Connect with us

Intelligence

Cyberspace: A Manmade Sphere for Wars

Anahit Parzyan

Published

on

Internet can be considered as one of the greatest achievements of humanity of the last century, which connected the entire world. It created a new space for connections, information and communications, as well as cooperation. Thus, it created also a new platform for conflicts which involved not only individuals but also states. The invention of the twentieth century, the internet, has become another sphere for international relations, and a new space for defensive and offensive policies for regulating and balancing those affairs. The space called cyberspace has become a platform for interactions not only between individuals, but also between states. The interactions on their side were not only developed in a positive manner, but were also transformed into attacks, which pose a real threat to the security of states. Thus, the following questions arise:

Can cyberspace be considered a new sphere for war? Can conflicts and offensive and defensive operations in cyberspace be considered a real war?

The aim of this article is to specify offensive and defensive actions occurring in cyberspace and to explain the differences and similarities between them and the classical approach to war present in other spheres: land, water, air, and space. Despite the overgrowth of offensive interactions in cyberspace and defensive strategies for enriching the cyber arsenal of states, military specialists have concerns over the reality of cyberwars in general. Parallels are drawn to show the similarities and differences between definitions and perceptions of war, and whether concepts from the classical approach can be transferred to describe wars in the cyber sphere.  This research puts cyberwars in line with other wars, thus analyzing their peculiarities, whilst Cyberspace is seen as another sphere for war and international relations in addition to the existing spheres of land, water, air, and space

Internet’s Two Sides of the Coin: From Good to Threat

The Internet that we use today, is based on the Transmission Control Protocol or just Internet Protocol commenced in 1973. The network became operational in January 1983. For the first two decades of its existence, it was the preserve of a technological, academic, and research elite. From the early 1990s, it began to percolate into mainstream society and is widely regarded as a General-Purpose Technology (GPT) without which modern society could not function.

Only half a century ago it was difficult to imagine that human interactions would be developed in a manmade sphere, totally virtual and artificial. It must have been impossible to imagine that it would penetrate our lives so closely that it would cover everyday life, from communication and information sharing to purchasing products and regulating temperature at home.

Now internet has connected the entire world breaking the land borders which lined geographically differentiating the places people live. It substituted land borders with digital ones, making it possible to connect the entire world into one sphere.

With the start of the World Wide Web in 1993, the greatest accretion of communication came into existence. Since then, information being secret for a limited groups or organizations that were historically used for military purposes as an intellectual advantage, soon became available for masses.

Moreover, equal access to information for all, one of the ultimate achievements of humanity and one of the supreme advantages of the internet, has started to provide information not only for good will, having also provoked irregular warfare.

These chaotic interactions, which Garnett called “fourth generation warfare” (4GW), through networks would become a wave of social reactions and pressure that would provide an opportunity for an asymmetric warfare. The tendency is obviously dangerous since not only states possess these “digital” weapons but also non-state actors including terrorist networks. Basically, the Internet allows anyone to join digitally and to be a force or power that could have a significant impact on states’ policies.

The sphere were those actions take place with the usage or within the system of information and communication technologies is broadly named cyberspace and the actions that take place in this sphere get their terminology accordingly; cyber-attacks, cyberwar, etc… Though states have various definitions of a cyberspace and with the scope it covers, it is meant to be a non-physical Information and telecommunication technologies environment (ICT).The term cybersecurity has been emerging from the US since the mid-1990s, which later have become widely used in other countries and international organizations such as United Nations (UN), Organization for Security and Co-operation in Europe (OSCE), Organization for Economic Co-operation and Development(OECD), North-Atlantic Treaty Organization (NATO), the Council of Europe(CE), BRICS, Shanghai Cooperation Organization (SCO) and many others.

A cyber-attack is not an end in itself, but a powerful means to a wide variety of ends, from propaganda to espionage, from denial of services to the destruction of critical infrastructure.

From the prism of threat, they may cause, cyberattacks can be implemented using methods, such as malicious programs, that can penetrate systems of specific or not specified group of people or entities causing dysfunctions of computer operations, stealing personal information, phishing stealing passwords of the user as well as infecting computer systems to slow down specific processes, etc.  In current internet-run infrastructure a single penetration can be fatal for a society and become a threat for a state. A penetration into the command-control system of critical infrastructures, for example, can cut the supply of energy, change the chemical construction of water thus making it poisoned, etc. and the anonymity can stand as an advantage as cyberattacks are still not attributable through international humanitarian law. Moreover, in a cyber conflict, the terrestrial distance between adversaries can be irrelevant so cyber weapon can reach its target much beyond its borders.

The advance of technology made it possible to give room for clashes between States and non-states actors involved in operations in cyberspace. These clashes have become a real threat for international security. As compared with kinetic weapons that are relatively expensive to obtain, as well as possible to detect their origin, malicious programs are available to download or buy and even create if there is a good specialist of it: even a teenager can formulate it.

Therefore, it is becoming nearly impossible to patrol all the purchase and supply chain of the cyber arsenal. Malicious viruses or programs can penetrate various computer systems of public and private usage and cause dysfunctions, changing the primary command-control systems, slowing their base speed of operation and causing very costly problems for state security.

Per media reports, the group which rampaged through and besieged part of Mumbai in November 2008 made use of readily available cellular and satellite phones, as well as overhead imagery from Google Earth, to coordinate and plan their attack.

However, this invention is an issue of arguments among scientist from the prism of war definition.

Theoretical Dilemma of cyberwars and cyber reality

Despite different conflicts occurring in cyberspace between state and non- state actors, state-sponsored operations, and developments in international relations, military specialists argue about the exact definition of cyberspace, whether to evaluate it as real war or not, and as whether to count operations in cyberspace as a real war between parties involved.

Various conflicts in cyberspace including attacks of regular and irregular origin performing symmetric or asymmetric tactic, do not correspond with the classical approach of the war including only some or one or even missing any aspect of the war characterization. Despite of the current actions and bilateral, multilateral etc., agreements signed by states and international organizations, associations on the cybersecurity issues and despite of the threats the world overcomes or will overcome in cyberspace, theorists have certain disbelieves while defining or accepting cyberspace as a new sphere for wars as well as cyberwars as already occurring facts.

The issue is that there had not been a single verifiable case of cyber terrorism nor has there been any human casualty caused by cyber-attacks, giving grounds for disbelief.

Thomas Rid a specialist of war, is among those scientists and experts who see debates about cyber wars exaggerated, moreover, he expresses mistrusts related to cyberspace as a new space for war in a classical approach of war definition. He believes that “Cyber war has never happened in the past, it is not occurring on the present and it is highly unlikely that will disturb the future.”

The fact that computer and internet assisted attacked may penetrate the operating systems of targets stealing data or causing dysfunction of potentiality of operations Rid, however, in this respect differentiates between sabotage operations and direct physical harm.

Rid refers to Carl von Clausewitz, a nineteenth-century Prussian military theorist, who defines war according to three criteria, “First, all acts of war are violent or potentially violent. Second, an act of war is always instrumental: physical violence or the threat of force is a means to compel the enemy to accept the attacker’s will. Finally, to qualify as an act of war, an attack must have political goal or intention.”

Theoretical description of war through centuries might have changed its primary strategies and instruments, while his goal is always the same. Within this respect, it is important to observe this definition on a broad way: Of course, computer warm or virus cannot kill directly a person, like it could have a sword, but it can cut the energy supply of a hospital causing a chain of violence, or it can penetrate the command control of the Airplane system and change the direction of the plane or to cause and a catastrophe.

In contrary to classical approach of war, the reality of cyber war is supported by those who believe that cyber wars have already occurred, are occurring and will, possibly, continue to occur in future, thus cyber strategies must be implemented.

In July 2016, Allies reaffirmed NATO’s defensive mandate and recognized cyberspace as a domain of operations in which NATO must defend itself as effectively as it does in the air, on land and at sea.

Former U.S. President Obama speaking about cybersecurity mentioned:

“America’s economic prosperity, national security, and our individual liberties depend on our commitment to securing cyberspace and maintaining an open, interoperable, secure, and reliable Internet. Our critical infrastructure continues to be at risk from threats in cyberspace, and our economy is harmed by the theft of our intellectual property.  Although the threats are serious and they constantly evolve, I believe that if we address them effectively, we can ensure that the Internet remains an engine for economic growth and a platform for the free exchange of ideas”.

Thomas Reed, a former staffer on the US National Security Council argues that Cyber wars are even new. They occurred in past, in Cold War Era, and had devastating results. As an example, he mentions about the first ever cyber-attack- a massive pipeline explosion in the Soviet Union in June 1982, counting as the most violent cyber-attack ever. “According to Reed, a covert US operation used rigged software to engineer a massive explosion in the Urengoy-Surgut-Chelyabinsk pipeline, which connected Siberian natural gas fields to Europe. Reed claims that Central Intelligence Agency (CIA) managed to insert malicious code into the software that controlled the pipeline’s pumps and valves. The rigger valves supposedly resulted in an explosion that the US Air Force rated at three kilotons, equivalent to the force of a small nuclear device.”

Although, neither there is a factual evidence of accident being a cyber-attack confirmed or supported by the official U.S, nor there are any Soviet media reports from 1983 also confirming that Reed’s mentioned explosion took place. Though Soviet Union media regularly reported about accidents and pipeline explosions at the time. In case of cyber-attacks, it is not an easy task to investigate fully and in a short period of time. Forensic examination is needed which presupposes experts and conditions for objective examination. Under the condition of Cold war, the parties would hardly agree to do such an investigation which will reveal secrets about their technical capabilities and the real cause of the explosion. Incase Reed’s claims are true, then the massive violence it could have done would theoretically rank cyber weapons among extremely dangerous means and cyber wars would have been defined accordingly.

Another example that speaks about possible cyberattack that will “suit” to the description of war can be considered the 2008th cyberattacks on Georgian most prominent websites, including those of the country’s national bank and the Ministry of Foreign Affairs. In August 2008, in the period of the military conflict over South Ossetia, Georgian Government blamed the Kremlin, but Russia denied sponsoring the attackers, and later NATO investigation found no conclusive “proof” of who had carried them out. The fact that the “proof” is not found can illustrate two possible judgments: first, the attacker is technically equipped well enough so it is hard to distinguish him, second: the attack was not carried out by a potential suspect. However, the situation can be judged by the following viewpoint: you are innocent unless your guilt is proved. And because the anonymity is a priority in cyber wars, so it is highly efficient especially for states to use it in hybrid war strategies.

In cyberspace the sides, that are involved in the attacks or counterattacks can be distinguished only in two ways: first, by their own wish (which may occur rarely, or even impossible to happen especially when attacks are carried out by States rather than other subjects) or, according to the evidence. The last one is directly connected with the technical capabilities of an attacker as well as technical competences of an attacked side to be able to detect.

According to Oleg Demidov, a Cybersecurity expert at the Russian Centre for Policy studies (PIR Center), the overview of the NATO experts suspecting Russia in attacking Estonian infrastructure in 2007, Georgian government and private sector networks in 2008, and U.S. financial institutions and private companies in 2014 Spring, as not fundamental, because there was no practical evidence of the proof of the attacker, or lack of technical capabilities to be able to define the source of the attacker.

In his contribution “Global Internet Governance and International Security in The Field of ICT Use”, Demidov stresses high possibility and risk of an international conflict between nuclear-weapon states. As he mentioned;

 “In the event of lighting-fats cyber-attack that imitates the ‘signature’ of Russian perpetrators (for example, Cyrillic code fragments and other linguistic patters) and targets the infrastructure of NATO countries using servers in Russian territory, there is a risk of NATO military retaliation against Russia. In accordance with NATO doctrine, retaliatory measures may include the use of kinetic weapons and the involvement of all NATO members in a retaliatory strike”.

These two cyber incidents- the Georgian cyber-attacks and Estonian cyberattacks, are regarded by the U.S. and other Western nations as causes for great attention and much reflection.

Estonian cyber incidents were followed by the establishment of cyber strategies for national and system level for EU members and partners.

Particularly, in 2008, a year after the attacks, NATO set up the Cooperative Cyber Defense Centre of Excellence (CCD COE) in Tallinn. The military-defense usage of Information and Communication Technology (ICT) is one of the main purposes of the center. The center is technically equipped well enough to protect its members by providing technical support and human resource to protect internet infrastructure.

Another well-known and destructive cyber program that processed a worldwide discussion over the reality of cyber wars is the “Operation Olympic Games”, a large operation, that included the “development, testing, and use of malware against specific targets to collect information about the Iranian Nuclear program, as well as to sabotage it and slow it down as much as possible. It included such malware as Stuxnet, Duqu, Flame, and Guass (all of them targeting special operation for espionage and sabotage), active in between 2007-2013.The US presidential administration and Israeli secret services have been named as perpetrators.

Ex-head of the Foreign Relations Committee of Iran’s Supreme National Security Council Seyed Hossein Mousavian, in his “The Iranian Nuclear Crisis: memoir confirms Stuxnet as a malicious computer warm developed to target the computer system that control Iran’s huge enrichment plant at Natanz. Moreover, according to Mousavian, Ali Akbar Salehi, Iran’s Representative to the International Atomic Energy Organization (IAEA) at that time confirmed that Iran was experiencing espionage at its nuclear plants. According to the IAEA, there was a big decrease in the amount of the operating centrifuges caused by the Stuxnet with a vivid decline to more than 100 – from 4920 in May 2009 to 3772 in August 2010. Despite of the Fact that Ahmadinejad mentioned about the problems directly related to the computer software, installed by the spies to slow down centrifuge’s operation, nevertheless, Mousavian does not think that this could have cause a big problem and an obstacle for enriching the centrifuges.

In fact, Stuxnet did affect the nuclear enrichment system, and did make problems for Iran’s nuclear program. The computer worm was operating inside the system for quite a long time unnoticed, slowing down the operational capabilities of both experts and technical equipment. If we note the fact that it successfully slowed down the system’s operation, then we can conclude that operations reached a certain level much later then they could have without the worm Now that sanctions have hit Iran’s economy and forced it to make concessions, we can conclude that the situation would have been different if Stuxnet had not affected Iranian programs; Iran would have finished its program faster, before sanctions could devastate its economy. But since Iran discovered the problem much later and the whole process was slowly altered by the worm, we can see that Stuxnet led to a longer timeframe for enrichment, and subsequently longer terms for sanctions.

The action brought not only psychological damage, as would be named and labeled by Israel and U.S. specialist, but it brought also to economical, technical(human resources as well as technical capabilities) crises.

According to M. Sahakyan, an Armenian researcher.

“…sanctions were hard and maybe they were the main reason why Iran agreed to the Interim agreement. Though Iranian leaders like to mention that sanctions were not problem, but the Iranian economy had been effectively hit hard by these sanctions. Iranian economy mostly declined when EU member states imposed an oil embargo on Iran. China also reduced its average oil import levels from Iran in a disagreement on Iran’s nuclear program. The depreciation of Iranian Rial, reduction of oil exports and shortages of foreign currency created hard social-economic situation in Iran. So sanctions were hard and maybe they were the main reason why Iran agreed to the Interim agreement.”

It is evident that, not directly but indirectly cyber war may influence politics of a specific State. Today cyber-attacks can target political leadership, military systems, and average citizens anywhere in the world, during peacetime or war, with the added benefit of attacker anonymity.

Stuxnet influenced the Iranians’ centrifuges, causing them to overload an intelligence program. This is a new type of and reason for war. While the basic definition of war presupposes physical violence, Stuxnet presupposes a psychological intent. In addition to the technical harm it did, it also influenced the psychology of those who had encountered the undiscovered cyber worm. Regarding the first, undiscovered phase of the computer worm, imagine a specialist working on the program, who faced long-lasting technical problems, becoming filled with doubt towards their personal professional skills and also doubting the capability of Iran in general to develop its program. This is a new approach in the definition of war, as it dramatically shifts the choice of instruments that can cause harm to a State.

From Wars with Swords to Cyber Wars: State Security is Still a Priority

Nevertheless, the war in cyberspace is real, it has happened in the past, it is happening now and it will certainly happen in future.

The classical approach to war sees physical violence carried out by military operations. Cyberwar presupposes physical violence as well as bringing a new, psychological violence, which may cause no less harm.  Ideas and things important for state security have changed over the centuries, as have the instruments and measurements of security, but the problem of state security is still a priority. Maybe unexpected ships won’t attack from the sea, but cyber-attacks will come.

In past centuries, population size was an important issue for the state in maintaining its governance. It determined the size of the workforce and the size of the army, and the strength of armies was measured by the quantity of troops.

Centuries ago, a human, a good soldier was to aim to harm the opposing side. To conquer the army was to win the war. Afterwards, the period of weapons and technology began, and would enable opposing sides measure their technical and tactical capabilities to win. At that time, to mobilize technical capabilities was to conquer the army. Due to growing population and technological achievements, in addition to the number of troops, now the amount of military equipment is of much importance. A single-pilot jet may cause greater harm than 1000 troops on the same territory. Nowadays unmanned aircraft can jeopardize enemies’ strategic targets in specific cases even without any physical violence, because in a certain situation to harm a strategical unit even without causing physical violence from neither attaching side nor from the attacked still may have fatal result for the states being attacked.

In current stage, the military parades mostly demonstrating technical capability of a certain state, will alarm a possible harm while attack or attacking. Aside from the traditional military spheres like land, sea, and air (added later),an epoch of adding a new sphere, cyberspace, has begun, in which technical capabilities do no less harm than in a traditional war. One of the ultimate advantage of cyberwars is the anonymity of the attacker, which makes it a reasonable choice for state’s foreign policy.

In addition to the traditionally distinguished types of harm for a state security, cyberwar brings the conception of psychological trauma for the sates making it doubt its capabilities on a certain level. In the case of Stuxnet, the attack was “emotional” and technical.

The definition of the emotional damage through cyberwars was used to describe Russia’s so-called internet interference in 2016. “The New Yorker” expresses viewpoints of national-security officials who believed that those series of cyber hackings were directed to destabilize the conception of democracy in the States.

For many national-security officials, the e-mail hacks were part of a larger, and deeply troubling, picture: Putin’s desire to damage American confidence and to undermine the Western alliances—diplomatic, financial, and military—that have shaped the postwar world.

To technically dysfunction a system just causing a technical harm is a small incident, while targeting CI with technically destabilizing them already has grown into a political scandal.

In turn, cyberattack may cause harm on a specific target without involving other sides especially in case of state sponsored attacks, as it remains undiscovered for a while and the stereotypes and cliché of the traditional war definition will empower the attacker to have “excuses” for the attack. Cyberwars will become more dangerous, if not included and named as war and not struggled as traditional wars.

Cyber Arm race has started

Despite of the distrust and interpretation of cyberwars within the framework of classical approach of war, states are accelerating cyber arms race. This development has several political and strategic implications that pose the need to find specifically political answers. What is often forgotten or neglected is the increasing importance of understanding cyberspace as a political domain and cyber politics is needed more than ever before.

While experts are debating over the exact description and definition of cyberwar, States are enriching their State defensive arsenal with cyber equipment and technical staff for better governance in cyberspace, as well as regulations and doctrines that will define the strategy for the defensive and offensive operations for ICT threat.

In November 2011, the Department of Defense of the U.S. issued a report to Congress confirming, that it was ready to add cyberspace to sea, land, air, and space as the latest domain of warfare – the military would, if necessary, use force to protect the nation from cyberattacks. This statement shape the interactions in cyberspace on the same level with other spheres making them equally important and in case of need, changeable and cooperative.

By this, next to the traditional war spheres: ground, sea, air, space, a new battlefield-the cyberspace is differentiated.

With the technological developments, nearly every aspect of our lives is technically run, so it becomes very sensitive to any cyberattack, since any non-functioning in a technical field may cause human harm, economic harm, and be a serious problem for the entire National security.  In this regard, the former Secretary of Homeland Security of the U.S.Jeh Johnson at The White House Cybersecurity Framework Event on February 12, 2014, specifying the seriousness of the cyberattacks on electrical substations specifically, mentioned:

“What the public needs to understand is that today the disruption of a critical public service like an electrical substation need not occur with guns and knives. A cyberattack could cause similar, and in some cases far greater, damage by taking several facilities offline simultaneously, and potentially leaving millions of Americans in the dark”.

The focus was on the electrical substations but it may refer to other sectors too: telecommunication, hospitals, libraries and federal departments courts and prisons. Any entity, that is functioning with technology may be in a real attack risk.

The technological developments of the last century bring the automated industrial control systems as well as most Critical Infrastructure (CI), the list of which may vary from state to state but have similarities, under possible cyber-attack which may be fatal for national defense. The range of facilities on the list of CIsmay include but not limited to nuclear industry, electricity, telecommunication, water supply, transport system on ground, sea and air, governmental buildings and their communication facilities, the financial and banking system, healthcare and defensive facilities etc. In 2017, the USA Department of Homeland security announced about its decision to include also election infrastructures into the list of Critically Important infrastructure for the State.

The cyber- defensive policy of states becomes an urgent issue and States are engaged in implementing special cybersecurity projects on national level to defend the CI of their countries.

Many states, for instance the U.S., Russia, China, Germany, UK, France etc. are enriching their cyber arsenals and developing cyber security system for defensive operations for their countries. Not only states are engaged in national mechanisms but they also are involved in developing global cooperative platforms for better and clean cyber environment of the World. Specifically, it would be interesting to mention U.S. Russia, China cyber triangle and their input of cyberspace as a significant priority for a State development and Security. The countries are involved in various discussions and cooperation agreements to maintain cooperation and peace in cyberspace globally. Despite of ideological differences in cyberspace and the attitudes of maintaining the policy for it, however these three cyber powers found a common ground for mutual understanding and possible fundamental cooperation. United Nations (UN) Governmental Group of Experts is one of the examples of that which is currently the only platform that has united the U.S. Russia, and China with commonly acceptable norms and suggestions. Since the scope of interests in cyberspace includes all groupings of society including governmental and federal entities private and public sectors as well as common citizens on a national level, private supra-powers regulation beyond borders and being responsible for larger audiences, there is an urgent need to focus on cooperation and establishment of fundamental rights in cyberspace as well as mechanism to establish security in this sphere.

Conclusion

Can a cyber-attack pose a serious threat to national security?

With the clear majority of undergone, ongoing and possible cyberattacks and with the current defensive strategy of the states, the cyberwar is nothing than a real threat for states’ national security as well as private sector. It enflames not only regular warfare which can cause as much harm as it is assumed to have by traditional approach of the war, it may also provoke irregular warfare with the privilege of the equal information access and anonymity.  The technological invention of twentieth century may considered to be a disaster along with such scientific invention as atomic energy. It may give a good, but it may harm severely.

The difficulty of cyberwar falls also on the lack of common norms and definitions as well as specifically composed legislation equally acceptable for all states for peaceful and collaborative regulations of problematic issues on this field.

I do believe that cooperation on this issue is of great importance. Joint legislation, understanding and definition of conceptual ideas, common cooperative grounds will bring to a better and secure life, eliminating or declining the possibility of occurring private or non-state organizational subjects to be involved in irregular warfare destabilizing the peaceful cooperation of states and people on internet sphere for a good and productive will.  The classical approach of war definition should be able to include a new sphere of violence before a certain violence occurs rather than defining right after it occurs, as mostly happens in historical approach. Aside from the traditional military spheres like land, sea, and air (added later),an epoch of adding a new sphere, cyberspace, has begun, in which technical capabilities do no less harm than in a traditional war.

Cybersecurity is an urgent, necessary strategy, which will lead to a secure sphere for cooperation, free and secure access to and sharing of information, and, due to its technical capabilities, to a more comfortable and economically developed way of life.

While Cybersecurity is an issue for the whole world, strategies for the development of cybersecurity may vary from state to state, in some cases occurring a national level, while in others limited to certain federal entities.

I believe that Cyberspace is very much like the environment; it is a digital environment, and just as a virus that penetrates a certain country is spread worldwide if not stopped, so is a computer virus. Just as pollution in one part of the world pollutes air or water that we all share, a cyberattack may cause a global problem. Networking, sharing information, and a global security approach are musts for a safe and productive global cyber environment and maintenance of all roads for better digital development for the sake of humanity.

(*) This essay adapted from the article Cyberspace – A Manmade Sphere for Wars, (21-st Century, N.1, 2017, pp.42-58). Used by permission. All rights reserved.

Continue Reading
Comments

Intelligence

Central Asian Jihadists’ Use of Cryptocurrencies in Bitcoin

Uran Botobekov

Published

on

Central Asian Jihadists in Syria. A screenshot from Telegram, April 6, 2019

On August 13, 2020, the US Justice Department announced that it seized $2 million in Bitcoin and other types of cryptocurrency from accounts of three Salafi-Jihadi extremist groups, including al Qaeda and the Islamic State, relied on to finance their organizations and violent plots. According to their statement, the U.S. authorities seized over 300 cryptocurrency accounts, four websites, and four Facebook pages all related to Sunni-Jihadi militant organizations. Indeed, the disclosed criminal case documents indicate that this was the largest-ever seizure of cryptocurrency by US intelligence agencies in the context of terrorism.

US counterterrorism agents analyzed transactions of cryptocurrency on the blockchain, a secure form of public ledger for the online funds, and employed undercover operations as well as search warrants on email accounts to establish a money trail of Sunni terror groups that was detailed in an 87-pages of the Washington DC federal court report

The banner calling for donations to Katibat Tawhid wal Jihad. A screenshot from Telegram, May 18, 2020

The revealed papers indicate, in some instances, al Qaeda and its affiliated terrorist groups in Syria acted under the cover of charities ‘Al Sadaqah’ and ‘Reminder for Syria’. In this regard, it should be noted that some al Qaeda-linked Central Asian Salafi-Jihadi groups also have frequently acted under the umbrella of the charity ‘Al Sadaqah’ for bitcoin money laundering and have solicited cryptocurrency donations via Telegram channels to further their terrorist goals.

But that doesn’t mean that Islamist terrorist groups from the post-Soviet space raised funds precisely through this charity ‘Al Sadaqah’ of al Qaeda, whose accounts were seized by the US Justice Department. It has become a tradition in the Islamic world that charity organizations and foundations widely give to themselves the names ‘Al Sadaqah’ and ‘Zakat’, as the Quranic meaning of these words (Quran 2:43; 63:10;9:103)exactly corresponds to the purposes of “voluntary charity”. Analysis of the finance campaigns of al Qaeda-affiliated Central Asian militant groups demonstrates that they frequently raised cryptocurrency donations through charities called ‘Al Sadaqah’ and ‘Zakat’.

In order to explore the scale of the Central Asian Salafi-Jihadi Jamaats’ crowdfunding campaigns, we analyzed their social media activities where they raised Bitcoins, dollars, Russian rubles and Turkish lira over the past two years.The methods and sources of the Uzbek and Uighur Islamist militants’ crowdfunding campaigns in bitcoins are about the same as those of their parent organizations, the global Sunni terrorist groups ISIS and al Qaeda.Due to the inclusion in the list of terrorist groups, they carry out sophisticated cyber-operations for solicitation of cryptocurrency donations.

Before “mastering” the complex technology of cyber-tools in order to raise bitcoin funds in cyberspace, Central Asian jihadists used the simple ‘hawala’ money transfer system (informal remittance system via money brokers).Sometimes they have resorted to conventional ‘hand-to-hand’ cash transfer channels, where trust, family relationships or regional affiliations play an important role.

The banner requesting to provide Uzbek jihadists with modern military gear and equipment. A screenshot from Telegram, March 3, 2020.

According to a UN report, Central Asian Salafi-Jihadi terrorist group Katibat Tawhid wal Jihad (KTJ), Katibat Imam al Bukhari (KIB) and the Islamic Jihad Group (IJG) leading jihad in Syrian Idlib province have close financial ties with its cells in Afghanistan. The UN Security Council’s Sanctions Monitoring Team states that “regular monthly payments of about $ 30,000 are made to Afghanistan through the hawala system for KTJ.”

The UN report asserts that “similarly to KTJ, KIB sends financial assistance, from its cell in Istanbul, through the hawala system to Afghanistan. Funds are brought in by informal money exchangers for Jumaboi from Maymana, the capital of Faryab. The original source of this income is the smuggling of fuel, food and medicine from neighboring Turkmenistan.”According to the UN report, “suffering material losses, the Islamic Movement of Uzbekistan (IMU)and Tajik militant group JamaatAnsarullah (JA) are forced to engage in criminal activity, including transportation of drugs along the northern route in Afghanistan.”For the Uighur jihadists of Turkestan Islamist Party (TIP) from China’s Xinjiang province operating under the umbrella of Hayat Tahrir al-Sham (HTS) in northern Syria, “funding comes primarily from the Uighur diaspora” in Turkey, Central and Southeast Asia.

Dark Web & Bitcoin: New Endeavor of Central Asian Terrorists

With the development of digital cryptocurrencies as Bitcoin, Central Asian jihadists actively began to exploit this innovative financial transaction system to support their attacks and other terrorist activities. It is known that al Qaeda-backed Salafi-Jihadi groups of the post-Soviet space are seeking to purify Islam of any innovations (Bid’ah) and strictly following the Sharia law. They live similarly to how the Islamic prophet Muhammad and his companions lived in the seventh-century and always oppose any form of Bid’ah, considering it to be shirk and heresy. However, the Uzbek and Uighur Wahhabis did not shy away from using bitcoin innovation.

The first advertisements of Central Asian terrorist groups crowdfunding campaigns accepting bitcoin for Jihadi purposes in Syria appeared on the Telegram channel in 2017. In November of that year, a self-proclaimed charity group al-Sadaqah began a fundraising campaign on the internet from Western supporters to help the Malhama Tactical, the first private military contractor team from Central Asia working exclusively for jihadist groups in Syria.Al-Sadaqah in English on Telegram, explicitly relying on the English-speaking western sponsors, called on them to make bitcoin donations to finance the Malhama Tactical and the Mujahedeen fighting against the Assad regime in northeastern Syria.

As we have previously analyzed, Malhama Tactical is a private jihadi contractor operating in the Idlib-Aleppo region of Syria. The group, founded by an Uzbek jihadist Abu Salman (his real name is Sukhrob Baltabaev) from Osh City of Southern Kyrgyzstan in May 2016, is closely allied with Hayat Tahrir al-Sham (HTS), the strongest militant factions in northern Syria. The Malhama Tactical is known to have regularly conducted military training for jihadists of HTS, Ahrar al-Sham, Ajnad al Kavkaz and the Turkistan Islamic Party.After the death of Abu Salman in August 2019, Ali Ash-Shishani, the native of Russia’s North Caucasus became the new leader of Malhama Tactical.

In 2017-18, al-Sadaqah charity on Telegram called on followers to donate via a “Bitcoin wallet anonymously and safely for the Mujahedeen brothers of Malhama Tactical”. The charity group urged potential cryptocurrency contributions to benefit from “the ability to confuse the trail and keep anonymity”.

We do not know how much bitcoin money al-Sadaqah managed to raise for the activities of the Central Asian Muhajireen. But according to Malhama Tactical’s report on the internet, crowdfunding has been “fruitful.” In an effort to explain how donations were spent, Malhama Tactical has advertised extensively to followers on 17 October 2018, in a video posted on Telegram, that a new training camp had been built and purchased airsoft rifles, night vision devices and other modern ammunitions.

Since 2018, Uzbek and Uighur militant groups KTJ, KIB and TIP have begun an agitation campaign to fundraising bitcoin money on the Internet. Judging by the widespread call for Bitcoin donation online, their need for anonymous, secure, and hassle-free funding streams have made cryptocurrencies of some potential value to them. These properties are the anonymity of fundraising, the usability of remittance and transfer of funds, the security of attack funding, acceptance of funds, reliability, and volume of web money.

And every time they announced a crowdfunding campaign, they clearly declared for what purpose the collected bitcoins would be used. For example, al Qaeda-linked KTJ’s most recent call for bitcoin appeared on Telegram in May 2020 as a banner that asks to “Equip a jihadist”. The poster showed a masked jihadist and the exploitation of the Quran’s Hadith in Uzbek, calling on the believers to prepare and equip a fighter going on a raid for the sake of Allah.

Another picture shows a jihadist with a Kalashnikov AK-74 in his hand, over whose head enemy planes and helicopters fly. The picture gives a symbolic meaning about the empty-handed jihadists in Syria, fighting against the Russian and Syrian powerful military aircraft to protect the Islamic Ummah. Then goes on with KTJ’s call to make donations in bitcoins and rubles to purchasing equipment and ammunition for the Central Asian Mujahedeen in Syria. On the bottom it was displayed the long address of the virtual wallet for Bitcoin donations along with KTJ’s Telegram and web contacts promising the anonymity of potential donors.

On June 18, 2020, KTJ militants published the opinion of the well-known ideologue of modern jihadism Abu Qatada al-Falastini in Telegram from whom they asked whether the crowdfunding campaign of Bitcoin for the purposes of Jihad contradicts Islam. As it is known, there are still ongoing disputes among the world’s top Islamic scholars about whether cryptocurrencies, such as Bitcoin, are deemed Sharia-compliant.

Abu Qatada from a religious point of view justified the acceptability of using Bitcoin to protect the Islamic Ummah and wage holy Jihad, but at the same time warned against full confidence in Bitcoin. In his opinion, the enemies of Islam can destroy this cryptocurrency in the future, and if it loses its current value, and then the devout Muslims who have invested their savings in Bitcoin could go bankrupt. Abu Qatada al Falastini is a greatly respected Salafi thinker among Central Asian jihadists and he gave a pep talk to KTJ when it pledged bayat (Oath of Allegiance) to al Qaeda leader Ayman al Zawahiri in 2015.

On June 25, 2020, KTJ posted another Crypto Crowdfunding campaign announcement on its Telegram channel to provide Uzbek jihadists with modern military gear and equipment. For clarity, the group published a picture entitled “Perform jihad with your property” in Uzbek, which indicates the prices for military clothing and weapons. For example, the AK-47 Kalashnikov assault rifle costs $300, unloading vest for AK-47 cartridges – $20, Field Jacket – $50, Military Combat Boots – $30.In total, $400 will be needed on the full provision of one Mujahid with weapons and uniforms. On the upper side of the picture is a Hadith quote about “He who equips a fighter in Allah’s path has taken part in the fighting.”

A month later, the group’s Telegram channel reported that it had managed to raise $4,000, for which 8 sets of weapons and uniforms were purchased for the Uzbek Mujahedeen. Also, KTJ’s media representative announced that the group is stopping the fundraising campaign for this project.

Other projects of the Central Asian Salafi-Jihadi groups were the Bitcoin crowdfunding campaign for the purchase of motorcycles for Inghimasi fighters (shock troops who  penetrate into the enemy’s line with no intent to come back alive), cameras, portable radios, sniper rifles and night vision devices. For each project, a separate closed account was opened on the website of jihadist groups in Telegram, after which the Bitcoin and Monero accounts, as well as contact information, were closed.

Another crowdfunding project posted on January 29, 2020, in Telegram, called ‘Helping captive Muslim sisters’ and claims to raise money to free Kyrgyz, Tajik and Uzbek ISIS women hold in the al-Hol refugee camp in northeast Syria controlled by the US-backed Syrian Democratic Forces. The KTJ jihadists posted pictures of Central Asian women with their children holding posters “We need help” in Kyrgyz, and asked the fellow Muslim believers to raise money to ransom them from the captivity of the Kurdish communists. It was not clear to us how much money was raised as a result of the crowdfunding campaign since this channel was later blocked by the Telegram administrator.

The annual largest crowdfunding project for the Central Asian Salafi-Jihadi groups is being implemented on the eve of the Muslim holidays of Eid al-Fitr and Eid al-Adha, during which believers pay Zakat (obligatory tax) and Sadaqah (voluntary alms).According to the Quran, recipients of the Zakat and the Sadaqah include the poor and needy, debtors, volunteers in jihad, and pilgrims.

The websites of the Central Asian Jihadist Jamaats revealed that their crowdfunding campaign to raise funds for the jihad was particularly active during Ramadan. Ramadan is known as a holy and generous month, but this year was especially generous to notorious al Qaeda-linked Central Asian extremist groups. KTJ, KIB, Uighur’s TIP and Russian-speaking North Caucasian militant group Liwa al Muhajireen wal Ansar (LMA), that pledged allegiance to HTS, have boosted their military budget during Ramadan.

To avoid the risk of being blocked or tracked, they created a temporary mirror group called ‘Zakat’, where the donation money was received. Zakat’s wallet received donations from Central Asian labor migrants in Russia in the amount of $150 to $220 each time to purchase livestock, which was then slaughtered in sacrificial prayer on behalf of the donors. After Ramadan and the holidays of Eid al-Fitr and Eid al-Adha, the ‘Zakat’ mirror group in Telegram was closed.

The Central Asian Islamist extremist groups have asked their supporters to make Bitcoin donations mainly at the following two virtual wallet addresses:

– 3HoWzYwaBbTg7sKGtHz3pAZxdHZoXUJRvG;

– 12SxsxvrE8zrtRveSeFJYA6sgbJZbyHDGk.

Our analysis confirmed that multiple transactions were made to these bitcoin addresses. In addition, other transactions were made in digital currencies, the addresses of which were blocked on Telegram.

Conclusion

In conclusion, the significance of the crowdfunding campaigns in bitcoin should not be given exaggerated importance, even though they have improved the position of the Central Asian Salafi-Jihadi groups in Syria and Afghanistan, and boosted their budget. Central Asian Salafi-Jihadi terrorist groups’ technical abilities are not currently suited to bypass the financial controls of international counterterrorism organizations and discreetly conduct money laundering.

The history of their activities has shown that small Uzbek, Uighur and Russian-speaking Islamist extremist groups from the post-Soviet space and China have been assimilated with more powerful global Sunni terrorist organizations such as ISIS, al Qaeda and HTS. And accordingly, their potential for crowdfunding campaigns in bitcoin should be viewed through the prism of their global parent organizations.

In any case, the governments of Central Asia and Russia do not have sufficient mechanisms and leverage to combat illegal cryptocurrency transactions on the dark web by global Salafi-Jihadi movements waging jihad in the Middle East. As noted at the beginning of this article, such opportunities to monitor and investigate jihadist crowdfunding activities are available to the US government and financial institutions. For example, the U.S. Treasury“ has access to unique financial data about flows of funds within the international financial and commercial system,” which is invaluable for tracking illicit flows of money.

Consequently, Central Asian governments must rely not only on Moscow but also actively cooperate with Western counter-terrorism and financial institutions to disrupt the Salafi-Jihadi group’s external crypto crowdfunding sources.

Continue Reading

Intelligence

The Afghan intelligence services

Giancarlo Elia Valori

Published

on

Still today the Afghan Intelligence Services’ ability to collect information is definitively scarce. This is mainly due to the limited specific training of staff and the very scarce and even improper use of the most recent technologies.

The Afghan Intelligence Services collect information mainly in major cities and in the areas most controlled by the government and this often leads the decision-makers who use this “complacent” or rhetorical intelligence to make severe evaluation errors.

The National Directorate of Security (NDS) does not correctly disseminate its news in the traditional “information cycle” of a Service and therefore it leaves decision-makers with scarce, incomplete and often inaccurate information. Established in 2001 and heavily supported by the United States, the NDS is based in Kabul but is strongly supported by Germany, GBritain and obviously the United States. It should be noted that its first Director was Mohammed Arif Sarwari, one of the leaders of the United Islamic Front for the Salvation of Afghanistan, i.e. the old “Northern Alliance”.

 It was precisely the NDS that in 2015 caused the fall of Kunduz into the hands of the Taliban, who were, indeed, a full invention of the Pakistani Intelligence Services, which were in search of an Afghanistan that could only play the role of “depth area” for a possible nuclear or even conventional confrontation with India. Ironically, it is from the Pakistani Intelligence Services that the United States received the largest or almost total amount of news and information precisely, or apparently, against the Taliban. Quos Deus lose vult, dementat.

 Moreover, the current relations between the NDS, the National Security Agency of Afghanistan (NSA), i.e. another Intelligence Service in Kabul, the Defence Ministry and the Interior Ministry show a very poor ability of communication and exchange of news between them, which makes them often be late in their operations or even useless.

 Or sometimes voluntary collaborators of what Westerners would call the “enemy”, but for some operatives or executives of the NDS or of the other Afghan Intelligence Services could also be an “Islamic brother”. Sometimes it has happened.

 In the case of Kunduz, the very evident and aggressive Taliban operations were deemed ineffective or irrelevant. Nobody took seriously the news coming from the most reliable “sources” among the rebels. No agency of the Afghan Service took seriously or even studied the Taliban operations in Kunduz.

 The NDS, however, was established mainly with the support of the American CIA.

 But there is a strategic and conceptual problem that should not be overlooked at all: all NATO countries that participated or still participate in military operations in Afghanistan have very different ideas about their role in the war against the “rebels” and in the country.

 The Resolute Support Mission, composed of about 13,000-16,000 soldiers from 39 NATO countries and from other countries, operates from Kabul, Mazar-i-Sharif, Herat, Kandahar and Laghman, and focuses mainly on the training of Afghan forces, as well as on military consultancy and assistance, hoping that the local Afghan forces will reach a level capable of ensuring at least fictitious national independence.

At least until 2014, akey year for the new relationship between NATO and the Afghan government, the Italians – who are still training the Afghan police very well – went there especially not to displease the usual U.S. Big Father that the Italian strategic system still sees as unquestionable and unassailable.

This participation “to bring democracy” has led to some positive effects for Italy, especially on the technological-intelligence level. But it has never been enough.

Nevertheless, the silly servility and sycophancy of Italian politicians, who closely resemble the character of Nando Mericoni played by Alberto Sordi in the movie An American in Rome, is still largely widespread. Italian politicians – even starting from the text of the Constitution – do not know or do not want to understand the eternal rules of foreign policy and strategic thinking, of which they know nothing yet.

Certainly you cannot obtain votes, additional funding and small favours from foreign policy. This is the level of Italian politicians, especially in current times more than in the past.

 France, as long as it stayed in Afghanistan, interpreted its presence in Kabul as a way to control Asia’s intermediate axis so as to avoid Indian, Pakistani, Chinese, Iranian and even American expansion.

The Brits went to Afghanistan to fight against a “terrorism” of which – like everyone in the West-they do not know the organizational and doctrinal roots or even the purposes, but see as the maximum destabilization of their unreasonably “multi-ethnic” and hence inevitably “multipolitical” societies.

 This is the terrible case of a propaganda that stifles even the ruling classes that should be immune to it.

Certainly this was not even true in Afghanistan because the bad guy, namely Osama bin Laden, was often elsewhere. He was considered the only mastermind of the aforementioned “radical Islamic terrorism” – or whatever can be defined with this rather rough terminology – and hence to be killed, like a horse thief in the Far West. As has precisely happened, the killing of Osama bin Laden did not change anything.

He had to be killed because he had killed American citizens. True, right. But foreign policy is never the extension of any country’s domestic criminal law.

 There was even Germany present in Afghanistan to contemplate its military decline, but above all to show – even eighty years later – that it was no longer a Nazi country. As Marx would have said, le mort saisit le vif.

In short, the varied presence of NATO and of the initial coalitions of the willing in the War on Terror had no clear ideas and probably did not even know where it really was.

Meanwhile, since 2014 – the year of the actual withdrawal from Afghanistan by the United States and its attack forces (after rigged elections, but in any case, whenever the United States participate in operations abroad, it always has acoitus interruptus)– the Taliban have started their great and real campaign to conquer the territory and, above all, the Afghan “souls”.

 In 2015 NATO and the United States had planned to keep 13,000 military plus 9,800 U.S. soldiers for counter-terrorism activities. Later, however, the withdrawal from the Afghan territory – coincidentally after the great Battle for Kunduz – ended in December 2016, but leaving alive and operational as many as 8,400 soldiers on the ground.

Currently as in the past, the real problem for Afghanistan is Pakistan. General Musharraf, the former Pakistani President from June 20, 2001 to 18 August 18, 2008 (note the dates) and perpetrator of the 1999 military coup, clearly stated that the Inter Service Intelligence (ISI), i.e. the Pakistan single intelligence structure, supported and trained all terrorist groups in Pakistan so as to later send them to Afghanistan, with a view to carrying out “terrorist” attacks on NATO, Western and Afghan targets.

 In 2015 -a key year for Afghanistan – in an interview with The Guardian, Musharraf clearly said that the ISI had always “cultivated” the Taliban mainly to destabilize the government led by Karzai (a man also linked to India) but, in particular, to carry out harsh actions against India.

Pakistan keeps on supporting terrorist groups operating in Afghanistan and in other parts of the world – not only the Taliban, but also the other groups.

Rahmatullah Nabil, the Chief of the NDS -i.e. the new Intelligence Service affiliated to CIA but entirely Afghan – also officially showed documents proving that the funds long granted by the United States to Pakistan to “fight terrorism” shifted to the Pakistani Service ISI, precisely to train, recruit and support terrorism.

Hence the forgetfulness – so to speak – of the Afghan governments with regard to intelligence comes from far away.

 At the time of the Soviet invasion, the KGB and the GRU created their two local counterparts, namely the Khadamar e-Aetela’at Al-Dawlati (KHaD) and the Wazeelat e-Amniat-e-Daulati (WAD), respectively.

 The two agencies disappeared when Najibullah’s government fell in 1992, pending the great Russian crisis. As a result, however, also the Afghan State in all its forms collapsed. Therefore also the two agencies linked to the Soviet intelligence Services evaporated.

What there was, anyway, in the Afghan Intelligence Services before the Soviet invasion?

 The first governments that had just come to power, after Russia’s arrival, organized four agencies: Kargarano Amniyati Mu’asasa (KAM), i.e. the “Workers’ Intelligence Service”;Da Afghanistan da Gato de Satalo Adara (AGDA), i.e. the “Agency for Safeguarding Afghan Interests”, Amin’s real longa manus, and the aforementioned WAD and KhAD.

The President of the time, Noor Tarakai, had little power, while Hafizullah Amin made sure that both the Communist Party (or, more precisely, the Afghan People’s Democratic Party) and the Agencies were divided in two, always following the policy line of the Khalq and Parcham factions.

 The Khalq (meaning “masses” or “people”) was directly supported by the USSR. It was largely made up of Pashtuns and was particularly popular among the working classes.

The very superficial Marxism shown by the faction was often only a way to defend the Pashto world from the pressures of other ethnic groups.

The Parcham (meaning “flag”) was the most widespread faction of the party in the urban classes and in the middle and upper classes.

 Eternal separation between rural and urban areas, a typically Maoist and classic crux of every practical and extra-Western interpretation of Marxism-Leninism.

The Parcham reunited laboriously with the Khalq faction during the 1978 Revolution, but it really came to power only after the Soviet operation, the local coup, i.e. Operation Tempest 333 of December 27, 1979, when the Alpha divisions of the KGB quickly took the Tajbeg palace and assassinated Hafizullah Amin.

 Meanwhile, it was Amin himself who had ordered the assassination of his predecessor, Mohammed Taraki.

 In the intermediate phase of his regime, Amin also had many Afghans assassinated – and not only his known opponents.

 A possible, future “Cambodian” twist of Afghan Communism? Probably so.

 At that juncture the USSR intervened since it did not want ideological deviations or Afghan approaches to Chinese Communism, as practiced in Vietnam or, precisely, in Khmer Rouge’s Cambodia. Hence Operation Shtorm 333 was carried out which, apart from Amin’s assassination, lasted approximately three months, to definitively “settle” the remaining issues.

With specific reference to the Afghan intelligence services, Hafizullah Amin mainly used the AGSA, but also the KAM, only to settle his scores. The two agencies, however, received technical assistance and training from East Germany and the USSR.

Nevertheless, the shift between the different ethnic groups is precisely the key to understanding the Afghan intelligence services prior to the U.S. and NATO operations. I believe that, in any case, ethnic factionalism – probably dating back to the old political-tribal faith – was the key to the functioning of the new Afghan Intelligence Services, even during the naive Western administration.

 In January 1980 the KHaD fully replaced the KAM.

Furthermore, the KHaD was placed outside the administration of the Interior Ministry, dominated by the Khalq and then immediately transferred to the office of the Prime Minister, who later also became National Security Minister.

 The Directors of the Afghan Intelligence Services always reported directly to the KGB and, in 1987, the standard situation was that the Afghan Intelligence Service employed almost 30,000 operatives and officials and over 100,000 paid informants.

 Each element of the Afghan Intelligence Service had at least one KGB “advisor” behind them. As also shown in Syria, Russia paid but did not trust it too much.

 Between 1983 and 1993, the Pakistani Intelligence Service ISI -established by a British officer – trained, with the support of CIA, almost 90,000 Mujahideen to send them fighting the USSR in Afghanistan.

 The KHaD had also the statutory obligation to “defend the Communist regime” and “unite all Afghan ethnic groups under one single political system”, especially in collaboration with the Ministry of Borders and Tribal Affairs.

 Again in the 1980s, the KHaD always had both East German and Soviet instructors and numerous secret mass executions took place.

 About 60,000 Afghans were sent to the USSR between 1980 and 1984.

Again in those years, as many as 10,000 KHaD officers received special training from the KGB.

In an old confidential document, CIA also estimated that the total cost of the Soviet engagement in Afghanistan was over 15 billion roubles, plus additional 3 billion roubles for the period when it did not directly occupy Kabul.

 Since currently the 1979 rouble is still worth 22.26 Euros, in principle we can calculate a Russian occupation expenditure of 233 billion and 930 million, plus the extra three billion roubles.

 The KHaD also created tribal militias on the borders, while the KGB organized the internal tribes on its own, mainly for sabotage and to spread dezinformatsjia.

After the USSR’s final collapse and the arrival of the United States, however, a new Afghan Service, the NDS, was immediately created.

It was made up mainly of former KHaD agents and Mujahideen. Indeed, there was no other population available.

The Service, however, was known to be bad or even very bad: its operatives and analysts were selected only on a tribal level or by simple political affiliation.

 They never went to school for education and training. They had no serious training centres and they did not professionally check their networks of informants.

 Even the United States, however, spent a lot of money in Afghanistan: the Congressional Research Office has calculated a 1.6 trillion dollar spending in Afghanistan and Iraq only for the “War on Terror”.

 The Afghan Service costs the USA 6.4 billion dollars every two years.

 And spending always tends to increase, regardless of the poor results reached.

 What about China? First of all, China wants the political stability of Afghanistan, which is a neighbouring and Islamic country. In particular, it controls Kabul to prevent Uyghur jihadism from finding a safe and secure place there. It prevents the Uyghurs from having contacts with the Taliban. It has already happened.

 Everything will happen when the United States definitively leaves Afghanistan, since China now regards that country as an essential pawn in its relationship with India, while – through Pakistan – China strengthens its relations with the Taliban, which the Chinese view as the next and inevitable masters of Kabul. This forecast is really easy to make.

 Moreover, China provided 70 million per year to the Afghan government to support its counter-terrorism efforts, while there have long been Chinese soldiers in Badakhstan and, above all, in the Wakhan Corridor, where it is said that China has already created a military base and has even already deployed a brigade of the People’s Liberation Army.

 China has also put pressures on Kabul for Afghanistan to accept its satellite positioning system, instead of the GPS developed and managed by the United States.

Some Chinese troops, however, have also been stationing in Tajikistan for long time, again to protect the Wakhan Corridor.

Since his rise to power in 2014, however, also Ashraf Ghanihas thought to immediately improve his relations with China so as to use, first of all, China’s influence on Pakistan to avoid the Pakistani support to the Taliban – which is unlikely – as well as ensure that China begins to invest significantly in Afghanistan, now that the civil and international war is on the wane.

 The China-Pakistan Corridor, one of the first axes of the Chinese Belt & Road Initiative, is now worth 62 billion U.S. dollars of costs alone.

 There is also a new railway line leaving from the port of Gwadar, the axis of China’s projection, and arriving in the Pakistani province of Baluchistan and beyond.

In 2016 China also signed an agreement with Afghanistan for the Belt & Road Initiative, with the promise of 100 million U.S. dollars for infrastructure projects in Afghanistan, which have not been provided yet.

 Trade between Afghanistan and China is fully asymmetric and, until Afghanistan is completely pacified – certainly by others and not by China -we believe that that the issue will not be very relevant, at least for China.

 And until the triangulation between the Taliban, Pakistan and China – which has still many doubts about the reliability of the Pakistani “students” operating in Afghanistan (precisely, the Taliban) -is not even clear, the Afghan economic revival – if at China’s expense – will be slow or unlikely.

Continue Reading

Intelligence

The way in which the Chinese intelligence services operate

Giancarlo Elia Valori

Published

on

 Since the time of Empress Wu Chao, who created the first Chinese intelligence service in 625 A.D., much has changed, but we could also say that some traits have not completely changed, as we might believe at first sight.

Later there was China’s extraordinary adventure in the modern world, which began with the fall of the last Emperor Pu Yi, who was also guilty of collaborationism with the Japanese in Manchukuo and ended his days artistically drawing the phrase “today the people are sovereign” at the court of Mao Zedong.However, as early as 1934, the British intelligence Services deciphered MASK, the code used by the Komintern to encode information from Moscow to Shanghai which, at that time, was the CPC’s pole.

 However, it was in 1957 that the United States began to fly its U-2s over China, starting from Peshawar.

In 1966, two years after the beginning of the Great Cultural and Proletarian Revolution, there was the great purge of the intelligence services in China carried out by the very powerful Kang Sheng. He was the mover of the fall of Liu Shaoqi, Deng Xiaoping and Lin Biao, but then he was associated with the “Gang of Four” and hence suffered the usual damnation memoriae. A man of Mao Zedong who knew too much, but died in his bed.

 Then, as is well-known, in 1971 Li Biao was killed while fleeing to the USSR with his plane.

Not surprisingly, again in 1971, Kissinger began to deal secretly with China. Lin Biao’s death was the seal on the definitive strategic separation between China and the Soviet Union – which was what the United States was interested in.

 In 1973 the first CIA “station” was created at the U.S. liaison office in Beijing, while China took the Paracel Islands and CIA left its main station in Taiwan.

 In 1975 the first Chinese Electronic Intelligence satellite (ELINT) was launched, but the following year saw the death of Zhou Enlai, the true master of Chinese foreign policy and Kissinger’s friend who protected Mao from his mistakes.

 The Armed Forces returned to power: with the support of all the military, Deng Xiaoping quickly put Hua Guofeng aside and became the CPC Secretary, but reforms were still being studied. Initially Deng was not as reformist as currently believed in the West.

Hence in Deng’s reformist phase, the U.S. diplomatic recognition was shifted from Taiwan to the People’s Republic of China – and that was China’s real goal at the time.

 Shortly afterwards, China also opened diplomatic offices in the United States.

In 1981, however, the Americans developed programmes for controlling the Chinese agents operating in the USA, while Deng Xiaoping himself started China’s nuclear rearmament.

The China National Nuclear Corporation was established in 1988.

 Ten years later, in 1999, the Chinese Armed Forces built a base for intercepting military signals in Cuba but, in 2002, the Chinese cyber attacks on some U.S. networks – known as TITAN RAIN – began, while the FBI even opened a liaison office in Beijing, with assignments also extended to Mongolia.

 In 2004, China put the Nanosatellite I into orbit, but there was also a further cyber attack – probably of Chinese origin – on the U.S. Army Information Systems Engineering Command, as well as on the Naval Ocean Systems Center, and finally on the space and strategic installation in Huntsville, Alabama.

In 2010, Google suffered an AURORA cyber attack. A long, powerful and initially uncontrollable attack.

Probably also Symantec, Northrop Grumman, Morgan Stanley and Dow Chemical were hit by AURORA cyber attacks – albeit this fact is not confirmed.

Hence data collection, mainly economic and technological intelligence for China, but also a complex relationship with the United States to be penetrated informally, but not to be damaged too much.

 In any case, the reins of the Chinese Service (or rather, the intelligence services) were held by the State Security Ministry.

A legal difference should be underlined: while, legally speaking, the KGB was a Central Committee’s Department, the Communist China’s intelligence Service was a real Ministry.

The Interior Ministry was represented by the Public Security Ministry but, in general terms,it should be said that – unlike the old Soviet ones – the Chinese intelligence Services are less obsessive in their relationship with possible “sources”, anyway preferring ethnically Chinese people.

Furthermore, the Chinese Foreign Service seems to prefer sources that – unlike what happened with the Soviet KGB – have no money or personal crisis problems, which become dangerous or ambiguous.

 Again unlike the old Soviet ones, the Chinese intelligence Services do not willingly pay for news and information. They do not blackmail and they do not extort. Quite the reverse. They do not pay at all. If anything, they help Chinese abroad for relatives or other matters.

Hence rarely do the Chinese intelligence Services pay for the data they receive.

 The Chinese intelligence Agencies are therefore interested in people who,only rarely, come within the range of attention of the enemy intelligence Services. Operationally speaking, this is an excellent choice.

Again unlike the old Soviet ones, China’s intelligence Services do not organize rezidenture abroad. They also rarely hold clandestine meetings and almost never use covert communications.

 “The floating bird is existence, if it dives it is non-existence”. The mind is like the moon: it is reflected in the water at a speed that man does not perceive. The mind should not be stopped, but left free to grasp the void, the invisible, the Nothing.

 The Chinese intelligence Services, however, organize closed areas where a “source” finds itself – with its pace and needs – providing the materials needed by the Chinese government.

The width of the network, however, is such that the slow and non-invasive pace of Chinese operatives is capable of reaching the same – or even larger – quantity of sensitive material collected by a Service that does not follow the Tao, i.e. the natural flow of events and people.

Moreover, the Chinese intelligence Service often operates with real academics, real students, real journalists and very real businessmen.

 The cover is often irrelevant, but also very true. Indeed, it is considered a cover attracting excessive interest –  like jealousy which, as Karl Kraus used to say, “is a dog’s bark which attracts thieves”.

Obviously, in this respect, the Chinese intelligence Services have a significant advantage, since they can legally use real journalists and real academics, while in the West – including in Italy – it is forbidden to use “journalists, clergymen, parliamentarians and town councillors” as agents. Stupidity has been tormenting the intelligence Services with a ferocity worthy of a better cause.

Hence no one who can really be useful. This leads the Western intelligence services to fabricate useless complicated “stories” that are often easily discovered by the adversaries.

 Not to mention the forty-year defamation of the intelligence Service – as is the case in Italy – which causes other damage.

 For the intelligence Services, the Chinese technological companies operating in the West must be economically self-sufficient and, indeed, make profit, without weighing on the Service’s or State’s coffers.

 An often predatory “Western-style” profit is also allowed, at least as long as this does not negatively affect intelligence operations.

 Therefore, the Chinese companies using up technology and data – which are the primary material of current Chinese intelligence – must be the most obvious and natural enterprises, without hidden compartments or ambiguous operatives that the host country’s intelligence Services can discover – albeit possibly not so easily.

 Another problem in the control of Chinese operations in the West is the difficulty – and, indeed, we could say the reluctance- with which our companies, including SMEs, report the often harshly blackmailing cyber attacks, or even the crises resulting from fraud and scams often carried out by managers and employees.

 The obsession of being always listed on the Stock Exchange makes companies, including the small and medium-sized ones, excessively afraid of disclosing such adverse operations.

According to Leonardo-Finmeccanica, during the Covid-19 phase, there have been 230,000 malspam operations worldwide, 6% of which in Italy.

This year 51% of all Italian companies have suffered one or more significant cyber attacks, with a 125% average expansion for the domains called “Covid”.

In China, however, there has recently been a change of the State system.

While in the past, before globalization, also thanks to an “imperial” psychology, the Service had above all to defend borders and, to some respects, also the “purity” of the Chinese ethnic balance, today – considering the global economic role played by China – the Service has to deal with 1) the security of raw materials supplies from abroad and 2) the stability of the productive system in a phase of great social transformations.

 Hence the necessary current complexity of the Chinese Party’s and State’s decision-making system: the top level is the National Security Leading Small Group (NSLSG), which also has many informal strategic decision-making mechanisms within the Chinese ruling class. An elite that has always been more informal than we might think.

Certainly, at institutional level, there is also the Politburo Standing Committee, but there is still Hu Jintao, a man still essential to the power architecture of Xi Jinping, who listens to him carefully.

There is also the Foreign Affairs Leading Small Group, which is less involved in relations with the United States – of which the aforementioned National Security Leading Small Group is in charge – but mainly controls the work of the Agencies and connects them.

 In addition to the intelligence Services’ role, a fundamental role is also played by the various and often excellent academic and non-academic think tanks.

Also the results of these structures are assessed by the Small Groups.

 But how is foreign policy decided in China?

 First of all, there is the CPC but, more precisely, the “Politburo Central Committee”, in addition to the aforementioned Politburo Standing Committee (PBSC).

With its 204 members and 167 “alternate” members, the Central Committee meets once a year.

The “Politburo Central Committee” is composed of 25 members, elected by the Central Committee. It meets once a month and five of its members do not usually live in Beijing.

 The PBSC, the Central Committee Standing Group for Foreign Affairs, meets once a week and has nine members.

 The Meeting is often coordinated by the Central Committee’s Foreign Affairs Office.

 Within the Standing Committee, the Foreign Affairs Office has a specific area responsibility, but we should not think that Chinese Communism is authoritarian, at least in the childish sense of the term.

 The bigger the issue, the wider and freer the discussion. The leader’s policy line is always to buildthe broadest consensus among his advisers.

With specific reference to the thorniest issues, the leader often appoints a “first collaborator” but usually the “central” meetings are routine for minor issues, even geopolitically, while the leader speaks and decides on the essential issues: the relations with the United States – still a constant obsession of the Chinese intelligence Service – with Japan, Taiwan or, most likely, the Russian Federation.

 The policy line at the top of the decision-making system – and this also pleases Xi Jinping – is still the old and stable policy line developed by Jang Zemin, which was defined in 1999: “collective leadership, democratic centralism, individual preparation and decisions that always result from meetings”.

 In this way, the Standing Committee and the Central Committee’s Foreign Affairs Office prepare briefings and distribute them among the Central Committee’s offices.

 Often there is no voting, but discussions are held until consensus is reached.

For example,a rare case of voting was when North Korea conducted a nuclear test in 2009 and China had to decide whether to withdraw its support for the country. Seven negative votes were cast against support for North Korea.

 The establishment of the aforementioned National Security Leading Small Group (NSLSG)mainly followed the U.S. bombing of the Chinese Embassy in Belgrade.

 A fact that has marked China’s recent political history.

 Hu Jintao, whom the PSBC defined as a “main personality”, leads a complex office: eight Ministers from the State Council; two from the Foreign Ministry; the National Security Minister; the Minister of Commerce; the Taiwan Affairs Office, the Office dealing with Hong Kong and Macao; the Overseas Chinese Affairs Office and finally the Information Office.

 There are also two Party’s bodies: the Propaganda Department and the International Department.

The Armed Forces are represented by the Defence Minister and the Chief of Staff.

Therefore, the Chinese intelligence Services have a completely different style and modus operandi compared to the Westerners’ intelligence practices. They also have a complex and technically refined organization of political control over the Services’ operations, and finally a different finalization of the Chinese Agencies’ operations in the West, at least for the time being.

Continue Reading

Publications

Latest

Southeast Asia2 hours ago

Uncreative Teachers: Online Learning Is Ineffective

Inevitably, Indonesia has to apply online learning (in the network) during the Covid-19 pandemic, this aims to anticipate the spread...

South Asia4 hours ago

Increasing Need for Global Cooperation and Solidarity- Interview with Dr. Tandi Dorji

Covid-19 has invoked challenges worldwide that require us to formulate innovative solutions. Dr.Tandi Dorji , the foreign minister of Bhutan...

Newsdesk6 hours ago

Equal pay essential to build a world of dignity and justice for all

The United Nations is marking the first ever International Equal Pay Day, on Friday, drawing attention to the gender pay...

Newsdesk8 hours ago

Protect lives, mitigate future shocks and recover better

Over the course of 2020 thus far, the coronavirus has taken hundreds of thousands of lives, infected millions of people,...

Eastern Europe10 hours ago

What awaits Ukraine after US presidential elections?

Who is the man that Kiev wants in the White House – Republican Donald Trump or Democrat Joe Biden? For...

Newsdesk12 hours ago

Stranded seafarers: A “humanitarian crisis”

The ILO and other UN agencies and bodies are calling on governments to eliminate without delay all obstacles to crew...

Newsdesk14 hours ago

Azerbaijan Makes Progress in Health and Education, but Needs to Invest More

Young people in Azerbaijan, like elsewhere in the Europe and Central Asia region, are being provided with the opportunities needed to grow into productive adults, thanks to continued investments in health and...

Trending