Connect with us

Intelligence

Cyber-prepping the Battlefield: Does Russia have a New Way to Wage War?

Published

on

According to the Bloomberg report, Russia may leverage vulnerabilities in critical infrastructure, including large banks, stock exchanges, power grids, and airports, as pressure points against the West. Ashmore (2009) says the future of Russian cyber warfare is offensively poised. Mshvidobadze (2014) also claimed that analysts examining espionage malware of apparent Russia origin indicate a preparation of the battlefield for cyber war.

Russia is developing information warfare capabilities such as computer network operations, electronic warfare, psychological operations, deception campaigns, and mathematical programming impact. Ashmore (2009) agrees that Russia is developing new information war strategies with the use of hackers that support Russian government information specialists, providing Russia with assets to use during future cyber conflicts. Heickero (2010) also identifies the main organizations responsible for offensive and defensive cyber capabilities as the Federal Protective Service (FSO), the Federal Security Service (FSB), and the Main Intelligence Directorate (GRU). Russia’s approach to information warfare and information operations differs from that of Western countries to some extent. Russia sees information as a valuable asset that has strategic value and is a key factor for the stability of the state, for the regime, and for influential actors.

According to Dr. Matthew Crosston, one of the leading experts both in cyberwar and Russian foreign policy, part of the reason why Russia is such a major threat to the United States is not only its increasing capabilities but the reasoning and psychology behind its attacks and development of such capabilities. Russia’s purpose in developing cyber capabilities seems to be predatory in nature.   This predatory purpose is heavily influenced by “the fact that much of the power dominating cyber capability in the Russian Federation is organized and controlled by federal security agencies but also quasi-outsourced to criminal groups, sometimes independently and sometimes in strict conjunction with governmental oversight.” Crosston also notes the cynical cyber mindset of Russia is somewhat controlled by short-term thinking that has massive profit and political power-wielding motives.

While not all cyberattacks originating in Russia come from the state, Russia has been seen as a safe haven for cyber criminality directed against foreign interests and to some extent domestic cyber criminality. Many have pointed out that Russia has not acted resolutely enough to deal with these law breakers. Thus, what makes Russia especially dangerous, according to Mshvidobadze (2014), is the collusion between the Russian state and cyber criminals. Criminal operators confound attribution and hone their skills on criminal activity, which ends up being a cost-effective reserve cyber force available to the state when needed. There has also been a conjoining of criminal and governmental malware which could result in even more potent cyber weapons. All together this makes Russian cyber espionage widespread, hard to detect, difficult to attribute, and costly to counter.

Heickerö (2010) pointed out Russian strategy emphasizing the importance of information warfare during the initial phase of a conflict to weaken the command and control ability of the opponent. This was evident in the 2007 attacks against Estonia and the 2008 attacks against Georgia. Some calculate this was also extensively used during the intervention in Syria in 2015. To add to this, Herzog (2011) claimed that the severity of the Estonian attacks was a wake-up call to the world. It showed that potentially autonomous transnational networks, such as state-sponsored, pro-Kremlin hacktivists, could avenge their grievances by digitally targeting the critical infrastructure of technically sophisticated states. Herzog suggested that enhancing cyber security and creating new multinational strategies and institutions to counter cyber threats was essential to the sovereignty and survival of states. The biggest challenge, however, is striking a balance between Internet freedom and maintaining adequate early-warning monitoring systems.

Cordesman and Cordesman (2002) criticized the disconnect between US cyber-defense and cyber-offense. This was later expansively enhanced by the work of Crosston (2011; 2013; 2014) This conceptual analytic disconnect permeates US governmental efforts and the response of state and local authorities, the private sector, and non-governmental organizations. They believe in a need for a “comprehensive annual net assessment of cyber threats that combines analysis of the threat that states present in terms of cyberwarfare with the threats that foreign, domestic, and non-state actor groups can present in terms of cyber-crime and cyber-terrorism.”

Ashmore (2009) believes that the international community should work together to track and prosecute cyber criminals that operate outside the country being attacked. Also, Ashmore (2009) believes that nations should “work together to share technical data to maintain cyber defenses and keep up with the newest and ever-changing cyber-attacks” because individual hackers usually share information on new techniques that can penetrate IT defense structures. This prescription, however, requires enormous amounts of trust from both sides, which is hard to ask for even amongst allies. While the international community should come together to secure cyberspace, it is a completely different ballgame to ask states to share their defense techniques. Not only could this information be used to identify vulnerabilities in their defenses, if the information is stolen by hackers, it could be used against these states and in turn applied to the hackers’ networks to make countermeasures impotent.

Another prescription offered by Ashmore (2009) is the creation of laws that make cybercrimes illegal with the hope that the punishments would deter potential cyber criminals. The problem with this is that there is already plenty of laws criminalizing hacking and cyber espionage, none of which have slowed the frequency of cyberattacks. Will new laws prevent the average middle-class Joe from sending vicious malware to his ex-employer out of spite? Maybe. Will new laws prevent criminal hacktivists from launching a politically motivated attack to their adversary’s networks? The answer is most likely no. Just as terrorists continue to murder, maim, and rape their victims regardless of the laws that forbid such actions, those who want to hack likely will. It does not matter what laws are in place. It is this innate internal motivation of the hacker that states like the Russian Federation count on and strategically utilize. For the most part, Russia is the undisputed leader in this newly politicized world of the dark net.

Continue Reading
Comments

Intelligence

It’s high time to step up the protection of Europe’s critical maritime infrastructure

Published

on

Image source: techspot.com

After the truth about the Nord Stream pipeline explosion came to light, the whole world knows that the United States was behind the destruction of critical infrastructure. In fact, the destruction of infrastructure is not a new method to achieve America’s purpose. Since the last century U.S. has recognized the important strategic value of critical infrastructure and has accumulated relevant experience in combating it. The Nord Stream pipeline is not the first target of attack by the United States, nor will it be the last. We should be wary of the U.S. using various means to gather information on critical infrastructure, strengthen protection of underwater infrastructure in order to prevent recurrences of similar incidents.

The U.S. has “extensive experience” in destroying critical infrastructure

In Nicaragua, the Sandinista National Liberation Front (FSLN) overthrew the dictatorship of the close U.S. ally Anastasio Somoza in 1979. Since then, the United States has tried to destabilize the political situation in Nicaragua by various means. The U.S. intelligence agency formed a special detachment, directed it several times to destroy oil storage facilities and pipelines of Nicaragua and deployed mines in many ports to blow up oil tankers. The two most destructive attacks were on the fuel reserves in Corinto and Benjamin Zeledon ports. Approximately 4 million gallons of gasoline, diesel oil and other fuels were destroyed, equivalent to about a week’s worth of the country’s consumption. The means of sabotage by the United States in Nicaragua was exactly the same as that of the Nord Stream pipeline explosion. In addition, in the 1970s the U.S. directed terrorists to destroy Chile’s infrastructure including power plants and electrical substations, violently overthrew the democratically elected President Salvador Allende’s regime, and plunged Chile into a long-term military dictatorship.

In recent years, the United States has turned its attention to the oil-producing country, Venezuela. In 2020, the United States ordered agents to launch terrorist attacks on Venezuela’s Amuay refinery (one of the world’s largest and is capable of processing up to 630,000 barrels per day of crude oil) and the 146,000-bpd El Palito refinery, in an attempt to cut off economic lifeline and eliminate the anti-American regime.

Past events have shown that the United States is accustomed to eliminating anti-American forces by destroying infrastructure. U.S. sabotage has caused irreparable damage to the target country, regardless of whether the ultimate goal can be achieved. And the United States usually “does not have to” pay for its actions.

The undersea warfare launched by the United States is still going on

Behind the US’s wanton destruction of critical infrastructure is the support of high-level combat capabilities. In fact, the U.S. has a long history of research on undersea warfare, focusing on training professional military personnel, developing sophisticated underwater weapons and continuously upgrading combat systems. In 2016, the Washington Post reported that the U.S. Office of Naval Research (ONR) is seeking to “build the Eisenhower highway network on the seabeds in the seven oceans”. Mathias Winter, head of the office, said the ultimate goal is to “have large-scale deployments of Unmanned underwater vehicles (UUVs) and build service stations underwater”. The U.S. military is gradually implementing this vision. The UUV mentioned above is the “highlight” of the arms competition between the major powers in recent years. It can perform multiple tasks such as anti-submarine, seabed mapping, and frontier reconnaissance. It should be pointed out that few countries in the world have the ability to develop UUV, while the U.S. started earlier in this field and its technology is relatively mature. In January 2023 the U.S. Navy announced that it will soon begin the underwater testing of the first Orca XLUUV. The Orca is just one of several unmanned underwater vehicle projects underway by the Navy, other projects in development include the large submarine-launched UUV Snakehead, medium submarine-launched UUVs Razorback and Viperfish. The realization of the United States’ vision will boost its penetration into the marine environment of various countries. In January 2023, Namibia announced that it had discovered in its waters a US saildrone used to gather data underwater. At the same time, the U.S. military places a high priority on the training of combat divers. In addition to the famous Navy SEALs, there is a very small Army community, mostly made up of special operators, that goes through the Combat Diver Qualification Course to become combat divers. Business Insider reported in detail on the training process in February 2022.

International oil economist and author John Foster said the pipeline sabotage has opened a Pandora’s box of troubles and has endangered pipelines worldwide. It is clear who benefits. In the face of a complex and volatile international situation, critical infrastructure protection is more vital than ever. Underwater infrastructure is particularly attractive to attackers due to the difficulty of regulation and protection. The seabed internet cable between Henningsvær and Svolvær in Lofoten, Norway was broken on October 4, 2022, and the cause of the damage is still unknown. In this regard, the Spanish “Abésai” published an article saying that the recent sabotage of the Nord Stream gas pipelines seemed a powerful symbolic action that exposed the vulnerabilities of the West, while the 475 undersea cables currently in existence that are carrying more than 95% of the world’s internet traffic are the overlooked Achilles’ heel. Among them, the Euro-Atlantic area is the oldest undersea cable route and carries traffic between Europe and America with dozens of cables. Since a majority of the data is stored in data centers located in the United States, it can be said that the US is the main “owner” of transatlantic communications and has the ability to control submarine cables.

The connecting undersea cables [submarinecablemap.com]

The Nord Stream pipeline explosion was a “wake-up call” for Europe, which led many countries to scramble to improve security of highly vulnerable undersea pipelines and communications cables. NATO Secretary General Jens Stoltenberg announced on 15 February 2023 the creation of a Critical Undersea Infrastructure Coordination Cell at NATO Headquarters to protect critical underwater infrastructure, noting that further measures will be finalized at the next scheduled summit in Vilnius on 11-12 July 2023. The purpose of the United States to promote the collection of information on the underwater infrastructure of other countries in the name of infrastructure protection in multilateral frameworks such as NATO is extremely obvious.

Former U.S. Secretary of State Henry Kissinger famously stated: ”To be an enemy of America can be dangerous, but to be a friend is fatal.” After the war was dragged into endless combat mode by the U.S., no place or asset in the world is safe anymore. Chaos will ensue.

Continue Reading

Intelligence

High-Altitude Espionage (Spy Balloon) and India’s National Security

Avatar photo

Published

on

Throughout the nineteenth century, balloons were a vital tool for obtaining intelligence. Since then, their value has drastically decreased. In order to spy on the Soviet Union in the 1950s, the United States utilised high-altitude balloons (that the Soviets complained about and subsequently shot them down). The U-2 high-altitude reconnaissance plane, (which was also shot down) and the Corona reconnaissance satellites, (the first of many generations of spy satellites) that many nations utilise today, succeeded in replacing balloons. Now that a Chinese balloon has flown above the United States, serious worries are being expressed.

During the first two weeks of February, the Chinese spy balloon saga that concerned the United States, Canada, and rest of the world seemed to have come to an end. The four balloons, or “high-altitude objects,” as they were officially referred to, were shot down by American fighter aircraft.

Similar to airships, surveillance balloons are equipped with sensors, cameras, or communication equipment to track and gather information. The spy balloons can either be anchored to the ground or can float at a great height, giving them the ability to take extensive pictures of their surroundings. Safety and monitoring, process sensing, climatology, and disaster response are all possible uses for the collected data.

Among the many uses of balloon surveillance equipment by spies are the following: ‍

SIGINT: The intelligence community can use communication signals, such as voice and data transmissions, to intercept and analyse signals intelligence (SIGINT), which enables the collection of information on foreign governments, military forces, and other organisations. SIGINT is typically collected using balloons fitted with specialised sensors and equipment.

GEOINT: Spy Balloons collect geospatial information (GEOINT) in order to create detailed maps and photographs of the ground and track changes over time.

HUMINT: Balloons can be used to acquire human intelligence (HUMINT) to keep an eye on people, groups, and activities on the ground.

ELINT: Balloons enable the intelligence community to intercept and analyse signals from foreign military and other electronic equipment to learn more about their capabilities and intentions. This is known as electronic intelligence (ELINT).

Balloons were employed during the Cold War for psychological operations, or PSYOP, to drop pamphlets or books. In the 1950s, the CIA (Central Intelligence Agency) deployed millions of hot air balloons off West Germany’s coast to drift through the Iron Wall with their prized cargo, George Orwell’s book Animal Farm (1945).

The usage of balloons for espionage operations and surveillance is not hidden from the world. Today, China adopted the earlier existing technology of balloons in its advanced version to fulfil its own intelligence needs. According to sources, US intelligence authorities think the recently discovered Chinese spy balloon is part of a vast surveillance operation managed by the Chinese military.

Such practices of China and the balloon system leaves an important question on India’s national security. A similar balloon like the one in America was sighted in January 2022 over the Andaman Nicobar tri-service command by the Indian forces last year. “But soon it flew off. These advances sparked conversations about some rethinking of the tactics to counter emerging dangers like spy balloons, ” said by former DG of DRDO. Even if such a balloon isn’t armed, it can gather private information about vital infrastructure, such as the activities of the armed troops near the border, in the islands, or anywhere else on the mainland, and test India’s capacity to recognise aerial surveillance gadgets.

China’s stance on the balloons were that it was a weather balloons, however the high resolution cameras could serve for the purpose of stationary Surveillance. Spy balloons, however, are difficult to shoot down. Elevated targets are inaccessible to anti-aircraft guns that are mounted on the ground. The fired bullets from the ground may cause casualties or injuries. Only a small number of fighter jets have the ability to launch an air-to-air missile from a height of 20 km which could quite expensive. Spy Balloons might make it easier for China’s military to collect electromagnetic emissions that reveal a weapon system’s capabilities when compared to using sophisticated satellite systems positioned at higher altitudes.

India has to improve its intelligence and counterintelligence capabilities in light of the latest incident. Sino-Indian ties are already fraught with uncertainty, so failing to recognise and address new dangers, especially those in the grey area, would have serious consequences. New Delhi needs to improve its technological proficiency and work with nations that share its interests.

Data collection today has become a very important part of a state’s strategies. Being unaware of such actions in its own backyard would have negative effects on India, given the tensions between the two countries. Although, advancement of the technology has led to blurring of the geographical border lines India needs to be rigorously vigilant to such espionage attempts especially near its borders and critical infrastructure.

Continue Reading

Intelligence

Maritime Cybersecurity: A Potential Threat to India’s National Security

Avatar photo

Published

on

India has a huge coastline of 7516.6km comprising 13 major ports (including one private port) and more than 200 minor ports across the coastline. It is a very known fact that the maritime sector is very crucial for India’s security, stability, economy, and sustainable development. India conducts around 70 percent of its total trade by value through the sea. India is strategically placed in the Indian Ocean, which gives it greater access to trade with the world’s major shipping routes. India’s seaborne trade has grown at a rate that is twice the 3.3% rate experienced globally. India is now focusing on strengthening its maritime sector through the upgradation of safety and security standards at the ports, enhancing port capacity and operations, and automation. It is placing emphasis on automation and technology upgradation through projects like SAGAR and Sagarmala. With digitalization in place in almost all the port operations and in the surveillance of the maritime waters, as shown in figure 1, the maritime domain is vulnerable to cyber threats ashore and afloat. 

Figure.1 Technology in the Maritime Sector 

With Information and Communication Technology (ICT) coming into use, increasing reliance on seaways, and the growing importance of the data as a weapon in the hands of the state, all these pave the need for better cybersecurity management systems in the maritime sector. 

The maritime business, its ships, and its cyber environment are all protected by a variety of tools, policies, security concepts, safeguards, guidelines, risk management techniques, actions, training, best practices, assurance, and technologies. 

Maritime cyber risk can be referred to as the extent to which the technology in use could be attacked, that could result in the loss or compromise of information.

Pirates and opposing nations have been a menace to the maritime transportation business for thousands of years, but as the sector has developed and technology has been more thoroughly integrated for enhanced efficiency, so too has the magnitude of possible cyber threats. Now, even using something as simple as a USB flash drive, or even an unsecured Wi-Fi, the hacker can get access to the critical systems of the vessel, thereby obstructing the entire port operations. For example, a suspected ransomware attack on the Management Information System (MIS) crippled the operations of the Jawaharlal Nehru Port, Mumbai, in 2017 and again in 2022. 

Though the primary motive behind cyber threats is profiteering, there are several aspects that motivate a cybercriminal to conduct a cyberattack on the port or vessel operations. This includes espionage, activism, terrorism, warfare, and others. 

The various kinds of cyberattacks on the maritime sector involves malware, trojans, botnets, advanced persistent threats, ghost shipping attack, cryptocurrency hijacking, and other. In addition to these cyber threats, the maritime domain is vulnerable to cyber terrorism as well. The awareness in the maritime sector over cyber terrorism is very minimal or negligible, with very little emphasis given to it. Chinese cyber activity is a major security threat to India. China is also using cyber technology in its South China Sea AntiAccess/Area Denial (A2/AD) strategy. The A2/AD strategy denies freedom of movement and navigation to rival powers by increasing defense systems that threaten their ships/submarines. 

The technologies like the Automatic Identification System (AIS), ECDIS, GPS, information systems, Industrial Control Systems, and other operational technologies have played a crucial role in enhancing the efficiency of port and vessel operations. Nevertheless, these technologies are of no exemption to cyberattacks as every technology comes up with its own loopholes. For example, the adoption of AIS is compulsory for any vessel to ensure its safe navigation, but as it is unencrypted and unauthenticated, the maritime sector is vulnerable to spoofing, water holing, social engineering, and other cyberattacks. It is also important to identify the human role in operating such technologies, as it is noted that human error and equipment flaws are primary reasons behind the success of these cyberattacks. 

Maintaining the integrity of supporting systems, protecting ship systems from physical assault, and making the maritime sector resilient to both internal and external threats are all critical. Protection from various cyberattacks is necessary to prevent a breach of the network and its systems. Proper countermeasures and in-depth defense strategies must be deployed for each attack to prevent an attack from taking advantage of a flaw or vulnerability in the technology. 

Primarily, it is important to promote awareness among the staff or the crew to identify cyber threats and on responding to such threats and, for example, alerting the officials if any malicious or unusual mail or notification is identified in the system. 

Block chain technology can be an efficient solution as it allows for a continuous monitoring system and provides real-time status on the ship’s security. It also enables secure communication and storage of data in the control centers. It helps in avoiding loss of data and data modifications by unauthorized users. 

The AIS and GNSS systems must adopt encryption and authentication measures which are given zero attention to this date.

With the vast coastline, it is not possible for India to secure the coastline through manpower. Israel based startups, in order to effortlessly secure the maritime IoT ecosystem, Cydome Security offers a cyber solution to handle this precise problem. The company’s solution is intended for systems with links to coastal infrastructure as well as guidance, sensors, control, and command. 

Fighting fire with fire is one way that organizations can aid in stopping such intrusions: AI-driven security systems can successfully foresee and thwart AI-driven threats in real-time with appropriate data.

It is crucial to note right away that there is no magic solution for marine cybersecurity. An interconnected era has been retrofitted with a history of outdated shipboard equipment, leading to a shattered and vulnerable maritime environment. 

It is in India’s interest to take a leading role in negotiations and developments with global countries, given its crucial position in the Indian Ocean Region and the need to protect itself against China’s growing threat in that region. In order to take shipping on to the next level of connectedness, strong cybersecurity is imperative. 

Continue Reading

Publications

Latest

Intelligence26 mins ago

It’s high time to step up the protection of Europe’s critical maritime infrastructure

After the truth about the Nord Stream pipeline explosion came to light, the whole world knows that the United States...

Energy2 hours ago

Seeing Japan – Indonesia Collaboration in Energy Transition Cooperation

Holding the G7 presidency, Japan is increasingly active in establishing relations with several countries. One of them is Indonesia. The...

Economy6 hours ago

Women’s mobility must be a key focus in urban policy

Historically, cities across the world have been designed to fit the needs of able-bodied men, or a neutral, often male,...

Tech News8 hours ago

Lemon peel, flax fibres hold keys to eco-friendly car parts

Natural materials including farm waste can make autos and other industries more sustainable, less toxic By HELEN MASSY-BERESFORD Think of the...

World News10 hours ago

ABC news: Xi signals strength in Russia-China alliance

Chinese President Xi Jinping departed Moscow on Wednesday after two days of highly symbolic meetings with Russian President Vladimir Putin,...

World News12 hours ago

Petr Pavl: “Ukraine must adjust to dwindling Western support”

“We must consider war weariness”, says Czech President Petr Pavl. According to Czech President Petr Pavl, Ukraine must adjust to...

World News14 hours ago

WP: The real lesson from the showy Xi-Putin meeting

Pentagon strategists have always divided the world into East and West, with U.S. regional forces under European Command or Indo-Pacific...

Trending