HCSS
  • News
    • BNR | De Strateeg
    • Columns
    • Draghi Report Series
    • Events
    • Podcasts
  • Publications
    • Publications
      • All Publications
    • Defence & Security
      • Behavioural Influencing in the Military Domain
      • (Nuclear) Deterrence and Arms Control
      • Hybrid Threats
      • Rethinking Fire and Manoeuvre
      • Robotic and Autonomous Systems
      • Strategic Monitor Dutch Police
      • Transnational Organised Crime
    • Geopolitics & Geo-economics
      • China in a Changing World Order
      • Europe in a Changing World Order
      • Europe in the Indo-Pacific
      • Knowledge base on Russia (RuBase)
      • PROGRESS / Strategic Monitor
      • Transatlantic Relations
    • Climate, Energy, Materials & Food
      • Climate and Security
        • International Military Council on Climate and Security (IMCCS)
        • Water, Peace & Security (WPS)
      • Critical Minerals
      • Energy Security
        • Tank Storage in Transition
      • Food Security
    • Strategic Technologies
      • Cyber Policy & Resilience
        • Global Commission on the Stability of Cyberspace (GCSC)
      • Emerging Technologies
      • Global Commission on Responsible Artificial Intelligence in the Military Domain (GC REAIM)
      • Semiconductors
      • Space
  • Dashboards
    • Dashboards
      • All Dashboards
        • GINA
    • Defence & Security
      • DAMON | Disturbances and Aggression Monitor
      • GINA | Military
      • Nuclear Timeline
    • Geopolitics & Geo-economics
      • Dutch Foreign Relations Index
      • GINA | Diplomatic
      • GINA | Economic
      • GINA | Information
    • Climate, Energy, Materials & Food
      • Agrifood Monitor
      • CRM Dashboard
    • Strategic Technologies
      • Cyber Arms Watch
      • Cyber Comparator
      • Cyber Norms Observatory
      • Cyber Transparency
  • Services
    • HCSS Boardroom
    • HCSS Datalab
    • HCSS Socio-Political Instability Survey
    • Strategic Capability Gaming
    • Studio HCSS
    • Indo-Dutch Cyber Security School 2024
    • Southern Africa-Netherlands Cyber Security School 2025
  • NATO Summit
  • GC REAIM
    • GC REAIM | Members
    • GC REAIM | Conferences
    • GC REAIM | Partners, Sponsors, Supporters
  • About HCSS
    • Contact Us
    • Our People
    • Funding & Transparency
    • Partners & Clients
    • HCSS Newsletter
    • HCSS Internship Programme
    • Press & Media Inquiries
    • Working at HCSS
    • Global Futures Foundation
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu

News

The SolarWinds Wake-Up Call

December 16, 2020
Solar Winds Alexander Klimburg

The SolarWinds hack shows precisely why we can’t rely on a treaty to govern state behavior in cyberspace. Rather, governments must cooperate to uphold existing norms, argue Michael Chertoff, Latha Reddy & Alexander Klimburg in an article for Project Syndicate.

The recently discovered SolarWinds hack holds obvious lessons for governments around the world, particularly after a year in which cyber attacks on critical infrastructure have surged. International action is urgently needed, not to write new treaties or codes of conduct, but to enforce existing norms.

WASHINGTON, DC – The recent discovery of the devastating Sunburst hacking campaign against US and global targets is once again challenging the international community to respond to an increase in cyber attacks. Over the past year, cybersecurity personnel worldwide have faced a surge of hacks against critical infrastructure, including institutions fighting the COVID-19 pandemic. While governments have openly condemned some of this behavior, more collective action is clearly needed.

There is no international treaty for cyber matters, and the 11 non-binding norms of responsible state cyber behavior endorsed by the United Nations General Assembly are somewhat ambiguous. Additional norms are being put forward all the time, which is a good thing. But norms are not treaties and should not be treated that way. The better option is to concentrate on the spirit – not just the letter – of what the norms convey. Indeed, the latest hacking revelation shows precisely why an international cybersecurity treaty would likely fail.

SolarWinds, a leading US network-management company, produces a monitoring platform that grants IT support staff remote access to devices that have it installed. The recent supply-chain attack hijacked the software’s update function to install the so-called Sunburst malware. As the tech publication The Register reports, SolarWinds is deployed in more than 425 US Fortune 500 corporations, all major US telecoms companies, and most branches of the US government (with a similar presence in many other developed economies). And the cybersecurity company FireEye, whose reported breach early last week was instrumental in uncovering the campaign, said that institutions worldwide may have been compromised, even if the US government was the likely focus.

The US government itself suspects Russian intelligence actors of perpetrating the attack, and the cybersecurity expert Jeff Moss has argued that unmasking the campaign could even prompt the attackers to take further action.

Read the full aticle on Project Syndicate:

Read full article
  • Share on Facebook
  • Share on X
  • Share on WhatsApp
  • Share on LinkedIn
  • Share by Mail

Experts

Alexander Klimburg

Related News

Related Content

Solar-Winds-Wake-Up-Call
Will Putin Finally Wake Up Europe?
Norm Proposal | Call to Protect the Public Core of the Internet

Office Address

  • The Hague Centre for Strategic Studies
  • Lange Voorhout 1
  • 2514 EA The Hague
  • The Netherlands

Contact Us

  • Telephone: +31(70) 318 48 40
  • E-mail: info@hcss.nl
  • IBAN NL10INGB0666328730
  • BIC INGBNL2A
  • VAT NL.8101.32.436.B01
  • Contact

Legal & Privacy

  • Disclaimer & Privacy
  • Algemene Voorwaarden (NL) 
  • Terms & Conditions (ENG) 
  • Coordinated Vulnerability Disclosure
  • Ethical Standards
  • Manual for Responsible Use of AI

Follow us

© The Hague Centre for Strategic Studies
    Link to: HCSS Internship Program Link to: HCSS Internship Program HCSS Internship ProgramGeneral Internship Link to: Blog | The best of both worlds: Crowds & Machines Link to: Blog | The best of both worlds: Crowds & Machines Blog | The best of both worlds: Crowds & Machines
    Scroll to top Scroll to top Scroll to top

    GDPR Consent

    Your privacy is important to us. Here you can set which consent you are allowing us with regards to the collection of general information, the placing of cookies of the collection of personal information. You can click 'Forget my settings' at the bottom of this form to revoke all given consents.

    Privacy policy | Close
    Settings

    GDPR Consent Settings

    Your privacy is important to us. Here you can set which consent you are allowing us with regards to the collection of general information, the placing of cookies of the collection of personal information. You can click 'Forget my settings' at the bottom of this form to revoke all given consents.

    Website statistics collect anonymized information about how the site is used. This information is used to optimize the website and to ensure an optimal user experience.

    View details

    Functional cookies are used to ensure the website works properly and are neccessary to make the site function. These cookies do not collect any personal data.  

    View details
    Forget my settings Deleted!