CyberPeace Institute created
Microsoft, Mastercard and the Hewlett Foundation are funding a new organisation that is planning to help dissidents and other vulnerable groups across the world defend against hackers.
Microsoft, Mastercard and the Hewlett Foundation are funding a new organisation that is planning to help dissidents and other vulnerable groups across the world defend against hackers.
The CyberPeace Institute, headquartered in Geneva, will get started on Thursday, September 26, with the aim of working with the international community to stop the internet from becoming “weaponised”, according to an institute statement.
The organisation, which planned to employ as many as 20 staff members in its first year, would work with a network of volunteers and experts in the public sector, academia and civil society to respond to major cyber attacks that inflict harm on people, such as those that shut down hospitals, cripple businesses or suppress the work of advocacy organisations, said Marietje Schaake, CyberPeace president.
“We read about cyber attacks every day and people frown and worry, but there’s little understanding of the impact on civilians and how, in this space, the lines blur between states and the private sector,” said Schaake, who formerly served as a member of the European parliament.
“We want to bring more transparency and accountability, and we want to focus on helping civilians who may have experienced harm or become the collateral damage of a cyber attack.”
Microsoft president Brad Smith said cyber attacks could have a “real world impact” on people’s ability to access basic services such as health care, banking and electricity.
“We need to bring together people across civil society and the tech sector to share data, best practices and technology to better protect citizens and increase the world’s resiliency against cyber attacks,” he said.
“The CyberPeace Institute will help do just that.”
The institute would work to influence global policy and international law on cyber attacks and hoped to promote “responsible behaviour” among state and nonstate actors, said CEO Stéphane Duguin.
The organisation will also publish public reports on specific incidents and may provide technical support to groups that have been identified as victims of a hack.
The institute’s experts will not name who is responsible for a particular attack — a process known as attribution — though they plan to release technical details they uncover that may help others track down the hacker’s identity.
“There are many different elements of information that form a puzzle that can lead to attribution. It is very difficult,” Schaake said.
Even when there are strong indicators suggesting who was responsible for an attack, “there can be political hesitation or other sensitivities for calling out the perpetrator”.
Microsoft, Mastercard, and the Hewlett Foundation are among CyberPeace’s core funders. The organisation has an eight-member executive board and 14-member advisory board, which includes technical and legal experts, as well as human rights advocates.
Danny Sriskandarajah, a member of the advisory board and CEO of the UK-based charitable organisation Oxfam GB, said he was concerned about the rising spate of cyber attacks against pro-democracy advocates in parts of Eastern Europe and the Middle East.
“It’s never been easier to organise and mobilise political dissent,” said Sriskandarajah.
“The downside is that the online world comes with huge threats for activists. In Oxfam, we are really conscious of making sure our own systems are as secure as they can be, but we are even more worried about smaller NGOs and protesters and dissidents who need to have the right to speak out. They are being targeted very clearly by malevolent forces.”
THE INSTITUTE WOULD WORK TO INFLUENCE GLOBAL POLICY AND INTERNATIONAL LAW ON CYBER ATTACKS