Connect with us

Intelligence

Testing Solutions for Intelligence and Security Professionals in Fighting ISIS in the Encrypted Social Media Space

Published

on

Authors: Lorand Bodo, M.A. & Anne Speckhard, Ph.D.

Telegram currently is, for a plethora of reasons, the favorite encrypted social media app employed by ISIS.[1] As such, Telegram has become the subject of deep controversies in the West. While government officials demand for Telegram to store and hand over user information of those promoting terrorism, Telegram’s executives have responded with an adamant refusal to comply.

This conundrum between governments wanting to balance security against encrypted social media executives arguing in behalf of the rights to free speech and surveillance-free communications—particularly in authoritarian regimes—has led researchers at ICSVE to question if it’s possible to assist law enforcement in identifying nefarious users on Telegram without demanding the assistance of the app itself. This article reports on our researchers’ successful attempts to test a few potential approaches that show promise.

Background

There is no doubt that ISIS has been the most successful tech-oriented terrorist organization in history that not only understands how to use the Internet for communication purposes but also has learned to do so while hiding their messaging and identities. ISIS cadres use the surface web, deep web, dark web, social media and encrypted messaging apps, such as Telegram, to disseminate their propaganda, recruit new members, inspire or even direct their followers to carry out terror attacks which all cause serious concerns for law enforcement, intelligence and security professionals tasked with staying one step ahead in fighting the group[2]. It bears noting that ISIS also surfaced at a time when social media’s feedback mechanisms were developed enough to allow ISIS to distribute their slick propaganda to global audiences and then hone in on those who show interest. By virtue of a retweet, like, or other endorsement of their products they are able to personally contact those who show interest.[3] In recent years Twitter, Facebook, YouTube and other web-based social media apps have cracked down on ISIS’s presence on their platforms making it harder to carry out intensive grooming and recruiting on these web-based apps. This however, resulted in ISIS using fleeting accounts on mainline web-based apps like Twitter, YouTube and Facebook to quickly attract the attention of those interested in their propaganda and then migrate potential recruits onto encrypted apps such as Telegram where they may then engage with them on a much more intensive level and for a longer time period without disruption—to motivate and direct some into carrying out actual attacks.

While we can monitor most of ISIS’ activity on the web-based Internet (i.e. YouTube, Facebook, Twitter, etc.) through web crawlers and search engines, law enforcement and intelligence agencies struggle when it comes to intercepting valuable intelligence that could support in preventing and disrupting terror attacks on messaging apps, such as Telegram that are encrypted and thus prevent such efforts.

In response to these very real security issues, Russia’s FSB (security service) announced on June 26 (2017) that terrorists had used Telegram to coordinate and plan a deadly suicide bombing on Russian soil by providing “terrorists with the opportunity to create secret chats rooms with a high degree of encryption”[4]. As a result, Russian officials increased their pressure upon Telegram to provide security-related information to Russian security services. In response, Telegram’s founder, Pavel Durov, agreed for his firm to be registered in Russia, but insisted on not sharing any private data with the Russian government, stating that he does not want to undermine the privacy of the six million Russian Telegram users currently registered on the app.[5] Indeed, this is not a simple dilemma, as it pits the rights of free speech and surveillance-free communication in an authoritarian regime against the need for security concerns about potential terrorist attacks. This underlying problem of cooperation between counter-terrorism (CT) officials and any tech-company is what we call the “business-security” dilemma.

The “business-security” dilemma describes a situation, in which tech companies, such as social-media or encrypted messaging apps, have to choose between two options, each that have negative consequences for both parties. Companies that cooperate with law enforcement and intelligence agencies by providing access to private data hopefully address security threats from terrorism, but by doing so, demonstrate their failure to value and protect the privacy and free speech of its users—which is particularly harmful to encrypted social media apps which exist precisely for that purpose. Law enforcement and intelligence agencies also lose if tech-companies cooperate, as many users—both benign and nefarious—will stop using the app and download another. On the other hand, if the social media app executives do not cooperate, bad press inevitably follows, framing the company as a ‘terrorist supporter’. Thus, with either choice—compliance or refusal, the company faces negative consequences, from its customers or the security sector, as does the CT-community.

Social media companies, such as Facebook, Twitter and YouTube face a similar dilemma, costing them time and resources which do not directly support their products in efforts at surveillance and takedowns which may also turn away users. Their dilemma is less severe however, as their apps do not depend solely on being able to provide encrypted communications. In the case of these web-based, open source social media there are also web-crawlers and business applications that could be used by these companies to detect and take down a lot more ISIS content than is currently being taken down at present.[6] And, it should not be forgotten that social media companies are masters in collecting data on users for targeted advertising purposes. Perhaps for them, it would be advisable to use existing technology and modify it to identify violent extremist online propaganda?

Encrypted apps are another story and cannot be crawled in this manner. In either case, extremist content is spreading, versus decreasing, on social media and law enforcement simply can’t keep up while social media companies, for reasons unknown, have not yet opted to use available technologies for more comprehensive and speedy takedowns. As a result, we are failing in countering extremist content online. However, as a recent Guardian article argued: “Counter-terrorism was never meant to be Silicon Valley’s job”.[7]

Moreover, due to growing concerns of consumers about hacking, as well as anxieties raised about government surveillance (particularly following Edward Snowden’s shocking revelations), a large number of mobile phone users have turned to encrypted messaging apps. In 2016, Telegram was downloaded 49,28 million times, followed by Wickr-Me with 3.8 million, Signal with 3.62 million, and other encrypted messaging combined with 0.35 million downloads[8]. When we look at these numbers, we have to ask ourselves, if our citizens value privacy more than they value security from terrorist threats? Do the costs of losing privacy, free speech and surveillance-free communications outweigh the benefits? Indeed, the number of terrorists compared to the vast majority of Telegram (and other encrypted app) users who are benign and have no intention to commit an act of terror is very low. If all Telegram users were in fact terrorists, we should see terror attacks every single day. But, fortunately, we don’t.

Nevertheless, we should not give up on chasing terrorists and shutting down their activities in the encrypted space; but instead of demanding the encrypted apps cooperate with government, it may be more useful to independently develop creative methodologies to gain valuable intelligence on those individuals engaging with and distributing ISIS propaganda as well as recruiting and directing terrorist attacks. In particular, with ISIS relying so heavily on Telegram, we need at present to find ways to fight ISIS without demanding any help of Telegram, whose executive leadership refuses in any case, to release encrypted information needed to fight jihadists using their messaging app. [9]

Identifying Nefarious Telegram Users without the Help of Telegram

So, how can we deal with this very tiny fraction of Telegram users who support and share ISIS content? To this end, we were interested in two questions: first, can we learn if pro-ISIS Telegram users employ information security (InfoSec) measures, such as virtual private networks (VPNs), to protect their identity and if not, are they identifiable? Second, is it possible to identify ISIS endorsing Telegram users communicating via private messaging without any help from Telegram, to make it possible for the law enforcement or intelligence community to do the same?

ISIS, as well as other militant jihadi groups have long been concerned with promoting information security to their members to enable them to evade law enforcement and intelligence. Among the many InfoSec groups ISIS promotes to their members, one known as “Horizon” has published manuals in multiple languages on topics like VPNs, secure browsers and the deep and dark web. In 2015, researchers discovered that ISIS had been using a 34-page operational manual that demonstrates just how tech-savvy ISIS really is. This manual was written in 2014 by a Kuwaiti cyber-security firm for journalists and activists in Gaza, but it was also found in ISIS chat rooms. Topics that are covered range from how to use Twitter, with a focus on protecting identity, to using encrypted Internet browsers and keeping telecommunications private.[10] At ICSVE, our researchers have been monitoring pro-ISIS Telegram channels for quite a while and we have also come across several Telegram channels that serve solely one purpose, namely educating pro-ISIS individuals in information security. Fig.1 shows a screenshot of a pro-ISIS channel that shares free tools, such as anti-virus software or VPN tools on a daily basis. According to Alkhouri, “such advice is what helped many jihadists bypass scrutiny and operate online with ease”.[11]

Given the dissemination of these manuals and ISIS’ intent of educating its followers about the importance of information security, we were keen to test if Telegram users operating in ISIS space actually are actually savvy enough to have implemented these InfoSec measures or if they fail to pay attention. To this end, we conducted a small experiment on Telegram, which was comprised of two approaches. Concerning our methodology, we have decided not to reveal it here as it was used to learn the identities of pro-ISIS Telegram users and we do not wish to further educate them in terms of information security. In this respect, it must be highlighted that this methodology should not be perceived as a ‘silver-bullet’, but more as a ‘cause for thought’ to develop better and more effective approaches. At ICSVE, we strongly believe that any effort to fight ISIS on the digital battleground is better than doing nothing—particularly as ISIS loses territory and increasingly promotes and directs homegrown attacks via the Internet.

The first approach was OSINT-informed and had the objective to identify the social media accounts of pro-ISIS Telegram users that in turn provides us with valuable intelligence about the actual identity of the person and his or her wider network. By employing our techniques, we were able to gain the actual identities of 3 users in a private chatroom, however, we will only highlight one case herein as the method is the same. In this regard, it is also necessary to emphasize that corroborating our results was one of the main challenges of this approach, however, after analyzing the whole case, we were quite confident in our judgements as the evidence was overwhelming.

In the first approach, we focused on private chat rooms as they allow us (not always) to see the actual group members in terms of numbers and profiles. In this case, we explored a private chat room, which primarily disseminates official ISIS propaganda.

In this case, a profile caught our eyes for several reasons (that we don’t explain here as it would reveal our methods). We were keen to find one of the target’s social media accounts which might revel his or her real identity. Generally, we assumed, that even though individuals employ encrypted-messaging apps for privacy for their terrorist-engaging purposes, they still have active social media social media accounts registered in their own real identities. And, in this particular case, we were right).

In fact, we were quite surprised how easy it was to identify this particular Telegram user. However, it should be mentioned that this approach does not work with any Telegram user, but it is definitely worth a try for the purpose of gaining valuable intelligence.

A quick scan of the pictures which were posted on this individual’s Facebook account, reveals more about the individual. Especially the knife picture caught immediately our attention, as in Telegram the same individual was endorsing and sharing violent ISIS propaganda material that causes us to view him as radicalized and potentially considering engaging in violence. To learn if his knife picture was unique to him we searched the same image on the surface web and found out that this picture was posted repeatedly on other websites. In other words, the individual simply copied and pasted the picture, which also implies that the target is most probably not in possession of that particular knife. Yet his Telegram activity makes clear he may be considering enacting violence. To be on the safe side we passed our information, including his identity, on to the relevant security authorities for them to determine whether or not he constitutes an actual terrorist threat.

Our second approach tested whether or not pro-ISIS Telegram users employ information security measures, such as VPNs or a Proxy, to disguise their IP-addresses. We need to emphasize that we were also aware of the fact that individuals could use a Tor browser, public Wi-Fi or similar tools. In these cases, we would not be able to know if the IP address ties to that individual or not. Likewise, we were aware of the fact that identifying someone’s IP address would not give us his or her real name, exact location, or anything like that. In general, we assumed that most individuals use Telegram on a daily basis, meaning that whenever they have time to check out the latest posts, they would use their mobile phones to have a quick look. Furthermore, we assumed that these individuals would probably not use a VPN or Proxy every single time they access Telegram, even if installed, because it often slows down the Internet speed and individuals may just forget about activating the VPN when anxious to view new posts.

With all these assumptions in mind, we again went back to one of the private chat rooms to carry out a small experiment. Our experiment was exploratory in nature as we haven’t come across a similar approach in the literature or on the Internet, however, we are aware that many intelligence agencies have been using the same or similar techniques. Overall, we needed four attempts to gather a sample of three out of all of the 138 group members that we then studied for their use of a VPN or Proxy. From these three individuals, two have not used a VPN or Proxy as in contrast to the third individual who used a Proxy Server (located in Cyprus). In this respect, it is paramount to highlight that these results should be interpreted carefully as the method used is not 100% accurate. Furthermore, those two individuals identified could have also used a Tor Browser or public Wi-Fi, for example. So, how reliable is the method then?

To be on the safe side, we have also used the same method to disguise the IP addresses of friends who use Telegram on a daily basis. We conducted this experiment in three rounds. Round one gave instructions on using a VPN or Proxy. Round two gave instructions on not using any of the InfoSec measures. Round three tested our method in the “Secret Chat” that uses end-to-end encryption, leaves no traces on Telegram servers, has a self-destruct timer and does not allow forwarding, by telling our friends not to use a VPN or Proxy. Overall, we were successful in disguising the IP-addresses (Round 2 and 3) and most importantly, to detect the Proxy or VPN (Round 1). With this in mind, we were confident that our results with the small pro-ISIS sample was similarly successful.

Conclusion

ICSVE’s brief exploratory incursions on Telegram tell us two things. One that it is possible to penetrate ISIS Telegram chat rooms and inside them find the social media accounts, and thus identities, of those who appear to be serious ISIS devotees. Likewise of these we were able to find, we learned that some do not take the precautions of using a VPN or Proxy network, despite ISIS’s instructions to do so. Most surprisingly, we found out that our method even works in the Secret Chat, a special service that makes Telegram so famous for being secure. Our small experiments should be seen as an attempt of exploring and discovering creative ways to identify pro-ISIS Telegram users. Most importantly, we want to demonstrate that there are ways to fight ISIS in encrypted messaging apps, even though Telegram itself is refusing to cooperate.

There is also still the matter of social media giants such as Facebook, YouTube and Twitter using available technologies to take ISIS content and accounts down faster so that there is not the opportunity to engage and be seduced off the open source web-based social media into the encrypted social media apps that are harder to track. However our short experiment demonstrates that tracking is possible even when not having Telegram’s cooperation. And this was just the beginning.

Note to readers: Our expertise and methodology is freely available to law enforcement and intelligence agencies upon request.

Reference for this article: Lorand Bodo, M.A. & Anne Speckhard, Ph.D. (July 15, 2017) Identifying Nefarious Telegram Users without the Help of Telegram Itself: Testing Solutions for Intelligence and Security Professionals in Fighting ISIS in the Encrypted Social Media Space. ICSVE Research Reports. http://www.icsve.org/research-reports/identifying-nefarious-telegram-users-without-the-help-of-telegram-itself-testing-solutions-for-intelligence-and-security-professionals-in-fighting-isis-in-the-encrypted-social-media-space/

 [1] Yayla, Ahmet S and Speckhard, Anne (2017). Telegram: The Mighty Application that ISIS Loves, available at: http://www.icsve.org/brief-reports/telegram-the-mighty-application-that-isis-loves/ (29.06.2017)

[2] Callimachi, R. (2017). Not ‘Lone Wolves’ After All: How ISIS Guides World’s Terror Plots From Afar, available at: https://www.nytimes.com/2017/02/04/world/asia/isis-messaging-app-terror-plot.html (29.06.2017).

[3] Speckhard, A., Shajkovci, A. & Yayla, A. S. (2016). “Defeating ISIS on the Battle Ground as well as in the Online Battle Space: Considerations of the “New Normal” and Available Weapons in the Struggle Ahead”. Journal of Strategic Security 9, no.4, p.1-10.

[4] Reuters (2017). Russia, Upping Pressure on Telegram App, Says It Was Used to Plot Bombing, available at: https://www.nytimes.com/reuters/2017/06/26/technology/26reuters-russia-telegram-security.html (29.06.2017).

[5] Reuters (2017). Telegram App Agrees to Register in Russia, but Not to Share Private Data, available at: https://www.nytimes.com/reuters/2017/06/28/technology/28reuters-russia-telegram-security.html (29.06.2017).

[6] See for example: GIPEC (2017). Who we are: GIPEC, available at: http://www.gipec.com/who-we-are/ (30.06.2017).

[7] Solon, O. (2017). Counter-terrorism was never meant to be Silicon Valley’s job. Is that why it’s failing? available at: https://www.theguardian.com/technology/2017/jun/29/silicon-valley-counter-terrorism-facebook-twitter-youtube-google (29.06.2017).

[8] Roberts, J. J. (2017) Here Are the Most Popular Apps for Secure Messages, available at: http://fortune.com/2017/01/17/most-popular-secure-apps/ (29.06.2017).

[9] The Times (2017). Message app used by Isis refuses to fight jihadists, available at: https://www.thetimes.co.uk/article/message-app-used-by-isis-refuses-to-fight-jihadists-jrddv7c93 (30.06.2017)

[10] Murgia, M. (2015). Islamic State uses detailed security manual, revealing its cyber strategy, available at: http://www.telegraph.co.uk/technology/internet-security/12007170/Islamic-States-detailed-security-manual-reveals-its-cyber-strategy.html (29.06.2017). (You can also find the manual here)

[11] Alkhouri, L. (2017). How Cyber-Jihadists Protect Their Identities and Their Posts, available at: https://www.thecipherbrief.com/column/private-sector/how-cyber-jihadists-protect-their-identities-and-their-posts-1092 (29.06.2017).

Continue Reading
Comments

Intelligence

Covid 19 and Human Security in Anthropocene era

Published

on

people art

Since the end of second World  the focus on international security has grown, not only state threats but also threats from non-state groups such as terrorism groups, cyber attacks, climate change and the environment and what we are living right now is the threat from Covid19 caused by the SARS virus -Cov2, up to the time this article was written has 136.609.182 cases, with the number of deaths 2948567, have killed more victims from the Vietnam War, the Gulf of Persia, the Afghanistan War. Although the optimistic hopes of finding  vaccine for Covid19 provide room for movement and bright light of hope in the future, it has almost entered the two-year mark since its initial presence in Wuhan, China last December 2019, Covid19 is still major concern and scourge for human survival in currently, many people in the world are tired of waiting for when this epidemic will end. Covid19 has become an invisible but real enemy felt by humankind in the early 21st century, more cunning than previous security threats such as physical warfare, trade wars, terrorism and air pollution. There is no difference in price between the rich and the poor, developed or developing countries, women or men, good or bad people. Not only that, the effects of the Covid19 virus pandemic are also greater, such as inflation, scarcity of goods, uneventful mobility, a decline in the tourism sector, changes in human social behavior patterns, bilateral and multilateral relations between countries, as well as causing conflict and new attention to certain institutions. What is still a question in our minds right now is why Covid 19 still exists in the world, when will this pandemic be over and what will the conditions be after.

So far, the Covid19 outbreak is still seen as a global disease so that international security means providing efficient health care and the answer is how to prevent and find anti-viruses. But in essence, the presence of Covid19 explains more than that. Covid19 is also an impact of an environmental crisis that humans are rarely aware of, because basically Covid19 is a zoonotic disease (disease originating from animals) that can pass to humans through vectors (carriers) in the form of animals or humans, which humans are the last result of a series of cycles. viral life. Its presence identifies the irregular relationship between humans and their environment.

Concerns about the emergence of zoonotic diseases have existed for several years. In the 2016 UNEP Frontier Report, it was stated that one of the concerns that arose from international agencies dealing with the environment was zoonotic diseases. Since the 20th century, 75% there has been a drastic increase in infectious diseases which are zoonotic diseases of animal origin. On average, an animal-to-human infectious disease appears every four months. This is closely related to environmental changes or ecological disturbances such as defortation, climate change, decreased biodiversity, and the destruction of animal habitats.

In an interview with VoA Indonesia with one of the virologists at Indonesian Institute of Sciences (LIPI) Indonesia (Sugyono) stated that the “Covid19 virus that is currently endemic in the world is due to interactions with humans and animals such as poaching and environmental damage. Some of the infectious diseases that hit the world are caused by pathogens of disease-carrying microorganisms that originate or spread through animals. Bats, mice, monkeys and other animals often become carriers of viruses to humans without the animals experiencing illness, the process of interaction between animals and humans such as poaching causes disease transmission. mutates due to climate change and weather ”. Viruses are small infectious agents with a simple composition that can only reproduce in host cells. Its survival is influenced by temperature and environment, changes in temperature and the environment can accelerate its spread.

Humans are the only creatures that can manage the earth, their presence since ancient times has greatly influenced the state of the earth both on land and in the oceans. In one of their journals Paul Crutzen stated that we (humans) are no longer in the Holocene but have entered the Anthroposcene era. The term Anthroposcene itself implies a transition from the Holocene which is an interglacial condition, influenced by the magnitude of human activity, further this intention is explained by Steffen that the Anthroposcene shows where human activities have become so numerous and intensive that they (humans) rival the great power of nature. The Anthroposcene shows that a crisis originates from human accident and this crisis is not an easy thing to mitigate.

Covid 19 is not a disaster or natural selection that can be understood to occur naturally but identifies more deeply than that, the presence of Covid19 demands that international security policies and practices must evolve beyond what they have understood so far. Although the threat of a pandemic is not new, the current pandemic is popularly referred to as “unprecedented.” It is currently uncertain when Covi 19 will end or at least be brought under control. Almost all diseases and disasters caused by environmental damage such as nuclear, severe pollution in several countries such as America, in Tokyo, Beijing, Jakarta, and other big cities cannot return to the way it was before the damage occurred, can only reduce the impact. If  revisit history further back, the earlier nations that had high civilization such as Central America, the people of the Easter islands, the Maya, the Anasazi, the Greek Mikene and many other civilizations also became extinct. What is modern society doing today is similar to what previous civilization nations did, accidental “ecological suicide” resulting in  drastic reduction in the size of the human population and political, economic, social complexity in over large area. Nature actually did a selection at its time and it (nature) was also able to regenerate itself within a certain period of time, but  if humans interfere in the process too deep  will change and disrupt the normal working system of nature which will have a bad effect back on humans.

Continue Reading

Intelligence

COVID-19 As an Agent of Change in World Order

Published

on

Image: Alexandra Nicolae/Unsplash

The Coronavirus Disease 2019 (COVID-19) pandemic has claimed millions of lives. It has severely damaged the economy of the world. The consequences of the pandemic are expected to go much further. The virus has threatened the functioning of national and international politics. It has disrupted the international system through which events are controlled in the world. In one way or the other, all the fundamental constituents of the World Order have been reshaped. Henry Kissinger, former US Secretary of State, forewarned, “The coronavirus epidemic will forever alter the world order.”

COVID-19 could potentially vary the following aspects of the existing World Order.

Cooperation

COVID-19 easily crossed international borders. It has been observed that states cooperated with each other on the strategy of containing the virus. The World Health Organization (WHO) played an important part in integrating the states on the issue of contemporary health emergency. The WHO remained an ineffectual organization when the United States, under the presidency of Donald Trump, withdrew from it. Bringing the US back in the WHO was among the first presidential orders given by President Joe Biden.

Some scholars, on the other hand, view this warm cooperation by the US in the international arena as a facade for uniting to oppose the rise of China. The ‘America first’ approach of Donald Trump meant American protectionism. Joe Biden is said to have used the opportunity created by the COVID-19 pandemic to walk in step with allies in Asia.

Security

Power-practicing states have rarely downright inclined towards the standards of human security defined by the United Nations in its 1994 United Nations Development Program (UNDP) Human Development report. The report lays down the basic tenets of human security. Food, economic and health security are among important entities of human security. The pandemic has facilitated in proving the momentous nature of international institutions and cooperation. Security, therefore, has been redefined. The priorities have been shifted to health security.

Balance of Power

One may assume that in these trying times of the pandemic the states have come closer to fight the disease. However, this claim is not validated by hard-boiled political thinkers. Disruptions in the global economy tend to destabilize international politics, therefore, conflicts are likely to increase in the post-Covid world. For instance, the ongoing economic competition between the US and China is likely to continue to soar as the two states begin to engage in the ‘New Cold War’. The US has put blame on China for the spread of the coronavirus. Trump had repeatedly termed the coronavirus as the ‘China virus’. To neutralize the blame, China is active in the research and development of the COVID-19 vaccine. The crisis has facilitated China in showing the world its capability. In the long run, this could sway the balance of power.

However, neither China nor the United States is in a state in which it could emerge as a ‘winner’ in a way that would dramatically shift the balance of world power in favour of either state.

Vaccine Race

The production of mass-scale COVID-19 vaccine is no less than a race of the order of space race or arms race. Manufacturing COVID-19 vaccine is not only a matter of saving lives, but also a matter of saving face for some world leaders. Russia, US, UK, Germany, India and China are among the top competitors in the vaccine race. Vladimir Putin, Russian President, is eager to debut the vaccine to the world. It would be a sign of prestige in the international society and help Russia impose the new world order it vies for. Similarly, China has its own ambitions to lead the world, and inoculating the world is one way to do it.

The redistribution of power in post-Covid world will be dependent on states’ accomplishment in curbing the virus.

Financial World Order                                                        

The World Bank has estimated a 5.2% shrinkage in the global economy due to COVID-19 pandemic. Both the United States and China are eager to restore their Covid-hit economies in a way that one’s is greater than the other. In a substantial way, the United States is leading the world economy. It is one-fourth of the world economy. 80% of world trade is in USD. China aims to alter this mode of payment in international trade. It is giving competition to the US in terms of global trade exchange by building banks of its own. The pace of economic recovery adopted by the two competitors shall decide the post-Covid financial world order.

Dependency

Both the United States and China need allies to compete in the ‘New Cold War’. The COVID-19 pandemic has given them the opportunity to make allies via health assistance. The COVID-19 Vaccines Global Access (COVAX) facilities plan to distribute a major share of the vaccination to low and middle income countries. In July, 2020, China promised a $1 billion loan to Latin American and Caribbean countries. The US is also keen on this practice as Joe Biden is a strong advocate of global institutionalism.

COVAX could be a novel form of a bailout package. If this is so, the dependence of the Third World on the First World is likely to be increased.

Technology

As an agent of latent function, Covid has helped boost innovation. The states who have better technology are odds-on to impose their World Order. During the COVID-19 crisis, there has been an exponential growth in technology adoption. This implies that the military will have better strategic equipment than pre-Covid era. In modern international relations, military strength is the core determinant of state power.

Health as element of national power

Before the coronavirus pandemic, the elements of state power were either military strength or economy. The pandemic has shown that health can also be an indirect element of national power. The states with better healthcare have better chances of containing the virus. Their economy has better prospects of getting restored. Resultantly, the ‘healthy’ states have advantage over others in carrying on with their power politics.

Climate Change                                           

Due to closure of industrial sectors in the lockdown period, the global economy has collapsed. In the initial stage, it was expected that the lockdown will be a blessing in disguise for the cause of climate change. To restore the economy, however, governments of both developed and developing countries have no option but to reopen their industries. This means more emissions of carbon. The climate agreements are likely to be postponed until the economy is put back on track. The oil price decrease due to the pandemic will facilitate the poorer states in restoring their industries. This is another impediment in the way of a carbon-free global economy. Thus, the post-Covid world will have adverse effects on climate.

Threat to the political Right

The pandemic has proved to be unfortunate for the rising Right. Populism, nationalism and demagoguery do not seem to be working for the right wing leaders. The COVID-19 pandemic requires performance and output rather than speeches and slogans. This is so evident from the 2020 US Presidential elections. Donald Trump had been highly criticized for being a populist leader. His handling of the pandemic is one of the main factors that cost him the election. Similarly, in other parts of the world, people are demanding good governance rather than falling for rabble-rousers.

End of Globalization?

Globalization has severely been affected due to the pandemic. However, the process of globalization was slowing long before the pandemic, even before the election of anti-internationalist former US President Donald Trump. Some scholars are predicting the end of globalization due to the pandemic. Others argue that the pandemic shows how interconnected the world is. They see a potential growth in globalization and cooperation among the states, especially regarding the COVAX. Historical data show that crises tend to reinforce globalization. Globalization also helps to boost the fallen economy. Employment is an important part of globalization. There has been a significant surge in unemployment rate due to the lockdown imposed to cease the spread of the virus. To rectify the damages, people will tend to cross international borders. Therefore, immigration and, consequently, globalization is likely to increase in the post-Covid world.

COVID-19 pandemic alone may not change the World Order altogether. The transitions brought by the pandemic in the international system are likely to decide the leader of global political order. The post-Covid World Order depends on how and how fast the world emerges out of the pandemic. Vaccinating the world is the need of the hour. The contenders of the vaccine race need to be all-inclusive in the process of inoculation. If the United States or China succumbs to vaccine nationalism—the practice to limit the dosage of COVID-19 vaccine to domestic use— it will be difficult for them to ally other states in their vision of the new World Order.

Continue Reading

Intelligence

Broad Cyber-Consensus

Published

on

On Friday March 12, 2021, the United Nations adopted the report of the UN Open-Ended Working Group (OEWG) on Developments in the Field of Information and Telecommunications in the Context of International Security. The document was supported by consensus and, since all member states were able to take part in the OEWG, we can say that it reflects the views of most of the international community. The report marks the culmination of the OEWG’s two years of work on introducing a new format for negotiations on security in cyberspace launched in 2018 at the initiative of Russia. The successful completion of the group’s work suggests that demand for such a platform exists. This is particularly important, given that the OEWG will continue its activities in the new convocation for 2021–2025.

A Victory for Diplomacy

Andrey Krutskikh, Special Representative of the President of the Russian Federation on Issues of International Cooperation in the Field of Information Security, called the adoption of the report “a triumphant success for the Russian diplomacy,” while the Ministry of Foreign Affairs lauded the significance of the moment in its official commentary.

To better understand why the adoption of the report has exactly seen such a success, we need to take a trip into the recent past. The issue of information security was included in the UN agenda in 1998, after Russia presented its draft resolution “Achievements in the Field of Information and Telecommunications in the Context of International Security” to the First Committee of the United Nations General Assembly. Negotiations have been ongoing since 2004 in the form of closed discussions in Groups of Government Experts (GGEs) involving between 15 and 25 states (the seventh composition of the GGE is expected to conclude its work in May 2021).

The negotiations started to pick up steam in the early 2010s, as three GGE consensus reports have shown. For example, the 2010 GGE report’s recommendations included furthering the dialogue among states on cyber norms, introducing confidence-building measures, exchanging information on national legislation and policies as well as identifying measures to support capacity-building in less developed countries as a means to reduce the risks associated with the use of information and communication technologies (ICT). The 2013 report reflected the OEWG’s conclusion that international law “is applicable and is essential to maintaining peace and stability and promoting an open, secure, peaceful and accessible ICT environment” (while conceding that a common understanding on the application of these rules needs to be worked out), and that state sovereignty applies to the conduct of ICT-related activities by states. Among other things, the 2015 report sets out the norms, rules or principles of responsible behaviour of states in the context of the ICT use.

The UN negotiating process on cyber threats stalled after 2015. The fifth convocation of the GGE in 2016–2017 failed to accept a consensus report, as the participants disagreed on how international law should be applied to state activities in cyberspace. This led to the United States and Russia putting forward separate initiatives in 2018. The United States and its co-sponsors proposed that the next GGE be convened to continue the discussion in a narrower circle. Meanwhile, Russia called for the negotiating process to be “more democratic, inclusive and transparent.” To this end, Moscow tabled a proposal to create an open-ended working group for all member states interested and hold consultative meetings for all other interested parties, namely business, non-governmental organizations and academia. Two parallel formats were launched as a result – the OEWG and the UN GGE.

The OEWG report is the first tangible result of the UN negotiations on cyber threats since 2015, which was made possible by a number of factors. First, the overwhelming majority of UN member states were interested in such a format (119 nations voted in favour of the Russia-drafted resolution in 2018), as it would avail many of them the opportunity to participate in a GGE for the first time.

Second, those countries that refrained from supporting the OEWG were nevertheless active in its work, and they put no obstacles in the way of adopting the final document. Representatives of 91 states spoke at OEWG meetings during the two years of its work. That is almost half of all UN member states, while one third of them have never been part of the GGE.

Finally, Jürg Lauber, Chairman of the OEWG and Permanent Representative of Switzerland to the UN, was widely praised for the work he did to push the negotiations through. He continued to perform his duties as Chairman even after being transferred from New York to Geneva. It was through Lauber’s chairmanship that an additional link between the OEWG and the GGE was established (one of the criteria for choosing Switzerland was the country’s participation in the closed GGE), which helped avoid competition between the two formats. The coronavirus pandemic posed yet another challenge for the Chairman of the OEWG and its participants. While the original plan was to adopt the OEWG in the summer of 2020, the final session of the Working Group was postponed for several months.

Let the Talks Continue

Content-wise, the report reflects the coordinated assessments of the current situation in cyberspace and, in accordance with the OEWG’s mandate, contains the following topics:

  • Existing and Potential Threats
  • Rules, Norms and Principles for Responsible State Behaviour
  • International Law
  • Confidence-Building Measures
  • Capacity-Building in ICT
  • Regular Institutional Dialogue on ICT

The OEWG participants agree that there is a growing risk of ICT being used in inter-state conflicts and see an increase in the malicious use of ICT both by state and non-state actors as an alarming trend. The report notes the potentially devasting consequences of attacks on critical information infrastructure (CII). Specifically, the COVID-19 pandemic has highlighted the importance of protecting the healthcare infrastructure. Inter-state interaction, as well as interaction between the state and the private sector, is important.

However, the OEWG report does not put forward any practical solutions to a number of information security problems, primarily in inter-state relations. The way international law should be applied in cyberspace largely remains a bone of contention. Despite the successful adoption of the OEWG report, negotiators have yet to find compromises on key issues.

In terms of the regulatory framework, the report essentially reiterates the agreements reached earlier within the framework of the GGE, such as those relating to the applicability of the rules, norms and principles for responsible state behaviour. The OEWG participants conclude the report by stating that additional legally binding obligations may be introduced in the future.

The proposals put forward in the report are, for the most part, of a general nature. States are urged to continue to inform the Secretary-General of their national views on the applicability of international law on the use of ICT in the context of international security, discuss these issues at the United Nations as well as envision confidence- and capacity-building measures.

More practical steps feature the recommendation that states nominate a national Point of Contact responsible for information security at the technical, policy and diplomatic levels who would then be included into a kind of international directory.

A group of over 40 countries led by France and Egypt managed to get an initiative of their own—proposed back in the fall of 2020 and urging to introduce a permanent forum on cybersecurity to replace the OEWG and GGE—included in the recommendations. The initiative, dubbed as the Programme of Action for Advancing Responsible State Behaviour in Cyberspace, appears in one of the paragraphs in the OEWG report, which lends weight to it and serves as the basis for discussions in the next convocation of the group.

One of the main reasons why we have not seen any breakthrough agreements in this regard is because of the sheer number of participants in the discussion on information security issues. On the one hand, this has brought new participants into the negotiations—those endorsing the previously agreed points—thus boosting their international clout. On the other hand, many participants demanded that a common denominator be identified, with all the difficult questions taken off the table. The last leg of the negotiations, in particular, saw a non-consensus draft part of the report published in a separate document, the Chair’s Summary.

The fact that the report was adopted by consensus does not mean that the participants in the negotiations have overcome the differences in their approaches to security in cyberspace. Rather, they have agreed to put fundamental issues on the back burner. Michele Markoff, U.S. cybersecurity negotiator, conceded in her Explanation of Position at the Conclusion of the UN Open-Ended Working Group that the report was “not perfect,” noting that the United States had reservations about the need for a new OEWG to convene. She also stated that the United States could not subscribe to calls for new legal obligations in cyberspace, citing non-compliance on the part of certain states with the existing regulations. That notwithstanding, the United States sees the report as a step forward.

Negotiations after Negotiations

Negotiations on cyber threats have now been going on for decades, broth at the United Nations and on other venues, and they are likely to drag on for many years to come. The OEWG report is an important milestone in the process and a reminder of the importance of multilateral efforts. According to Andrey Krutskikh, the successful completion of the group’s work “opens up huge opportunities for ensuring the success” of the current GGE, the Expert Group on Cybercrime—established during negotiations at the United Nations General Assembly Third Committee at the initiative of Russia—and the OEWG, whose mandate for 2021–2025 has been adopted.

Success or failure of future negotiations in the OEWG will depend on three main components. First, the relations between the key players will define how productive the talks actually are. While Russia and the United States may have managed to put their differences aside in order to reach a consensus on the report, the differences themselves have not gone anywhere. The sides still bang heads over such issues as attribution in cyberspace, the possibility of applying the norms of international humanitarian law to cyberattacks, etc. This is made all the worse by the new trend towards using the ICT for military and intelligence purpose as well as by numerous public accusations and threats emanating from both sides. One such example is the recent New York Times article on U.S. preparations for a retaliatory attack on Russian networks following the large-scale hack of U.S. government departments and corporations (known as the SolarWinds hack), which Russia is said to have carried out. Cybersecurity remains a sore point in U.S.–China relations as well. Tensions between major powers need to be reduced if we are to see any real progress in multilateral relations on this issue.

The second factor is related to the competition between the negotiating platforms. The OEWG has the advantage that is enjoys broad support among UN members, and its mandate has been written into the respective Resolution of the General Assembly. That said, the GGE format is also widely supported within the United Nations, and the “Russian” resolution received fewer votes in the First Committee of the United Nations General Assembly last year than it had in 2018, while the “American” resolution actually received more. What is more, the United Nations does not have a monopoly when it comes to negotiating platforms on cybersecurity, as a number of non-governmental initiatives on cyberspace regulation have appeared in recent years. France is actively pushing the Paris Call for Trust and Security in Cyberspace, which has the support of almost 80 nations as well as of many civil society organizations and companies. Six working groups are to be launched under the initiative in order to advance international norms and develop practical cooperation in cybersecurity. The competitive environment will mean that the OEWG will need to produce more tangible results in areas that are important for the participants.

The third and final factor has to do with preserving the gap between the practical side of ensuring information security and the international discussion surrounding it. Tech companies face cyberthreats on a daily basis, but their expertise in dealing with these challenges is not in demand at these negotiating platforms. The OEWG report talks about the need for public-private partnerships in order to protect the CII. However, the OEWG could take this one step further by examining the lessons of the responses of the business world to large-scale cyberattacks and by speaking their minds when it comes to assessing the efforts of technology leaders to advance rules and norms in cyberspace. The OEWG has the potential to bridge this gap (the new group’s mandate allows it to work with business and other stakeholders), but it has not been exploited to the full thus far. The most active player in the first convocation from the business world was Microsoft, while Trend Micro, Huawei, Fujitsu and others have also taken part in informal consultations. Kaspersky Lab is the only Russian company involved in the discussions. Russia’s Ministry of Foreign Affairs believes it is necessary “to create conditions for attracting the business world to the negotiation process on international information security (IIS), thus giving the public-private partnership an institutional character.” Two problems will first need to be resolved for this to happen: 1) how to motivate Russian businesses to take part in the negotiations; and 2) how to organize the interaction of different stakeholders in the OEWG in the most effective manner. Otherwise, the efforts of all sides will continue to lack the much-needed link to practical experience in this area.

From our partner RIAC

Continue Reading

Publications

Latest

Defense50 mins ago

A Provident Posture for Israel: Facing Nuclear Iran as an Intellectual Problem

“Subjugating the enemy’s army without fighting is the true pinnacle of excellence.” Sun-Tzu, The Art of War Mitigating Trump-Policy Mistakes...

people art people art
Intelligence1 day ago

Covid 19 and Human Security in Anthropocene era

Since the end of second World  the focus on international security has grown, not only state threats but also threats...

New Social Compact1 day ago

Athletes knock the legs from under global sports governance

Sports governance worldwide has had the legs knocked out from under it. Yet, national and international sports administrators are slow...

Americas1 day ago

Biden’s Dilemma: Caught Between Israel and Iran

By all indication, the latest sabotage at Iran’s uranium enrichment facility in Natanz aimed at more than just disabling thousands...

South Asia2 days ago

Pakistan and Germany are keen to Sustain Multifaceted and Mutually beneficial Cooperation

Pakistan has varied history of relationship and cooperation with other countries in international arena. Despite of proactive foreign policy Pakistan...

New Social Compact2 days ago

Disability policies must be based on what the disabled need

Diversity policies, especially when it comes to disabled people, are often created and implemented by decision makers with very different...

WAN WAN
Urban Development2 days ago

Preparing (Mega)Cities for the 2020s: An Innovative Image and Investment Diplomacy

Globalized megacities will definitely dominate the future, in the same way as colonial empires dominated the 19th century and nation-states...

Trending