Connect with us

Intelligence

Cyberwarfare without Rules

Published

on

In June 2019, The New York Times published an article claiming that the U.S. intelligence services had carried out a cyberattack against Russia. Specifically, according to anonymous sources, Russia’s electric power grid had been the target of cyber incursions. The article caused quite a stir among experts and government officials in Russia, the United States and other countries. For example, President of the United States Donald Trump accused the journalists responsible for the article of treason, although the same article alleges that National Security Council representatives “had no national security concerns about the details of The New York Times’ reporting.” At the 10th International Meeting of High Representatives for Security Issues, Director of the Foreign Intelligence Service of the Russian Federation Sergei Naryshkin said that the Russian security services were aware of planned cyberattacks and informed the relevant authorities in a timely manner. The question of the likelihood of cyberattacks being carried out on critical infrastructure was even put to President of the Russian Federation Vladimir Putin during a live Q&A on Russian television, to which he responded: “As to the operation of our critical infrastructure, including power and other areas, we must certainly think about how to protect ourselves from any cyberattacks, from any negative impact. We are not only contemplating this, but also addressing it.”

It is still unclear whether or not the New York Times article is even telling the truth. Does it disclose sensitive information? Or is it merely “fake” news? Nevertheless, it would be useful to consider the situation from the point of view of the security of critical infrastructure, the possibility of carrying out cyberattacks and the rules of conduct in ICT.

The Informational Security of Critical Infrastructure

Protecting critical infrastructure from malicious attacks in the ICT environment is a crucial national security task, one that all developed countries are attempting to solve in one way or another. Each country draws up their own list of facility categories and prioritizes them as they see fit. However, these lists typically include energy and water supply systems, high-risk facilities and the information infrastructure. A number of factors determine the national features of critical infrastructure protection, chief among which is the issue of ownership – that is, who owns the facilities? In Western countries, a significant part of the infrastructure belongs to, and is managed by, the private sector (up to 85 per cent in the United States, according to estimates). In some cases, this leads to the appearance of a model of interaction in which the state establishes reasonably soft rules for businesses that have to ensure their own cybersecurity. Such mechanisms do not always meet national security requirements, since, in the absence of strong government regulation, businesses may use more widespread and cost-effective – yet untested and uncertified – information security solutions. And this is simply unacceptable for critical infrastructure. At the same time, special attention should be paid to issues of improving the social responsibility of entrepreneurs while ensuring the information security of new hi-tech products. And it is not just the positions of states that are needed here, as the counter initiatives of private business and the development of public private partnership mechanisms are also important.

Critical infrastructure protection is particularly important now, at a time when the ICT environment continues to develop on a massive scale, human activities are becoming increasingly digitized and the digital economy is starting to gain a foothold. ICT forms the foundation of such technologies and phenomena as big data processing, quantum computing, augmented and virtual reality, blockchain and the Internet of Things. In 2017, the global production of ICT goods and services totaled approximately 6.5 percent of gross domestic product (GDP), with around 100 million people being employed in the ICT sector. According to some estimates, the Internet of Things will consist of 50 billion devices by 2020.

Russia has adopted a number of normative, regulatory and strategic planning documents that regulate the protection of critical infrastructure facilities, in particular: Main Areas of the State Policy on the Security of Automated Control Systems for Production and Technological Process of Critical Infrastructure Facilities in the Russian Federation (approved by the President of the Russian Federation on February 3, 2012 under No. 803); Presidential Decree No. 620 “On Improving the State System for Detecting, Preventing and Mitigating the Consequences of Computer Attacks on the Information Resources of the Russian Federation,” dated December 22, 2017; and Federal Law No. 187-FZ “On Information Security Protection in the Russian Federation” dated July 26, 2017.

The legislation that has been adopted formed the basis for the establishment of the State System for the Detection, Prevention and Mitigation of the Consequences of Computer Attacks (GosSOPKA). The system is comprehensive in terms of its functionality. In accordance with the Concept of the State System for the Detection, Prevention and Mitigation of the Consequences of Computer Attacks, its mandate is not only to forecast information security issues in the Russian Federation and identify signs of compute attacks, but also to organize and conduct scientific research into the development and application of tools and methods for the detection, prevention and mitigation of the consequences of computer attacks and implement measures to ensure that the personnel required for the establishment and operation of the System receive the proper training and subsequent professional development opportunities. The forces and means of detecting, preventing and mitigating the consequences of computer attacks that make up the System include the authorized units of the Federal Security Service of the Russian Federation, the National Coordination Centre for Computer Incidents (which, among other things, coordinates the activities of the Russian Federation’s Critical Information Infrastructure [CII]), and subdivisions and officials of CII facilities that are involved in activities to detect, prevent and mitigate the consequences of computer attacks and respond to computer incidents. At the same time, GosSOPKA centers that have been set up at CII facilities (including those that are privately owned) are combined into a single hierarchical structure by department and territory.

We can judge the effectiveness of GosSOPKA’s work by the data presented at regular briefings of the National Coordination Centre for Computer Incidents. Thus, in 2017, a total of 2.4 billion attacks on critical information infrastructure were recorded in 2017, with that number rising to 4 billion in 2018. During the latest briefing on June 27, 2019, that is, after The New York Times article had been published, Deputy Director of the National Coordination Centre for Computer Incidents Nikolai Murashov noted: “An analysis of the information received by GosSOPKA shows that the majority of attacks aim to steal information. Criminals primarily target information about Russian defense, nuclear, energy and missile engineering technologies, as well as information from public administration systems. At the same time, “attacks on Russian information resources typically go through control centers [botnets] that are located in the European Union or the United States.”

The Capabilities of the United States and the Reality of the Attacks

Unfortunately, the truth of the matter is that, instead of developing international cooperation on the safe use of the ICT environment, the United States significantly increased its potential for destructive cyber operations in recent years. This was reflected above all in the elevation of the United States Cyber Command and the adoption of the relevant directive in 2018, which simplified the process of greenlighting cyber operations significantly. One extremely important document is the current National Defense Authorization Act, [ ] which confirms the military’s authority to conduct so-called “clandestine” activities.

At the same time, such activities and operations are carried out in order to prepare the environment, conduct information operations, demonstrate the power, and as a deterrent. By “prepare the environment,” we clearly mean the search for vulnerabilities in the computer systems and networks of the alleged enemy and/or introduce resident malware.

It is common knowledge that the Vulnerabilities Equities Process, which started to take shape back in 2008 in accordance with National Security Presidential Directive 54 (NSPD-54), has been operating in the United States for quite a while now. The purpose of the Process is to examine new ICT vulnerabilities that are not known to the general public and make appropriate decisions regarding their use. Accordingly, the decision can be made to either inform all interested parties or conceal the information in the event that the vulnerability that has been detected could be used for surveillance, law enforcement or national security purposes. Another seminal document in this Process is the “Joint Plan for the Coordination and Application of Offensive Capabilities to Defend U.S. Information Systems.” We can conclude that, taken together, these documents aim to create mechanisms at the state level for searching, analyzing and selecting vulnerabilities, which are effectively the components of cyberweapons.

At critically important enterprises, ICT systems can be used that in one form or another harness commercially available mass-produced (so-called “off the shelf”) components. The vulnerabilities of such components have been studied in greater deal, which is why cyberattacks are more likely to target them. What is more, we cannot rule out the possibility that undocumented functions (so-called “bookmarks”) may be present in off the shelf components. Moreover, this may even occur without the consent of the manufacturer. The United States Intelligence Community, specifically the National Security Agency’s Office of Tailored Access Operations has developed an entire catalog of hardware and software back doors that the Office can use to access servers, work stations, telephone lines and industrial process control systems.

Taking all this into account, we can argue that right now not only does the United States have the power, means, normative and regulatory support, but also the political will to actively use destructive ICT capabilities. In this regard, we should note that all of the United States’ current strategic planning documents name Russia, China, Iran, and North Korea as its main opponents, and these countries are likely to be the targets of any cyberattacks. National Security Advisor of the United States John Bolton confirmed as much at a conference held by The Wall Street Journal this past June (just a few days before The New York Times published its article). Among other things, he noted that “The purpose [of carrying out cyber-offensives]… is to say to Russia, or anybody else that’s engaged in cyber operations against us, ‘you will pay the price.’” This is why President Trump decided not to respond with force when tensions between the United States and Iran escalated after the Islamic Republic of Iran Air Defense Force shot down a U.S. drone. Instead, according to media reports, the United States Cyber Command carried out a cyberattack against Iranian units that were allegedly involved in the attacks on oil tankers in the Gulf of Oman the previous week, even though the United States provided no evidence to support its claim.

Cyberattacks and International Law

The legitimacy of the attack, like many others, is questionable. Similarly, international legal proceedings have yet to be launched against the United States in connection with the cyberattacks on Iranian nuclear facilities in 2010, and it is unlikely that any action will ever be taken. Unfortunately, instead of carrying out the proper investigations into such incidents, the United States and its allies resort to the mechanism of publicly naming the culprit instead of any real evidence that a state has committed malicious actions. In accordance with the new U.S. strategies, it can apply all available levers of influence on these countries, from economic sanctions to cyberattacks.

At the same time, the international community already has a certain constructive basis for ensuring peaceful coexistence in the ICT environment, including the protection of critical infrastructure. We are talking primarily about the voluntary and non-binding norms, rules and principles of the responsible behavior of states that were developed in 2015 by the United Nations Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UN GGE) and presented in the corresponding report. Representatives from the United States were involved in the work of this Group and endorsed the adoption of the report. Several standards proposed by the GGE directly address the problem of ensuring the safety of critical infrastructure facilities. Item f) says that “A State should not conduct or knowingly support ICT activity contrary to its obligations under international law that intentionally damages critical infrastructure or otherwise impairs the use and operation of critical infrastructure to provide services to the public.” Item g) calls upon states to take appropriate measures to protect their critical infrastructure from ICT threats. Finally, item h) says that “States should also respond to appropriate requests to mitigate malicious ICT activity aimed at the critical infrastructure of another State emanating from their territory, taking into account due regard for sovereignty.” The latest U.S. strategies repeatedly stress the necessity of promoting and implementing the norms and principles put forward by the GGE in any way possible. The incursion into Russia’s electric power grid, if it did indeed take place, is a gross violation on the part of the United States of the rules that it helped develop in the first place. Moreover, the ICT4Peace Foundation stated in an open message that civilian power grids are not legitimate military targets, which indicates that this is a violation of the provisions of international humanitarian law.

The media frequently talks about cyber countermeasures, which are primarily used to send “signals” to potential adversaries and let them know that the United States is aware of malicious activity being carried out. The goal is to deter opponents and increase stability. It is clear that “signals” sent by way of an attack on civilian facilities can only lead to escalation. One of the ideas that forms the basis of the new cyber strategy of the United States is to achieve peace through power. But this peace, where the norms and rules apply to some countries but not others, will be neither stable nor free.

Critical structure protection is in many ways a national task. At the same time, there are a number of problems that can only be solved at the international level. It seems that right now the only productive way to tackle these problems is to develop mechanisms for introducing and implementing the relevant norms, rules, and principles of the responsible behavior of states – rules that will be common for all.

From our partner RIAC

Continue Reading
Comments

Intelligence

Burning Planet: Climate Fires and Political Flame Wars Rage

MD Staff

Published

on

Economic and political polarization will rise this year, as collaboration between world leaders, businesses and policy-makers is needed more than ever to stop severe threats to our climate, environment, public health and technology systems. This points to a clear need for a multistakeholder approach to mitigating risk at a time when the world cannot wait for the fog of geopolitical disorder to lift. These are the findings of the World Economic Forum’s Global Risks Report 2020, published today.

The report forecasts a year of increased domestic and international divisions and economic slowdown. Geopolitical turbulence is propelling us towards an “unsettled” unilateral world of great power rivalries at a time when business and government leaders must focus urgently on working together to tackle shared risks.

Over 750 global experts and decision-makers were asked to rank their biggest concerns in terms of likelihood and impact and 78% said they expect “economic confrontations” and “domestic political polarization” to rise in 2020.

This would prove catastrophic, particularly for addressing urgent challenges like the climate crisis, biodiversity loss and record species decline. The report, produced in partnership with Marsh & McLennan and Zurich Insurance Group, points to a need for policy-makers to match targets for protecting the Earth with ones for boosting economies – and for companies to avoid the risks of potentially disastrous future losses by adjusting to science-based targets.

For the first time in the survey’s 10-year outlook, the top five global risks in terms of likelihood are all environmental. The report sounds the alarm on:

  • Extreme weather events with major damage to property, infrastructure and loss of human life
  • Failure of climate-change mitigation and adaptation by governments and businesses.
  • Human-made environmental damage and disasters, including environmental crime, such as oil spills, and radioactive contamination.
  • Major biodiversity loss and ecosystem collapse (terrestrial or marine) with irreversible consequences for the environment, resulting in severely depleted resources for humankind as well as industries.
  • Major natural disasters such as earthquakes, tsunamis, volcanic eruptions, and geomagnetic storms.

It adds that unless stakeholders adapt to “today’s epochal power-shift” and geopolitical turbulence – while still preparing for the future – time will run out to address some of the most pressing economic, environmental and technological challenges. This signals where action by business and policy-makers is most needed.

“The political landscape is polarized, sea levels are rising and climate fires are burning. This is the year when world leaders must work with all sectors of society to repair and reinvigorate our systems of cooperation, not just for short-term benefit but for tackling our deep-rooted risks,” said Borge Brende, President of the World Economic Forum.

The Global Risks Report is part of the Global Risks Initiative which brings stakeholders together to develop sustainable, integrated solutions to the world’s most pressing challenges.

Systems-level thinking is required to confront looming geopolitical and environmental risks, and threats that may otherwise fall under the radar. This year’s report focuses explicitly on impacts from rising inequality, gaps in technology governance, and health systems under pressure.

John Drzik, Chairman of Marsh & McLennan Insights, said: “There is mounting pressure on companies from investors, regulators, customers, and employees to demonstrate their resilience to rising climate volatility. Scientific advances mean that climate risks can now be modeled with greater accuracy and incorporated into risk management and business plans. High profile events, like recent wildfires in Australia and California, are adding pressure on companies to take action on climate risk at a time when they also face greater geopolitical and cyber risk challenges.”

To younger generations, the state of the planet is even more alarming. The report highlights how risks are seen by those born after 1980. They ranked environmental risks higher than other respondents, in the short- and long- terms. Almost 90% of these respondents believe “extreme heat waves”, “destruction of ecosystems” and “health impacted by pollution” will be aggravated in 2020; compared to 77%, 76% and 67% respectively for other generations. They also believe that the impact from environmental risks by 2030 will be more catastrophic and more likely.

Human activity has already caused the loss of 83% of all wild mammals and half of plants – which underpin our food and health systems. Peter Giger, Group Chief Risk Officer, Zurich Insurance Group warned of the urgent need to adapt faster to avoid the worst and irreversible impacts of climate change and to do more to protect the planet’s biodiversity:

“Biologically diverse ecosystems capture vast amounts of carbon and provide massive economic benefits that are estimated at $33 trillion per year – the equivalent to the GDP of the US and China combined. It’s critical that companies and policy-makers move faster to transition to a low carbon economy and more sustainable business models. We are already seeing companies destroyed by failing to align their strategies to shifts in policy and customer preferences. Transitionary risks are real, and everyone must play their part to mitigate them. It’s not just an economic imperative, it is simply the right thing to do,” he said.

The Global Risks Report 2020 has been developed with the invaluable support of the World Economic Forum’s Global Risks Advisory Board. It also benefits from ongoing collaboration with its Strategic Partners Marsh & McLennan and Zurich Insurance Group and its academic advisers at the Oxford Martin School (University of Oxford), the National University of Singapore and the Wharton Risk Management and Decision Processes Center (University of Pennsylvania).

Annex

Respondents were asked to assess: (1) the likelihood of a global risk occurring over the course of the next 10 years, and (2) the severity of its impact at a global level if it were to occur.

These are the top 5 risks by likelihood over the next 10 years:

  • Extreme weather events (e.g. floods, storms, etc.)
  • Failure of climate change mitigation and adaptation
  • Major natural disasters (e.g. earthquake, tsunami, volcanic eruption, geomagnetic storms)
  • Major biodiversity loss and ecosystem collapse
  • Human-made environmental damage and disasters

These are the top 5 risks by severity of impact over the next 10 years:

  • Failure of climate change mitigation and adaptation
  • Weapons of mass destruction
  • Major iodiversity loss and ecosystem collapse
  • Extreme weather events (e.g. floods, storms, etc.)
  • Water crises

Global risks are not isolated, and so respondents were asked to assess the interconnections between pairs of global risks.

These are the top most strongly connected global risks:

  • Extreme weather events + failure of climate change mitigation and adaptation
  • Large-scale cyberattacks + breakdown of critical information infrastructure and networks
  • High structural unemployment or underemployment + adverse consequences of technological advances
  • Major biodiversity loss and ecosystem collapse + failure of climate change mitigation and adaptation
  • Food crises + extreme weather events

Short-term risks: percentage of respondents who think a risk will increase in 2020:

  • Economic confrontations = 78.5%
  • Domestic political polarization = 78.4%
  • Extreme heat waves = 77.1%
  • Destruction of natural resource ecosystems = 76.2%
  • Cyberattacks: infrastructure = 76.1%

Continue Reading

Intelligence

Anti-Russian Ideology of Central Asian Salafi-Jihadi Groups: Causes and Consequences

Uran Botobekov

Published

on

Uzbek jihadists in Syria

Russia and Muhajireen are both interventionists in Syria

The Russian military intervention in the Syrian civil war has strengthened the anti-Russian ideological wave of the al-Qaeda-aligned Central Asian and North Caucasian Salafi-Jihadi groups fighting alongside the Hayat Tahrir al-Sham (HTS) against the Bashar al-Assad regime. After the outbreak of the Syrian civil war in 2011, fueled by the Arab Spring protests, several hundred Central Asian Islamic radicals, calling themselves Muhajireen (Migrants, i.e. Sunni foreign fighters), performed a Hijrah (the migration of Muslims for Jihad) in response to the call of al-Qaeda to Syria.

Since then, Syria’s northwest Idlib province, long a hotbed of armed resistance and the heartland of al-Qaeda-linked operations has become a real-life shelter for Muhajireen from the former Soviet Union and Chinese Xinjiang. Among them, the Uzbek groups Katibat al-Tawhid wal Jihad (KTJ) and Katibat Imam al-Bukhari (KTB), Uighur fighters of Turkestan Islamic Party (TIP), as well as Chechen’s Jaish al-Muhajireen wal-Ansar (JMA) and Ajnad al Kavkaz (AK) are affiliated with al Qaeda. They share al Qaeda’s ideological doctrine and consider its leader Ayman al-Zawahiri their ideological mastermind. The activities of TIP and KTJ jihadists, which have remained loyal to al Qaeda but simultaneously subordinate to HTS, indicate that they have become a link between al Qaeda and HTS after their formal detachment of ties. That is, today they coordinate all their military operations in Syria and conduct them under the leadership of the Hayat Tahrir al-Sham, the largest Sunni jihadist group, controlling most of Idlib province which is the last major opposition stronghold.

At the beginning of the Syrian jihad, the ideology of the Central Asian Salafi groups was not particularly distinguished by anti-Russian hostility but after the Russian invasion of Syria in support of the Bashar al-Assad regime in 2015, Central Asian jihadists and the Russian military found themselves on opposite sides of the front line and became sworn enemies. This was also facilitated by the fact that many Uzbek and Tajik Muhajireen came from Russia, where they worked as labor migrants and were often discriminated against by Russian nationalists. They also experienced moral and psychological humiliation by the corrupt Russian police, local officials and employers. Some Mujahideen admitted on the social networks Telegram and Odnoklassniki that the unfair Russian reality inflicted unbearable humiliation which contributed to their migration to Syria and joining jihadist groups.That is, the anti-Russian ideology of the Central Asian Salafi-Jihadi groups appeared not only because of the radicalization of their religious views but also as a response to discrimination by Russian nationalists and the invasion of Russian troops in Syria.Thus, over the past five years, al Qaeda’s Takfiri ideology of conducting global jihad against the infidel regimes of the West has been supplemented by the anti-Russian ideology of the Central Asian Muhajireen.

Abu Saloh, former leader of Katibat al-Tawhid wal Jihad, a famous ideologist of anti-Russian jihadism. His fighters swore allegiance to al Qaeda

In order to better understand the roots and causes of the anti-Russian ideology of the Central Asian Sunni extremist movements, it is necessary to analyze the Khutbah preaching (Sermons) of their leaders and famous ideologists during Jumma Namaz (Muslim Friday Prayer Service), which they actively disseminate on the Internet in Uzbek, Russian, Tajik, Kyrgyz, and Arabic.

Characteristic features of the Muhajireen’s anti-Russian ideology

Over the past five years, Idlib has become not only the real-life shelter for Russian-Speaking foreign fighters but also the place of fueling the aggressive anti-Russian ideology of the Central Asian Salafi-Jihadi groups. It’s interesting to note that they are actively using the Russian entrepreneur Durov’s social networking Telegram channel to widely disseminate anti-Russian ideology. Central Asian Muhajireen have the radio station “Voice of Sham” which also has the website “www.muhajeer.com” and provides daily updates over ten channels on Telegram through which they praise holy Jihad and spread anti-Russian propaganda.

Leaders and ideologues of the Central Asian Salafi-Jihadi groups advance the idea that al-Qaeda’s global network needs more support from like-minded Muslims around the world, who are willing to help its jihad. Therefore, in order to catalyze support, mobilize the base, and expand awareness of the Syrian jihad, they are waging an active “anti-Russian ideological war” on the Internet. Jihadist websites are designed to entice, inform, and rally Russian-speaking Muslims to join in the fight to safeguard Islam in Syria.

The ideologues and propagandists of al Qaeda-linked Central Asian movements seek to use Moscow’s heavy hand to recruit new fighters and accumulate financial resources.Each time after the Russian aviation’s scorched-earth tactics and indiscriminate bombing of civilian areas in the province of Idlib, the anti-Russian ideology of Central Asian jihadists intensifies on the Internet.

KTJ former leader Abu Saloh (his real name Sirojiddin Mukhtarov), who possesses excellent oratory skills and deep knowledge of the Quran, is the fiery voice of the anti-Russian ideology. He urges his listeners to establish religiously pure communities governed by a strict Salafi reading of Sharia or Islamic law.He regards modern post-Soviet countries in Central Asia to be illegitimate and desires not only the overthrow of these states but the creation of a new theocratic state in their place that unites all Muslims and, ultimately, a global Islamic Caliphate.In his opinion, the ideal conditions for conducting jihad today arose precisely in Syria and the Muslim Ummah should achieve an inevitable victory over the enemies of Islam by which he means not only the West but also the Bashar al-Assad’s regime, its military and political patrons, Russia and Iran. Abu Saloh believes that the victory of the Ahlus Sunnah (Sunni Islam) begins precisely with the holy land of Sham, where the Prophet Muhammad and his Sahaba (companions) shed their blood to raise the banner of jihad.

Abu Yusuf Muhojir, leader of Katibat Imam al-Bukhari, is an ardent foe of Russia. His group swore allegiance to Taliban

In the last video published on December 26, 2019, on Telegram, entitled “Appeal from the Blessed Sham to the Muslim Ummah” he calls on Muslims of Central Asia and Russia to make financial donations for jihad. He argues that jihad can be done in the path of Allah against the infidels in three ways: by one’s life, wealth, and speech. If Central Asian migrant workers in Russia make financial donations to support jihad in Syria, then Allah will consider them as participants in holy jihad who have fulfilled their mission to the Almighty. Participation in the wealth jihad will atone for their sins before Allah on Judgment Day. Therefore, migrant workers are required to participate in the wealth jihad, even while in Russia, he said. He calls on Central Asian Muslims not to become slaves of Russian kafirs (infidel) and warns that jihad is an obligation of every Muslim and that any Muslim who denies its sanctity should be considered as a kufr (unbeliever in Allah).

It should be noted that Russia accused Abu Saloh of the terror attack on St. Petersburg’s metro in April 2017 and the Kyrgyz authorities blamed him for the attack on the Chinese Embassy in Bishkek on August 30, 2016.He and his Uzbek-speaking fighters from the Fergana Valley of Central Asia swore allegiance to al-Qaeda leader Ayman al-Zawahiri.

Another well-known ideologist of Central Asian jihadism and a vocal critic of Russian occupation of Sham is the KIB’s leader Abu Yusuf Muhojir. On January 3, 2020, he posted his video message on the KIB’s webpage on Telegram entitled “Appeal from the mountain range Jebel al-Turkman of Latakia.”He claims that only jihad can to protect the Islam Ummah from Russia’s and Iran’s oppressors and free our occupied land of the blessed Sham from the terrorists of the Nusayri regime (Alawites).Following the concepts of the militant Salafi ideology, Abu Yusuf Muhojir regards violent jihad as an obligation for all Muslims and seeks to engage in jihad in both Khorasan and Sham, where opportunities have arisen.Then he quotes the Quran’s Surah of Al-Ankabut (The Spider) in Arabic and says that Allah is testing Muslims in Sham, and that only jihad will help us to pass this test with dignity. In conclusion, he said neither America nor Russia can close the path of holy jihad since jihad is the path to Allah. If the Mujahideen get killed in the jihad, he affirms that Allah himself will guide them and admit them to Paradise. Furthermore, Uzbek militants ofKIB have sworn allegiance to the Taliban and are conducting jihad in both Syria and Afghanistan.On March 22, 2018, the US State Department designated KIB a global terrorist organizations.

The root of the Jihadists’ anti-Russian ideology

The so-called “media activists” (Faruk Shami, Muhammad Jazira, Gulyam Muhammad,Saad Muhtor, Abdul Aziz Kazanly) who live and work among the Central Asian jihadists in Syria play a significant role in increasing anti-Russian ideology. They organize live broadcasts, interviews with leaders of Central Asian and Caucasian Salafi-Jihadi groups on YouTube and Instagram, and translate theological works of al Qaeda’s ideologues from Arabic into Russian, Uzbek, Tajik, Kyrgyz and Uighur.

One of the channels called “Mujahideen of Sham” in Kyrgyz on the Telegram, for instance, published short information: “Russian kafirs, who were the enemies of our ancestors, bombed the city of Sarakib on December 21, 2019, as a result of which they were killed more 120 innocent Muslims of Sham.” Further, this channel posted an audio message from a Kyrgyz Muhajir to the Russian military: “Oh, Russian infidels, keep your eyes peeled, we are attacking to shed your blood. As you love vodka, Zina (illicit sexual relations), so we are in a hurry to die in the name of Allah to stop the kafirs’ invasion on Islamic lands.”

Al Qaeda-linked Central Asian jihadists sometimes use some historical events of the Russian colonial policy of the 18-19 centuries in Central Asia to rally support for the Islamist agenda and radicalize those sympathetic to the plight of Muslims in Syria. The same channel “Mujahideen of Sham” writes: “Russian Tsarist forces, which killed tens of thousands of Kyrgyz during the Genocide of 1916, today are massacring innocent Muslims of the blessed Sham. The colonial policy of the Russian Empire continues. Make dua (prayer) for Muslims of Sham.” It is probably about the ‘Urkun’ (“Exodus”) tragedy 1916, when 150 thousand Kyrgyz died during the uprising against Russian Tsarist forces and a mass exodus to China. Such information is aimed at winning the hearts and minds of Central Asian jihadists who are familiar with historical events.

Translation of books, essays and videos of medieval and modern jihadi thinkers from Arabic into Russian and local languages and its distribution on the Telegram channel is an important part of the work of Central Asian jihadists. Spreading classic works of Salafi-Takfiri thinkers help legitimize anti-Russian Jihadi ideology and stoke the fire of jihad. Crucial spiritual nourishment for Central Asian Muhajireen are the essays of Ibn Taymiyyah, Abd al-Wahhab, Sayyid Qutb, Abdullah Azzam, Abu Muhammad al-Maqdisi, Sulayman al-ʿAlwān, Osama bin Laden, Ayman al-Zawahiri, Abu Qatada al-Filistini and other scholars of Salafism. This clearly indicates the ideological affinity of Central Asian Muhajireen with transnational Islamic fundamentalist groups that utilize sacred violence in their war against Russia and the West. Moreover, KTJ, KIB, and TIP explicitly try to define its ideological and operational agenda as being intimately tied to an integrated effort of al Qaeda aimed at asserting the global dominance of Islam through armed jihad.

Despite the fact that the Central Asian jihadists are seen as a small cog in the transnational Sunni-Jihadi network, they are actually drawing up and spreading anti-Russian ideology in the post-Soviet space and the Middle East alongside Chechen and Uighur jihadists. They are using pejorative terms in reference to Russia such as “Russian terrorists,” “Russian bandits,” “Russian pig executioners,” as well as pejoratives directed toward Vladimir Putin such as “Putin is a killer,” “Putin is a war criminal,” and “Slaves of Putin’s Chef Prigozhin,” as well a variety of generalized pejoratives comparing Russians to Fascists, swine and vermin. 

The anti-Russian ideology of the Central Asian jihadists in Syria has gone far beyond the national and geographical framework and they are trying to create the image of Putin’s Russia as an enemy of the entire Muslim Ummah.The Russian military operation in support of the Bashar al-Assad regime, the destruction of hospitals, schools, and other social facilities in Idbil by Russian aircraft, the flow of refugees towards the Turkish borders, the deaths of hundreds of civilians, children and women from the bombing create a favorable background for strengthening the trend of anti-Russian ideology among the Muhajireen in Syria.

Muhajireen’s propagandists also skillfully manipulate the historical rivalry between Sunnis and Shia. The analysis showed that they consider the enemies of Ahl al-Sunna of all Nuseyrites, Rafidites and their ally Russian Crusaders. The Jihadi ideologists claim that Russia is a leading player in the global conspiracy to destroy Ahl al-Sunna in Sham, and therefore helps Nuseyrites. The call to defend the last stronghold of Ahl al-Sunna gives them the opportunity to recruit new militants from the Sunni population of Central Asia and Russia.

At the same time, some facts of atrocities and heinous crimes perpetrated by Russian mercenaries of the Wagner group and Iranian proxy militias in Syria, which became public knowledge, create spaces for promoting Central Asian Jihadi ideas. Recently, after a video appeared on the Internet in November 2019 in which four Russian mercenaries tortured, stabbed and beheaded a Syrian man, Russian President Putin has become the main target of criticism of Salafi-Jihadi agitators from the former Soviet countries. This gave Central Asian jihadists a reason to accuse Putin’s Russia of using terror policy against Islam and the Muslims of Sham.

In order to foment jihadist sentiments in the Russian speaking Eurasian region, Salafi-Jihadi ideologists are manipulating the strongman Putin’sphrase that “Syria has become a field for testing the latest Russian weapons systems.” They regularly publish victims’ photographs of Russian air bombing, which are intended to rally support for the Islamist agenda and radicalize those sympathetic to the plight of Sunni Muslims in northwest Syria. They wonder “how much longer will Putin’s terrorists be testing their weapons in Syria and using civilian Muslims as living targets?”

Conclusion

The Central Asian Muhajireen’s anti-Russian ideology and the aggressive imposition of global Jihadi ideas on the internet undoubtedly pose a threat to Russia’s national security but, at the same time, the major actors of the Syrian conflict, primarily Russia, Iran and the Syrian government must understand that further tightening the screws of the Syrian war, exacerbating the humanitarian catastrophe and a new mass influx of refugees, will lead to further strengthening of anti-Russian and anti-Shiite ideology. Because of this, Central Asian Jihadi groups, following the strategy of al Qaeda, are trying to infiltrate local Sunni communities of Syria, build influence there by expressing the interests of the Ansar (natives).

Continue Reading

Intelligence

U.S. vs Iran, a Cybersecurity Update

Dr.Luciano Magaldi

Published

on

The relationship between the United States and Iran has perhaps reached a very low levein in recent weeks, following the 1979 Khomenist Revolution and the occupation of the US Embassy in Tehran by Iranian students.

According to American sources, on 20th June the United States launched offensive cyber-operations against Iranian intelligence computer systems, the same day that the US President, Donald J. Trump, had before ordered a military attack and then revoked the order before it actually left.

The United States Cyber Command – a department recently promoted by Trump as a unified combat command under the direction of the Department of Defense – allegedly attacked the computer systems used to control missile and rocket launches.

Such a cyberattack would have been the White House‘s response to the actions of the Iranian authorities who, the day before, had shot down an American spy drone – a Global Hawk produced by Northrop Grumman – as it was guilty of violating the airspace of the Islamic Republic.

After accusations and threats to each other, the US President decided to impose new sanctions on Iran and Ayatollah Ali Khamenei. That was not welcomed by the Government of Tehran, which spoke, earlier, of “end of diplomatic path with the United States” and announced that it had exceeded the uranium enrichment limit imposed by the JCPOA – Joint Comprehensive Plan of Iran Nuclear Deal – from which the United States unilaterally exited in May 2018.

It remains to be seen, therefore, after the escalation of the last few weeks, whether the United States will try to make more and more use of cyber-attacks to solve the delicate international issues, primarily the Iranian one.

After the cyber-space was recognized as a strategic domain by NATO in 2016, on par with land, water, sky and space, it has been increasingly seen that countries use this domain to plead their own interests and also to carry out operations – this new type of military activity should not come as a surprise, because you only have to look at the National Cyber Strategy, published in September 2019 by the US, which shows that there has been a paradigm shift from what was the protection of American interests in the cyber space, moving from a more classical deterrence to the purpose of defence to a more offensive deterrence.

The fact that this document was only published last September suggests that the field of cybersecurity is fundamentally new and still to be explored.

On the one hand, cybernetic space is a totally man-made space and where you can have very high levels of ambiguity, through non-identification strategies from where attacks start, on the other hand, it is one of the most unregulated space at the level of behaviour that all countries shoud adopt with the specifice the responsibilities in cyber-operations.

This is a field in which the international law must be adapted as it is vital to understand how international law applies to the cyber-space and to see how it can be applied in practice: there is a long-time discussion between experts in the United Nations about cyber-space and, moreover, you can conduct operations that may fall into the category of attacks that are below the threshold of the use of force. So, it is still unclear whether a cyber-attack can be responded to with a classic attack byusing any classic military tools.

That is why American cybersecurity policy has changed in recent years, starting with the different pillars on which the National Cyber Strategy is based:

1) defending the homeland by protecting networks, systems, functions and data;promote American prosperity by fostering a secure digital economy and promoting strong domestic innovation;

2) preserving peace and security by strengthening the ability of the United States – along with allies and partners – to deter and, if necessary, punish those who use cyber-tools for malicious purposes;

3) expansion of American influence abroad to extend the key principles of an open, reliable and secure Internet.

Within the cyber-space, the United States have adopted a so-called “continuous engagement” – an ongoing commitment to counter possible threats even before they can materialize through targeted attacks, with the transition from a defensive to an offensive approach, with the American presence in the cyber-space that will more and more increas in order to actively dissuade potential enemies.

Historically, the United States are not new to carrying out cyber-attacks on Iran, in fact, as early as 2010, the United States and Israel are believed to have spread a virus, created by the US Government, to slow down the process of enriching uranium in Iran’s nuclear power plants.

That cyber-attack of the United States against the Iranian intelligence unit is part of a context that has seen Washington’s intensifying cyber-operations also against Russia and Iran – it is important to be aware of the cybersecurity space for their own interests and that they have had a particularly aggressive posture in this area.

The United States and Iran are two of the world’s most advanced, active and capable hacking powers at a time when governments regularly use cyber-attacks to achieve important goals and shape geopolitics.

Tensions between the two countries and their allies have produced a long history of extraordinary cyber-attacks in addition to traditional kinetic warfare – for these reasons, Iran’s revenge for the killing of General Qassim Suleimani could also be served on the ground of cyber-war.

Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency – CISA – of the U.S. Department of Homeland Security, warned the entire community to re-investigate Tehran’s tactics, procedures and techniques in detail in cyberspace, after reporting the increase in the activity of malicious cyber-attacks directed against the American companies and government agencies.

The hackers of the Iranian regime have increasingly used destructive windshield wipers in order to spear phishing, email scam to gain unauthorized access to sensitive data – it is a hackerial attempt to decode a common user password across multiple accounts before switching to a second password that allows you to circumvent account lockouts.

This is an attack that leverages the likelihood that people can use the same username and password to access multiple applications, sites, and services – in fact, cyber-criminals are able to get the details of stolen accounts from a platform and implement the bots needed to log into many other accounts with the same credentials.

Once they have found a way to log in, the criminals will break the account by making fraudulent purchases or stealing confidential information – before the 2015 nuclear deal was negotiated between the United States, Iran, Europe, Russia and China, Iranian hackers regularly targeted American financial companies and critical infrastructure.

Over the past year, Iran and the United States have repeatedly targeted each other in hacking operations – Iranian government hackers have attempted to breach President Trump’s re-election campaign: in fact the U.S. Cyber Command reportedly warned against Iran’s paramilitary force attacks during a period of high tensions, earlier this year.

More than 150 American sites have already been victims of defacement by Iranian hackers also because of the supreme leader, Ayatollah Ali Khamenei, had promised “a strong vengeance” for Suleimani’s killing – this is a modern conflict, to date not only threatened but it is a long-time a cyber war – in recent days, hackers of Tehran have hacked the website of the Federal Depository Library Program – FDLP – with a defacement operation, leaving a message stating that “this is only a small part of Iran’s cyber-capabilities.”

The attack targeted a “weak” target, but it is a sign that the Islamic Republic’s cyber-army has been activated to strike US-linked targets, any critical infrastructure in particular..

The U.S. cyber-army believe, in fact, that the attacks could take place in five ways:

– DDoS attacks, in which you flood a site with access requests and crash it.

– data deletion (or wiper attack), actions to delete data in infected databases.

– attacks on industrial control systems, information-related operations and as well as cyber espionage.

The latter two to steal data for use then in physical, military actions – for example, by committing targeted murders or attacks on infrastructure.

But the Islamic Republic could suffer from the American reaction far more damage than it could cause: it has already happened in the past, as confirmed by the head of the “cyber police” in Tehran, General Kamal Hadianfar, who admitted that Iran in 2017 suffered 296 serious cyber-attacks against paramount infrastructures and on several occasions some experts in the field were mysteriously dead.

In conclusion, after sanctions and threats on both sides, could we really lead to an escalation of cyber-attacks and, because of that, does it seem to be a new Cold War ?

Continue Reading

Latest

Defense1 hour ago

Looking Behind the Daily News: Informed Narratives on Israel’s Nuclear Challenges

“The rational is not thinkable without its other, the non-rational, and it never appears in reality without it.”-Karl Jaspers, Reason...

Economy2 hours ago

Iran: Trade centers in regional countries to spur non-oil exports

Reimposition of the U.S. sanctions on Iranian economy has led the Islamic Republic to reduce its dependence on oil revenues...

Environment3 hours ago

1t.org Announced to Accelerate Nature Restoration to Tackle Climate and Biodiversity Crises

1t.org is a World Economic Forum initiative, designed to support the trillion tree community. It is being set up with...

South Asia4 hours ago

Genocide: Terrible and scaring ground situation in India

Washington D.C: Dr. Gregory Stanton, founder of Genocide Watch, addressed an audience of Congressional and Government officials at a briefing...

International Law5 hours ago

Fundamental legacy of The Nuremberg and Tokyo Trials (1945-1948)

These – rather unfortunate – days some voices in Europe are trying, in a quite a historical fashion, to question...

Reports6 hours ago

CEO pessimism over global growth reaches record high

As we enter a new decade, CEOs are showing record levels of pessimism in the global economy, with 53% predicting...

Middle East7 hours ago

Turkey’s Role in the Libyan Conflict

On January 8, 2020, Russian President Vladimir Putin and Turkish President Recep Erdogan met in Istanbul. Discussions focused on the...

Trending