After “extensively” analysing and assessing global nation’s counter terrorism response towards lone wolf terror attacks along with the challenges faced by domestic and external security and intelligence agencies, numerous “viable” pragmatic counter-terror strategies were drafted by military and strategic experts throughout the world. Actions carried by “Lone-Wolf” terrorists are “virtually invisible” to “identify and separate”, hindering domestic and intelligence agencies to formulate an “accurate response”. The traditional “profiling” in law enforcement is no longer a viable strategy, particularly towards identifying the “lone-wolf” actor, however, the actor’s “operational mechanism” in the form of an “individualistic response” leaves numerous clues which law enforcement departments particularly hailing from domestic and intelligence groups can use to formulate an effective and efficient strategy.
Moreover, roughly every lone wolf attacker has showcased his/her commitment towards a cause, an alignment or a connection with active“terrorist factions”, pointing towards “increasing presence of radicalised youth” separating them from “potential sympathetic individuals and supporters”. In the light of “aggravating attacks” from “lone wolf terrorists”followed by the rise of “aggressive right-wing factions” (such as A.B. Breivik), law enforcement officers continue to face enormous challenges, especially when it comes to formulating a “viable” applicable strategyto identify lone wolf attackers, who continues to “hide in plain sight”, fearlessly.
After the aggressive violence induced by radical Islamic terrorists against Charlie Hebdo on January 7th, 2015, the threat induced by lone wolf attackers have become a “top” priority for law enforcement officers particularly those hailing from domestic and external intelligence agencies. The law enforcement and intelligence agencies in Parisfaced with two prominent questions:
- Was there any intelligence input prior to the attack?
- Was there any way to prevent tragic loss of lives?
- What should be the strategy to identify perpetrators and their plots?
- Can we prevent future attacks from happening?
All the aforementioned questions are difficult to address. The Directorate General for External Security (DGSE) continues to simulate multiple “responses”, whereas the General Directorate for Internal Security has started “counter-terrorism liaison program” with Directorate of Military Intelligence (DRM) along with Directorate for Defence Protection and Security (DPSD) in an effort to “strengthen, cooperate and coordinate” a response against future attacks. There is no absolute way to provide a suitable answer for the fourth aforementioned question, rather than stating the fact that, it is absolutely “difficult” for security and intelligence agencies to forecast and prevent future possible attacks. No intelligence agency would talk the responsibility to answer, however, drawing a strategic response in an effort to forecast and prevent an attack in the future would be “difficult”. The objective of the article is to evaluate and assess viable pragmatic counter-terror approachesagainst the threat posed by lone wolf terrorismwhile especially emphasising on strategies to counter “Charlie Hebdo” styled attacks. To begin with strategic viable solutions, it is imperative for policy makers to first define lone wolf terrorism.
The term “lone wolf” was first introduced by US law enforcement agencies towards individuals carrying out attacks outside a designated command structure.Operation Lone Wolf was carried by Federal Bureau of Investigation (FBI)to “apprehend” Alex Curtis who instigated “right-wing factions” to participate in “lone-wolf” activism. Since then, numerous terminologies have been introduced by various strategic and intelligence experts, some calling it asan “individual resistance”, “self-indoctrinated terrorism tactics”and “self-sponsored terrorism”.
The article does not lean to a particular definition rather encourages law enforcement agencies and security, intelligence establishment to collect all “available definitions under an umbrella” in an effort to formulate an effective strategy. Traditional Counter-terrorism centred think tanksdefine Lone wolf as “an individual who acts on his/her own will outside a traditional organizing structure or a group”. Moreover, the Federal Bureau of Investigation (FBI) taking the definition to an extent, separates the definition with sleeper agents pointing towards the “dormant” nature of the sleeper agent who is “purposefully” tasked to infiltrate an organization and only reveals himself only on the command of a group or an organization. On the contrary, “A lone wolf is an “individual” operative without a “command and control” structurewho on his free will initiatives an attack”. Although,many counter-terrorism agencies ignore the “ideological” connection of the individual with other “active groups”, which the lone wolf could have been interacting either through “intra-personal interaction” or by “accessing internet”.
Throughout the article the focus will remain on “Operational mechanism” of lone wolf attackers. Although, a significant percentage of lone wolf attackers have been found “influenced” with radical Islamic militant organizations, such as the Islamic State or Al-Qaeda, the “decision, operational planning and carrying out procedure” has largely been “self”, instead of following “traditional commands” from the organizational leaders. Moreover, it is imperative for policy makers to include those “individuals that are inspired/self-indoctrinated by violent radical religion-centric terror organization” within the brackets lone wolf terrorism definition. They could have maintained “links” with the radical religion-centric organization, but the structure of the organization could not be “traditional”.
Absence of a “traditional individualistic behaviour”
Numerous terror attacks carried by “lone-wolves”in Germany, France, Italy, Spain, Australia, in particular to the attack by Barend Strydom, an African national, whoshot and killed a dozen people while wounding many, at the Strijdom Square in Pretoria, South Africa; In La Défense, a man stabbed and mortally wounded a soldier Cédric Cordier. The soldier was later declared “out of danger”. The attacker was identified as Alexandre Dhaussy, a French national who converted to Islam; Another Islamist Mohammed Merah killed over seven people in the city of Toulouse while taking numerous hostage. He was later killed during a 32-hour standoff; In one of the first deadliest attack in Germany, Arid Ukashot and killed two US soldiers while mortally wounding many others at Frankfort Airport; On October 22nd, 2014, a Canadian national Michael Zehaf-Bibeau shot a soldier on-guard at the National War Memorial. The suspect then ran towards the Parliament of Canada and was engaged in a gun-battle with the forces. Additionally,subsequent attempts were made to bomb Seaside Park, New Jersey, lower Manhattan, New York; and New Jersey. Injuring over thirty civilians, the perpetrator Ahmad Khan Rahami was apprehended from Linden, New Jersey, after he open fired injuring three responding officers.
Policy makers must note that, the mastermind” individuals of some aforementioned examples of deadly violence and attacks, vary particularly with respect to their operational mechanism and “target locations”, along with ideological and political inclined groups. Moreover, the common element in these attacks point towards a particular indoctrination or “religion induced”. All the lone wolf attackers were strongly “believers of faith”.
It is important to note that, there is absolutely no “traditional” framework of a lone wolf attacker. However, in the light of their religion centric “differences” and “ideological” mindset coupled with the element of “faith in religion”, makes it easy for security and intelligence agencies to “classify or rule out lone wolf terror attack”. Additionally, there are certain characteristics which possess “significant similarities” among all lone wolf attackers. The fact that continues to challenge security and intelligence agencies is the presence of “few lone wolf attacks which were carried by individuals without any connection to a terror faction”. According to a research conducted by the Organization for Security and Co-operation in Europe(OSCE) jointly with INTERPOL, less than 1.34percent out of 78 lone wolf attacks in US, Germany, Canada, Australia were “individualistic” in nature. This numerical value further complicates the investigation carried by security and law enforcement agencies of lone wolf attacks, seriously hindering their ability to formulate a viable counter-terrorism strategy. Besides all agreements considered, the lone wolf attacks continue to accelerate phenomenally.
Identifying “motivating factors” of lone wolf elements
It will not be incorrect to state that, the radical religion-centric lone wolf “modus operandi” hosts similar characteristics of traditional “right-wing” lone wolf attacks. Throughout the 1990s, Tom Metzger and AlexCurtis openly instigated their followers to commit violent acts of crime. Furthermore,“radical-white” advocator Louis Beam, who was a former member of the notorious Ku Klux Klan, drew the “early strategy on how to carry out a leaderless revolution”. He drafted a scenario where “individuals could carry out attacks without responding to a centralised organization or a leader established headquarters”.
Although, experts have not directly linked the modus operandi used by “radical Islamic centred”lone wolf extremists with that of traditional “right-wing” attackers,however there is striking similarity ofsmall-scale attacks. In 2003, Osama-Bin Laden, through his supporters distributed “instructions” asking his followers not to wait for any instructions in “carrying out attacks”. He further asked his followers “to use whatever means available”. In the late 2004, Abu Musab al-Suri, a Spanish-Syrian national, who was an active member of the “closed circle” group of Bin Laden, published his narrative of Islamic Jihad through a paper titled “Call for Worldwide Islamic Resistance,”. In this roughly seventeen hundred “doctrine”, he mentioned a “new form of jihad”, highlighting the acts of terror carried by “small groups”, which he titled them as “leader-less resistance”. Individuals irrespective of their nationality or age, will wage war on allfronts-“fighting the West in the West”. Two years later, Abu Jihad al-Masri, a prominent figure in Al-Qaeda, published his narrative titled “How to fight alone”which was massively downloaded from Jihadi-centric websites.
Challenges faced by security and intelligence agencies
Lone wolf terrorist attacks are one of the most “unpredictable and difficult to diagnose” events. It will not be incorrect to state that, lone wolf terror attacks bring “nightmare” to intelligence agencies, domestic security institutions, national and regional law enforcement organizationsas they are extremely “sensitive” and “revolve around multiple possible scenarios”.
To begin with, lone wolf elements possess “individualistic” characterises, who live “shadowing intelligence agencies” in “plain clothes”. The attacker may be someone’s relative, friend, husband, brother, or neighbour living next door. Intelligence agencies cannot come to a inclusion simply by studying the perpetrators visual appearance or “daily routines”. The individual avoids “absolute outside contact” making his/her actions discreet. This further increases the difficulty for security and intelligence agencies to “identify and apprehend” a lone wolf attacker. While comparing the individual’s actions to “traditional/conventional terrorist factions”or “centralised command centred” terror actors, “individual” actors have the benefit to maintain a “low-life” and avoiding “all forms of attraction/suspicion” before and post-attack.
When “conventional” terror group members operate, the risk of “detection” from security and intelligence agencies remains high.
Furthermore, in the light of growing “right-wing” political activism followed by frequent protests by anti-government groups, it is very difficult for law enforcement agencies to differentiate between a political activist or a terrorist. This poses a grave threat to security and intelligence officers especially when they are forced to swing between their “gut” and “individual actions”, failing repeatedly to identify perpetrator while reassessing the individual’s operational mechanism, choice of targetor activities or propaganda. The epitome of lone wolf is “idiosyncratic”. They are individuals with motivated by “numerous ideologies and factors”: from radical Islamic fundamental or Wahhabi ideology to “extreme-right wing”, while suffering from “suicidal, obsessive compulsive behavioural disorder” which then fuels psychopathy. This “diverse” behaviour induces certain “vision”, which forces them make hateful comments/accusations on the internet, to disruptive activities which later concurs their quest of “violent actions”, which does not give away anything “unusual” characteristics forecasting the individual’s actions to be “violent”, alerting security and intelligence agencies only when the attack has occurred.
Policy makers must note that, it is literally impossible to differentiate between the lone wolves who carry violent attacks and radical fundamentalists who simply advocate their beliefs. In European Union member nations, and in US specifically, the “freedom of speech is absolute” which limits the investigation of intelligence and security agencies to only “active violent actions”. Although all terrorists are “radicals”but not every radical is a terrorist, which makes it a phenomenally difficult task for security agencies to rule out the “lone wolf”who is going to initiate an attack before the concerned agencies apprehend, particularly in the light of digital age and rapidly evolving “technical tools” used in intelligence.Policy makers must note that, the “original” lone wolves could have “seemingly popularity” which could result in the rise of “copiers”and instigate the youths in carrying attacks using “similar techniques”.
It is important to remember that, lone wolf attackers suffer from necessary skills, technical training, and“organizational support”of violent terror factions, their “attacks”,in the form of Charlie Hebdo shooting and the 32-hour hostage crisis in Sydney, can be lethal.
Drafting an effective Counter-terror policy
How should the intelligence and security agencies deal with the“phenomenally” growing threat of lone wolf terror attackswhile facing enormous challenges of identifying and arresting them, without raising suspicions? This question remains “unanswered” especially in an inclusive society which continues to debate on “human rights” and police brutality. Although, the fact remains unchanged: security and intelligence agencies are facing an enormous challenge,especially when it comes to lone wolves carrying out attacks “using all means available”.
However, the aforementioned statements and shortcomings highlight significant factors which could be utilised by policy makers to formulate an effective counter-terror strategy.
To begin with, the approach agency uses to track “radical elements” entering and exiting a country, plays a vital role. Formulating the strategy which focusses more on “how an attack” could take place rather than “the identity of the attacker” creates a big difference. Furthermore, it is imperative for security and intelligence agencies to extensively study on “how does an individual radicalises”, the entire procedure. Such “aggressive” and “out-of-the box” strategy could effectively reinforce the state’scounter-terror policywhich could, if “effectively and efficiently planned”, could put an end to a possible lone wolf attack.
It is imperative for security and intelligence agencies to understand the modus operandi of a lone wolf,while formulating carefully a “detection trap”unavoidable even by the “careful” individuals while reinforced with “every tactical manoeuvre”used in counter-terror planning. Counter-terror training should be extensive throughout law enforcement units, while training in “signal avoidance”, “isolation and individualism” should be provided at all levels, in an effort to apprehend a perpetrator “isolating” himself before an attack. This not only requires real time data inputsbut also requires an “effective and efficient flow of information and its management”. The union between the intelligence analysts and field operation staff makes the difference.
Furthermore, intelligence agencies should bring their attention to the essential “common feature” that might be link one lone wolf with another, separating the individual from “community” while indicating an “irrational behaviour”. At this point, security and intelligence agencies must “coordinate and cooperate” with relevant agencies before “making an arrest”. Also, it is important for security and intelligence agencies to strengthen their grip on community, which can be achieved by hosting confidence building mechanisms within the community, after all the masses are the true “eyes and ears”.
Policy makers must note that, lone wolf operators, although acting alone, at some point of time, receive inspiration from an ideology or violent actors, it is imperative for security and intelligence agencies to disrupt presence of any such materials or “hidden societies”. It the state’s responsibility to condemn any, all such acts, ideologies which promotes violence.
Since, lone wolves act outside the framework of an organization, their acts are ignited by a local incident. State must initiate awareness talks, community development “de-radicalisation” centric program inviting students, teachers, community leaders, parents and all stakeholders, while maintaining an “healthy” atmosphere rather than panic.
The formulation of an effective counter-terror program begins with “communicating” with certain section of communities. Alternatively, this should be carried out without “providing their acts a stage and an audience”. Countering lone wolves is a priority but not at the stake of “publicising” them in a way that incites others to “take the same route”.
In the end, the most effective way to counter lone wolf attacks rests in “understanding their operational mechanism”. In recent violent incidents, all the perpetrators where masculine and used licensed firearms to commit acts of crime.This “selective individuals” who carries licenced arms and significant ammunition needs to be isolated and carefully assessed by security and intelligence agencies. This can be done by “strengthening gun licensing policy along with strict background checks”.
As explained in the aforementioned arguments, security and intelligence agencies face an enormous challenge in countering lone wolf attackswhile any “formidable” counter terror strategy would have limited impact. Similar to all acts of terrorism,there is no way to guarantee absolute elimination of this threat. With this said, the road to counter lone wolf terrorism is “rough and long”. The answers for the question on “factors responsible for radicalisation of lone wolf terror actors” are in its premature stage,needs to be assessed thoroughly. In the light of increasing lone wolf terror attacks, new question repeatedly emerges, particularly highlighting the role of internet along with “narcissistic sadistic” comments made by “right wing” factions against minority communities. With few “radical Islamic” lone wolf actors, the question of “an individual’s sudden change of course to commit acts of terror” makes it difficult for security agencies to respond. Thus, through “extensive cooperation and coordination” between inter and intra domestic and intelligence agencies along with timely sharing of ideas, experience and assessment of lone wolf terror attacks,policy makers will be able to create viable counter-terror response against lone wolf acts of terrorism.
ISIS-K, Talc, Lithium and the narrative of ongoing jihadi terrorism in Afghanistan
Chinese and Russian efforts are underway to strengthen the Taliban government economically and militarily, along with legitimacy and international recognition. In return, Pakistan is trying to disrupt the Taliban government’s relations with Iran and Tajikistan, as well as with China and Russia. Subsequent to the fall of the previous republican government, following Russia and China, Iran is a major supporter of the Taliban.
Iran plays a significant role in a new intelligence surge launched by major regional players in Afghanistan, which includes ISIS-K campaign against the Taliban government in country. Although Taliban have been able to crush, ISIS-K in several provinces of Afghanistan, but the group was able to mobilize a bunch of other terrorist organizations such as Turkistan Islamic Party, Khetabat Iman Ul Bekhari, Khetabat ultauhied Waljihad, Islamic Jihad Union, Jamaat Ansarullah and East Turkistan Islamic Movement, and The Army of Justice. According to sources on the ground, the group has also established contacts with the resistance front led by Ahmad Massoud to fight Taliban.
Seemingly, the group joined forces with the Resistance Front in northern part of the country to downfall the Taliban particularly in northern Afghanistan. In addition to defeating the Taliban in the central and southern provinces of Afghanistan, the group has started a sectarian war between the Sunnis and Shiites, which has partly soured relations between the Afghan Taliban and Iran. The group had the support of Pakistan as well as other regional countries and beyond. Furthermore, Lashkar-e-Taiba fighters entered Afghanistan with the help of the Pakistani army, joining the fight between Sunni and Shia in Afghanistan. Efforts are underway to start a civil war in the country. According to the information, ISIS militants have been mostly funded and financed by the Saudi government, as well as other Salafi Gulf States to minimize and even eradicate Shiites in the region.
In accordance with some sources, additional costs are being borne by the United States and Great Britain. Beside all such financial support, Islamic State (ISIS-K) militants also obtain some funding and thrive through mining and establishing business firms throughout the region.
Let us say, Islamic State militants relatively control the oil reserves in Iraq and they illegally extract it, meantime they have hands on talc and other precious stones in Afghanistan to cover their propaganda campaign expenses. ISIS-K uses the same tactics applied by Taliban during the US occupation; Taliban began illegal mining in Afghanistan to finance their activities in order to wage the war against the US aggression. During the Taliban’s resistance, Taliban fighters had also a strong financial support from Pakistan, and the Pakistani government accordingly received that financial sustenance from other countries namely western and the Arab world. However, the Taliban forcibly mined Afghanistan’s lapis lazuli and smuggled it to Pakistan. Under the auspices of the Pakistani government, the gems were shipped to the United States and the European countries. In return, the Taliban were paid in cash. Likewise, the Taliban, ISIS chose the same path, and made the most of money via mining in Afghanistan.
Subsequently, the ISIS group has chosen Nangarhar province as its stronghold in Afghanistan, since it has mineral deposits of talc, chromite, marble and other precious and rare earth minerals in addition, the group is also trying to control smuggling routes, to launch cross border terrorism.
Consequently, ISIS-K endeavors to bring Ghazni province under its control, since a huge Lithium, mine exists in the province. The group is well aware of its preciousness in the world market because the element is mainly used by automotive industries to produce batteries for electric cars.
The anti-corruption network of the former Afghan government reported that the Taliban and the Islamic State together received about 46 million in 2016 thru illegal mining from a single district of Nangarhar province. That is why ISIS has spent millions of dollars in Afghanistan because of holding its campaign and propaganda, allegedly, most of which came from mining.
Furthermore, district governors have been appointed by ISIS for Afghanistan’s 387 major districts, with a monthly salary of up to 80,000 Afghanis. This is a huge financial burden for the Islamic State, but the Islamic State group’s representatives say that they stick to their words, so that everyone will be paid on time. The ISIS group needs a large amount of financial support to achieve its major goals, but the group is not overstrained financially, because it receives a chockfull financial support.
Conversely, Iran is trying to increase the number of Shiite orientated proxies in the world and especially in Afghanistan to eliminate ISIS-K in return; the Saudi and other Gulf Sates want to prevent it. Therefore, they use ISIS and other associates of the group to counter Iran’s ambitious trans-national agenda; ISIS-K takes advantage of having been provided with huge financial support by anti-Iran camp.
Iran has repeatedly tried to spread Shia religion around the world, most notably at Mustafa International School in Bamko, the capital of Mali in Africa. There have been several attempts by the Iranian government to convert the students to Shi’ism, an issue that has become the topic of international debate supported by Saudi Arabia. Finally, all of these events are currently having a direct and indirect impact on Afghanistan and the country’s ongoing security crisis, which will affect the entire region at the end.
The means to manage cyberspace and the duty of security
Over and above the ethical concepts regarding the near future, it is also good to focus on the present. Governments are required to protect their national resources and infrastructure against foreign and domestic threats, to safeguard the stability and centrality of human beings and political systems and to ensure modern services for civilians. Suffice it to recall the chaos that arose some time ago in the Lazio region for the well-known health issues.
Governments must play a key role in developing and leading the local ecosystems, but this national effort must involve many other stakeholders: local businesses, entrepreneurs, multinational companies, local and foreign investors, State agencies, Ministries and academics, people in education, professional institutions and the public at large.
Furthermore, cybersecurity is a national opportunity for developing the local economy and for positioning any country in the international arena as a safe place to establish and develop economic relations between States and companies. It is also important as a regional cyber hub.
Cyber strategy therefore consists in prioritising operational cyber activities with a view to optimising and monitoring the overdevelopment of cyber intelligence that could one day take such turns as to be ungovernable.
This is the reason why investment in technology, local capacity building and resource allocation and concentration are required. This means providing strategic advisory services to government agencies that are seeking to advance cyber security at a strategic and operational level.
It is therefore necessary to work with governments to develop their strategic and operational capabilities in cybersecurity, either at the national or sectoral level, as well as providing comprehensive cyber projects that combine cyber defence and the development of a local cyber ecosystem, based on the models tried and tested by various countries around the world, such as the People’s Republic of China, Israel, the United States of America, etc.
There is a need to specialise in setting up Cyber Units and Cyber Centres (SOC & Fusion Centres) and in developing Cyber Eco-Systems and Cyber Strategies. This means providing various cyber solutions, services and know-how to companies in various sectors, such as financial, industrial, energy, health, technology and many other sectors.
Stable OT (operational technology) security services and strategic advice to companies in the fields of energy, manufacturing, security, medicine, transport, critical infrastructure and many others create the prerequisites for defending cyberspace. As well as helping OT-based organisations integrate cybersecurity into their processes and products. Design, develop and deliver advanced technologies and solutions to protect critical assets in OT environments, such as ICS, SCADA, IIoT, PLC, etc.
In this regard there is a basic need for creating professional IT schools around the world that teach the meaning of cyberspace, and not just how to use Word and other simple Office programs.
The expansion and creation of universities and institutes of cyber knowledge is a starting point from which partnerships are launched with organisations seeking to create their own cyber schools or with academic or educational organisations offering cyber training to their students.
Providing comprehensive solutions for IT schools, enables the training of IT professionals and new recruits in all IT roles, so that hackers do not remain the sole repository of digital truth. Advanced training is a solid starting point for organisations seeking to train their IT professionals. Professionals who can manage and master schemes such as Cyber Defender, Cyber Warrior, Cyber Manager, SOC Analyst, Digital Forensics, Basic Training and many others, including through the use of simulation.
Leading the creation and development of the high-level cybersecurity ecosystem is a duty of States towards the citizens who elect their leaders. The same holds true for seeking and employing highly experienced experts in the various security subject matters, including strategic cyber defence, cyber warfare, cyber intelligence, cyber research and development and cyber strategy, as well as defining training policies for these branches of operation.
Having examined the prerequisites for protecting cyberspace, it is worth addressing the structure of some of the risks faced by institutional network systems.
One of the most typical operations made by hackers relates to the use of client/server technology to combine several computers as a platform to launch DDoS (Distributed Denial of Service) attacks against one or more targets, thus exponentially increasing damage.
A malicious user normally uses a stolen account to install the DDoS master programme on a computer. The master programme will communicate with a large number of agents at any given time and the agent programmes have been installed on many computers in the network. The agent launches an attack when it receives an instruction. Using client/server technology, the master control programme can activate hundreds of agent programmes in a matter of seconds.
A DDoS uses a group of controlled machines to launch an attack on a computer, be it server or client. It is so fast and hard to prevent that is therefore more destructive. If we consider that in the past network administrators could adopt the method of filtering IP addresses against DDoS, it becomes more difficult to prevent such actions today. How can measures be taken to respond effectively?
If the user is under attack, defence will be very limited. If there is a catastrophic attack with a large amount of traffic pouring onto the unprepared user, it will very likely that the network will be paralysed before the user can recover. Users, however, can still take the opportunity to seek defence.
Hackers usually launch attacks through many fake IP addresses. At that juncture, if users can distinguish which IPs are real and which are fake – and hence understand from which network segments these IPs come – they can ask the network administrator to change them. Firstly, the PCs should be turned off to try to eliminate the attack. If it is found that these IP addresses are coming from outside rather than from the company’s internal IP, a temporary investigation method can be used to filter these IP addresses on the server or router.
The solution would be to discover the route through which the attackers pass and block them. If hackers launch attacks from certain ports, users can block these ports to prevent intrusion. After the exit port is closed, all computers cannot access the Internet.
A more complex method consists in filtering the Internet Control Message Protocol (ICMP), a service protocol for packet networks transmitting information regarding malfunctioning, monitoring and control information or messages between the various components of a computer network. Although it cannot completely eliminate the intrusion during the attack, filtering the ICMP can effectively prevent the escalation of the aggression and can also reduce the level of constant damage to a certain extent.
The DDoS attack is the most common attack method used by hackers. Some conventional methods of dealing with it are listed below.
1. Filter all RFC1918 IP addresses. The RFC1918 IP address is the address of the internal network, such as 10.0.0.0, 192.168.0.0, 172.16.0.0, etc. These are not fixed IP addresses of a particular network segment, but confidential local IP addresses within the Internet, which should be filtered out. This method serves to filter out a large number of fake internal IPs during an attack, and can also mitigate DDoS attacks.
2. Use many PCs to resist hacker attacks. This is an ideal response phase, if the user has sufficient ability and resources to enable a defence against hackers who attack and continue to access and take over resources. Before the user is fatally attacked, the hacker has little means to control many PCs. This method requires considerable investment and most of the equipment is usually idle, which does not correspond to the actual functioning of the current network of small and medium-sized enterprises.
3. Make full use of network equipment to protect resources. The so-called network equipment refers to load balancing hardware and software such as routers and firewalls, which can effectively protect the network. When the network is attacked, the router is the first to fail, but the other devices have not yet collapsed. The failed router will return to normalcy after being restarted and will restart quickly without any loss. If other servers collapse, their data will be lost and restarting them is a lengthy process. In particular, a company uses load balancing equipment so that when a router is attacked and crashes, the other will work immediately. This minimizes DDoS attacks.
4. Configure the firewall. The firewall itself can resist DDoS and other attacks. When an attack is discovered, it may be directed to certain sacrificial hosts, which are able to protect the actual host from the attack. The sacrificial hosts may obviously choose to redirect to unimportant hosts or to those having systems with fewer vulnerabilities than some operating systems and with excellent protection against attacks.
5. Filter unnecessary services and ports. Many tools can be used to filter out unnecessary services and ports, i.e. filter out fake IPs on the router. For example, Cisco’s CEF (Cisco Express Forwarding) can compare and filter out Source IP and Routing Table packets. Opening only service ports has become a common practice for many servers. For example, WWW servers open only 80 ports and close all the others or use a blocking strategy on the firewall.
6. Limit SYN/ICMP traffic. The user must configure the maximum SYN/ICMP traffic on the router to limit the maximum bandwidth that SYN/ICMP packets can occupy. Therefore, when there is a large amount of SYN/ICMP traffic exceeding the limit, this means it is not normal network access, but hacking. In the beginning, limiting SYN/ICMP traffic was the best way to prevent DDoS. Although the effect of this method on DDoS is currently not widely used, it can still play a certain role.
7. Scan regularly. Existing network master nodes should be scanned regularly, checked for security vulnerabilities and new vulnerabilities cleaned up promptly. Computers on backbone nodes are the best locations for hackers to use because they have higher bandwidth. It is therefore very important to strengthen the security of these hosts. Furthermore, all computers connected to the major nodes of the network are server-level computers. Hence regular scanning for vulnerabilities becomes even more important.
8. Check the source of the visitor. Use suitable software to check whether the visitor’s IP address is true. This should be done by reverse-searching the router: if it is fake, it will be blocked. As said above, many hacker attacks often use fake IP addresses to confuse users and it is hard to find out from where they come. Therefore, for example, the use of Unicast Reverse Path Forwarding can reduce the occurrence of fake IP addresses and help improve network security.
As seen above, we need experts who know more than hackers, and this is the duty that States and governments have towards their institutions, but primarily towards their citizens.
The visit of the head of Israeli Mossad intelligence to Bahrain
The visit of the UAE Foreign Minister, Sheikh Abdullah bin Zayed to Damascus on Tuesday, November 9, 2021 and the meeting with Syrian President Bashar Al-Assad, sparked a great controversy that began from the moment it was announced, which was highlighted by Western analyzes mainly from outside the region, that it comes for a (comprehensive Arab reassessment of the reality of the relationship with Syria and its importance in combating terrorism in the region, and the importance of the current Syrian reality in the calculations of Arab and Gulf national security, primarily towards Iran, and breaking the American “Caesar Law” towards imposing an economic blockade on Syria), and various analyzes and speculations about the future of these have increased. The Emirati step, its implications and dimensions in the Arab and Gulf relations towards the Syrian regime, and whether it represents one of the indicators of the transition to another new phase of political action towards opening up to Damascus, and the return of Syria to its regional and international role. Especially with the clarification of the “Emirati-Syrian coordination” some time before that visit to arrange the rapprochement between the two sides, which became clear by the announcement of the contact between the Crown Prince of Abu Dhabi (Sheikh Mohammed bin Zayed and President Bashar Al-Assad), as well as an official invitation to Syria to participate in the “International Expo Exhibition In Dubai” and then my meeting with the Syrian and Emirates oil ministers in Moscow.
But what stopped me in that Emirates visit, was perhaps other events that were not addressed during those analyzes, which caught my attention analytically and academically, and the most different of them was (I was alerted by a foreign researcher during my commentary on the same analysis, that the Emirates move is mainly in the interest of Tehran the Iranian regime, not to stifle and besiege Iran in its areas of influence and its known role in Syria). Despite the strangeness of this analysis, I occupied my mind with another matter to respond to it, regarding: (the significance of the visit of the head of the Israeli Mossad to Bahrain, and the visit of Emirates officials to Tel Aviv, and what is even clearer to the public is the organization of joint naval exercises in the Red Sea with the joint Israeli naval forces with Bahrain and the UAE), at the same time as the aforementioned visit.
Accordingly, my analysis mainly focuses on whether that visit took place through (arranging and coordinating with Tel Aviv to curb Iran in Syria and the region, by attracting Syria to the Arab League and collective Arab action again), and the Gulf rejectionist and Arab reservations towards the step of rapprochement. The Syrian-Iranian, or did I aim for a clearer Gulf rapprochement with Iran through rapprochement with Syria, as I went to a number of mainly Western analyzes, which I received. From here, the Egyptian researcher will analyze all the following elements:
Analyzing the implications of the visit of the UAE Foreign Minister (Bin Zayed) to Syria on November 9, 2021.
And its relationship to the “joint naval maneuvers” between (Israel, the UAE and Bahrain) in the Red Sea on November 10, 2021 on the Iranian existence at Syria
The visit of (the head of the Israeli Mossad intelligence service to Bahrain) at the time of the naval joint maneuvers with Israel in the Red Sea, with (the visit of the UAE Air Force commander to Israel).
Then, finally, analyzing the impacts of the Israeli Mossad intelligence moves in the Red Sea on its rapprochement with the USA in the face of (China, Russia and Iran).
To answer those questions, it is necessary to verify and respond to number of inquires and some other different analyses, such as:
The UAE’s motives for taking such a step of rapprochement with Syria, through the visit of the UAE Foreign Minister “Sheikh Abdullah bin Zayed” to Damascus on Tuesday, November 9, 2021, and the meeting with Syrian President “Bashar Al-Assad”.
Rather, will this Emirates step (encourage the rest of the Arab countries to follow the Emirates footsteps) and open up to the Syrian regime?
What is the fate of the “Syrian opposition to the Emirati-Syrian rapprochement”, and is this Emirates move aimed at weakening the Syrian opposition track, especially the Syrians opposing the regime of President “Bashar Al-Assad” abroad?
Then, it will remain to analyze (the Syrian opposition’s options if more Arab countries open up to the Al-Assad’s regime).
Will there be a (Syrian-Emirati consensus) towards the step of solving the (return of Syrian refugees from abroad and the settlement of their situation with the current Syrian regime)?
Finally, the question arises, regarding: (the impact of the intensity of American and international criticism of the UAE’s step of rapprochement with the Syrian regime and President “Bashar Al-Assad” on the completion of the remaining Arab steps seeking to integrate and return Syria once more to its membership in the League of Arab States)?
In fact, the most dangerous and important analysis for me remains completely analytical, namely: (What was raised about the fact that the UAE obtained the green light from the United States of America itself and from the Israeli side before the visit of the UAE Foreign Minister “Bin Zayed” to the Emirates, in pursuit of forming (Gulf-UAE-Israeli alliance against Iran), and seeking to neutralize the Syrian regime in the face of these Iranian moves as a closely related ally of the Iranians?) Accordingly, we can analyze that, as follows:
Perhaps what reinforces and supports my recent view regarding the “Israeli Gulf mobilization with the help of the UAE and Washington’s support to confront Iran through Syria” is (the joint security coordination between Israel and the Emirati and Bahraini naval forces to conduct joint naval maneuvers in the Red Sea, which lasted for five full days), which began on Wednesday, November 10, 2021, which comes at the same time as the UAE rapprochement with Syria, meaning:
(There are joint security arrangements between Israel, the UAE and Bahrain in the face of Iran through the move of rapprochement with Syria as an ally of Iran)
As I mentioned, the joint naval maneuvers between Israel and the UAE at the same time as the UAE visit confirms (the continuation of joint security coordination between Israel and the UAE), especially to curb and limit Iranian influence. Knowing that the step of joint security coordination between the Emirates and Israel began three years ago, when the naval forces of the Gulf states, mainly the “UAE and Bahrain”, began conducting joint naval maneuvers with the Israeli side, which were the first for them ever with their Israeli counterpart, in cooperation with the forces of the United States of America’s Navy.
We find that the current joint naval maneuvers in the Red Sea with the participation of the UAE and Israel, with the participation of (warships from the Emirates, Bahrain and Israel), in addition to the United States of America, is a “joint Israeli-Gulf assertion” to send a message to the Iranian side, that these naval maneuvers with Israel, aims to:
“Securing the maritime traffic in the face of Iran, and seeking to secure the movement of the straits and maritime navigation in the Red Sea with the help of Israeli security, especially that these joint maritime training operations included training on encirclement and raid tactics”
This was confirmed by the US Naval Forces Central Command, in an official statement, to confirm that:
“The Israeli, Emirates, and Bahraini training aims to enhance the ability to work collectively among the forces participating in the maneuvers”
From here, we understand that the step of joint Israeli-Emirati security coordination, and the consequent step of the joint naval maneuvers, came after the signing of the “Abraham Accords” in September 2020, and the normalization of their relations with Israel by the UAE and Bahrain. Since then, it has strengthened the (diplomatic, military, and intelligence relations between Israel, the UAE and Bahrain, as the two most important Gulf countries that share Tel Aviv’s concerns about Iran’s activities in the Red Sea and the region).
The most prominent here, is (the visit of the head of the Israeli intelligence service Mossad in a public visit to Bahrain at the time of the joint naval maneuvers with Israel in the Red Sea, with the commander of the UAE Air Force heading at the same time also on a first-of-its-kind visit to Israel in October 2021).
In general, the (re-opening of the Emirati and Bahraini embassies in Damascus) in December 2018, was considered at that time as (a major change in the Gulf policy towards Syria, and it was among the first indications of a more comprehensive normalization). There is no doubt that these steps came after consulting Saudi Arabia. However, it seems that Saudi Arabia, as usual, is taking a cautious and secretive attitude towards the move of rapprochement with Syria due to its fear of the “Al-Assad regime’s relations with Tehran”.
At the time, the UAE and Bahrain talked about (the geopolitical benefits of rehabilitating the regime of President Bashar Al-Assad). The State of Bahrain confirmed that “the step of integrating Bashar Al-Assad aims to strengthen the Arab role and prevent regional interference in Syrian affairs”.
The most important analytical question for me is whether Abu Dhabi has completely severed its relations with Damascus at all, given (the continued presence of prominent Syrian figures loyal to Damascus living and working in the Emirates).
In general, this (continuous stream of signals emanating from Damascus and other Arab capitals, led by the Emirates for rapprochement with Syria), indicates that the former opponents of the Syrian government have come close to reaching mutually beneficial arrangements with the Syrian government, some of which pledged a few years ago to drop it.
The most important gains for the Syrian regime from that rapprochement with the UAE and the rest of the Arab countries will be (reconstruction contracts for Syria and energy deals), in addition to the markets that will be opened to it if they reconcile with the Arab countries, which may later pave the way for “inclusion of Damascus again and returning its membership in the League of Arab States”, which is of course the most important strategic step for the UAE and the Gulf states, to help Syria to return back to the “Arab House”, and consequently put pressure on it not to rapprochement with Iran, as it is a rival opponent for the UAE and the Gulf states.
In this context, the Syrian capital, Damascus is now hoping for (influential Arab voices to exert international pressure in order to lift the severe sanctions imposed on the Syrian regime), which aims to (punish Syrian officials and Syrian organizations for their alleged involvement in human rights violations).
What can I do with an Economics degree?
A degree in economics will increase your employability in any industry. High-skilled graduates are in high demand worldwide. The wide...
Israel-Palestine: Risk of ‘deadly escalation’ in violence, without decisive action
With violence continuing daily throughout the Occupied Palestinian Territory, the Special Coordinator for the Middle East Peace Process urged the Security Council on Tuesday to adopt...
Amidst Strong Economic Rebound in Russia, Risks Stemming from COVID-19 and Inflation
Following a strong economic rebound in 2021, with 4.3 percent growth, Russia’s growth is expected to slow in 2022 and...
COP-26 Results: High Hopes for Low Temperatures
The 26th Conference of the Parties (COP-26) to the United Nations Framework Convention on Climate Change (UNFCCC) was held in...
An Uneven Recovery: the Impact of COVID-19 on Latin America and the Caribbean
Employment rates in some Latin American and Caribbean countries have experienced a relative recovery, although in most, rates fall short...
World trade reaches all-time high, but 2022 outlook ‘uncertain’
Global trade is expected to be worth about $28 trillion this year – an increase of 23 per cent compared...
Coronavirus pandemic could cost global tourism $2 trillion this year
The coronavirus pandemic will likely cost the global tourism sector $2 trillion in lost revenue in 2021, the UN’s tourism...
Science & Technology3 days ago
Digital Child’s Play: protecting children from the impacts of AI
East Asia4 days ago
The Chinese diplomatic force in the IAEA to confront Western leadership
South Asia4 days ago
Kabul: Old Problems are New Challenges
Middle East3 days ago
Testing the waters: Russia explores reconfiguring Gulf security
East Asia4 days ago
Summit for Democracy Attempts to Turn Multicolor Modern World into Black and White Divisions
Americas3 days ago
Russia and the United States Mapping Out Cooperation in Information Security
Africa3 days ago
Xi Jinping’s Global Development Initiative and the Sustainable Development Agenda of China-Africa in 2030
Economy3 days ago
A Good Transport System Supercharges the Economic Engine