Connect with us

Science & Technology

Russia’s Huawei 5G Conundrum

Published

on

The action being taken by various governments to limit the involvement of China’s Huawei in the provision of equipment for 5G has brought into sharp-focus an issue that has been around for some time, but is now becoming more acute for national security of individual countries. That is, how to ensure that purchased Information and Communication Technology (ICT) hardware and software does not contain aspects, either at time of purchase or later, that offer the possibility of being maliciously used on a large scale – either for espionage or sabotage of crucial national infrastructure.

Australia has totally banned the use of Huawei equipment in its future 5G telecommunications network, while the US has banned its use by official organizations. The US, UK and a number of other developed countries may eventually follow the Australian lead.

Recent focus has been very much on 5G because of the role that it will play in supporting the use of Artificial Intelligence (AI), Internet of Things (IoT), Cloud etc; and, the outsized role that Chinese companies in supplying much of the needed infrastructure (eg Huawei and ZTE) around the world.

The international developments seem almost certain to put Russia in a difficult position. Is it anti-Huawei, pro-Huawei, or somewhere in the middle. If it is in the middle, how does Russia ensure its national security interests?

A Russian National Technology Initiative (NTI) document in 2016 saw the world as being increasingly divided up into closed “economic-trade” blocks formed on the basis of a combination of economic and political issues. It was argued that these blocks, or “alliances, aim to develop and retain production value added chains” that are protected from outside competition by ensuring that their rules and standards become the norm. The NTI document went on to say that countries and companies which are outside these blocks/alliances and their value added chains cannot break into them because the technological standards have already been set to disadvantage them.

Thus, according to the document, the NTI was given the goal of making Russia “one of the ‘big three’ major technological states by 2035, and have its own high-tech specialization in the global chain of creating additional value”. In order to achieve this, Russia will need is own block/alliance or participate in others in such a way that it becomes a leader in “developing and confirming international technical standards”.

President Putin, in his address to the St. Petersburg economic forum on 17 June 2016, said: “Today we see attempts to secure or even monopolize the benefits of new generation technologies. This, I think, is the motive behind the creation of restricted areas with regulatory barriers to reduce the cross-flow of breakthrough technologies to other regions of the world with fairly tight control over cooperation chains for maximum gain from technological advances.”

Then US Secretary of State played-up the security aspects of such economic-trade blocs: “I have worked from day one to emphasize that foreign policy is economic policy and economic policy is foreign policy. Without a doubt, these trade agreements are at the center of defending our strategic interests, deepening our diplomatic relationships, strengthening our national security, and reinforcing our leadership across the globe.” “Even as we seek to complete TTIP and strengthen our bonds across one ocean, we know that our future prosperity and security will also rest on America’s role as a Pacific power. Central to that effort is the adoption of (Transpacific Partnership) TPP.”

However, given the prospective Brexit and the rise of Trump as an economic nationalist, such blocs seemed very unlikely when I first wrote about the NTI in 2016. Since then, Trump’s strident America first approach to the economy, abandonment of TPP, and lack of interest in an US role in international security issues would seem to have confirmed my earlier view.

Nevertheless, “Western” concern about advances in Chinese technology, the way it is being acquired (allegations of IP theft and heavy-handed treatment of companies seeking to invest in China), and the way it is being used (Xinjiang) seems to be leading to at least partial technology blocs — with the possibility of broadening to aspects of international trade and investment.

Whereas the NTI idea of economic / trade blocs was largely based on the political and economic consequences of growing global value-added chains in high-tech and Russia’s need to be part of this trend, we may now be in a situation where such economic / trade blocs will be formed by a perceived urgent need to tear existing high-tech value-added chains apart in the name of national security and create new ones. National Security is now very much in the driver’s seat!

Putin’s point about “attempts to secure or even monopolize the benefits of new generation technologies” remains valid, as does the issue — in a different form — of what bloc if any can or should Russia join.

Concerns about the security aspects of Huawei telecommunication equipment in the UK led to the establishment of the Huawei Cyber Security Evaluation Centre” (HCSEC). While Huawei pays the costs of this centre, it has no control over its operation. A HCSEC Oversight Board was established in 2014. Its fourth report in 2018 concluded that:

“5.2 The key conclusions from the Board’s fourth year of work are:

It is evident that HCSEC continues to provide unique, world-class cyber security expertise and technical assurance of sufficient scope and quality as to be appropriate for the current stage in the assurance framework around Huawei in the UK ii. However, Huawei’s processes continue to fall short of industry good practice and make it difficult to provide long term assurance. The lack of progress in remediating these is disappointing. NCSC and Huawei are working with the network operators to develop a long-term solution, regarding the lack of lifecycle management around third party components, a new strategic risk to the UK telecommunications networks. Significant work will be required to remediate this issue and provide interim risk management.

iii. The HCSEC Oversight Board is assured that the Ernst & Young Audit Report provides important, external reassurance that the arrangements for HCSEC’s operational independence from Huawei Headquarters is operating robustly and effectively, and in a manner consistent with the 2010 arrangements between the Government and the company. The issue identified was rated as low risk and two further advisory issues were identified.

5.3 Overall therefore, the Oversight Board has concluded that in the year 2017-2018, HCSEC fulfilled its obligations in respect of the provision of security and engineering assurance artefacts to the NCSC and the UK operators as part of the strategy to manage risks to UK national security from Huawei’s involvement in the UK’s critical networks. However, the execution of the strategy exposed a number of risks which will need significant additional work and management. The Oversight Board will need to pay attention to these issues.”

The qualified nature of the HCSEC reports has led to come commentators to offer strong support to the Australian bans on Huawei participation in Australian 5G. This is particularly the case with the ASPI International Cyber Policy Centre. The Centre’s Tom Uren says that the contents of the four HCSEC oversight board annual reports (2015, 2016, 2017 and 2018) “show that it is very difficult indeed” to “assess products to make sure they won’t be used to spy on us”.

However, the underlying issue is broader than Huawei and 5G. A 2018 book by Olav Lysne concludes that:

“Industrialized nation states are currently facing an almost impossible dilemma. On one hand, the critical functions of their societies, such as the water supply, the power supply, transportation, healthcare, and phone and messaging services, are built on top of a huge distributed digital infrastructure. On the other hand, equipment for the same infrastructure is made of components constructed in countries or by companies that are inherently not trusted. In this book, we have demonstrated that verifying the functionality of these components is not feasible given the current state of the art. The security implications of this are enormous. The critical functions of society mentioned above are so instrumental to our well-being that threats to their integrity also threaten the integrity of entire nations. The procurement of electronic equipment for national infrastructures therefore represents serious exposure to risk and decisions on whom to buy equipment from should be treated accordingly. The problem also has an industrial dimension, in that companies fearing industrial espionage or sabotage should be cautious in choosing from whom to buy electronic components and equipment. Honest providers of equipment and components see this problem from another angle. Large international companies have been shut out of entire markets because of allegations that their equipment cannot be trusted. For them, the problem is stated differently: How can they prove that the equipment they sell does not have hidden malicious functionality? We have seen throughout the chapters of this book that we are currently far from being able to solve the problem from that angle as well. This observation implies that our problem is not only a question of security but also a question of impediments to free trade. Although difficult, the question of how to build verifiable trust in electronic equipment remains important and its importance shows every sign of growing.”

The basic technical reason for Australia banning Huawei has been put forward by the head of its Signals Directorate: “5G is not just fast data, it is also high-density connection of devices – human to human, human to machine and machine to machine – and finally it is much lower signal latency or speed of response. Historically, we have protected the sensitive information and functions at the core of our telecommunications networks by confining our high-risk vendors to the edge of our networks. But the distinction between core and edge collapses in 5G networks. That means that a potential threat anywhere in the network will be a threat to the whole network. In consultation with operators and vendors, we worked hard this year to see if there were ways to protect our 5G networks if high-risk vendor equipment was present anywhere in these networks. At the end of this process, my advice was to exclude high-risk vendors from the entirety of evolving 5G networks.”

The technical issues of 5G are very complex and there is no universal agreement in any country about the introduction and operation of networks. International technical standards are still being developed.  Initially, many basic 5G features will be delivered in most cases by upgraded 4G infrastructure, but getting the most out of 5G – in terms of speed and capacity – will require significant new investment in telecommunications infrastructure.

A controversial US proposal to build secure 5G as a “single, inherently protected, information transportation super highway” was produced by members of the US security establishment in early 2018 – and found its way into the public arena. The document says that presently “data traverses cyberspace through a patchwork transport layer constructed through an evolutionary process as technology matured”. “Measures to secure and protect data and information result in an ‘overhead’ that affects network performance – they reduce throughput, increase latency, and result in an inherently and inefficient and unreliable construct. Additionally, the framework under which access and services are allocated is suboptimal, yielding incomplete and redundant networks. Without a concerted effort to reframe and reimagine the information space, America will continue on the same trajectory – chasing cyber adversaries in an information environment where security is scarce.”

It goes on to say that “the advent of ‘secure’ network technology and the move to 5G presents an opportunity to create a completely new framework.” “Whoever leads in technology and market share for 5G development will have a tremendous advantage towards ushering in the massive Internet of Things, machine learning, AI, and thus the commanding heights of the information domain.” “The transformative nature of 5G is its ability to enable the massive Internet of Things.” “Using efforts like China Manufacturing 2025 (CM2025) and the 13th Five Year Plan, China has assembled the basic components required for winning the AI arms race.”

While the proposal for a such extensive government involvement in US 5G infrastructure seems to have been rejected, it does indicate the level of attention being focused on the issue.

The Russian Ministry of Communications is advocating that private Russian telecommunications companies share much of the 5G infrastructure, which may to some degree allow a more secure network to be built. However, this does not solve the problem of where to source the equipment.

What should Russia do if the concerns about Huawei and Chinese technology more generally start to lead to the formation of an anti-Chinese technology based economic bloc?

There is little reason to believe Russia will be any better than Western countries in evaluating the security related aspects of Chinese technology, and there would be a strong case for Russia to follow the lead of Australia, the UK, USA etc. However, there would be several arguments against such a course of action.

Firstly, Russia will not want to jeopardize its present good political relationship with China. Apart from energy sales the economic relationship between Russia and China is not strong, however geography means that Russia has a huge stake in the political relationship.

Secondly, if it is possible for Huawei and other Chinese companies to do the harmful things that are claimed then presumably non-Chinese suppliers could also do the same to Russia at the request (or demand) of their country’s security agencies. While Western commentators make much of China’s June 2017 National Intelligence Law that obliges “all organizations and citizens” to “support, cooperate and collaborate in national intelligence work”, Western high-tech companies would almost certainly do the same when it comes to Russia given its very poor image in those countries and the perceived Russian threat to those countries.

Thirdly, at a purely technical level there is nothing to suggest that Russia could build 5G infrastructure without importing most of the equipment. While Russia has a solid reputation in the software field, Russian manufacturing capacity and quality is not high. Russia’s efforts to promote the high-tech sector from the top have not been particularly successful. Even China is very dependent on crucial imported 5G components.

Fourthly, my September 2016 report on the NTI suggested that Russia needed to put more emphasis on using available digital technology rather than trying to develop new leading-edge products. In early 2017, the Russian government announced its “Strategy for the Development of the Information Society in the Russian Federation for 2017-2030” While much can be done using existing 4G infrastructure, a good 5G network will be necessary well before 2030 to maximize the benefits of the strategy as well as take best advantage of any NTI successes.

As things now stand, Russia is likely to use Chinese Huawei (and other Chinese) hardware while attempting to ensure that Russian software is used wherever possible. However, as already noted, this will be no easy task.

It is difficult to avoid the conclusion that when it comes to 5G and national security, Russia is between a rock and a hard-place. It has neither the 5G infrastructure manufacturing capacity of the US and China, nor any real friends that are capable of helping it.

Visiting Professor, School of Asian Studies within the Higher School of Economics National Research University, Moscow, where I teach the entire Master’s Degree module: “Russia’s Asian Foreign Policy” (covering Russian relations with all Asian countries). ALSO, Professor of International Business, Baikal School of BRICS, Irkutsk National Research Technical University (teach mainly Chinese students, with a particular emphasis on the technology sector).

Science & Technology

Is your security compromised due to “Spy software” know how

Published

on

Spy software is often referred to as spyware is a set of programs that gives access to user/ administrators to track or monitor anyone’s smart devices (such as desktop, laptop, or smart phone) from anywhere across the globe.

Spyware is a threat, not only to businesses but individual users as well, since it can steal sensitive information and harm anyone’s network. It is controversial due to its frequent violation to end user’s privacy. It can attack user’s device, steal sensitive data (such as bank account or credit card information, or personal identity) or web data and share it with data firms, advertisers, or external users.

There are numerous online spyware designed for almost no cost, whose ultimate goal is to track and sell users data. Some spy software can install additional software and change the settings on user’s device, which could be difficult to identify.

Below are four main types of spyware, each has its unique features to track and record users activity:

Tracking cookies: These are the most common type of trackers, these monitor the user’s internet usage activities, such as searches, downloads, and history, for advertising and selling purposes.

System monitors: These spy software records everything on your device from emails, keystrokes, visited websites, chat-room dialogues, and much more.

Adware: This spyware is used for marketing purpose, it tracks users downloads and browser history, and suggests or displays the same or related products, this can often lead to slow device.

Trojan: This spyware is the most malicious software. It can be used to track sensitive information such as bank information or identification numbers.

Spyware can attack any operating system such as windows, android, or Apple. Windows operating systems are more prone to attack, but in past few years Apple’s operating systems are also becoming vulnerable to attacks.

According to a recent investigation by the Guardian and 16 other media organizations, found that there is a widespread and continuous abuse of NSO’s hacking spyware Pegasus, on Government officials, human rights activists, lawyers and journalists worldwide which was only intended to use against terrorists and criminals.

The research, conducted by the Pegasus technical partner Amnesty’s Security Lab, found traces of the Pegasus activity on 37 out of the 67 examined phones. Out of 37 phones, 34 were iPhones, and 23 showed signs of a Pegasus infection, while remaining 11 showed signs of attempted infection. However, only three out of 15 Android phones were infected by Pegasus software.

Attacks like the Pegasus might have a short shelf life, and are used to target specific individuals. But evidences from past have proved that attackers target large group of people and are often successful.

Below are the most common ways devices can become infected with spyware:

  • Downloading software or apps from unreliable sources or unofficial app publishers
  • Accepting cookies or pop-up without reading
  • Downloading or watching online pirated media content
  • Opening attachments from unfamiliar senders

Spyware can be extremely unsafe if you have been infected. Its damage can range from short term device issue (such as slow system, system crashing, or overheating device) to long-term financial threat.

Here’s what you can do protect your devices from spyware:

Reliable antivirus software: Firstly look for security solutions available on internet (some are available for free) and enable the antivirus software. If your system or device is already infected with virus, check out for security providers offering spyware identification and removal.

-For instance, you can install a toolkit (the Mobile Verification Tool or the MVT) provided by Amnesty International. This toolkit will alert you with presence of the Pegasus Spyware on your device.

-The toolkit scans the backup file of your device for any evidence of infection. It works on both Apple and Android operating systems, but is more accurate for Apple operating system.

-You can also download and run Norton Power Eraser a free virus removal tool.

Update your system regularly: Set up an update which runs automatically. Such automatic updates can not only block hackers from viewing your web or device activity, but can also eliminate software errors.

Be vigilant of cookies compliance: Cookies that records/ tracks users browsing habits and personally identifiable information (PII) are commonly known as adware spyware. Accept cookies only from reliable sites or download a cookie blocker.

Strong authentication passwords: Try to enable Multi-factor Authentication (MFA) wherever possible, or if not possible create different password for all accounts. Change your password for each account after a certain period of time.

-Password breaches can still occur with these precautions. In such case change your password immediately.

Be cautious of free software: Read the terms and conditions on software licenses, before accepting. Free software might be unlimited but, your data could be recorded with those free software’s.

Do not open any files from unknown or suspicious account: Do not open any email attachments or text on mobile from a suspicious, unknown, or untrustworthy source/number.

Conclusion:

Spyware could be extremely dangerous, however it can be prevented and removed by being precautious and using a trustworthy antivirus tool. Next gen technologies can also help in checking and removing malicious content. For instance, Artificial intelligence could aid the organizations identify malicious software, and frequently update its algorithms of patterns similar to predict future malware attacks.

Continue Reading

Science & Technology

Implementation of virtual reality and the effects in cognitive warfare

Published

on

Photo: Lux Interaction/Unsplash

With the increasing use of new technologies in warfare situations, virtual reality presents an opportunity for the domain of cognitive warfare. Nowadays, cognitive skills are treated equally as their physical counterparts, seeking to standardize new innovative techniques. Virtual reality (VR) can be used as a tool that can increase the cognitive capabilities of soldiers. As it is understandable in today’s terms, VR impacts the brain directly. That means that our visual organs (eyes) see one object or one surrounding area, but brain cells perceive and react to that differently. VR has been used extensively in new teaching methods because of the increased probability of improving the memory and learning capabilities of students.

Besides its theoretical teaching approach and improvement of learning, VR can be used systematically towards more practical skills. In medicine for example students can have a full medicine lesson on a virtual human being seeing the body projected in 3D, revolutionizing the whole field of medicine. If that can be used in the medical field, theoretically it will be possible to be used in combat situations, projecting a specific battlefield in VR, increasing the chances of successful engagement, and reducing the chance of casualties. Knowing your terrain is equally important as knowing your adversary.

The use of VR will also allow us to experience new domains relating to the physical health of a person. It is argued that VR might provide us with the ability to effectively control pain management. Since VR can stimulate visual senses, then it would be safe to say that this approach can have higher effectiveness in treating chronic pain, depression, or even PTSD. The idea behind this usage is that the brain itself is already powerful enough, yet sometimes when pain overwhelms us we tend to lose effectiveness on some of our senses, such as the visual sense. An agonizing pain can blurry our vision, something that we cannot control; unless of course theoretically, we use VR. The process can consist of different sounds and visual aids that can trick the mind into thinking that it is somewhere that might be the polar opposite of where it is. Technically speaking, the mind would be able to do that simply because it works as a powerful computer, where our pain receptors can override and actually make us think that we are not in such terrible pain.

Although the benefits of VR could be useful for our health we would still need to deal with problems that concern our health when we use a VR set.  It is possible that the brain can get overloaded with new information and the new virtual environments. VR poses some problems to some people, regarding the loss of the real environment and creating feelings of nausea or extreme headaches. As a result, new techniques from cognitive psychologists have emerged to provide a solution to the problem. New technologies have appeared that can desaturate colors towards the edge of the headset in order to limit the probability of visual confusion. Besides that, research shows that even the implementation of a virtual nose when someone wears a VR headset can prevent motion sickness, something that our brain does already in reality.

However, when it comes to combatants and the implementation of VR in soldiers, one must think of maybe more effective and fast solutions to eliminate the problems that concern the confusion of the brain. Usage of specific pharmaceuticals might be the key. One example could be Modafinil which has been prescribed in the U.S. since 1998 to treat sleep-related conditions. Researchers believe it can produce the same effects as caffeine. With that being said, the University of Oxford analyzed 24 studies, where participants were asked to complete complex assignments after taking Modafinil and found out that those who took the drug were more accurate, which suggests that it may affect higher cognitive functions.

Although some of its long-term effects are yet to be studied, Modafinil is by far the safest drug that can be used in cognitive situations. Theoretically speaking, if a long exposure to VR can cause headaches and an inability to concentrate, then an appropriate dose of Modafinil can counter the effects of VR. It can be more suitable and useful to use on soldiers, whose cognitive skills are better than civilians, to test the full effect of a mix of virtual technology and pharmaceuticals. VR can be a significant military component and a simulation training program. It can provide new cognitive experiences based on foreign and unknown terrains that might be difficult to be approached in real life. New opportunities arise every day with the technologies, and if anyone wanted to take a significant advantage over adversaries in the cognitive warfare field, then VR would provide a useful tool for military decision-making.

Continue Reading

Science & Technology

Vaccine Equity and Beyond: Intellectual Property Rights Face a Crucial Test

Published

on

research coronavirus

The debate over intellectual property rights (IPRs), particularly patents, and access to medicine is not new. IPRs are considered to drive innovation by protecting the results of investment-intensive R&D, yet arguably also foster inequitable access to affordable medicines.

In a global public health emergency such as the COVID-19 pandemic, where countries face acute shortages of life-saving vaccines, should public health be prioritized over economic gain and the international trade rules designed to protect IPRs?

The Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPs), to which all 164 member states of the World Trade Organization (WTO) are a party, establish minimum standards for protecting different forms of IPRs. 

In October 2020, India and South Africa – countries with strong generic drug manufacturing infrastructure – invoked WTO rules to seek a temporary waiver of IPRs (patents, copyrights, trade secrets, and industrial designs) on equipment, drugs, and vaccines related to the “prevention, containment or treatment of COVID-19.” A waiver would mean that countries could locally produce equipment and vaccines without permission from holders of IPRs. This step would serve to eliminate the monopolistic nature of IPRs that give exclusive rights to the holder of IPRs and enable them to impose procedural licensing constraints.

Brazil, Japan, the European Union (EU), and the United States (US) initially rejected the waiver proposal. That stance changed with the rise of new COVID-19 mutations and the associated increase in deaths, with several countries facing a public health crisis due to vaccine supply shortages. The position of many states began shifting in favor of the India-South Africa proposal, which now has the backing of 62 WTO members, with the US declaring support for the intent of the temporary waiver to secure “better access, more manufacturing capability, more shots in arms.” Several international bodies, the World Health Organization (WHO), and the UN Committee on Economic, Social and Cultural Rights have voiced support.

Some countries disagree about the specific IPRs to be waived or the mechanisms by which IPRs should be made available. The EU submitted a proposal to use TRIPS flexibilities such as compulsory licensing, while others advocate for voluntary licensing. The TRIPS Council is conducting meetings to prepare an amended proposal to the General Council (the WTO’s highest-level decision-making body in Geneva) by the end of July 2021.

The crisis in India illustrates the urgency of the situation. India produces and supplies Covishield, licensed by AstraZeneca; and Covaxin, which is yet to be included on the WHO’s Emergency Use Listing (EUL). Due to the devastating public health crisis, India halted its export of vaccines and caused a disruption in the global vaccine supply, even to the COVID-19 Vaccines Global Access (COVAX) program. In the meantime, the world’s poorest nations lack sufficient, critical vaccine supplies.

International law recognizes some flexibility in public health emergencies. An example would be the Doha Declaration on TRIPS and Public Health in 2001, which, while maintaining the commitments, stresses the need for TRIPS to be part of the wider national and international action to address public health problems. Consistent with that, the body of international human rights law, including the International Covenant on Economic, Social and Cultural Rights (ICESCR), protects the right to the highest attainable standard of health.

But as we race against time, the current IPR framework may not allow for the swift response required. It is the rigorous requirements before a vaccine is considered safe to use under Emergency Use Authorizations and procedural delays which illuminate why IPR waivers on already approved vaccines are needed. Capitalizing on the EUL’s approved vaccines that have proven efficacy to date and easing IPR restrictions will aid in the timely supply and access of vaccines.

A TRIPS waiver may not solve the global vaccine shortage. In fact, some argue that the shortages are not an inherent flaw in the IP regime, considering other supply chain disruptions that persist, such as the ones disrupting microchips, pipette tips, and furniture. However, given that patent licensing gives a company a monopoly on vaccine commercialization, other companies with manufacturing capacity cannot produce the vaccine to scale up production and meet supply demands.

Neither does a temporary waiver mean that pharmaceutical companies cannot monetize their work. States should work with pharmaceuticals in setting up compensation and insurance schemes to ensure adequate remuneration.

At the College of Law at Hamad Bin Khalifa University, our aim is to address today’s legal challenges with a future-oriented view. We see COVID-19 as a case study in how we respond to imminent and existential threats. As global warming alters the balance of our ecosystem, threats will cascade in a way that is hard to predict. When unpredictable health emergencies emerge, it will be human ingenuity that helps us overcome them. Even the global IP regime, as a legal system that regulates ideas, is being tested, and should be agile enough to respond in time, like the scientists who sprang into action and worked tirelessly to develop the vaccines that will soon bring back a semblance of normal life as we know it.

Continue Reading

Publications

Latest

Trending