Connect with us

Intelligence

Cyber Warfare: Competing National Perspectives

Leann Maloney

Published

on

The threat of cyberwarfare is a growing fear among all intelligence communities. “In June 2009 the U.S. Cyber Command was created and in July of 2011 Deputy Secretary of Defense William J. Lynn III announced that as a matter of doctrine, cyberspace will be treated as an operational domain similar to land, air, sea, and space” (Colarik & Janczewski, 2012, 35). Cyber warfare is conducted by infiltrating the country’s computer networks to cause damage and/or disruption to various infrastructures. This could be as minimal as spying on another nation or as in-depth as implementing acts of sabotage directed towards specific targets such as military operations or the power grid. The threat of cyber warfare is not specific to one country. This is a potential threat that effects each country across the globe.

China is a dominant power within the global arena and is consistently evolving with potential threats especially cyber technology. Chinese colonels Liang and Xiangsui claimed advanced technology gave the country’s adversaries a significant advantage, and proposed that China ‘build the weapons to fit the fight. Recently, the Chinese People’s Liberation Army (PLA) confirmed the existence of its Online Blue Army (Colarik, &Janczewski, 2012, 35). China’s fear of the impact and devastation that can be caused by the internet has forced them to implement strict policies governing the freedom and use of the internet within the country and creating strong security measures against infiltration by outside sources.

In 2014, China implemented the Central Internet Security and Informatization Leading Group to oversee all internet security. “This leading group is to deepen reform, protect national security, safeguard national interests, and promote the development of information technology. The group will have complete authority over online activities, including economic, political, cultural, social, and military” (Iasiello, 2017, 5). This group disseminates and monitors all information found on the web to ensure that there are no security breaches and the people are not in violation of the law.

In 2015, China drafted a national cybersecurity law.“The chief goals of its 2015 draft national cybersecurity law are (1) ensure cybersecurity, (2) safeguard cyberspace sovereignty, national security, and the public interest, (3) protect the legitimate rights and interests of citizens, legal persons and other organizations, and (4) promote the healthy development of economic and social information” (Kolton, 2017, 126). Whereas the United States promotes a free internet, China’s main focus is on establishing an internet that is secure from all potential threats both external and internal.

In 2016, China passed the “Cyber Security Law” that focused on the security of the internet and information systems and extended the ability of the government to oversee the information that was being shared to determine if it was done within accordance of their strict cyber security laws. This law helps the government to monitor any potential breaches of security by outside or internal sources. By implementing a stronger grasp of control over the internet, the government is able to reduce the potential of an attack or intrusion. Within this law, government agencies would be able to implement more guidelines for network security within industries to include energy, transport, military, defense, and many more (Iasiello, 2017, 6).These restrictions increase the control of the government over cybersecurity but also limits the freedoms of its citizens to explore the internet.

China has created new training for its military to be prepared against potential cyber warfare attacks. It has “developed detailed procedures for internet warfare, including software for network scanning, obtaining passwords and breaking codes, and stealing data; information-paralyzing software, information-blocking software, information-deception software, and other malware; and software for effecting counter-measures” (Ball, 2011, 84). It has also increased its number of training facilities to focus only on network attacks on cyber infrastructure and defense operations. The amount of money China is investing in facilities and training of military personal increases its ability to remain secure within this global threat of cyber warfare. One fear for China is its dependence on Western technology. “China’s capabilities in cyber operations and emerging technologies such as artificial intelligence are becoming more sophisticated, the country still depends largely on Western technology. Beijing is hoping to break that dependency through the Made in China 2025 plan” (Bey, 2018, 33). This is a mutual fear for both the US and China as they both rely on each other’s manufacturers with the fear that they will implement a trojan horse to intervene.

Like China, Russia has increased its abilities in combating the potential threat of cyber warfare. However, Russia has taken a different approach to this threat by going on the offensive. Russia has focused on non-linear warfare within the cyber world, which is defined as “the collection of plans and policies that comprise the state’s deliberate effort to harness political, military, diplomatic, and economic tools together to advance that state’s national interest. Grand strategy is the art of reconciling ends and means” (Schnauffer, 2017, 22). To assert its dominance in the global arena, Russia has been utilizing its own forms of cyber attacks to collect information and become a dominant cyber power.

Russia began its experiments with cyber warfare in 2007 in the clash with Estonia. This was done to determine its cyber capabilities as well as create a stronger resilience against future attacks. “Russia’s cyber experiment effectively shut down day-to-day online operations in Estonia’s cyber infrastructure for weeks, from news outlets to government institutions” (Shuya, 2018, 4). After this successful movement, Russia began to expand its focus to Georgia and Ukraine in 2008 and then in 2015, to offset local initiatives there which it considered to be against Russian national security interests. Russia has “developed multiple capabilities for information warfare, such as computer network operations, electronic warfare, psychological operations, deception activities, and the weaponization of social media, to enhance its influence campaigns” (Ajir& Valliant, 2018, 75). Russia has had a strong focus on using the tool of propaganda to disseminate key information to its citizens with the hope that they will abide by it as the real truth.

Russia’s investment into technology and the freedom of speech allotted by the West has made the West not only extremely vulnerable to Russia, but also has expanded the reach of the Russia globally. Ajir and Valliant (2018) highlight several key points of the Russian strategy:

Direct lies for the purpose of disinformation both of the domestic population and foreign societies; Concealing critically important information; Burying valuable information in a mass of information dross; Simplification, confirmation, and repetition (inculcation); Terminological substitution: use of concepts and terms whose meaning is unclear or has undergone qualitative change, which makes it harder to form a true picture of events, Introducing taboos on specific forms of information or categories of news; Image recognition: known politicians or celebrities can take part in political actions to order, thus exerting influence on the worldview of their followers; Providing negative information, which is more readily accepted by the audience than positive.

This approach allows the Russian government to remain in control of information that is filtered to its citizens. The restriction of freedom reduces the capability of deciphering fact from fiction.

Russia has also taken a defensive approach to cyber warfare by implementing strict laws that govern the use of the internet. The agency Roskomnadzor scans the internet for activity that is deemed illegal and detrimental to the Russian government. It has also implemented new laws to regulate internet activity. “The laws which came into force in November 2012 provided provisions for criminalizing slander, requiring nonprofits receiving funding from abroad to declare themselves “foreign agents,” and provide additional financial information and a final law sanctioning the blocking of websites featuring content that “could threaten children’s lives, health, and development” (Cross, 2013, 14). Many have deemed these laws as means to censor the internet, but the Russian government argues it is for the protection of its citizens.

An opposite example of failing to employ measures to protect the country from a potential cyber warfare attack is Mexico. The main focus for Mexico has been on drug cartels and eliminating internal threats within their own government. Mexico has begun to implement its own version of cybersecurity due to its substantial growth in cyber-attacks over the years. However, its overall success has been limited due to a lack of understanding and outdated systems. “Incidents in cyberspace pose a challenge to Mexico due to a lack of institutional structures and there is a need to strengthen capabilities since it does not have any specialized government or public sector agencies certified under internationally recognized standard” (Kobek, 2017, 8). Without the establishment of a specific agency dedicated to cybersecurity, Mexico will continue to struggle against cyber warfare threats. Mexico must implement new security measures that are applicable to all main threats beyond the drug cartels.

Currently, the government presence in Mexico is focused solely on actionable and tangible threats. There must be a reform to its current laws for “the armed forces require a law that reframes and modernizes the concepts of public safety, internal security, and national defense; clarifies the role, conditions, terms, and limits of the armed forces’ engagement; and establishes mechanisms to hold them accountable” (Payan& Correa-Cabrera, 2016, 3). The lack of accountability and oversight by the government to control key aspects, such as the military, and impose a stronger presence in the more demanding field of cybersecurity opens up the potential for a catastrophic event to occur within Mexico.

China and Russia are prime examples of how strict policy governance of the internet will help to reduce the potential threat of an attack. They are micromanaging every aspect of the internet from restricting specific websites (social media) or establishing specific agencies to monitor and analyze all information that is being viewed from all sources. “With the United States and European democracies at one end and China and Russia at another, states disagree sharply over such issues as whether international laws of war and self-defense should apply to cyber-attacks, the right to block information from citizens, and the roles that private or quasi-private actors should play in Internet governance” (Forsyth, 2013, 94). The failure of this policy is the restriction of freedoms to citizens. As stated above, one of Russia’s main focuses is promoting propaganda that is anti-west and pro-Russia. The control over the internet does not allow their citizens to research the truth or have global interaction. This increases the risk of upheavals among the people, especially as technology continues to improve and loopholes are found to circumvent existing policies and hidden content is exposed.

Another approach to cybersecurity is seen with the actions of NATO. It is focusing on improving its relationships with private security companies and “developing a Cyber Rapid Reaction Team (RRT)19 to protect its critical infrastructure, much like U.S. Cyber Command’s Cyber Protection Teams (CPTs)” (Ilves et al, 2016, 130). One downside to this approach is NATO is only able to apply defensive measures. It does not have the ability to implement an offensive attack. Creating a partnership with private companies provides it greater access and resources to potential cyber threats. Private companies have more funds available to pursue a stronger cyber security defense. A recommendation would be to create a joint European Union, United States, and NATO partnership against cyber warfare. Each has its own strengths that can be applied to a joint force against one common threat. A stronger partnership among key global powers will help to create a multifaceted approach to the threat of cyber warfare. The end goal of cyber warfare is the same for each country targeted. There is no specific adversary, but rather the substantial disruption or sabotage of key infrastructure.

Although facing intense criticism and skepticism, it would be beneficial for the US, China, and Russia to form a partnership against cyber warfare. As each country is already connected via their technology companies, they are each a global power that encompasses a vast majority of the world. A collaboration of information and resources would provide a stronger protection amongst common non-state threats. However, the chief obstacle is the ability to trust each country to act within the realm of security, instead of using it as an opportunity to gain substantial access to an inside look of the country. Since the US often accuses China and Russia of being the biggest state perpetrators of cyber actions, this criticism may be near impossible to overcome, despite the possible advantages. According to the World Economic Forum, the table below lists the top countries best prepared against cyber-attacks.

Table 1: World Economic Forum Countries Best Prepared Against Cyber-Attacks

The United States is ranked number one with a significant margin above Canada. China and Russia who have implemented a very strict cyber security policy are not listed within the top 20. This is determined by the Global Cybersecurity Index, a partnership between private industries and international organizations that analyze all aspects of cybersecurity. This argues that the approach by countries such as China and Russia is geared more to the control over its citizens rather than executing a strong cybersecurity policy focused on legitimate external threats. Although, the table above does show that the United States is ranked number one in being able to protect the nation from potential cyber threats, it is only ranked at 82.4% effective. Russia and China have employed a different approach to cyber security that could be utilized to increase the overall effectiveness globally if each side was able to work together towards common threats. Ideally, such partnership would not only create new channels of connection and collaboration between adversaries, but would also set the stage for the more heavy-handed and restrictive policies of China and Russia to be loosened to the benefit of its citizens’ virtual freedom.

Leann Maloney is originally from East Bridgewater, MA but currently resides in Florida. She has a bachelor's degree in History and Criminal Justice from the University of Central Florida and a master's degree in Business Continuity, Security, and Risk Management from Boston University. She is currently enrolled in the American Military University’s Doctorate of Strategic Intelligence program.

Continue Reading
Comments

Intelligence

India’s Hybrid / Cyber threats and its regional implications

Published

on

Hybrid threats are designated as a swing from a traditional force model to an approach which combines kinetic and non-kinetic tools in a deliberate and synchronized campaign to destabilize and gain political leverage over an opponent. However, Hybrid warfare is widely understood as a blend of regular, irregular, information and cyber warfare. After the nuclearization of South Asian region, there has been a growing realization within the Indian military that a conventional war could be both untenable and cost prohibitive. Such conception gave rise to hybrid war under the rubric of nuclear weapons as the preferred strategy by India.

One can observe the evident growth of hybrid warfare in the Indian strategy of pressuring Pakistan through media, subversion, cyber warfare and diplomatic maneuvers aimed at its isolation. Doval doctrine is the clear evidence that India has already strategize against Pakistan. India’s hybrid warfare strategy against Pakistan is built on five major fronts around Pakistan’s perceived weaknesses to achieve the “3D Objectives”. 3D indicates the Destabilization, Demoralization and Disintegration of Pakistan. This doctrine furthermore includes five more fronts under the regime of hybrid threats which are proxies, information war, cyber warfare, economic war and political war. The stipulated objective is weakening of Pakistan to the extent that it accepts Indian hegemony in the region.

India is proficiently using hybrid-warfare capabilities to pursue its objectives in South Asian region since the end of Cold War. Nevertheless, Islamabad has been resisting New Delhi’s endeavors to establish its hegemony in the region. India has been frequently violating the Line of Control. Within the military domain it is against the law and not allowed to launch fire on the civilians’ working or moving near the border during the peacetime. India always tries to defame and malign the image of Pakistan by manipulating and misguiding international media. By the end of March 2020, a RAW funded group caught in Karachi University fueling anti-state activities including terrorism and anti-state narrative propagation against Pakistan. Although Pakistan very efficiently embarks upon curbing India generated conspiracies, such type of activities being carried out, increasing hybrid threats pose serious security concerns for Pakistan. 

As stated above, hybrid threat involves cyber warfare techniques as assisting tools of hybrid techniques. Cyber threat is another hazard in South Asian region to be handled and manipulated to win advantages over enemy. New technologies are quickly integrated into both nations’ strategies; utilizing cyberspace has become a useful tool for both India and Pakistan. Cyberspace has become a space where hacktivists and patriotic hackers from both sides can express their patriotic feelings and denigrate the adversary. Cyberspace also acts as a means for Advanced Persistent Threats (APTs), which are groups that hold highly probable links to state institutions, to spy and gain information on their opponent. Technologically number of the cyber-activities observed in the India-Pakistan rivalry showed that even with relatively unsophisticated cyber-tools, APTs managed to steal information and achieve their strategic goals. Actors involved in the cyber activities and operations carried out between India and Pakistan in cyberspace used a variety of cyber tools and techniques to achieve their aims. Hacktivists and patriotic hackers used specific tools to find vulnerabilities in websites, and then exploited them to deface the site. APTs tended to use spear phishing to get access to their victim’s network and then infect them with spying malware.

Rising Security Research Institute in 2019 has captured the attack launched by the internationally renowned Advanced Persistent Threat (APT) organization “Rattlesnake” through the Rising Threat Intelligence System. This time, the organization had targeted the Pakistani Navy via Target collision hijacking method. Specifically targeting the Pakistan Naval Public Relations Bureau, the attempt was aimed at stealing vital information from secure military networks while planting misleading documents masquerading as official statements from the Pakistan Navy regarding its regional neighbors such as China and India. Based on such threats, Pakistan must be readily prepared for any kind of cyber espionage and take steps towards establishing a strong national cyber policy to protect its civilian and military infrastructure.

Hybrid/cyber threats operates below the threshold and it has deepen it’s in roots in South Asian region especially in Pakistan. War had never been smooth since its early times but hybrid war threats employ different tools in engaging low intensity conflicts which mainly include cyber threats along social disintegration, political and economic subversion. Senator Mian Raza Rabbani stated in 2019, that ‘this is a hybrid war. We need to understand it correctly.’ In hybrid warfare, the purpose is not to always achieve an immediate victory; sometimes the purpose is to demoralize it over time. Pakistan is already having a deteriorating economy and it needs to steadily address the causes that are providing leverages to conduct hybrid operations in Pakistan and leaving long term hazardous effects in form of weak economic conditions, political and social instability. Pakistan must formulate a national hybrid threats response policy to tackle and dissolve the hybrid threats posed by India. Whereas in the cyber domain Pakistan should emphasize more on indigenously developing its own cyber security industry so that in the near future it could benefit both its civilian and military infrastructure in the long run. Hence, while Pakistan may be limited in its ability to wage a strong offensive campaign within the realm of cyber warfare at the moment, such steps would go a long way in helping lay the foundations to build something greater on.

Continue Reading

Intelligence

Post 2020: The Changing World Order

Sisir Devkota

Published

on

Since 9/11, more than 700,000 people have lost their lives; inter-state and civil wars in past decades have amounted to major nostalgia related to deaths, protests, causes and millennium challenges. More than seven million people are losing their battle against various forms of cancer every year; nevertheless, public hysteria has not been able to penetrate above our sense of normalized livelihoods. It is essential to understand the distinction; Covid-19 is a pandemic, and although other diseases might be genetic, the fear of easy human to human transmission is absent. These examples are an example in themselves; the mounting count of human deaths is not significant, the possibility of disrupting the finely manufactured cluster of capitalist class is however more consequential. News making has been largely disproportionate in the past century, agenda setting, and the priority of equivalent international tragedies are being determined as per the whims of interest groups. For the sake of imagination, let us compare why millions of people are forced into a lockdown with the pandemic’s measured mortality rate being less than 10%; while more than millions of troops from different nations are forced into war with higher percentage of likely deaths. Covid-19 is dangerous for humankind but there is lot at stakes. However, these propositions are not going to last anymore. Welcome to the new world order.

Before examining the possible nature of a new kind of international structure, it is vital to reflect on key learnings that the pandemic has put in front of us. Firstly, and most disappointingly, the month-long episode of the virus lacked consistency and the circulation of sensible knowledge. It has given the general public with more analytical time to reflect on news feeding. In all honesty, media outlets are living on the edge, the enormous batch of content consumers that were not readily available for interpretation before, are now examining realities inside their homes. Every other online platform is running live updates on the death counts; however, the cause of manufacturing vaccines is lacking major thrust.

The world has pierced a falsified version of how hegemony was defined in the past. The events since February has proven that humankind might have taken up the vocabulary too quickly. Major economies, if not the most powerful ones are displaying a dangerous level of unpreparedness to tackle a transmitting virus. It is necessary to put this into perspective; the world has enough atom bombs to kill the entire human race for more than thousand times but is lacking respiratory ventilators for Covid-19 patients. Even if hegemony was real, it can be deemed as merely being a loose term. Coming afoot with international co-operation has shaken things up as well. We are witnessing nation states resorting to state-of-the-art models to tackle the pandemic. For instance, South Korea is managing to test and isolate patients while compared to infected western nations. There is one more taking from the anomaly that has been unexpected. Nation states are not confident towards the expertise of one another. International co-operation will now need another definition altogether.

At present, the new global order is a dis-order. A biological intervention is largely to blame for the imbalance. Predictively, new forms of stakeholders will take birth in the coming time. Stringent border control over biohazards might become the new norm while localization in terms of work with the help of technology is proving to be highly useful. The world will greatly anticipate if not witness frequent seismic shocks and consequent precautionary actions against other possible pandemics in the future. The new order is still taking shape but will undoubtedly face inspiring arbitrations.

Continue Reading

Intelligence

Global Tech Companies Counter Online Terrorist Content

Anastasia Tolstukhina

Published

on

One of the most recent trends to appear in internet governance is the tightening of control over online content. And it was China and Russia that set the wheels for this in motion. The trend has extended across the globe – just look at the impressive list of states that supported the Christchurch Call to Action to eradicate terrorist and violent extremist online content. France, the United Kingdom, India, Japan, Indonesia and many other states endorsed the call, questioning the right to spread information online without any restrictions.

It is no secret that terrorists today strive to use the benefits of the nascent digital age for nefarious purposes, namely, to spread dangerous content, recruit new foot soldiers, finance terrorist groups and broadcast terrorist attacks using various internet resources. This is why many governments, fearing the radicalization of their population, demand that global internet platforms step up measures to counter extremist and terrorist content. For example, in May 2017, the Parliament of the United Kingdom criticized Twitter and Facebook for their inability to remove extremist content. At the 2018 G7 Summit in Toronto, security ministers demanded that tech companies step up the fight against dangerous content.

The Christchurch Call to Action

The Christchurch Call to Action to eliminate terrorist and violent extremist content online came in May 2019 from the Government of New Zealand as the peak of governmental demands for radical measures to be taken in this area.

Speaking to CNN, Prime Minister of New Zealand Jacinda Ardern said, “This call to action is not just about regulation, but instead about bringing IT companies to the table saying you have a role, too.”

The Call came after the tragic events of March 15, 2019, when a terrorist used Facebook Live to run a 17-minute broadcast of a mass shooting in Christchurch mosques. The video was accessible for 29 minutes on Facebook itself, and for several hours on YouTube, Instagram and Twitter. The delayed reaction of global digital platforms meant that millions of users throughout the world watched the broadcast.

For New Zealand and for many other states, this tragedy signalled the need to take drastic measures. New Zealand and France spearheaded a summit held in Paris on May 15, 2019, that was attended by the leaders of 17 states, representatives of the European Commission and eight tech companies (Amazon, Daily Motion, Facebook, Google, Microsoft, etc.) [1]. The Christchurch Call is essentially an action plan calling upon its signatories to prevent using the internet as a tool for terrorists.

As of today, 48 states, UNESCO, the Council of Europe, the European Commission and eight tech companies have joined the call to action.

Curiously, three important actors remained uninvolved with the Call to Action: Russia, China and the United States. Beijing and Moscow did not officially comment on their refusal to join. Washington cited its respect for freedom of speech while generally supporting the overall goals of the document. The United States counters dangerous content at the state level, but it employs different methods. Instead of blocking information, the United States, according to the White House, promotes credible, alternative narratives to “defeat” terrorist messaging.

A Pure PPP

The Christchurch Call is a pure PPP. The document envisions a clear delimitation of duties between government bodies and businesses.

For instance, governments must:

-counter the drivers of terrorism and violent extremism;

-increase media literacy;

-ensure the effective enforcement of applicable laws;

-encourage media outlets to apply ethical standards when depicting terrorist events online.

Technical solutions, including content control (content filtering and blocking), are left to tech companies that, among other things, are mandated to:

-develop technical solutions to prevent the upload of violent terrorist and extremist content;

-provide greater transparency in detecting and removing content;

-implement regular reporting;

-ensure that algorithms developed and used by the companies do not lead users to extremist content.

The Call also lists several joint commitments for government and online service providers, including:

-accelerating research into and developing technical solutions;

-ensuring appropriate cooperation with and among law enforcement agencies for the purposes of investigating and prosecuting illegal online activity;

-developing processes allowing governments and online service providers to respond rapidly, effectively and in a coordinated manner to the dissemination of terrorist or violent extremist content.

GIFCT to the Rescue

Global tech companies began to respond to the governmental calls to flag dangerous online content long before the tragedy in Christchurch. For instance, in June 2017, Facebook, Microsoft, Twitter and YouTube formed the Global Internet Forum to Counter Terrorism (GIFCT) under the auspices of the United Nations. The Forum’s participants pledged:

  1. to develop and share technology to responsibly address terrorist content across the industry;
  2. to fund research and share good practices in order to develop viable methods of countering dangerous content.

The European Commission supported the Forum, allocating €10m in funding to it. Additionally, a $5m joint innovation fund was launched jointly with Google.org for countering hate and extremism. This fund financed non-profits combating hate both online and offline.

GIFCT is based on a multi-stakeholder governance model and actively cooperates with small internet companies, civil society, scientists, and governmental and non-governmental organizations. Through the UN Office of Counter-Terrorism and the Tech Against Terrorism programme spearheaded by the United Nations, the Forum has worked with over a hundred tech companies throughout the world. Conferences for stakeholders have been held in Europe, the Asia Pacific and Silicon Valley. Additionally, GIFCT members attend G7 ministerial meetings and actively interact with Europol.

At the same time, the Forum is not open to everyone. In November 2019, China’s rapidly developing internet platform TikTok was denied membership because it did not meet the established criteria, including compliance with certain human rights requirements and the publication of transparency reports. The Forum’s members are concerned that TikTok may be collecting data and engaging in censorship.

Methods of Countering Dangerous Content

The principal method of countering dangerous content is the constant updating of the general industry “hash” database. “Hashes” are unique digital “fingerprints” of terrorist and extremist content (photos and videos). This database allows any Forum member to automatically detect and remove illegal content from their digital platforms prior to it going public. In the two years since its launch, GIFCT has accumulated over 200,000 unique hashes. In addition to this database, Forum members have been able to share URLs linked to terrorist and extremist content securely with their sectoral partners since January 2019.

As of today, 13 companies and services have access to the database: Microsoft, Facebook, Twitter, YouTube, Ask.fm, Cloudinary, Instagram, JustPaste.it, LinkedIn, Verizon Media, Reddit, Snap and Yellow. As we can see, access has mostly been granted to companies based in the United States.

To support the Christchurch Call, Amazon, Facebook, Google, Twitter and Microsoft released joint statement on expanding the GIFCT’s activities and listing nine steps on countering terrorist and extremism content online. Nearly half of these steps need to involve government agencies and other stakeholders. These actions include, among other things:

  • updating terms of use for various digital platforms and services
  • creating better feedback methods for reporting illegal content
  • enhancing technology through additional investment
  • cooperating with the sectoral, governmental and non-governmental bodies with a view to developing a protocol for rapid response to illegal actions
  • publishing regular reports on transparency concerning flagging and removing terrorist content

More New Initiatives

The Christchurch Call also generated new institutions, instruments and forms of business cooperation with governmental agencies and civil society bodies.

In September 2019, GIFCT was transformed into an independent organization. The Forum’s participants announced that they would be expanding cooperation between companies, governmental agencies and experts.

To support the “call to action,” the companies agreed to take additional steps:

-set up formal channels of communication so they can share intelligence and content with non-GIFCT companies and other stakeholders;

-introduce joint content incident protocols to enable and empower companies to more quickly and effectively respond to illegal online activities (such a protocol describes steps companies could take for a rapid response to an attack).

The Christchurch Call Advisory Network will be set up to ensure that the measures adopted to counter dangerous content do not violate human rights. The network will comprise civil society organizations that aim to “integrate a broad range of perspectives and live up to the commitments in the Call around supporting human rights and online freedoms, as well as the rights of victims of terror.”

It is also worth noting here that, in September 2019, Microsoft, Hewlett Foundation, MasterCard and several other large IT corporations, together with a number of charity foundations, launched the CyberPeace Institute intended to aid victims of cybercrime.

“Occupational Aptitude” Test

A tragedy in Germany served as the first major occupational aptitude test for the overhauled GIFCT. On October 9, 2019, several shooters opened fire in the vicinity of a synagogue in Halle and uploaded a video of the attack. The video remained on Twitch for 65 minutes and was seen by 2200 people. Copies were distributed via Telegram, 4chan and other services (none of which are GIFCT members).

The video of the shooting was not spread via larger online platforms, such as Facebook and YouTube, which GIFCT saw as a positive shift in countering extremist content. This was largely due to the abovementioned Content Incident Protocol (CIP). Actions taken under the protocol include: a) promptly uploading hashes of the attacker’s video, its derivatives, and other related content into the shared GIFCT hash database; and b) promptly notifying Europol and the government of Germany about the incident.

The official website of the Forum notes that the incident uncovered vulnerabilities where additional work on mechanisms for countering dangerous content is needed. Moreover, the Forum’s members intend to simplify the decision-making process, step up the exchange of information with various stakeholders and ensure that the blocking system is continually improved.

One Goal, Different Approaches

Russia was not involved with the Christchurch call and the new institutions and mechanisms it generated. The media reported that Russian companies had not been invited to sign the document.

At the same time, representatives of Russian online platforms said that their own rules generally comply with the contents of the Call. The Odnoklassniki social network welcomes the introduction of rules for handling extremist content. Additionally, the network continuously improves its tools for the rapid detection and blocking of prohibited content. For this purpose, it primarily uses so-called neural networks that have learned to identify depictions of violence in accordance with set patterns and hide dangerous content from public access. Another social network, VKontakte, also uses neural networks to automatically detect and block extremist content. Pursuant to requests from users or governmental agencies, dangerous posts are blocked within minutes.

The Russian government was also not involved with the Christchurch Call, since it had not been invited to join the discussion of the document and endorse it.

We can assume that the Call in its current form, despite its good intentions, would hardly suit the Russian side. We have already mentioned that the Christchurch Call is a pure public-private partnership that assigns significant responsibilities to private companies. Russia, on the other hand, invariably emphasizes the importance of public-private partnerships while maintaining the leading role of the state in handling security issues. Other stakeholders (non-governmental organizations, private companies, etc.) are assigned supporting roles. Western companies, on the contrary, stress the leading role of businesses in this issue. For instance, Tom Burt, Corporate Vice President for Customer Security and Trust at Microsoft, noted in his blog, “The internet is the creation of the private sector, which is primarily responsible for its operation, evolution and security.” He believes that governments should play an important role in observing and enforcing standards of conduct in cyberspace and in preventing harmful attacks by other nations.

Despite these different approaches, there are certain common points where Russian and Western interests overlap:

  1. Tightening control over online information flows.
  2. Involving various stakeholders in the process of resolving the problem.

The danger of illegal content spreading over the internet is a global cross-border threat. Russia does not censor the internet like China does with its Great Firewall. Millions of Russian citizens use Western internet platforms, browsers and messengers, and the dangerous content spread there is our problem too. What matters in this regard is the dialogue between parties, even if Russia (through the government or private companies) was not a signatory to the Christchurch Call to Action and is not a member of the organizations affiliated with it. It is important that we make use of those areas where Russian and Western interests overlap, since we travel different roads to the same goal – cleansing the information space of dangerous content.

Communication channels between Russian and Western stakeholders need to be set up, and agreements need to be reached on the means of interacting and cooperating. Criteria need to be defined for flagging extremist and terrorist content to prevent misidentification. And technical solutions need to be shared.

An open-ended intergovernmental expert committee could serve as a platform for sharing opinions on the problem with a view to drafting an international convention on countering the criminal use of information and communication technologies.

 [1] A total of 17 states supported the Christchurch Call At the Paris Summit on May 15, 2019 (the United Kingdom, Japan, Australia, Canada, France, Germany, Indonesia, India, Ireland, Italy, Jordan, the Netherlands, New Zealand, Norway, Senegal, Spain and Sweden), as did the European Commission and eight tech companies (Amazon, Daily Motion, Facebook, Google, Microsoft, Qwant, Twitter and YouTube).

From our partner RIAC

Continue Reading

Publications

Latest

Trending