Connect with us

Intelligence

Peace or War in Cyberspace?

Published

on

Information and communication technology (ICT) plays an unprecedented role in today’s world, but cyberspace is clearly lacking in security mechanisms that can guarantee stable and sustained world development. Insufficient information security is a barrier to investment in high-tech sectors. Digital technology with its artificial intelligence (AI), cloud computing, big data, the internet of things (IoT), electronic medicine, and electronic finance is a hostage to the absence of internationally accepted rules of behavior in cyberspace.

All countries without exception are increasingly vulnerable to cyber threats. The international community needs to join forces to build a reliable information security system, but instead individual states pursue policies that make cyberspace even less secure.

The United States is undoubtedly a global ICT leader. However, over the past few years it has increasingly demonstrated an open desire to use ICT for military purposes. It has been developing military ICTs and intensively militarizing cyberspace, thereby unleashing a cyber arms race. There is ample evidence of this.

It was the United States that developed the Stuxnet computer worm, and the American use of it against Iran in 2011 was, as it were, a cyber Hiroshima and an alarm signal to the entire international community because that cyberattack might have had irreversible consequences for Iran, and for its region as a whole for that matter. That attack was effectively the first instance in history of a state using a cyber weapon against another state. Thereby, the United States threw Iran’s civilian nuclear program several years back.

In 2009, the Pentagon set up a body to direct cyberspace operations, the United States Cyber Command (USCYBERCOM), and put it in full-scale service the next year. Cyber Command is authorized to conduct both defensive and offensive operations. Its decisions are to be based on reports from the National Security Agency (NSA).

In August 2017, US President ordered Cyber Command to be elevated to the status of an independent unified combatant command. The order, which was implemented in May 2018, put Cyber Command on a par with the nine other unified combatant commands. Cyber Command is currently hiring hundreds of cyber operators to help carry out defensive and offensive cyber operations. The command is planned to eventually comprise nearly 6,200 personnel organized into 133 teams. According to media reports, these teams are due to achieve full operational capability by the end of  2018.

Lieutenant General Paul Nakasone, head of NSA and Cyber Command, has called for a more aggressive approach to opponents in cyberspace. For this reason, in March 2018 a road map was drawn up for Cyber Command that was entitled Achieve and Maintain Cyberspace Superiority. The new strategy requires that the U.S. military carry out practically daily raids on foreign networks and disable suspicious servers before they launch malicious software. The Pentagon is, besides, developing an advanced cyber weapon system to be called United Platform. Hardly any details about it have been disclosed but the facility is known to be planned as the basis for the defense of U.S. government agencies against hacker attacks and for offensive online operations.

The new cyber strategy is expected to force “strategic costs on our adversaries, compelling them to shift resources to defense and reduce [online] attacks.” But, in order to avoid any of its moves being qualified as an act of military aggression against another country, Cyber Command would not cross the line into actual warfare. Cyber Command’s initiatives are reflected in the 2018 National Defense Strategy, the year’s chief military doctrinal document of the United States.

The New York Times has cited current and former U.S. officials as warning that U.S. attacks against foreign networks may provoke “retaliatory strikes against American banks, dams, financial markets or communications networks.” Moreover, Cyber Command admits that its strategy poses diplomatic risks because, according to what it calls  “new vision” of Cyber Command, it is by no means terrorists, hackers or common criminals that are the United States’ main adversaries but states – China, Russia, Iran and others.

Another aspect of the United States’ new cyber policy is legislation. At the National Cybersecurity Summit in New York on July 31, 2018, which was hosted by the Department of Homeland Security (DHS), U.S. Vice President Mike Pence called on the U.S. Senate to enact legislation to create a specialized DHS body11. In order to fund the new body that should act as a centralized hub and encompass resources of the US national government, Mike Pence asked Congress for a record $15 billion.

The United States is going out of its way to monopolize cyberspace. It is an increasingly intensive enterprise, and what makes it particularly dangerous are Trump’s initiatives to do away with the traditional system of White House control of U.S. offensive and defensive cyber activities while a system that is going to replace it is still essentially in embryo.

The Wall Street Journal said that, on August 16, 2018, Trump with a stroke of the pen scrapped Presidential Policy Directive 20, which had been issued by former president Barack Obama and laid down rules on the use of cyber weapons against adversaries of the United States. According to the Wall Street Journal, Trump’s move aimed to lift restrictions on the offensive use of cyber weapons against foreign states because of alleged fears that some supposed hackers were plotting to meddle in U.S. congressional elections in November 2018.14

Hence, the United States is replacing the Obama-era cyber strategy of defense and deterrence with a strategy authorizing aggressive offensive action up to pre-emptive cyberattacks against sovereign countries.

Besides, the United States has for several decades been conducting global espionage via the Echelon electronic system that was based on a 1947 agreement between the United States and four allies. Today’s sophisticated ICTs enrich the resources of U.S. intelligence services. One good example is the Program for Robotics, Intelligent Sensing and Mechatronics (PRISM), which has been running since 2007 and is a facility for the mass-scale secret collection of digital data without judicial approval. In 2013, former CIA employee Edward Snowden publicized documentary evidence that PRISM gave American intelligence services access to the central servers of nine key Internet companies – Microsoft, Yahoo!, Google, Facebook, Paltalk, YouTube, AOL, Skype, and Apple. This implies that the intelligence services are building a global database of audio and video files, photographs, emails, and personal data of social network users. Moreover, according to Snowden’s revelations, NSA tapped the telephone conversations of 35 world leaders and some foreign diplomats, also via PRISM. Experts claim that U.S. intelligence services, in collaboration with Britain’s Government Communications Headquarters (GCHQ), have been cracking practically all Internet cryptography standards by using supercomputers and the services of savvy hackers.

The United States’ cyber weapons buildups and global cyber espionage threaten world security. The United States may accuse any country of a hacker attack without any substantial evidence and launch an aggression, even armed action, against it with the assistance of its allies. The range of actions prescribed by the 2015 version of the U.S. Defense Department’s cyber strategy includes armed retaliation for cyberattacks. Recently, Western politicians, mainly the U.S. administration, have been showering Russia with accusations of cyber transgressions of all kinds. In tune with the established practice, no sustainable evidence has been provided of alleged Russian subversive cyber activities. Because of the fanning of the Russian hacking myth and fake news, it largely goes unnoticed that Russia itself has been a victim to large-scale cyberattacks – in 2017, for example, its critical state infrastructure came under more than 70 million attacks.

Nearly 20 years ago, Russia became the first country to sound the alarm at the United Nations about threats that were germinating in cyberspace. Moscow put forward a breakthrough initiative for a guarantee of international information security – a draft UN General Assembly resolution entitled Developments in the field of information and telecommunications in the context of international security. Since 1998, draft resolutions with the same title have been included in General Assembly session agendas every year. In 2017, to ensure the continuity of information security debates in the United Nations, Russia and more than 60 other countries proposed that the General Assembly put the cybersecurity issue on the agenda for its 73rd session. The proposal received unanimous approval.

Russia also initiated the creation of a UN negotiation mechanism on international information security – the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (GGE). The GGE has reached agreement on many key points such as sources of cyber threats, the imperative of taking action against cyber terrorism and cybercrime, and the principle that international law applies to cyberspace. The GGE unanimously approved three detailed reports that recommended rules on the responsible behavior of states in cyberspace. In 2015, the member states of the Shanghai Cooperation Organization (SCO) put before the United Nations a proposed draft document that aimed to prevent conflicts in cyberspace and was entitled International Code of Conduct for Information Security.

The Russian position amounts to the principle that no military or political conflicts in cyberspace are acceptable and that therefore any policy that doctrine declaring the use of force in cyberspace a fair method must be rejected.

Russia stands for a digital world order that is based on equality and justice and guarantees the possibility of advancing national interests to all countries regardless of their level of technological development. State sovereignty, non-use of force, the non-interference of a country in the internal affairs of another country, the observance of the fundamental rights and freedoms of the individual, and the equal rights of all states in governing the Internet must be key principles.

The international community needs to develop universal rules on responsible behavior in cyberspace, rules that would be approved by all states. This is a fundamental condition for peace in cyberspace. Russia as the initiator of UN debates on international information security urges all countries to start full-scale work on such rules. Moscow plans to submit a draft resolution containing a basic set of rules to the General Assembly’s First Committee during the Assembly’s 73rd session this year. The planned resolution would include all of the GGE’s recommendations of 2010, 2013 and 2015. It would propose 25 rules, including –

– purely peaceful use of ICT;

– international action to prevent conflicts in cyberspace;

– observance of the principles enshrined in the UN Charter, including the sovereign equality of states, refraining from the threat or use of force, and the non-interference of states in the internal affairs of other states;

– avoidance of groundless accusations of malicious use of ICT and provision of evidence to support any accusation;

– non-use of ICT by states for interfering in the internal affairs of other states;

– non-use of mediators for cyberattacks;

– measures to prevent the spread of malicious ICT instruments and harmful hidden functions.

Russia proposes that these 25 rules should be a basic set of guidelines that might be adjusted and enlarged afterward. This process could be carried out in 2019 by the renewed UN GGE on IIS, which will ensure continuity of IIS discussion within the UN through already tested format.

Cybercrime has been growing on an unprecedented scale, posing a serious international threat. UN Secretary General António Guterres has said that cybercrime yearly inflicts damages of about $1.5 trillion on the world.

Regional legal mechanisms such as the Council of Europe Convention on Cybercrime (Budapest Convention), which was signed in 2001, cannot defeat this evil, although the West literally tries to force the convention on the entire world, including Russia, as the only possible format for international anti-cybercrime action.

Russia’s position on the Budapest Convention remains unchanged. Moscow has repeatedly pointed out that it cannot accept Article 32b of the convention, which, allegedly in the interests of criminal investigations, effectively allows a state to access information stored on any computer on the territory of another state without seeking the latter’s permission for this and even without notifying that state.

Russia believes that it is imperative to develop a new, universal instrument for combating cybercrime. This idea is enshrined in the declaration of the BRICS summit of July 2018. Russia plans to initiate a full-scale debate on this matter in the UN General Assembly’s Third Committee by submitting a draft resolution “Countering the use of ICTs for the criminal purposes” to that effect.

A draft universal convention on cooperation in combating cybercrime that was submitted by Russia to the United Nations was accepted by the General Assembly as one of its documents on December 28, 2017 and was meant to act as “food-for-thought”. It becomes clear that a start for the relevant wide political discussion within the UN General Assembly in New York is needed.

Absolutely all states are obviously in the same boat as regards cybercrime. Some of them are safer against it than others but all are vulnerable to it, and the United States with all its numerous cybersecurity services is no exception either. In a world harassed by cyber gangs, international community should jointly deal with real and not fake threats and criminals.

There is an alternative to the cyber arms race – a cyberspace peace plan proposed by Russia and other countries standing for strengthening peace and security in information space. Future reactions in the United Nations to Russia’s information security initiatives will make clear who really wants peace in cyberspace and who uses manipulation and fake concerns as a screen for plans to unleash a cyberwar.  Maintenance of peace in cyberspace is the responsibility of each sovereign member of the international community.

First published in our partner International Affairs

Prof. Alexander Zinchenko, D. Sc. (Hist.), Professor, Senior Expert, Center for International Information Security and Scientific and Technological Policy of the Moscow State Institute of International Relations (MGIMO University) of the Russian Ministry of Foreign Affairs, Anastasia Tolstukhina, Cand. Sc. (Political Science), Program director, RIAC

Continue Reading
Comments

Intelligence

An Underdeveloped Discipline: Open-Source Intelligence and How It Can Better Assist the U.S. Intelligence Community

Published

on

Open-Source Intelligence (OSINT) is defined by noted intelligence specialists Mark Lowenthal and Robert M. Clark as being, “information that is publicly available to anyone through legal means, including request, observation, or purchase, that is subsequently acquired, vetted, and analyzed in order to fulfill an intelligence requirement”. The U.S. Naval War College further defines OSINT as coming from, “print or electronic form including radio, television, newspapers, journals, the internet, and videos, graphics, and drawings”. Basically, OSINT is the collection of information from a variety of public sources, including social media profiles and accounts, television broadcasts, and internet searches.

Historically, OSINT has been utilized by the U.S. since the 1940s, when the United States created the Foreign Broadcast Information Service (FBIS) which had the sole goal (until the 1990s) of, “primarily monitoring and translating foreign-press sources,” and contributing significantly during the dissolution of the Soviet Union. It was also during this time that the FBIS transformed itself from a purely interpretation agency into one that could adequately utilize the advances made by, “personal computing, large-capacity digital storage, capable search engines, and broadband communication networks”. In 2005, the FBIS was placed under the Office of the Director of National Intelligence (ODNI) and renamed the Open Source Center, with control being given to the CIA.

OSINT compliments the other intelligence disciplines very well. Due to OSINT’s ability to be more in touch with public data (as opposed to information that is more gleaned from interrogations, interviews with defectors or captured enemies or from clandestine wiretaps and electronic intrusions), it allows policymakers and intelligence analysts the ability to see the wider picture of the information gleaned. In Lowenthal’s own book, he mentions how policymakers (including the Assistant Secretary of Defense and one of the former Directors of National Intelligence (DNI)) enjoyed looking at OSINT first and using it as a “starting point… [to fill] the outer edges of the jigsaw puzzle”.

Given the 21stcentury and the public’s increased reliance upon technology, there are also times when information can only be gleaned from open source intelligence methods. Because “Terrorist movements rely essentially on the use of open sources… to recruit and provide virtual training and conduct their operations using encryption techniques… OSINT can be valuable [in] providing fast coordination among officials at all levels without clearances”. Intelligence agencies could be able to outright avoid or, at a minimum, be able to prepare a defense or place forces and units on high alert for an imminent attack.

In a King’s College-London research paper discussing OSINT’s potential for the 21stcentury, the author notes, “OSINT sharing among intelligence services, non-government organizations and international organizations could shape timely and comprehensive responses [to international crises or regime changes in rogue states like Darfur or Burma],” as well as providing further information on a country’s new government or personnel in power. This has been exemplified best during the rise of Kim Jong-Un in North Korea and during the 2011 Arab Spring and 2010 earthquake that rocked Haiti. However, this does not mean that OSINT is a superior discipline than other forms such as SIGINT and HUMINT, as they are subject to limitations as well. According to the Federation of American Scientists, “Open source intelligence does have limitations. Often articles in military or scientific journals represent a theoretical or desired capability rather than an actual capability. Censorship may also limit the publication of key data needed to arrive at a full understanding of an adversary’s actions, or the press may be used as part of a conscious deception effort”.

There is also a limit to the effectiveness of OSINT within the U.S. Intelligence Community (IC), not because it is technically limited, but limited by the desire of the IC to see OSINT as a full-fledged discipline. Robert Ashley and Neil Wiley, the former Director of the Defense Intelligence Agency (DIA) and a former Principal Executive within the ODNI respectively, covered this in a July article for DefenseOne, stating “…the production of OSINT is not regarded as a unique intelligence discipline but as research incident to all-source analysis or as a media production service… OSINT, on the other hand, remains a distributed activity that functions more like a collection of cottage industries. While OSINT has pockets of excellence, intelligence community OSINT production is largely initiative based, minimally integrated, and has little in the way of common guidance, standards, and tradecraft… The intelligence community must make OSINT a true intelligence discipline on par with the traditional functional disciplines, replete with leadership and authority that enables the OSINT enterprise to govern itself and establish a brand that instills faith and trust in open source information”. This apprehensiveness by the IC to OSINT capabilities has been well documented by other journalists.

Some contributors, including one writing for The Hill, has commented that “the use of artificial intelligence and rapid data analytics can mitigate these risks by tipping expert analysts on changes in key information, enabling the rapid identification of apparent “outliers” and pattern anomalies. Such human-machine teaming exploits the strengths of both and offers a path to understanding and even protocols for how trusted open-source intelligence can be created by employing traditional tradecraft of verifying and validating sourcing prior to making the intelligence insights available for broad consumption”. Many knowledgeable and experienced persons within the Intelligence Community, either coming from the uniformed intelligence services or civilian foreign intelligence agencies, recognize the need for better OSINT capabilities as a whole and have also suggested ways in which potential security risks or flaws can be avoided in making this discipline an even more effective piece of the intelligence gathering framework.

OSINT is incredibly beneficial for gathering information that cannot always be gathered through more commonly thought of espionage methods (e.g., HUMINT, SIGINT). The discipline allows for information on previously unknown players or new and developing events to become known and allows policymakers to be briefed more competently on a topic as well as providing analysts and operators a preliminary understanding of the region, the culture, the politics, and current nature of a developing or changing state. However, the greatest hurdle in making use of OSINT is in changing the culture and the way in which the discipline is currently seen by the U.S. Intelligence Community. This remains the biggest struggle in effectively coordinating and utilizing the intelligence discipline within various national security organizations.

Continue Reading

Intelligence

Online Radicalization in India

Published

on

Radicalization, is a gradual process of developing extremist beliefs, emotions, and behaviours at individual, group or mass public levels. Besides varied groups, it enjoys patronization, covertly and even overtly from some states. To elicit change in behavior, beliefs, ideology, and willingness, from the target-group, even employment of violent means is justified. Despite recording a declination in terror casualties, the 2019 edition of the Global Terrorism Index claims an increase in the number of terrorism-affected countries. With internet assuming a pivotal role in simplifying and revolutionizing the communication network and process, the change in peoples’ lives is evident. Notably, out of EU’s 84 %, daily internet using population, 81%, access it from home (Eurostat, 2012, RAND Paper pg xi). It signifies important changes in society and extremists elements, being its integral part, internet’ role, as a tool of radicalization, cannot be gainsaid. Following disruption of physical and geographical barriers, the radicalized groups are using the advancement in digital technology:  to propagate their ideologies; solicit funding; collecting informations; planning/coordinating terror attacks; establishing inter/intra-group communication-networks; recruitment, training and media propaganda to attain global attention.  

               Indian Context

In recent times, India has witnessed an exponential growth in radicalization-linked Incidents, which apparently belies the official figures of approximate 80-100 cases. The radicalization threat to India is not only from homegrown groups but from cross-border groups of Pakistan and Afghanistan as well as global groups like IS. Significantly, Indian radicalized groups are exploiting domestic grievances and their success to an extent, can mainly be attributed to support from Pakistani state, Jihadist groups from Pakistan and Bangladesh. The Gulf-employment boom for Indian Muslims has also facilitated radicalization, including online, of Indian Muslims. A close look at the modus operandi of these attacks reveals the involvement of local or ‘homegrown’ terrorists. AQIS formed (2016) ‘Ansar Ghazwat-ul-Hind’ in Kashmir with a media wing ‘al-Hurr’.

IS announced its foray into Kashmir in 2016 as part of its Khorasan branch. In December 2017 IS in its Telegram channel used hashtag ‘Wilayat Kashmir’ wherein Kashmiri militants stated their allegiance with IS. IS’ online English Magazine ‘Dabiq’ (Jan. 2016) claimed training of fighters in Bangladesh and Pakistan for attacks from western and Eastern borders into India.Though there are isolated cases of ISIS influence in India, the trend is on the rise. Presently, ISIS and its offshoots through online process are engaged in spreading bases in 12 Indian states. Apart from southern states like Telangana, Kerala, Andhra Pradesh, Karnataka, and Tamil Nadu — where the Iran and Syria-based terrorist outfit penetrated years ago — investigating agencies have found their links in states like Maharashtra, West Bengal, Rajasthan, Bihar, Uttar Pradesh, Madhya Pradesh, and Jammu and Kashmir as well. The Sunni jihadists’ group is now “most active” in these states across the country.

               Undermining Indian Threat

Significantly, undermining the radicalization issue, a section of intelligentsia citing lesser number of Indian Muslims joining al-Qaeda and Taliban in Afghanistan and Islamic State (IS) in Iraq, Syria and Middle East, argue that Indian Muslim community does not support radicalism-linked violence unlike regional/Muslim countries, including Pakistan, Afghanistan, Bangladesh and Maldives. They underscore the negligible number of Indian Muslims, outside J&K, who supports separatist movements. Additionally, al- Qaeda and IS who follows the ‘Salafi-Wahabi’ ideological movement, vehemently oppose ‘Hanafi school’ of Sunni Islam, followed by Indian Muslims. Moreover, Indian Muslims follows a moderate version even being followers of the Sunni Ahle-Hadeeth (the broader ideology from which Salafi-Wahhabi movement emanates). This doctrinal difference led to the failure of Wahhabi groups online propaganda.  

               Radicalisation Strategies/methods: Indian vs global players

India is already confronting the online jihadist radicalization of global jihadist organisations, including al-Qaeda in the Indian Subcontinent (AQIS), formed in September 2014 and Islamic State (IS). However, several indigenous and regional groups such as Indian Mujahideen (IM), JeM, LeT, the Taliban and other online vernacular publications, including Pakistan’s Urdu newspaper ‘Al-Qalam’, also play their role in online radicalisation.

Indian jihadist groups use a variety of social media apps, best suited for their goals. Separatists and extremists in Kashmir, for coordination and communication, simply create WhatsApp groups and communicate the date, time and place for carrying out mass protests or stone pelting. Pakistan-based terror groups instead of online learning of Islam consider it mandatory that a Muslim radical follows a revered religious cleric. They select people manually to verify their background instead of online correspondence. Only after their induction, they communicate online with him. However, the IS, in the backdrop of recent defeats, unlike Kashmiri separatist groups and Pak-based jihadist mercenaries, runs its global movement entirely online through magazines and pamphlets. The al-Qaeda’s you tube channels ‘Ansar AQIS’ and ‘Al Firdaws’, once having over 25,000 subscriptions, are now banned. Its online magazines are Nawai Afghan and Statements are in Urdu, English, Arabic, Bangla and Tamil. Its blocked Twitter accounts, ‘Ansarul Islam’ and ‘Abna_ul_Islam_media’, had a following of over 1,300 while its Telegram accounts are believed to have over 500 members.

               Adoption of online platforms and technology

Initially, Kashmir based ‘Jaish-E-Mohammad’ (JeM) distributed audio cassettes of Masood Azhar’s speeches across India but it joined Internet platform during the year 2003–04 and started circulating downloadable materials through anonymous links and emails. Subsequently, it started its weekly e-newspaper, Al-Qalam, followed by a chat group on Yahoo. Importantly, following enhanced international pressure on Pak government after 26/11, to act against terrorist groups, JeM gradually shifted from mainstream online platform to social media sites, blogs and forums.   

 Indian Mujahideen’s splinter group ‘Ansar-ul-Tawhid’ the first officially affiliated terror group to the ISIS tried to maintain its presence on ‘Skype’, ‘WeChat’ and ‘JustPaste’. IS and its affiliates emerged as the most tech-savvy jihadist group. They took several measures to generate new accounts after repeated suspension of their accounts by governments.  An account called as ‘Baqiya Shoutout’ was one such measure. It stressed upon efforts to re-establish their network of followers through ‘reverse shout-out’ instead of opening a new account easily.

Pakistan-backed terrorist groups in India are increasingly becoming  technology savvy. For instance, LeT before carrying out terrorist attacks in 2008 in Mumbai, used Google Earth to understand the targeted locations.

IS members have been following strict security measures like keeping off their Global Positioning System (GPS) locations and use virtual private network (VPN),  to maintain anonymity. Earlier they were downloading Hola VPN or a similar programme from a mobile device or Web browser to select an Internet Protocol (IP) address for a country outside the US, and bypass email or phone verification.

Rise of radicalization in southern India

Southern states of India have witnessed a rise in  radicalization activities during the past 1-2 years. A substantial number of Diaspora in the Gulf countries belongs to Kerala and Tamil Nadu. Several Indian Muslims in Gulf countries have fallen prey to radicalization due to the ultra-conservative forms of Islam or their remittances have been misused to spread radical thoughts. One Shafi Armar@ Yusuf-al-Hindi from Karnataka emerged as the main online IS recruiter for India.  It is evident in the number of raids and arrests made in the region particularly after the Easter bomb attacks (April, 21, 2019) in Sri Lanka. The perpetrators were suspected to have been indoctrinated, radicalised and trained in the Tamil Nadu. Further probe revealed that the mastermind of the attacks, Zahran Hashim had travelled to India and maintained virtual links with radicalised youth in South India. Importantly, IS, while claiming responsibility for the attacks, issued statements not only in English and Arabic but also in South Indian languages viz. Malayalam and Tamil. It proved the existence of individuals fluent in South Indian languages in IS linked groups in the region. Similarly, AQIS’ affiliate in South India ‘Base Movement’ issued several threatening letters to media publications for insulting Islam.

IS is trying to recruit people from rural India by circulating the online material in vernacular languages. It is distributing material in numerous languages, including Malayalam and Tamil, which Al Qaeda were previously ignoring in favour of Urdu. IS-linked Keralite followers in their propaganda, cited radical pro-Hindutva, organisations such as the Rashtriya Swayam Sevak (RSS) and other right-wing Hindu organisations to motivate youth for joining the IS.  Similarly, Anti-Muslim incidents such as the demolition of the Babri Masjid in 1992 are still being used to fuel their propaganda. IS sympathisers also support the need to oppose Hindu Deities to gather support.

               Radicalization: Similarities/Distinctions in North and South

Despite few similarities, the radicalisation process in J&K is somewhat different from the states of Kerala, Karnataka, Tamil Nadu, Andhra Pradesh, Maharashtra, Telangana and Gujarat. Both the regions have witnessed a planned radicalization process through Internet/social media for propagating extremist ideologies and subverting the vulnerable youth. Both the areas faced the hard-line Salafi/Wahhabi ideology, propagated by the extremist Islamic clerics and madrasas indulged in manipulating the religion of Islam. Hence, in this context it can be aptly claimed that terror activities in India have cooperation of elements from both the regions, despite their distinct means and objectives. Elements from both regions to an extent sympathise to the cause of bringing India under the Sharia Law. Hence, the possibility of cooperation in such elements cannot be ruled out particularly in facilitation of logistics, ammunitions and other requisite equipment.

It is pertinent to note that while radicalisation in Jammu and Kashmir is directly linked to the proxy-war, sponsored by the Pakistan state, the growth of radicalisation in West and South India owes its roots to the spread of IS ideology, promotion of Sharia rule and establishment of Caliphate. Precisely for this reason, while radicalised local Kashmiris unite to join Pakistan-backed terror groups to fight for ‘Azadi’ or other fabricated local issues, the locals in south rather remain isolated cases.

               Impact of Radicalisation

The impact of global jihad on radicalization is quite visible in West and South India. Majority of the radicalised people, arrested in West and South India, were in fact proceeding to to join IS in Syria and Iraq. It included the group of 22 people from a Kerala’s family, who travelled (June 2016) to Afghanistan via Iran. There obvious motivation was to migrate from Dar-ul-Harb (house of war) to Dar-ul-Islam (house of peace/Islam/Deen).

While comparing the ground impact of radicalization in terms of number of cases of local militants in J&K as well as IS sympathisers in West and South India, it becomes clear that radicalisation was spread more in J&K, owing to Pak-sponsored logistical and financial support. Significantly, despite hosting the third largest Muslim population, the number of Indian sympathisers to terror outfits, particularly in West and South India is very small as compared to the western countries. Main reasons attributed to this, include – religious and cultural pluralism; traditionally practice of moderate Islamic belief-systems; progressive educational and economic standards; and equal socio-economic and political safeguards for the Indian Muslims in the Indian Constitution.

               Challenges Ahead

Apart from varied challenges, including Pak-sponsored anti-India activities, regional, local and political challenges, media wings of global jihadi outfits continue to pose further challenges to Indian security agencies. While IS through its media wing, ‘Al Isabah’ has been circulating (through social media sites) Abu Bakr al Baghdadi’s speeches and videos after translating them into Urdu, Hindi, and Tamil for Indian youth (Rajkumar 2015), AQIS too have been using its media wing for the very purpose through its offshoots in India.  Some of the challenges, inter alia include –

Islam/Cleric Factor Clerics continue to play a crucial role in influencing the minds of Muslim youth by exploiting the religion of Islam. A majority of 127 arrested IS sympathizers from across India recently revealed that they were following speeches of controversial Indian preacher Zakir Naik of Islamic Research Foundation (IRF). Zakir has taken refuge in Malaysia because of warrants against him by the National Investigation Agency (NIA) for alleged money laundering and inciting extremism through hate speeches. A Perpetrator of Dhaka bomb blasts in July 2016 that killed several people confessed that he was influenced by Naik’s messages. Earlier, IRF had organised ‘peace conferences’ in Mumbai between 2007 and 2011 in which Zakir attempted to convert people and incite terrorist acts. Thus, clerics and preachers who sbverts the Muslim minds towards extremism, remain a challenge for India.

Propaganda Machinery – The online uploading of young militant photographs, flaunting Kalashnikov rifles became the popular means of declaration of youth intent against government forces. Their narrative of “us versus them” narrative is clearly communicated, creating groundswell of support for terrorism.In its second edition (March 2020) of its propaganda magazine ‘Sawt al-Hind’ (Voice of Hind/India) IS, citing an old propaganda message from a deceased (2018) Kashmiri IS terrorist, Abu Hamza al-Kashmiri @ Abdul Rehman, called upon Taliban apostates and fighters to defect to IS.  In the first edition (Feb. 2020) the magazine, eulogized Huzaifa al-Bakistani (killed in 2019), asking Indian Muslims to rally to IS in the name of Islam in the aftermath of the 2020 Delhi riots. Meanwhile, a Muslim couple arrested by Delhi Police for inciting anti-CAA (Citizenship Amendment) Bill protests, were found very active on social media. They would call Indian Muslims to unite against the Indian government against the CAA legislation. During 2017 Kashmir unrest, National Investigation Agency (NIA) identified 79 WhatsApp groups (with administrators based in Pakistan), having 6,386 phone numbers, to crowd source boys for stone pelting. Of these, around 1,000 numbers were found active in Pakistan and Gulf nations and the remaining 5,386 numbers were found active in Kashmir Valley.

Deep fakes/Fake news – Another challenge for India is spread of misinformation and disinformation through deep fakes by Pakistan. Usage of deepfakes, in manipulating the speeches of local political leaders to spread hate among the youth and society was done to large extent.

India’s Counter Measures

To prevent youth straying towards extremism, India’s Ministry of Home Affairs has established a Counter-Terrorism and Counter-Radicalisation Division (CT-CR) to help states, security agencies and communities.

Various states, including Kerala, Maharashtra and Telangana have set up their own de-radicalisation programmes.  While in Maharashtra family and community plays an important role, in Kerala clerics cleanse the poisoned  minds of youth with a new narrative. A holistic programme for community outreach including healthcare, clergies and financial stability is being employed by the Indian armed forces. An operation in Kerala named Kerala state police’ ‘Operation Pigeon’ succeeded in thwarting radicalization of 350 youths to the propaganda of organizations such as Islamic State, Indian Mujahideen (IM) and Lashkar-e-Taiba (LeT) via social media monitoring. In Telangana, outreach programs have been developed by local officers like Rema Rajeshwari to fight the menace of fake news in around 400 villages of the state.

In Kashmir the government resorts to internet curfews to control the e-jihad. While state-owned BNSL network, used by the administration and security forces, remains operational 3G and 4G networks and social media apps remain suspended during internet curfews.

Prognosis

India certainly needs a strong national counter- Radicalisation policy which would factor in a range of factors than jobs, poverty or education because radicalization in fact has affected even well educated, rich and prosperous families. Instead of focusing on IS returnees from abroad, the policy must take care of those who never travelled abroad but still remain a potential threat due to their vulnerability to radicalization.

Of course, India would be better served if deep fakes/fake news and online propaganda is effectively countered digitally as well as through social awakening measures and on ground action by the government agencies. It is imperative that the major stakeholders i.e. government, educational institutions, civil society organisations, media and intellectuals play a pro-active role in pushing their narrative amongst youth and society. The focus should apparently be on prevention rather than controlling the radicalisation narrative of the vested interests.

Continue Reading

Intelligence

Is Deterrence in Cyberspace Possible?

Published

on

Soon after the Internet was founded, half of the world’s population (16 million) in 1996 had been connected to Internet data traffic. Gradually, the Internet began to grow and with more users, it contributed to the 4 trillion global economies in 2016 (Nye, 2016). Today, high-speed Internet, cutting-edge technologies and gadgets, and increasing cross-border Internet data traffic are considered an element of globalization. Deterrence seems traditional and obsolete strategy, but the developed countries rely on cyberspace domains to remain in the global digitization. No matter how advanced they are, there still exist vulnerabilities. There are modern problems in the modern world. Such reliance on the Internet also threatens to blow up the dynamics of international insecurity. To understand and explore the topic it is a must for one to understand what cyberspace and deterrence are? According to Oxford dictionary;

 “Cyberspace is the internet considered as an imaginary space without a physical location in which communication over computer networks takes place (OXFORD University Press)”

For readers to understand the term ‘deterrence’; Collins dictionary has best explained it as;

“Deterrence is the prevention of something, especially war or crime, by having something such as weapons or punishment to use as a threat e.g. Nuclear Weapons (Deterrence Definition and Meaning | Collins English Dictionary).

The purpose of referring to the definition is to make it easy to discern and distinguish between deterrence in International Relations (IR) and International Cyber Security (ICS). Deterrence in cyberspace is different and difficult than that of during the Cold War. The topic of deterrence was important during Cold Wat for both politicians and academia. The context in both dimensions (IR and ICS) is similar and aims to prevent from happening something. Cyberspace deterrence refers to preventing crime and I completely agree with the fact that deterrence is possible in Cyberspace. Fischer (2019) quotes the study of (Quinlan, 2004) that there is no state that can be undeterrable.

To begin with, cyber threats are looming in different sectors inclusive of espionage, disruption of the democratic process and sabotaging the political arena, and war. Whereas international law is still unclear about these sectors as to which category they fall in. I would validate my affirmation (that deterrence is possible in Cyberspace) with the given network attacks listed by Pentagon (Fung, 2013). Millions of cyber-attacks are reported on a daily basis. The Pentagon reported 10 million cyberspace intrusions, most of which are disruptive, costly, and annoying. The level of severity rises to such a critical level that it is considered a threat to national security, so professional strategic assistance is needed to deal with it[1]. The past events show a perpetual threat that has the ability to interrupt societies, economies, and government functioning.

The cyberspace attacks were administered and portrayal of deterrence had been publicized as follows (Fung, 2013);

  1. The internet service was in a continuous disruption for several weeks after a dispute with Russia in 2007.
  2. Georgian defense communications were interrupted in 2008 after the Russian invasion of Georgia.   
  3. More than 1000 centrifuges in Iran were destroyed via the STUXNET virus in 2010. The attacks were attributed to Israel and the United States of America.
  4. In response to STUXNET virus attacks, Iran also launched a retaliatory attack on U.S financial institutions in 2012 and 2013.
  5. Similarly in 2012, some 30,000 computers had been destroyed with a virus called SHAMOON in Saudi Aramco Corporation. Iran was held responsible for these attacks.
  6. North Korea was accused of penetrating South Korean data and machines in 2014, thus interrupting their networks in 2014.
  7. A hybrid war was reported between Russia and Ukraine in 2015 that left Ukraine without electricity for almost six hours.
  8. Most critical scandal, which is still in the limelight call WikiLeaks released distressing and humiliating emails by Russian Intelligence at the time of the U.S presidential campaigns in 2016.

While such incidents may be considered a failure of deterrence, this does not mean that deterrence is impossible. Every system has some flaws that are exposed at some point. At this point, in some cases a relatively low level of deterrence was used to threaten national security, however, the attacks were quite minor in fulfilling the theme affecting national security. Nye (2016:51) in his study talks about the audience whose attribution could facilitate deterrence. (I). intelligence agencies should make sure highest safeguarding against escalation by third parties, and governments can also be certain and count on intelligence agencies’ sources. (II). the deterring party should not be taken easy, as I stated (above) about the lingering loopholes and flaws in the systems, hence, governments shall not perceive the intelligence forsaken.  (III). lastly, it is a political matter whether international and domestic audiences need to be persuaded or not, and what chunk of information should be disclosed.

The mechanisms which are used and helpful against cyberspace adversary actions are as follows (Fischer, 2019);

  1. Deterrence by denial means, the actions by the adversary are denied that they failed to succeed in their goals and objectives. It is more like retaliating a cyberattack.
  2. Threat of punishment offers severe outcomes in form of penalties and inflicting high costs on the attacker that would outweigh the anticipated benefits if the attack takes place.
  3. Deterrence by Entanglement has the features and works on a principle of shared, interconnected, and dependent vulnerabilities. The purpose of entanglement is to embolden and reassure the behavior as a responsible state with mutual interests.
  4. Normative taboos function with strong values and norms, wherein the reputation of an aggressor is at stake besides having a soft image in the eyes of the international community (this phenomenon includes rational factors because hard power is used against the weaker state). The deterrence of the international system works even without having any credible resilience.

Apparently, the mechanisms of deterrence are also effective in cyber realms. These realms are self-explaining the comprehensive understanding and the possibility of deterrence in cyberspace. The four mechanisms (denial, punishment, entanglement, and normative taboos) are also feasible to apply deterrence in the cyber world. Factually, of many security strategies, cyber deterrence by using four domains could be a versatile possibility. Conclusively, as far as the world is advancing in technological innovations, cyberspace intrusions would not stop alike the topic of deterrence in the digital world.


[1] An updated list of cyberspace intrusions from 2003 till 2021 is available at (Center for Strategic and International Studies, 2021).

Continue Reading

Publications

Latest

Eastern Europe7 hours ago

Ukraine’s issue may endanger peace in the whole of Europe

Big challenges ahead, the world may face uncertainty, and unrest, as NATO allies have put forces on standby and sent...

Development9 hours ago

Repurposing Current Policies Could Deliver Multiple Benefits for Farmers

A new World Bank and International Food Policy Research Institute (IFPRI) report finds that repurposing current agricultural public policies could...

Finance9 hours ago

Centralized vs Decentralized Stablecoins: How they’re different

Stablecoins are an essential part of the crypto world. It protects the traders and investors from market swings. Stablecoins have...

Science & Technology11 hours ago

Internet: A luxury or necessity

The internet is the world’s largest computer network, linking millions of computers. It has become an integral part of our...

Health & Wellness13 hours ago

Learning Loss Must be Recovered to Avoid Long-term Damage to Children’s Wellbeing

School closures have caused large and persistent damage to children’s learning and wellbeing, the cost of which will be felt...

Reports15 hours ago

Economic Activity in Myanmar to Remain at Low Levels, with the Overall Outlook Bleak

Myanmar’s economy and people continue to be severely tested by the ongoing impacts of the military coup and the surge...

Energy17 hours ago

Libya’s Energy Puzzle: Every Challenge is an Opportunity

Libya’s energy sector remains divided between two authorities, the National Oil Corporation (NOC) and the Petroleum Facilities Guard, and three...

Trending