Cooperation between countries in cyber security, as well as the exchange of experiences in coping with increasingly sophisticated cyber threats, were the topics of one of World Economic Forum Davos 2023 talks, where the Outlook report was also reviewed. Cyber Security 2023, based on research and collaboration.
The report includes the findings of new research on how leaders are currently responding to cyber threats, as well as recommendations for what leaders may do to defend their countries in the coming year.
Prime Minister Rama addressed Albania’s experience dealing with cyber attacks with those present, as well as the necessity of international cooperation in making the most use of technology and shaping a common, swift, and successful response to cyber threats.
We observe 95% of world leaders expecting a catastrophic cyber event. Albania was the target of a cyber attack. What lessons can we draw from this experience, particularly for political leaders?
Edi Rama, Prime Minister: Thank you so much for including me! I’ll do my best to assist. First, because of the occurrence you stated, we were obliged to learn more about it, and one of the things I learned was that if cybercrime were a country, it would be the third largest in the world behind the United States and China. Its entire potential was anticipated to be 3 trillion USD in 2015, and 10.5 trillion in 2025. If we think of a virus, Covid 19, that caused so much chaos and necessitated so much interaction and collaboration, imagine an exponential multitude of viruses that mutate exponentially every day – they do not threaten our organism, but the organism in which we live, our organizations, our countries, our systems – then the end might just be an apocalypse. They are viruses that may not only obstruct our way of life, but also manipulate and redirect it, allowing them to utilize our systems as remote, air transport systems to attack us.
Consider a cyber attack on air transportation infrastructure that turns a number of flying planes into bombs. What we have learned is that it is absolutely foolish to believe that any country, powerfull or not, rich or poor, can address this issue alone. What we are seeing in our daily battle, we have been under attack from Iran since last summer, (it would be difficult to explain why to the audience, but we are under attack and we are in coalition with a few friendly countries that are facing the same threat coming from the same origin and are more developed than us in terms of cyber defense) is that these weapons, I use this word because they are real weapons, are codes that are used to attack us, but they also constitute a novelty for our allies as well. This means that cooperation is also a way to learn about new weapons that are being employed every day and to prepare for them. I can’t imagine how the institutional world, the structured world, whether public or private, can survive this without a massive, massive coalition.
What we have learned from conventional crime in Europe is that it has established a much more functional EU than the states themselves, since it is much more integrated, there are no summits that never end, meetings, and there is no veto to stop the supporters from doing anything, while the EU itself must attempt to create convergences and cohesions in order to produce a joint action.
We witnessed that during the pandemic. Finally, there is one more thing. On the one hand, this is difficult for the public sector because it involves resources. Consider Albania, with its GDP and development, which has taken an exponential step to transform from a country that relied primarily on papers, bureaucracies, and bribes to a country that today has 95% of services processed online, which is the blessing of technology for developing countries, allowing them to take steps that would otherwise take decades, but it is also the curse of technology because you are completely exposed, and we are already exposed, against a cyber-attack.
The question is how many will be unified, how much the world will be united, and how many countries will be united. How many small, large, rich, and poor countries will realize that they must work together because, if nothing else, Albania is already a very important model of what is to come.
My question is for Mr. Edi Rama. Can you discuss with those of us who haven’t been following the attack as closely as you have some of the specific affects and consequences that your country has faced as a result of this attack, as well as the quickest response you could provide?
Prime Minister Edi Rama: I omitted this in the introduction because it would be too complicated for the time we have. You can start late in Davos, but you can’t end late because others must come and occupy the hall. I’ll try to be as concise as possible. We saw technology as a lifeboat to get from a level of administration that was polluted by endemic corruption in terms of bribery to a level where direct contact between citizens and public officials and offices was eliminated through online connection. We were able to shift from a country that was near the bottom in this regard to one that is ranked eighth in Europe and 16-17 in the world by the United Nations for countries that use digital services.
But that is precisely where the hackers intended to attack us, trying to fully destroy our digital infrastructure and wipe any data relating to public services. It was quite disturbing because for weeks there was an incredible war going on online, 24 hours a day, 7 days a week, with many people engaged in the trenches fighting them back, and we managed to withstand this attack without allowing them to do what they wanted.
We decided that it was extremely evident that one country, presumably Iran, was behind this attack after conducting a very extensive investigation with Microsoft’s counter-threat team and the FBI team. We linked this strike to Iran based on facts. The other side of cybercrime’s scary presence in our life is that it is not the same as someone breaking into your house, smashing down your door or breaking a window, and then breaking in. Cybercriminals may be present in your home without your knowledge.
So it’s penetrations, and it’s like taking and laying time mines and setting the day and time when you detonate the mine, and you have no idea you’re sleeping on a mine until then. As I previously stated, what we are doing now, in collaboration with two other friendly countries, is just that; we are learning, thanks to their superior skill, exactly what the motions are in the dark, which no one would know otherwise.
We are deeply dedicated to improving private sector understanding of these risks and encouraging the corporate sector to collaborate and interact with the government when it comes to contributing. So, it is not an easy process, but it is the new world, so I hope Michel Rocard’s prophetic remark is not proven with time; before he died, he stated, “I feel very blessed to have lived when the Internet was born, and I feel extremely blessed to be departing this world before the Internet destroys it.”