As cyber attacks sow ever greater chaos worldwide, IT titan Microsoft and independent experts are pushing for a new global NGO tasked with the tricky job of unmasking the hackers behind them.
Dubbed the "Global Cyber Attribution Consortium", according to a recent report by the Rand Corporation think-tank, the NGO would probe major cyber attacks and publish, when possible, the identities of their perpetrators, whether they be criminals, global hacker networks or states.
"This is something that we don't have today: a trusted international organisation for cyber-attribution," Paul Nicholas, director of Microsoft's Global Security Strategy, told NATO's Cycon cyber security conference in Tallinn last week.
With state and private companies having "skills and technologies scattered around the globe" Nicholas admits it becomes "really difficult when you have certain types of complex international offensives occurring."
"The main actors look at each other and they sort of know who they think it was, but nobody wants to make an affirmation."
Microsoft already floated the idea of an anti-hacking NGO in a June 2016 report that urged the adoption of international standards on cyber security.
The report by Rand commissioned by Microsoft called "Stateless Attribution - Toward international accountability in Cyberspace" analyses a string of major cyber attacks.
They include offensives on Ukraine's electricity grid, the Stuxnet virus that ravaged an Iranian nuclear facility, the theft of tens of millions of confidential files from the US Office of Personnel Management (OPM) or the notorious WannaCry ransomware virus.
Duping investigators
"In the absence of credible institutional mechanisms to contain hazards in cyberspace, there are risks that an incident could threaten international peace and the global economy," the report's authors conclude.
They recommend the creation of an NGO bringing together independent experts and computer scientists that specifically excludes state actors, who could be bound by policy or politics to conceal their methods and sources.
Rand experts suggest funding for the consortium could come from international philanthropic organisations, institutions like the United Nations, or major computer or telecommunications firms.
Pinning down the identity of hackers in cyberspace can be next to impossible, according to experts who attended Cycon.
"There are ways to refurbish an attack in a way that 98 percent of the digital traces point to someone else," Sandro Gaycken, founder and director of the Digital Society Institute at ESMT Berlin, told AFP in Tallinn.
"There is a strong interest from criminals to look like nation-states, a strong interest from nation-states to look like criminals," he said.
"It's quite easy to make your attack look like it comes from North Korea."
According to experts at Cycon, hackers need only include three lines of code in Cyrillic script in a virus in order to make investigators wrongly believe it came from Russian hackers.
Similarly, launching attacks during working hours in China raises suspicions about Chinese involvement.
Hackers can also cover their tracks by copying and pasting bits and pieces of well known Trojan viruses, something that points the finger at their original authors.
(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)
Dubbed the "Global Cyber Attribution Consortium", according to a recent report by the Rand Corporation think-tank, the NGO would probe major cyber attacks and publish, when possible, the identities of their perpetrators, whether they be criminals, global hacker networks or states.
"This is something that we don't have today: a trusted international organisation for cyber-attribution," Paul Nicholas, director of Microsoft's Global Security Strategy, told NATO's Cycon cyber security conference in Tallinn last week.
"The main actors look at each other and they sort of know who they think it was, but nobody wants to make an affirmation."
Advertisement
The report by Rand commissioned by Microsoft called "Stateless Attribution - Toward international accountability in Cyberspace" analyses a string of major cyber attacks.
Advertisement
Duping investigators
Advertisement
They recommend the creation of an NGO bringing together independent experts and computer scientists that specifically excludes state actors, who could be bound by policy or politics to conceal their methods and sources.
Advertisement
Pinning down the identity of hackers in cyberspace can be next to impossible, according to experts who attended Cycon.
Advertisement
"There is a strong interest from criminals to look like nation-states, a strong interest from nation-states to look like criminals," he said.
"It's quite easy to make your attack look like it comes from North Korea."
According to experts at Cycon, hackers need only include three lines of code in Cyrillic script in a virus in order to make investigators wrongly believe it came from Russian hackers.
Similarly, launching attacks during working hours in China raises suspicions about Chinese involvement.
Hackers can also cover their tracks by copying and pasting bits and pieces of well known Trojan viruses, something that points the finger at their original authors.
(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)
COMMENTS
Advertisement
Microsoft Designer App, the AI-Powered Image Generator Platform Is Now Available For All Users Detective Dotson Details Co-Op Mode on Xbox Series S/X, Will Feature Dynamic Split-Screen Google And Microsoft Now Consume More Power Than Several Large Countries Shooter Had Trump's Face Right In Middle Of Crosshairs, Shows New Video World's Largest Isolated Tribe Makes Rare Appearance In New Footage Barack Obama Wants Joe Biden To Pull Out Of US Presidential Race: Report Israeli Strike Kills Field Commander In Elite Hezbollah Unit: Report Delhi-San Francisco Air India Flight Diverted To Russia After Engine Glitch Congress Does Not Want Manipur Like Situation In Tripura: Gaurav Gogoi Track Latest News Live on NDTV.com and get news updates from India and around the world.