The significant use of the internet and related web technologies give businesses greater opportunities and help them conduct operations that reach every corner of the economy. In this era, computers and the internet have become essential for business processes from product conception and design, engineering, to supply chain management and beyond. Growth and risks of the reliance are visible. This requires a new way of thinking about risk responses and business planning.
The risks are urgent and real. Anyone can imagine what may happen if computers based utilities stop responding or stop recognising domain names. The situation arising out of any internet disruption is not just a quasi-fictional scenario, rather a strong possibility to which empirical observations of the recent past point.
Effects of a major internet breakdown could lead to a drop in productivity, lower profits, and cause decline in stock markets, reduced spending and a potential economic crisis. Any denial of the data running through the internet could undermine users’ confidence in the reliability and integrity of that information they share online. Lack of users’ trust paired with the loss of confidence among businesses would significantly disrupt business operations and the economy. The World Economic Forum estimates a 10 to 20 percent probability of a breakdown of the internet in the next 10 years. Additionally, it estimates the global economic cost at approximately $250 billion.
Older internet users may remember debates over its vulnerabilities and risks of doing businesses on the web, when the first Mosaic browser was introduced. Back then, pioneering adopters passionately opposed the business use of the web and putting assets online where flaming attacks could bring down sites or jam networks. The fight was lost because common users voted in favour of access to free information. Result: now web is almost all about commerce.
Shortly after the Y2K saga, widespread attacks by the ‘Code Red’ and ‘Nimda’ worms wreaked havoc in almost every big network around the world. Earlier this year the group of hackers successfully broke into 70 websites in different countries and took down the Syrian Ministry of Defense website. There are countless examples of cyber intrusions (call them cyber attacks). Since last week, the internet is abuzz with speculation about hackers group called Hackivist’s wow to kill Facebook on November 5, 2011 (huge Pakistani Facebook users watch out) citing users’ lack of choice in privacy as its reason for attack.
New capabilities are being brought to the internet every day and this is opening up more avenues of malicious cyber actions. At the same time, hackers are also acquiring increasingly powerful tools for snooping. The risks of economic espionage or chances of hackers to hold companies to ransom by threatening to shut down their vital systems have multiplied exponentially.
Hackers are working around the clock and around the world to find and take advantage of vulnerabilities in networks and penetrate to steal information and do more damage or just keeping an offensive vigilance.
In less connected countries like Pakistan where the infrastructure is not very resilient many casualties of any possible cyber action may be in the corporate sector at individual company or at national systems levels. The impacts of any cyber figment on the internet and the world wide web’s blockade on the civil life and national economy may not be difficult to understand.
What forms cyber action can surprise us? One can go deep into the realm of speculation here. Almost all corporate entities or information systems must start from the assumption that internet outages are inevitable. At this moment, one can only imagine threats and calculate risks. Communications networks can be the easiest targets. Clogging up computers that handle supply chains, shutting down civil utilities that are computer based, crushing computers at stock exchanges or simply downing commercial websites are some other cyber actions that can cause problems.
What should be done? Indigenous research, extensive debate to prepare everyone involved – everyone will literally be involved – and preparing to live up to any eventuality are some starting points. Cyber threats to the national economy should be perceived afresh. Policy makers and planners need to think about how a cyber attack could affect national economy. The nation has to dedicate, at policy level and at the corporate level, and academia have to invest increasing resources to deal with the complexity of how to address issues of threat to national interests online. Awareness should initiate multiple important efforts to reaffirm and continue to raise awareness that economy face and need to actively manage cyber risks. This will urge stakeholders to assess their internet dependencies from a business perspective to ensure that they are able to get vital operations running as quickly as possible following any internet breakdown. This is essential for reducing the potential adverse impact on businesses, as well as minimising the negative effects on our nation’s economy and, also, our national security.
The writer is Deputy Controller of Examination at Lahore School of Economics. He blogs at http://logicisvariable.blogspot.com and can be reached at [email protected]
