Connect with us

Intelligence

The issue of intelligence between the United States and China

Giancarlo Elia Valori

Published

on

The economic and intelligence tension between the United States and China is currently at its peak since the end of the Cold War. During that phase, however, China had also taken actions to oppose the Soviet Union, with the opening to the United States and the “ping-pong diplomacy” in the early 1970s, as well as its tacit support to Kissinger’s resolution of all tensions between the United States and the Southeast Asian countries.

At the time China wanted to help the United States to regionalize – in Asia – its historic “Northern enemy,” namely Russia.

In his “Three Worlds Theory”, Mao Zedong placed it together with the United States in the “First World”, as both imperialist powers, while he regarded China as the current and future leader of the whole Third World fighting against the “metropolises” of the First World.

Said project has not changed, it has only changed its language and its procedures.

Now that the bilateral tension between the United States and the People’s Republic of China is at its highest, the rationale for this new Sino-American scenario is simple. China wants to achieve global geopolitical hegemony, while the United States led by President Donald J. Trump wants to rebuild its new economic and purely financial hegemony, and hence resort to protectionist practices.

The practices that even the old liberal handbooks of economic science considered lawful when a “nascent industry” needs to be protected.

China has now Africa in its own hands – a continent where the US power is linked almost exclusively to the US Africa Command, which is headquartered at the Kelley Barracks in Stuttgart.

Europe, of course, does not count for anything.

Moreover, China operates in Iran and also in Russia, considering that it has now incorporated Russia into its Belt and Road project towards Europe and the Mediterranean – in spite of the Eurasian Alliance project of Russian origin – and hence operates as a hegemonic power in Central Asia.

It does so by operating with a strategy that is at first economic, but also and above all political: the peripheries of the world against the metropolises, i.d. Mao’s old “policy line”.

Currently we are instead shifting from geoeconomy to the real global strategy – and China will have no particular difficulty in moving from a generically friendly position towards the United States to a far more adverse one.

When its primary interests are attacked by US actions, China will never make the first move.

The Thirty-Six Stratagems of the Chinese secret art of war are clear in this regard: “Watch the fires burning from the river” and also “Hide a knife behind a smile”.

However, let us better analyze what has happened in the current “spy war” between the United States and China.

For nearly ten years, the US spy network in China has been severely undermined, if not wiped out. This has happened to the US intelligence services also elsewhere.

Allegedly, the vulnerability of the US network results from the fact that China has long “penetrated” the network used by the operatives and informants present in China.

China maintains that this has led to the “elimination” of 30 local citizens who worked for the United States and the imprisonment of an unknown number of others.

China’s counterintelligence operation is said to have started in 2010, when the encrypted firewall used by the US operatives in China was discovered.

Obviously it is almost useless to add that the “sophisticated” IT firewall used by CIA is now in China’s hands and the analysts of its intelligence services will use and implement it even more easily.

Moreover, the program discovered by China had to be used in such a way as not to connect with and not to be traced by CIA’s major IT networks.

Without CIA knowing it, however, the encrypted system could also connect with its primary web network – and China could listen or read quietly and easily.

Incidentally, it is currently certain that all countries’ intelligence services can use the Web, but it is equally certain that the security of communications is at least the top goal, together with the quality and depth of the intelligence and analyses reported to the “central unit”.

Nevertheless, the more the Web gets complex, the easier it is “penetrated”. This law has been never denied by facts.

The more complex it is, the easier is to manipulate or “penetrate” it.

Experts tell us that the Web’s rate of complexity increases by seven the danger it can be penetrated. At every additional step of structural complexity there is a 7-time multiplier for possible “holes”.

Hence, in many cases, it would be good to still resort to the old craft systems that made the history of modern intelligence. China still does it.

We believe, however, that the real problem lies in the fact that the United States still believes that China is a country which is trying – with some difficulty – to follow the development course of the Anglo-Saxon community.

This is certainly not the case: China has not long been a “second class” nation or, as some US analysts say, a “Third World country that has grown too much”.

Far from it: it is a good thing that the United States soon realizes that China is certainly the second military and economic power in the world and that it can certainly cooperate with the United States, but dictating at least some essential conditions.

No Chinese decision-maker thinks about a “covert war” against the United States – not even remotely: currently the Party and the State think about other “enemies” and other regions.

However, we should never forget China’s huge power of constraint, persuasion and negotiation.

Moreover, the free market myth has affected the whole system of what – in the intelligence community of every modern country – should be the axis of all major operations, namely influence.

Over 110 “Confucius Institutes” have been founded in the US universities and huge Chinese capital is present in many of the most important US entertainment companies, such as Legendary Group, AMC Theathers, STX Entertainment, Studio 8 and Global Road Entertainment, as well as in many other smaller companies.

Not to mention Chinese investments in other sectors and in US Treasury securities.

The US majors obviously sell much in China, but China has entered their system with money, not just with encrypted firewalls.

Clearly China is strongly interested in the US operations on its territory, but certainly the Chinese leaders have operated a linkage between the trade wars started by President Trump and their counterintelligence actions.

This is another bond to break.

The more the geoeconomic contrast between the United States and China mounts, the more intrusive actions will be taken by China in the United States (such as those of the many Chinese students in North American universities who are spying for their country of origin), as well as “harsh”  counter-intelligence operations.

Furthermore, what some leaders of the US Central Intelligence Agency fear is partly true: China is now in such a Cold War phase with the United States as to eventually oust it from its position as global power.

It is very unlikely, however, that Chinese leaders think they can weaken the US power in a short lapse of time: there is no blitzkrieg or lightning war that can decide, in a short sequence of clashes – even in the muffled world of intelligence or in the slightly noisier world of electronic war – who definitively wins.

It is pure madness and the Chinese are not mad at all.

Obviously both contenders must well understand that the Great Powers – if they have to disappear – do so over a period of centuries, always much more slowly than they have grown in good times.

Certainly even traditions count in the world of intelligence.

The United States is the realm of technology, in which an American –  a good American and not an ugly American like the one described by the British novelist and intelligence agent, Graham Greene, who however had titled his novel The Quiet American – believes blindly. Probably the ugly and the good are two sides of the same coin.

The tradition of Chinese intelligence is also excellent in technology, but it does not forget the ancient rules of power and war.

When some defecting KGB men were sent to some US military academies, they were surprised that in the libraries there were not the classics of Eastern war thought and strategy: the Thirty-Six Stratagems, the Liezi, as well as Sun Zu’s military treatise The Art of War.

Hence too much technology in the United States and sometimes a certain tendency to conceptual hyper-simplification; too little history and knowledge of the real power structure which – when really powerful – is covert.

Also China, however, is not lagging behind in the field of technology. We should recall the hacking of over 30 companies among the most important ones in America, including Apple and Amazon, with a modified chip.

The Silicon Valley is now full of spies who work for the Chinese government for money or for other reasons.

According to many officers of the Armed Forces, all the US military networks are in danger.

CIA, too, has successfully carried out some operations on the Chinese territory, sometimes forcing the Chinese to give up their electronic espionage techniques, and also using Chinese intelligence agents.

Hence what can we do to stop, slow down and put in an acceptable position of security and business as usual this crisis between China and the United States, which – apart from trade wars – is still a mere war between intelligence services?

A first solution could be an extensive and universal protection – to be reached and signed as soon as possible – for the protection of sensitive intellectual property.

Currently trade secrets and patents are acquired not with old reverse engineering, but with the launch of IT attacks on companies and even law firms that hold regulations and protections.

While, as is well known, China is now a global software producer, it would be rational that even China would adapt to a new, stricter and safer international regulation of IPs and networks.

There could also be – in the offing – an international agreement on web addresses and network security, organized by the major companies operating in the sector, which are all interested in achieving a higher security level.

The US Invention Secrecy Act dates back to 1951 and it is too old for the technologies it should protect. Moreover, it is not part of the US intelligence chain.

In fact, the large US companies have increasingly relied on international laws for the protection of industrial data, often coming out of the North American judicial and legal system.

This is another “hole” that the United States must fill as soon as possible.

Moreover, now the US military can control patents, even when they are fully developed in the civilian sphere.

This is a good thing, but one thing is the law and another is counterintelligence.

However, the Web is and will always be wide-meshed: Google, in particular, is used by 67% of all Internet operators in the world and it has never made a secret of wanting a US patent system as “weak” as possible.

Google itself wants to sell the trade secrets at low price and quickly – and possibly keeping its own ones very secret.

The classic case of a paradox generated by a technology that does not find the legal mesh suitable for regulation.

Furthermore, China adheres to all international intellectual property regulations but, also in China, it is precisely the complexity and the inevitable archaic nature of rules compared to the speed of technology that impose the aforementioned “wide mesh” to China’s patent protection.

Hence two things are needed: firstly, a technical-legal and bilateral Conference between China and the United States, with a view to regulating the specific needs of sensitive data protection.

Moreover, light is better than darkness, although the Chinese wisdom tradition maintains that it is necessary to “cultivate darkness” – as when you need to grow rhubarb.

Secondly, a US-Chinese Committee shall be established at the highest possible level, where one asks the other for the patents it needs – obviously against payment.

Later a “third” Committee shall be created to check the efficacy of the agreement, possibly made up of members of the intelligence community of a country that is good for both countries: Italy, for example, which is second to none in the field of cybersecurity and can guarantee both contenders.

Thirdly, an International Conference shall be held – again possibly in Italy – to draw up specific rules for “technology secrets”, to be adapted each year according to new technologies.

Obviously also a new international Authority would be needed to coordinate and control – above all – the private network managers and the content collectors, as well as  websites.

ICANN, the Californian organization that – as we may all recall – was given the Internet “source code” by the US government, is still a cooperative incorporated under California’s law, although the source code is now an open  secret and former President Obama decided it to be managed not only by ICANN.

Hence the Internet Corporation for Assigned Names and Numbers (ICANN) is still a structure that is only responsible for “opening” the network, as well as for dissemination and “transparency”.

The Web, however, must also be a structure controlling data security, reliability and efficacy.

For each “transparency”, a rule of security and control. If the system of intellectual property protection fails, the whole contemporary world will fail.

Hence we could think of establishing an Agency, again in Italy, with the major powers’ support – an Agency called Security Agency for the Internet (SAFI), which can remove or report real-time passages of business and State secrets within the whole network.

This is another action that could be taken in Italy.

Advisory Board Co-chair Honoris Causa Professor Giancarlo Elia Valori is an eminent Italian economist and businessman. He holds prestigious academic distinctions and national orders. Mr. Valori has lectured on international affairs and economics at the world’s leading universities such as Peking University, the Hebrew University of Jerusalem and the Yeshiva University in New York. He currently chairs “International World Group”, he is also the honorary president of Huawei Italy, economic adviser to the Chinese giant HNA Group. In 1992 he was appointed Officier de la Légion d’Honneur de la République Francaise, with this motivation: “A man who can see across borders to understand the world” and in 2002 he received the title “Honorable” of the Académie des Sciences de l’Institut de France. “

Continue Reading
Comments

Intelligence

Islamic Caliphate is dead, but its dangerous and infectious ideology is alive

Published

on

The year 2019 witnessed the rout of the Islamic Caliphate – the pseudo-state entity created on the territories of Iraq and Syria by the terrorist organization Islamic State of Iraq and the Levant, a.k.a. the Islamic State or IG, ISIL, Daesh (Arabic), a terrorist group outlawed in the Russian Federation.

On March 1, 2019, just three or four years after the Islamic Caliphate terrorized the entire world, Kurdish units of the Syrian Democratic Forces in Syria launched an offensive to flush out 500 jihadist fighters holed up in the city of Baguz, ISIL’s last stronghold in the country.

Does this mean that Islamist terrorism is now done for?

During the first decade of the 21st century, ISIL emerged as the biggest threat to international security and world order. On June 29, 2014 ISIL terrorists announced the creation of an Islamic Caliphate with claims to global domination.

As seen on the map , the Islamic Caliphate, comprising numerous provinces, was to extend from China to the Atlantic Ocean, and from Central Europe and Siberia all the way down to equatorial Africa. The Caliphate encompasses all Muslim states without exception, including Iran and non-Muslim Israel, the territories “occupied by infidels,” as well as the whole of the Middle East and North Africa. Moreover, the Caliphate lays claims to Western Asia and Europe, including Spain, the Balkans, Romania and Austria.

The Islamic Caliphate went on to make the Syrian city of Raqqa its de-facto capital in 2014.

Although still far from achieving global dominion, the jihadists started building the basis of their future Islamic Caliphate by enslaving between 8 million and 10 million people in the occupied territories of Iraq and Syria, and virtually annihilating Syrian and Iraqi Christians, Yezidis, Shiites and Kurds.

In addition to Syria and Iraq, the Islamic State and its affiliates controlled parts of Afghanistan, Egypt, Yemen, Libya, Nigeria, Somalia and the Democratic Republic of Congo.

ISIL also used its substantial financial resources to increase the number of “sleeper” terrorist cells in Morocco, Algeria, Tunisia, Pakistan, Saudi Arabia, Lebanon, Indonesia, the Philippines, the North Caucasus and various European countries.

During its criminal heyday in 2014-2017, ISIL was one of the most numerous and well-armed terrorist groups in the Middle East, boasting over 100,000 fighters active mainly in Syria and Iraq.

Add to these 27,000 to 31,000 mercenaries from 86 countries who, according to the Soufan Group analytical center, fought in the ranks of this terrorist organization.

Equally noteworthy is the distribution of foreign ISIL militants by region and country (2016 – 2017):

Former Soviet republics 8,717
Near and Middle East 7,054
Western Europe 5,778
Maghreb countries (North Africa) 5,356
South and Southeast Asia 1,568
Balkans 845
North America 444

Countries –main suppliers of fighters for ISIL:

Russia 3,417
Saudi Arabia 3,244
Jordan 3,000
Tunisia 2,926
Turkey 1,910

Equally noteworthy is data pertaining to the number of ISIL mercenaries from former Soviet republics (2015)

Azerbaijan 216
Georgia 50
Kazakhstan 300
Kyrgyzstan 500
Moldova 1
Tajikistan 386
Turkmenistan 360
Uzbekistan 500

ISIL owes its temporary success in Iraq and Syria to these countries’ weak militaries, the seizure of their arsenals of advanced US-supplied weapons, and to the considerable financial resources looted from Iraqi banks.

And also to its militants’ religious fanaticism, the professional skills of former Iraqi and Syrian military officers who joined ISIL, to foreign mercenaries, the cruel and fear-instilling daily activities of this quasi-state, the ideological brainwashing of jihadist fighters and to professionally organized advocacy work.

ISIL’s bloody and ruthless way of dealing with opponents and the medieval laws it imposed on its subjects shocked the world. Even the ill-famed al-Qaeda that ISIL spun off from has come out against its “daughter,” with al-Qaeda leader Ayman al-Zawahiri officially announcing in February 2014 that he did not recognize ISIL as a member of his group.

In their effort to secure the locals’ support, ISIL members tried, within the framework of their quasi-state, to restore the cities’ economic life by rebuilding their war-ravaged infrastructure. Imitating state authority, they paid salaries and benefits to the unemployed, collected taxes and paid monthly salaries of $700 to their militants. At the same time, in their brutal imposition of Islamist medieval order, they surpassed even the Afghan Taliban.

Propaganda and PR feature prominently in the ISIL leaders’ activity.

ISIL has “revolutionized” the field of online promotion of jihadist ideology by creating a powerful social movement and recruiting thousands of fighters from around the world, Russia included, through a web of social networks alone.

According to Yekaterina Sokiryanskaya, director of the Center for Analysis and Conflict Prevention, a leading expert on the North Caucasus, ISIL created a highly professional and ramified propaganda machine for recruiting online, consisting of “central” media organizations, such as Al-Furqan and al-Hayat, and “regional” ones. In addition, the AMAQ News agency provides coverage for the Caliphate’s military operations and its everyday life even without having the status of its “official” media outlet.

Propagandists enjoy a privileged status in ISIL. According to the propaganda researcher IG Charles Winter, during the organization’s halcyon days (2014–2015), spin doctors were paid seven times as much as regular fighters.

Since its outset, ISIL has put out over 41,000 media releases, with an additional 2.3 billion releases made by its supporters (The New York Times).

“The loss of territory, resources, the retreat and evacuation of fighters, compounded by problems with the Internet has significantly reduced the flow of jihadist propaganda,” Yekaterina Sokiryanskaya writes.

“Daesh will not be able to maintain the previous level and quality of its propaganda materials any time soon. Realizing that with the loss of its ideological machine the whole project of the Islamic Caliphate will eventually be doomed, the ISIL leadership is adapting to new realities with affected references to a high mission now making way for more down-to-earth calls for one-off attacks with knives and axes on unarmed people. This change of tactic began in late-2015, after security agencies of various countries had seriously complicated the process of bringing in new fighters to Syria. ISIL initially advised its supporters to look for workarounds, and later – to move to other “provinces” of the Caliphate. Finally, last year, ISIL said that those who could not reach the Caliphate proper should stage attacks back at home,” she continues.

This is an extremely important trend. Just as the Caliphate ceases to exist as a quasi-state, its subjects, who have survived the antiterrorist battles, remain. Islamist terrorism is taking a new shape.

The Islamic Caliphate created by ISIL is perhaps the highest organizational quasi-state form of modern-day Islamist terrorism. Terror (“Fear,” “horror” in Latin) was used by ISIL as a primary method of warfare. Therefore, it could be compared (in function, if not in scale) with Nazi Germany or militaristic Japan, where international terrorism was part of official state policy.

Even though chances of a complete reincarnation of either ISIL or the Islamic Caliphate are pretty slim, dangerous options thereof can’t be ruled out.

That terrorism is often used by non-state actors – whether left-wing, right-wing or nationalist – and religious groups, is well known. In the 19th and 20th centuries, hundreds of political parties and groups were known to have used terror in their work.Their activities covered virtually the whole world: from small settlements and countries to continents, and were often supervised and financed by individual states to achieve geostrategic ends.

It is highly probable that the routed ISIL will still be trying to preserve its remaining terrorist groups, rebrand old ones, and recruit new fighters. Moreover, what has remained of the Daesh forces will spread throughout the world.

As BBC columnist Frank Gardner writes, “At the recent Munich Security Conference, Alex Younger, the chief of Britain’s secret intelligence service (MI6) said this: “The military defeat of the ‘caliphate’ does not represent the end of the terrorist threat. We see it therefore morphing, spreading out… within Syria but also externally… This is the traditional shape of a terrorist organization.”

Speaking at the same event, German Defense Minister Ursula von der Leyen said that ISIL was going deeper underground and building networks with other terrorist groups.

General Joseph Votel, who runs US Central Command, also said that even though the ISIL network is dispersed, pressure must be maintained or its components will have “the capability of coming back together if we don’t.”

Indeed, much of the ISIL militant force has not been destroyed and is now breaking up into small terrorist groups, which is only natural since ISIL is a plethora of jihadist groups fully capable of acting autonomously. .

With the rout of the Caliphate now a hard fact, ISIL is desperately looking for a way out of the situation. There are several such “exists” to speak of.

The first is the dispersal of jihadist fighters among the local population in Syria and Iraq, and the creation of “sleeper cells” waiting for an order to resume the fight.

A second option would be to redeploy militants to remote areas of Syria and Iraq, and the formation of guerilla units there.

Thirdly, this could be gradual infiltration into other countries where ISIL already has a base, or at least has supporters necessary for the organization to function further, perhaps under a different name, but with similar ideology and military-political doctrine. Primarily into Libya, where ISIL controls the cities of Derna, Nofalia, Sirt, and the Al-Mabrouk oil field. Moreover, in Libya, ISIL could become a third party in the ongoing confrontation between Tripoli and Tobruk.

In Afghanistan, ISIL has already become a third party in the long-running standoff between Kabul and the Taliban. However, the ongoing negotiations between the international community, primarily Russia and the US, with the Afghan Taliban (though in a separate format) could eventually ease tensions in that country which, in turn, would seriously undercut ISIL’s ability to influence the situation there.

In Egypt, local jihadists, taking orders from ISIL, control parts of the Sinai Peninsula.

Also, the Boko Haram group, which controls the north-east of Nigeria and is making inroads into neighboring Chad, Cameroon and Niger, has recently subordinated itself to ISIL.

There are certain opportunities now opening for ISIL also in Yemen, Somalia and the Democratic Republic of Congo.

Another “exit” option could be the return of the remaining jihadist fighters to their home countries, either individually or as part of small but closely-knit groups.

In the wake of the Islamic Caliphate’s downfall, many militants have recently returned home. About 30 percent of the 5,000 ISIL fighters (1,500) happen to be EU citizens. Of these, 300 have returned to France, about 900 people – to the former Soviet republics (including 400 to Russia), 800 – to Tunisia, 760 – to Saudi Arabia, and 250 – to Jordan.

This process is characteristic of all 86 countries Islamist volunteers once set out from to defend the ideas of radical Islam.

Clearly, the presence of experienced and battle-hardened ISIL terrorists, sometimes even armed, in the countries of their current residence is dangerous, even disastrous for these and other countries’ security. Small wonder, therefore, that the world is getting increasingly aware of the real threat posed by this jihadist-terrorist contagion.

Religious leaders are united in their denunciation of Islamist terror.

Saudi Arabia’s Supreme Mufti Abdulaziz bin Abdullah Al-Sheikh has branded the al-Qaeda and Islamic State jihadists the main enemies of Islam. He also quoted a verse from the Koran, which calls to kill the perpetrators of acts that “have a disastrous effect on Islam.”  Any compromises with bloodthirsty fanatics are simply out of the question. They must be eliminated once and for all.

Pope Francis has approved the use of force against Islamist radicals. The Pontiff believes that coercive methods should be used to protect religious minorities from militants.

The World Jewish Congress (WJC) and the Russian Jewish Congress (RJC) has urged the entire world community to stand together against the “disgusting wave of violence” against Christians in the Middle East.

In Iraq, the Shiite leader Ayatollah Ali al-Sistani has reiterated his call for the Iraqi people to resist ISIL militants.

Important as religious leaders’ rejection of terrorism and its perpetrators is, however, the same can hardly be said about the world community. Indeed, even in the midst of the fight against ISIL in Syria, the antiterrorist forces failed to present a shared understanding of the danger posed by their common enemy.

It is really unforgivable that a universally accepted definition of international terrorism has not yet been worked out. The term is often used as an instrument of political struggle, because each country actually decides for itself whether a certain group is “terrorists” or “freedom fighters.” In Russia, 21 Islamist organizations are recognized as terrorist, and 33 in the United States . Moreover, actual definitions of “terrorism” often vary.

Coordinated fight is the only possible and effective way of ridding the planet of the scourge of terrorism. Unfortunately, there is no international legal basis for a collective solution of the problem. The experience of the past few years shows that a slow-moving and bureaucratic UN is not capable of providing quick and effective response to the threat posed by international terrorism. The world needs a fundamentally new and mobile international mechanism, structured to counter the terrorists’ extensive and diverse criminal activities.

The proposed idea of creating a supranational system uniting antiterrorist forces that would include administrative, information, analytical, intelligence, financial, counter-propaganda and power structures – well-equipped counter-terrorist units ready for quick deployment to troubled regions looks pretty viable. However, this international antiterrorist system must be established under the auspices of the United Nations, with its blessing, and rest on a solid legal foundation.

 First published in our partner International Affairs

Continue Reading

Intelligence

Cyber Warfare: Competing National Perspectives

Leann Maloney

Published

on

The threat of cyberwarfare is a growing fear among all intelligence communities. “In June 2009 the U.S. Cyber Command was created and in July of 2011 Deputy Secretary of Defense William J. Lynn III announced that as a matter of doctrine, cyberspace will be treated as an operational domain similar to land, air, sea, and space” (Colarik & Janczewski, 2012, 35). Cyber warfare is conducted by infiltrating the country’s computer networks to cause damage and/or disruption to various infrastructures. This could be as minimal as spying on another nation or as in-depth as implementing acts of sabotage directed towards specific targets such as military operations or the power grid. The threat of cyber warfare is not specific to one country. This is a potential threat that effects each country across the globe.

China is a dominant power within the global arena and is consistently evolving with potential threats especially cyber technology. Chinese colonels Liang and Xiangsui claimed advanced technology gave the country’s adversaries a significant advantage, and proposed that China ‘build the weapons to fit the fight. Recently, the Chinese People’s Liberation Army (PLA) confirmed the existence of its Online Blue Army (Colarik, &Janczewski, 2012, 35). China’s fear of the impact and devastation that can be caused by the internet has forced them to implement strict policies governing the freedom and use of the internet within the country and creating strong security measures against infiltration by outside sources.

In 2014, China implemented the Central Internet Security and Informatization Leading Group to oversee all internet security. “This leading group is to deepen reform, protect national security, safeguard national interests, and promote the development of information technology. The group will have complete authority over online activities, including economic, political, cultural, social, and military” (Iasiello, 2017, 5). This group disseminates and monitors all information found on the web to ensure that there are no security breaches and the people are not in violation of the law.

In 2015, China drafted a national cybersecurity law.“The chief goals of its 2015 draft national cybersecurity law are (1) ensure cybersecurity, (2) safeguard cyberspace sovereignty, national security, and the public interest, (3) protect the legitimate rights and interests of citizens, legal persons and other organizations, and (4) promote the healthy development of economic and social information” (Kolton, 2017, 126). Whereas the United States promotes a free internet, China’s main focus is on establishing an internet that is secure from all potential threats both external and internal.

In 2016, China passed the “Cyber Security Law” that focused on the security of the internet and information systems and extended the ability of the government to oversee the information that was being shared to determine if it was done within accordance of their strict cyber security laws. This law helps the government to monitor any potential breaches of security by outside or internal sources. By implementing a stronger grasp of control over the internet, the government is able to reduce the potential of an attack or intrusion. Within this law, government agencies would be able to implement more guidelines for network security within industries to include energy, transport, military, defense, and many more (Iasiello, 2017, 6).These restrictions increase the control of the government over cybersecurity but also limits the freedoms of its citizens to explore the internet.

China has created new training for its military to be prepared against potential cyber warfare attacks. It has “developed detailed procedures for internet warfare, including software for network scanning, obtaining passwords and breaking codes, and stealing data; information-paralyzing software, information-blocking software, information-deception software, and other malware; and software for effecting counter-measures” (Ball, 2011, 84). It has also increased its number of training facilities to focus only on network attacks on cyber infrastructure and defense operations. The amount of money China is investing in facilities and training of military personal increases its ability to remain secure within this global threat of cyber warfare. One fear for China is its dependence on Western technology. “China’s capabilities in cyber operations and emerging technologies such as artificial intelligence are becoming more sophisticated, the country still depends largely on Western technology. Beijing is hoping to break that dependency through the Made in China 2025 plan” (Bey, 2018, 33). This is a mutual fear for both the US and China as they both rely on each other’s manufacturers with the fear that they will implement a trojan horse to intervene.

Like China, Russia has increased its abilities in combating the potential threat of cyber warfare. However, Russia has taken a different approach to this threat by going on the offensive. Russia has focused on non-linear warfare within the cyber world, which is defined as “the collection of plans and policies that comprise the state’s deliberate effort to harness political, military, diplomatic, and economic tools together to advance that state’s national interest. Grand strategy is the art of reconciling ends and means” (Schnauffer, 2017, 22). To assert its dominance in the global arena, Russia has been utilizing its own forms of cyber attacks to collect information and become a dominant cyber power.

Russia began its experiments with cyber warfare in 2007 in the clash with Estonia. This was done to determine its cyber capabilities as well as create a stronger resilience against future attacks. “Russia’s cyber experiment effectively shut down day-to-day online operations in Estonia’s cyber infrastructure for weeks, from news outlets to government institutions” (Shuya, 2018, 4). After this successful movement, Russia began to expand its focus to Georgia and Ukraine in 2008 and then in 2015, to offset local initiatives there which it considered to be against Russian national security interests. Russia has “developed multiple capabilities for information warfare, such as computer network operations, electronic warfare, psychological operations, deception activities, and the weaponization of social media, to enhance its influence campaigns” (Ajir& Valliant, 2018, 75). Russia has had a strong focus on using the tool of propaganda to disseminate key information to its citizens with the hope that they will abide by it as the real truth.

Russia’s investment into technology and the freedom of speech allotted by the West has made the West not only extremely vulnerable to Russia, but also has expanded the reach of the Russia globally. Ajir and Valliant (2018) highlight several key points of the Russian strategy:

Direct lies for the purpose of disinformation both of the domestic population and foreign societies; Concealing critically important information; Burying valuable information in a mass of information dross; Simplification, confirmation, and repetition (inculcation); Terminological substitution: use of concepts and terms whose meaning is unclear or has undergone qualitative change, which makes it harder to form a true picture of events, Introducing taboos on specific forms of information or categories of news; Image recognition: known politicians or celebrities can take part in political actions to order, thus exerting influence on the worldview of their followers; Providing negative information, which is more readily accepted by the audience than positive.

This approach allows the Russian government to remain in control of information that is filtered to its citizens. The restriction of freedom reduces the capability of deciphering fact from fiction.

Russia has also taken a defensive approach to cyber warfare by implementing strict laws that govern the use of the internet. The agency Roskomnadzor scans the internet for activity that is deemed illegal and detrimental to the Russian government. It has also implemented new laws to regulate internet activity. “The laws which came into force in November 2012 provided provisions for criminalizing slander, requiring nonprofits receiving funding from abroad to declare themselves “foreign agents,” and provide additional financial information and a final law sanctioning the blocking of websites featuring content that “could threaten children’s lives, health, and development” (Cross, 2013, 14). Many have deemed these laws as means to censor the internet, but the Russian government argues it is for the protection of its citizens.

An opposite example of failing to employ measures to protect the country from a potential cyber warfare attack is Mexico. The main focus for Mexico has been on drug cartels and eliminating internal threats within their own government. Mexico has begun to implement its own version of cybersecurity due to its substantial growth in cyber-attacks over the years. However, its overall success has been limited due to a lack of understanding and outdated systems. “Incidents in cyberspace pose a challenge to Mexico due to a lack of institutional structures and there is a need to strengthen capabilities since it does not have any specialized government or public sector agencies certified under internationally recognized standard” (Kobek, 2017, 8). Without the establishment of a specific agency dedicated to cybersecurity, Mexico will continue to struggle against cyber warfare threats. Mexico must implement new security measures that are applicable to all main threats beyond the drug cartels.

Currently, the government presence in Mexico is focused solely on actionable and tangible threats. There must be a reform to its current laws for “the armed forces require a law that reframes and modernizes the concepts of public safety, internal security, and national defense; clarifies the role, conditions, terms, and limits of the armed forces’ engagement; and establishes mechanisms to hold them accountable” (Payan& Correa-Cabrera, 2016, 3). The lack of accountability and oversight by the government to control key aspects, such as the military, and impose a stronger presence in the more demanding field of cybersecurity opens up the potential for a catastrophic event to occur within Mexico.

China and Russia are prime examples of how strict policy governance of the internet will help to reduce the potential threat of an attack. They are micromanaging every aspect of the internet from restricting specific websites (social media) or establishing specific agencies to monitor and analyze all information that is being viewed from all sources. “With the United States and European democracies at one end and China and Russia at another, states disagree sharply over such issues as whether international laws of war and self-defense should apply to cyber-attacks, the right to block information from citizens, and the roles that private or quasi-private actors should play in Internet governance” (Forsyth, 2013, 94). The failure of this policy is the restriction of freedoms to citizens. As stated above, one of Russia’s main focuses is promoting propaganda that is anti-west and pro-Russia. The control over the internet does not allow their citizens to research the truth or have global interaction. This increases the risk of upheavals among the people, especially as technology continues to improve and loopholes are found to circumvent existing policies and hidden content is exposed.

Another approach to cybersecurity is seen with the actions of NATO. It is focusing on improving its relationships with private security companies and “developing a Cyber Rapid Reaction Team (RRT)19 to protect its critical infrastructure, much like U.S. Cyber Command’s Cyber Protection Teams (CPTs)” (Ilves et al, 2016, 130). One downside to this approach is NATO is only able to apply defensive measures. It does not have the ability to implement an offensive attack. Creating a partnership with private companies provides it greater access and resources to potential cyber threats. Private companies have more funds available to pursue a stronger cyber security defense. A recommendation would be to create a joint European Union, United States, and NATO partnership against cyber warfare. Each has its own strengths that can be applied to a joint force against one common threat. A stronger partnership among key global powers will help to create a multifaceted approach to the threat of cyber warfare. The end goal of cyber warfare is the same for each country targeted. There is no specific adversary, but rather the substantial disruption or sabotage of key infrastructure.

Although facing intense criticism and skepticism, it would be beneficial for the US, China, and Russia to form a partnership against cyber warfare. As each country is already connected via their technology companies, they are each a global power that encompasses a vast majority of the world. A collaboration of information and resources would provide a stronger protection amongst common non-state threats. However, the chief obstacle is the ability to trust each country to act within the realm of security, instead of using it as an opportunity to gain substantial access to an inside look of the country. Since the US often accuses China and Russia of being the biggest state perpetrators of cyber actions, this criticism may be near impossible to overcome, despite the possible advantages. According to the World Economic Forum, the table below lists the top countries best prepared against cyber-attacks.

Table 1: World Economic Forum Countries Best Prepared Against Cyber-Attacks

The United States is ranked number one with a significant margin above Canada. China and Russia who have implemented a very strict cyber security policy are not listed within the top 20. This is determined by the Global Cybersecurity Index, a partnership between private industries and international organizations that analyze all aspects of cybersecurity. This argues that the approach by countries such as China and Russia is geared more to the control over its citizens rather than executing a strong cybersecurity policy focused on legitimate external threats. Although, the table above does show that the United States is ranked number one in being able to protect the nation from potential cyber threats, it is only ranked at 82.4% effective. Russia and China have employed a different approach to cyber security that could be utilized to increase the overall effectiveness globally if each side was able to work together towards common threats. Ideally, such partnership would not only create new channels of connection and collaboration between adversaries, but would also set the stage for the more heavy-handed and restrictive policies of China and Russia to be loosened to the benefit of its citizens’ virtual freedom.

Continue Reading

Intelligence

Cybersecurity between Enemies and Allies

Desta Bailey

Published

on

Operational success, whether state or non-state, begins with a solid strategic plan that encompasses key objectives or targets. In today’s globally connected world, cybersecurity is holding the forefront space of challenges, vulnerabilities, and growth (Barrinha 2018). Success, in a globally connected environment, requires an understanding of the environmental systems and connections to appropriately identify the gaps in security and potential points of entry from adversarial actors (Barrinha 2018). Understanding the connected nature and networked capability of potential adversaries’ drives a need to analyze social networks as they relate to the interrelated environmental systems (Tsvetovat and Kouznetsov2011). Therefore, the ability to effectively engage within an interconnected and globalized operational environment is to understand the cybersecurity policies, trends, and vulnerabilities across western and non-western states like Russia, United Kingdom, China, and Israel.

Internationally, states are viewing cyber as the fifth domain of operations, added to air, space, land, and sea.  In 2013, fifteen countries agreed with a need for international law for the elaboration of measures, norms, rules, or principles over the cyber domain.  Today, military cyber capabilities exist in more than 40 states and of those 12 have explicitly offensive cyber capabilities.  Despite the growing application of cybersecurity strategies and advancements in the development of international laws, a standard definition of cybersecurity does not exist (Greiman 2015). 

Regardless of the state’s abilities or interest in cybersecurity, the intent is to create an ability to protect domestic networks against domestic or foreign intrusion and attack (Fischer 2016).  Cyber-attacks come in many forms. Though attacks vary widely, they generally have a geopolitical, diplomatic, or economic interest, causing business and economic organizations to get involved with political structures to consider policy-setting and strategic capabilities (Jaquire et al. 2018).  The difference is that instead of defending against states physically, the defense efforts are against actions exclusively housed within the cyber arena (Duvenage et al. 2018). 

National cybersecurity strategies in general tend to possess three main components: strategies with intelligence and counterintelligence capabilities, personal security on information held in databases, and corporate security (Vancouver 2018).  As Adamsky (2017) described Israel’s cybersecurity plan, the three interrelated vectors work together to provide robustness, resilience, and defense.  The overall intent of national cybersecurity strategies is to provide a means by which the state can protect local networks from adversary threats.

The criticality and concern coming from the international community when dealing with increasing threat potential and vulnerabilities within the cyber domain is reflected by the more than 40 countries working to establish cyber policies.  The United States and the United Kingdom both view “terrorism and cyber-attacks as the two greatest threats to national security” (Greiman 2015).   As states look at the threat posed by the cyber domain, they must consider non-traditional ways in which foreign non-state actors are leveraging networks to spread their messages — to incite fear, spread support for their anti-state ideologies, or the ability to use virtual space as a meeting location to create extremist support (Cross 2013).  

In efforts to standardize, Russia, China, Tajikistan, and Uzbekistan joined forces to submit an international code for information assurance (Grieman 2015). Australia, Canada, New Zealand, United Kingdom, and the United States banded together to create a stronger shared level of intelligence, known as the “Five Eyes” Community (Walsh 2015).  However, Israel is still leading the way in the cyber policy, strategy, and successful operations (Adamsky 2017).  Though all countries possess a mix of security interests and priorities, there is not a single consensus on how to internationally address threat conditions (Crosston 2016). In an attempt to address those conditions, countries must seek innovative and creative means to establish operations and policies to protect against globalized threats (Cross 2013).

Israel has the lead in leveraging innovation and creativity to develop tangible results and an example for other countries to emulate.   In 2002, Israel established the goals and means by which it intended to secure its portion of the cyber domain.  Seeking to find a balance between commercial and private needs with a need for national security, Israel established policies to “protect vital computerized systems of selected public and private civilian organizations.”  Not wanting to fall short on future threats, Israel included concepts of “education, R&D, security, economic development, and international cooperation” into their policy design (Adamsky 2017).  In 2015, the government established a concept of operations (CONOP) to regulate cyber mechanisms and operations focusing on cyber defense, capacity building,and structure.  Using an interrelated framework of robustness, resilience, and defense, Israel can operate, sustain, and defend their local cyber domain from intrusion and attack better than most (Adamsky 2017). 

Russia and China have similar approaches and practices.  In their efforts to collect intelligence, neither country relies solely on confidential sources or methods, nor does collection tie singularly to state-sanctioned collection requests.  More importantly, collection in Russia and China does not focus on collection against foreign agencies alone (Crosston 2016).  As part of the policy process in Russia and China, the government opts to control exposure and risk by limiting the availability of sites that threaten the influence their control over the population (Cross 2013).  While similar in their approaches, Russia and China developed individual strategies to protect their networks (Fei 2010).

China opted for a strategy with a longer-term outlook and sought to respect other nation’s objectives while fostering mutually beneficial cooperation.  China’s strategy emphasizes multilateral ties and dealing with both traditional and non-traditional threats.  China’s strategic approach consists of four prongs: the inclusion of complex, non-traditional aspects; issue-orientation over country interests; economic development to be independent of foreign technologies; and, a supposed practice of good governance and transparency.  

United Kingdom announced, in 2010, a plan to spend $1 billion US dollars over a four-year period to launch a “transformative national cybersecurity program” focused on closing the expanding gaps between current capabilities and emerging technological advancements.  The UK outlined its plan with the intention of leveraging private-public partnerships to create a single point-of-contact for cyber-crimes and security issues.  The strategy also outlined a plan to develop international cooperation with like-minded nations (Hammond 2010).  Not unlike Israel, the United Kingdom is focusing on policy development to protect privacy and reduce crime, while establishing a resilience capability.  Through private-public partnerships, the UK aims for capacity building and to implement a risk-based approach to defending against cyberattacks (Greiman 2015).

Private-public partnerships, coupled with dynamic state policies, contribute to the state’s ability for capacity building.   This is particularly important with the understanding that the private sector mainly owns and operates activities within the cyber domain for most states (Grieman 2015). While Russia and China understand this phenomenon, they opt to block sites and access as a means of controlling the internet.  The efforts of Russia are generally politically inclined, focused on the interest of making the president appear stronger. In China, the state leverages cyber abilities for economic maneuvering.  Israel selects a more comprehensive and holistic approach to managing the cyber environment.  

Tsvetovat and Kouznetsov (2011) explained the connected nature and networked capability of potential adversaries as driving social connections and purposes.  Within the cyber domain, states are able to leverage the connections and networks to shape policy, offensive operations, and international relationship development.  As Russia and China continue to work through their controlled approaches to cybersecurity, there is a need for international consensus towards cybersecurity.  In an effort to standardize an approach to cybersecurity, the international community should seek to follow in the steps of Israel (Adamsky 2017).As a soft power instrument, Israel is leveraging opportunities and threats to harness the potential of cybersecurity.  Over the last decade Russia, China, and many others have reached out to Israel. Additionally, the more success Israel has in leveraging cybersecurity to promote international ties, the greater likelihood it will lead an effort to normalize cyber across the globe (Adamsky 2017). 

As academics and practitioners continue to work toward a standard definition and understanding of cybersecurity, there is a distinct need for various states to come together in an effort to establish international norms and standards for the execution of cybersecurity.  This effort should be much the same as joint operations govern telling time or tracking targets. It is crucial that the United States continues to find ways to lead the effort to establish agreements that focus on commonalities that can benefit the reduction of cyber dangers between China, Russia, and Israel.

The effort to understand the cyber environment and its various network of connections is vital in working through concerns faced by countries emerging as a new power (i.e.,Brazil, India, Argentina, and Australia among others).  The importance of this understanding links back to Brafman and Beckstrom’s (2012) starfish and spider concepts, demonstrating the capability of groups to operate from geographically dispersed locations without a centralized leader.  Improved security within the cyber domain will assist in mitigating political, economic, and criminal activities that are counter to a state’s security strategies. Perhaps most importantly, he ability to increase cybersecurity and cooperation in the cyber domain internationally creates a possible platform to work against other threat issues such as transnational organized crime, terrorism, human trafficking, and migration from failing states. Understanding critical elements and the approach other countries use to navigate through their domestics and external threat will continue to prove to be as crucial for the United States and the interaction with other countries in the future.

Continue Reading

Latest

Trending

Copyright © 2019 Modern Diplomacy