the right direction, was seen by many in the cyber community as "second best" to global regulation.
Despite the borderless nature of the Internet, international regulation of online security does not yet exist, resulting in a multiple abuses from small-scale theft and identity fraud to espionage and mass attacks that shut down a business or utility.
Amid growing concern over online crime and disputes over cyberspace pitting China and Iran against U.S. firm Google, many governments continue to see the issue as a one of national security, an approach experts say is too parochial.
Regulators need to hunt criminals across borders and ensure they are prosecuted, a hard task when criminals can use proxy servers to remain anonymous.
"The government and EU should be giving greater attention to how cyber-security could be developed on a global basis," said the report by the House of Lords European Union Committee.
"Consideration needs to be given to the gradual development of international rules which will effectively discourage the launching of proxy attacks from within the jurisdiction of some of the main users of the Internet."
ONLINE BOUNDARIES "DIFFICULT IF NOT FUTILE"
It said EU members with the best developed online systems in Europe should broaden a dialogue on cybersecurity with non-EU countries, in particular the United States, Russia and China.
The report quoted Britain's Serious Organized Crime Agency, as saying in evidence to the committee that the best solution to preventing abuse of the Internet would be a global one.
"The imposition of boundaries within Internet Governance is a difficult, if not futile, issue," SOCA told the committee.
The committee said that global initiatives that tackle security threats now were mainly organized "on an entirely ad hoc basis, with loose groupings of people from relevant parts of industry coming together to address particular incidents".
The report said Britain was reasonably well protected against cybercrime, and the Internet itself was resilient as it was a network of networks with a decentralized management, so a collapse in one place was unlikely to hit the entire system.
Restating a perennial concern of London city planners, the committee said that a failure of the Thames Barrier would flood the London Docklands and have a big impact on the Internet.
"But the point repeatedly made to us was that the Internet itself would be able to withstand attacks robustly, and better than any traditional alternative means of communication."