The significant breach and vulnerabilities recently discovered by vpn Mentor researchers within Suprema’s BioStar 2 database are enough to scare any potential end user away from biometric security measures. With potentially over 1 million fingerprint biometrics and user passwords exposed in the breach, BioStar 2 has become the first major example of how biometric access still has its own vulnerabilities that vendors, integrators, and end users must be aware of before implementing any of these solutions within their organization.
The most egregious of BioStar 2’s vulnerabilities were its biometric database that was unprotected when connected to the internet and a lack of encryption for stored fingerprints and facial recognition bases. This allowed hackers to get into the biometric database and access stored user fingerprints and facial data, potentially add and change user profiles, and provide a convenient entry point into the end-user’s total network. Hackers were able to access passwords and log entries listing user names, profiles, biometric data, and passwords for user and administrator accounts listed in plain text—some of the most valuable data for fraudsters to obtain.
The consequences of data like this falling into the wrong hands could be catastrophic to an end user, particularly considering the breadth of BioStar 2’s customer base. Affected customers include gyms, co-working spaces, software consultancies, and consumer foods, medical, and industrial products manufacturers. It hits Suprema’s global customer base throughout North America, Europe, Asia, and the Middle East. Suprema has shown interest in expanding BioStar 2’s customer base to include government, banking, and law enforcement—verticals that will quickly shy away from any security vendor that does not have proper data security protocols in place.
Biometric data points, such as fingerprints and facial data, simply cannot be stored as full, unencrypted data points; current industry expertise emphasizes the need to have this data saved in a hashed format, preventing the biometric from being reverse-engineered by hackers. Since users cannot change their face or fingerprint, the onus falls on security vendors to ensure that processes similar to reverse hashing and database encryption pieces are top-tier to protect this valuable data from falling into the wrong hands.
While this may be one of the first data breaches to target biometric data, it most certainly will not be the last. The sheer scale of BioStar 2, unfortunately, made the system one of the first to reveal the vulnerabilities of biometric access control solutions; however, this will not stop the exponential growth and adoption rates of biometric solutions. Fingerprint and facial recognition remain the most in-demand biometrics out there for physical access solutions across various industries. This breach will not scare away potential end-user purchases; rather, it will serve to inform them of the types of security protocols a vendor must have in place before a potential end user finalizes any new system purchase. Vendors must be ready to answer end-user questions about data access, precisely how their solution stores biometric data, and what encryption protocols are in place.
End users are quickly assessing their own risk profiles and the best solutions to protect their organization. Any biometric security vendor unwilling or unable to best address an end-users’ risk concerns and data protection questions will quickly see their stature in this high-growth market diminish.
An Underdeveloped Discipline: Open-Source Intelligence and How It Can Better Assist the U.S. Intelligence Community
Open-Source Intelligence (OSINT) is defined by noted intelligence specialists Mark Lowenthal and Robert M. Clark as being, “information that is publicly available to anyone through legal means, including request, observation, or purchase, that is subsequently acquired, vetted, and analyzed in order to fulfill an intelligence requirement”. The U.S. Naval War College further defines OSINT as coming from, “print or electronic form including radio, television, newspapers, journals, the internet, and videos, graphics, and drawings”. Basically, OSINT is the collection of information from a variety of public sources, including social media profiles and accounts, television broadcasts, and internet searches.
Historically, OSINT has been utilized by the U.S. since the 1940s, when the United States created the Foreign Broadcast Information Service (FBIS) which had the sole goal (until the 1990s) of, “primarily monitoring and translating foreign-press sources,” and contributing significantly during the dissolution of the Soviet Union. It was also during this time that the FBIS transformed itself from a purely interpretation agency into one that could adequately utilize the advances made by, “personal computing, large-capacity digital storage, capable search engines, and broadband communication networks”. In 2005, the FBIS was placed under the Office of the Director of National Intelligence (ODNI) and renamed the Open Source Center, with control being given to the CIA.
OSINT compliments the other intelligence disciplines very well. Due to OSINT’s ability to be more in touch with public data (as opposed to information that is more gleaned from interrogations, interviews with defectors or captured enemies or from clandestine wiretaps and electronic intrusions), it allows policymakers and intelligence analysts the ability to see the wider picture of the information gleaned. In Lowenthal’s own book, he mentions how policymakers (including the Assistant Secretary of Defense and one of the former Directors of National Intelligence (DNI)) enjoyed looking at OSINT first and using it as a “starting point… [to fill] the outer edges of the jigsaw puzzle”.
Given the 21stcentury and the public’s increased reliance upon technology, there are also times when information can only be gleaned from open source intelligence methods. Because “Terrorist movements rely essentially on the use of open sources… to recruit and provide virtual training and conduct their operations using encryption techniques… OSINT can be valuable [in] providing fast coordination among officials at all levels without clearances”. Intelligence agencies could be able to outright avoid or, at a minimum, be able to prepare a defense or place forces and units on high alert for an imminent attack.
In a King’s College-London research paper discussing OSINT’s potential for the 21stcentury, the author notes, “OSINT sharing among intelligence services, non-government organizations and international organizations could shape timely and comprehensive responses [to international crises or regime changes in rogue states like Darfur or Burma],” as well as providing further information on a country’s new government or personnel in power. This has been exemplified best during the rise of Kim Jong-Un in North Korea and during the 2011 Arab Spring and 2010 earthquake that rocked Haiti. However, this does not mean that OSINT is a superior discipline than other forms such as SIGINT and HUMINT, as they are subject to limitations as well. According to the Federation of American Scientists, “Open source intelligence does have limitations. Often articles in military or scientific journals represent a theoretical or desired capability rather than an actual capability. Censorship may also limit the publication of key data needed to arrive at a full understanding of an adversary’s actions, or the press may be used as part of a conscious deception effort”.
There is also a limit to the effectiveness of OSINT within the U.S. Intelligence Community (IC), not because it is technically limited, but limited by the desire of the IC to see OSINT as a full-fledged discipline. Robert Ashley and Neil Wiley, the former Director of the Defense Intelligence Agency (DIA) and a former Principal Executive within the ODNI respectively, covered this in a July article for DefenseOne, stating “…the production of OSINT is not regarded as a unique intelligence discipline but as research incident to all-source analysis or as a media production service… OSINT, on the other hand, remains a distributed activity that functions more like a collection of cottage industries. While OSINT has pockets of excellence, intelligence community OSINT production is largely initiative based, minimally integrated, and has little in the way of common guidance, standards, and tradecraft… The intelligence community must make OSINT a true intelligence discipline on par with the traditional functional disciplines, replete with leadership and authority that enables the OSINT enterprise to govern itself and establish a brand that instills faith and trust in open source information”. This apprehensiveness by the IC to OSINT capabilities has been well documented by other journalists.
Some contributors, including one writing for The Hill, has commented that “the use of artificial intelligence and rapid data analytics can mitigate these risks by tipping expert analysts on changes in key information, enabling the rapid identification of apparent “outliers” and pattern anomalies. Such human-machine teaming exploits the strengths of both and offers a path to understanding and even protocols for how trusted open-source intelligence can be created by employing traditional tradecraft of verifying and validating sourcing prior to making the intelligence insights available for broad consumption”. Many knowledgeable and experienced persons within the Intelligence Community, either coming from the uniformed intelligence services or civilian foreign intelligence agencies, recognize the need for better OSINT capabilities as a whole and have also suggested ways in which potential security risks or flaws can be avoided in making this discipline an even more effective piece of the intelligence gathering framework.
OSINT is incredibly beneficial for gathering information that cannot always be gathered through more commonly thought of espionage methods (e.g., HUMINT, SIGINT). The discipline allows for information on previously unknown players or new and developing events to become known and allows policymakers to be briefed more competently on a topic as well as providing analysts and operators a preliminary understanding of the region, the culture, the politics, and current nature of a developing or changing state. However, the greatest hurdle in making use of OSINT is in changing the culture and the way in which the discipline is currently seen by the U.S. Intelligence Community. This remains the biggest struggle in effectively coordinating and utilizing the intelligence discipline within various national security organizations.
Online Radicalization in India
Radicalization, is a gradual process of developing extremist beliefs, emotions, and behaviours at individual, group or mass public levels. Besides varied groups, it enjoys patronization, covertly and even overtly from some states. To elicit change in behavior, beliefs, ideology, and willingness, from the target-group, even employment of violent means is justified. Despite recording a declination in terror casualties, the 2019 edition of the Global Terrorism Index claims an increase in the number of terrorism-affected countries. With internet assuming a pivotal role in simplifying and revolutionizing the communication network and process, the change in peoples’ lives is evident. Notably, out of EU’s 84 %, daily internet using population, 81%, access it from home (Eurostat, 2012, RAND Paper pg xi). It signifies important changes in society and extremists elements, being its integral part, internet’ role, as a tool of radicalization, cannot be gainsaid. Following disruption of physical and geographical barriers, the radicalized groups are using the advancement in digital technology: to propagate their ideologies; solicit funding; collecting informations; planning/coordinating terror attacks; establishing inter/intra-group communication-networks; recruitment, training and media propaganda to attain global attention.
In recent times, India has witnessed an exponential growth in radicalization-linked Incidents, which apparently belies the official figures of approximate 80-100 cases. The radicalization threat to India is not only from homegrown groups but from cross-border groups of Pakistan and Afghanistan as well as global groups like IS. Significantly, Indian radicalized groups are exploiting domestic grievances and their success to an extent, can mainly be attributed to support from Pakistani state, Jihadist groups from Pakistan and Bangladesh. The Gulf-employment boom for Indian Muslims has also facilitated radicalization, including online, of Indian Muslims. A close look at the modus operandi of these attacks reveals the involvement of local or ‘homegrown’ terrorists. AQIS formed (2016) ‘Ansar Ghazwat-ul-Hind’ in Kashmir with a media wing ‘al-Hurr’.
IS announced its foray into Kashmir in 2016 as part of its Khorasan branch. In December 2017 IS in its Telegram channel used hashtag ‘Wilayat Kashmir’ wherein Kashmiri militants stated their allegiance with IS. IS’ online English Magazine ‘Dabiq’ (Jan. 2016) claimed training of fighters in Bangladesh and Pakistan for attacks from western and Eastern borders into India.Though there are isolated cases of ISIS influence in India, the trend is on the rise. Presently, ISIS and its offshoots through online process are engaged in spreading bases in 12 Indian states. Apart from southern states like Telangana, Kerala, Andhra Pradesh, Karnataka, and Tamil Nadu — where the Iran and Syria-based terrorist outfit penetrated years ago — investigating agencies have found their links in states like Maharashtra, West Bengal, Rajasthan, Bihar, Uttar Pradesh, Madhya Pradesh, and Jammu and Kashmir as well. The Sunni jihadists’ group is now “most active” in these states across the country.
Undermining Indian Threat
Significantly, undermining the radicalization issue, a section of intelligentsia citing lesser number of Indian Muslims joining al-Qaeda and Taliban in Afghanistan and Islamic State (IS) in Iraq, Syria and Middle East, argue that Indian Muslim community does not support radicalism-linked violence unlike regional/Muslim countries, including Pakistan, Afghanistan, Bangladesh and Maldives. They underscore the negligible number of Indian Muslims, outside J&K, who supports separatist movements. Additionally, al- Qaeda and IS who follows the ‘Salafi-Wahabi’ ideological movement, vehemently oppose ‘Hanafi school’ of Sunni Islam, followed by Indian Muslims. Moreover, Indian Muslims follows a moderate version even being followers of the Sunni Ahle-Hadeeth (the broader ideology from which Salafi-Wahhabi movement emanates). This doctrinal difference led to the failure of Wahhabi groups online propaganda.
Radicalisation Strategies/methods: Indian vs global players
India is already confronting the online jihadist radicalization of global jihadist organisations, including al-Qaeda in the Indian Subcontinent (AQIS), formed in September 2014 and Islamic State (IS). However, several indigenous and regional groups such as Indian Mujahideen (IM), JeM, LeT, the Taliban and other online vernacular publications, including Pakistan’s Urdu newspaper ‘Al-Qalam’, also play their role in online radicalisation.
Indian jihadist groups use a variety of social media apps, best suited for their goals. Separatists and extremists in Kashmir, for coordination and communication, simply create WhatsApp groups and communicate the date, time and place for carrying out mass protests or stone pelting. Pakistan-based terror groups instead of online learning of Islam consider it mandatory that a Muslim radical follows a revered religious cleric. They select people manually to verify their background instead of online correspondence. Only after their induction, they communicate online with him. However, the IS, in the backdrop of recent defeats, unlike Kashmiri separatist groups and Pak-based jihadist mercenaries, runs its global movement entirely online through magazines and pamphlets. The al-Qaeda’s you tube channels ‘Ansar AQIS’ and ‘Al Firdaws’, once having over 25,000 subscriptions, are now banned. Its online magazines are Nawai Afghan and Statements are in Urdu, English, Arabic, Bangla and Tamil. Its blocked Twitter accounts, ‘Ansarul Islam’ and ‘Abna_ul_Islam_media’, had a following of over 1,300 while its Telegram accounts are believed to have over 500 members.
Adoption of online platforms and technology
Initially, Kashmir based ‘Jaish-E-Mohammad’ (JeM) distributed audio cassettes of Masood Azhar’s speeches across India but it joined Internet platform during the year 2003–04 and started circulating downloadable materials through anonymous links and emails. Subsequently, it started its weekly e-newspaper, Al-Qalam, followed by a chat group on Yahoo. Importantly, following enhanced international pressure on Pak government after 26/11, to act against terrorist groups, JeM gradually shifted from mainstream online platform to social media sites, blogs and forums.
Indian Mujahideen’s splinter group ‘Ansar-ul-Tawhid’ the first officially affiliated terror group to the ISIS tried to maintain its presence on ‘Skype’, ‘WeChat’ and ‘JustPaste’. IS and its affiliates emerged as the most tech-savvy jihadist group. They took several measures to generate new accounts after repeated suspension of their accounts by governments. An account called as ‘Baqiya Shoutout’ was one such measure. It stressed upon efforts to re-establish their network of followers through ‘reverse shout-out’ instead of opening a new account easily.
Pakistan-backed terrorist groups in India are increasingly becoming technology savvy. For instance, LeT before carrying out terrorist attacks in 2008 in Mumbai, used Google Earth to understand the targeted locations.
IS members have been following strict security measures like keeping off their Global Positioning System (GPS) locations and use virtual private network (VPN), to maintain anonymity. Earlier they were downloading Hola VPN or a similar programme from a mobile device or Web browser to select an Internet Protocol (IP) address for a country outside the US, and bypass email or phone verification.
Rise of radicalization in southern India
Southern states of India have witnessed a rise in radicalization activities during the past 1-2 years. A substantial number of Diaspora in the Gulf countries belongs to Kerala and Tamil Nadu. Several Indian Muslims in Gulf countries have fallen prey to radicalization due to the ultra-conservative forms of Islam or their remittances have been misused to spread radical thoughts. One Shafi Armar@ Yusuf-al-Hindi from Karnataka emerged as the main online IS recruiter for India. It is evident in the number of raids and arrests made in the region particularly after the Easter bomb attacks (April, 21, 2019) in Sri Lanka. The perpetrators were suspected to have been indoctrinated, radicalised and trained in the Tamil Nadu. Further probe revealed that the mastermind of the attacks, Zahran Hashim had travelled to India and maintained virtual links with radicalised youth in South India. Importantly, IS, while claiming responsibility for the attacks, issued statements not only in English and Arabic but also in South Indian languages viz. Malayalam and Tamil. It proved the existence of individuals fluent in South Indian languages in IS linked groups in the region. Similarly, AQIS’ affiliate in South India ‘Base Movement’ issued several threatening letters to media publications for insulting Islam.
IS is trying to recruit people from rural India by circulating the online material in vernacular languages. It is distributing material in numerous languages, including Malayalam and Tamil, which Al Qaeda were previously ignoring in favour of Urdu. IS-linked Keralite followers in their propaganda, cited radical pro-Hindutva, organisations such as the Rashtriya Swayam Sevak (RSS) and other right-wing Hindu organisations to motivate youth for joining the IS. Similarly, Anti-Muslim incidents such as the demolition of the Babri Masjid in 1992 are still being used to fuel their propaganda. IS sympathisers also support the need to oppose Hindu Deities to gather support.
Radicalization: Similarities/Distinctions in North and South
Despite few similarities, the radicalisation process in J&K is somewhat different from the states of Kerala, Karnataka, Tamil Nadu, Andhra Pradesh, Maharashtra, Telangana and Gujarat. Both the regions have witnessed a planned radicalization process through Internet/social media for propagating extremist ideologies and subverting the vulnerable youth. Both the areas faced the hard-line Salafi/Wahhabi ideology, propagated by the extremist Islamic clerics and madrasas indulged in manipulating the religion of Islam. Hence, in this context it can be aptly claimed that terror activities in India have cooperation of elements from both the regions, despite their distinct means and objectives. Elements from both regions to an extent sympathise to the cause of bringing India under the Sharia Law. Hence, the possibility of cooperation in such elements cannot be ruled out particularly in facilitation of logistics, ammunitions and other requisite equipment.
It is pertinent to note that while radicalisation in Jammu and Kashmir is directly linked to the proxy-war, sponsored by the Pakistan state, the growth of radicalisation in West and South India owes its roots to the spread of IS ideology, promotion of Sharia rule and establishment of Caliphate. Precisely for this reason, while radicalised local Kashmiris unite to join Pakistan-backed terror groups to fight for ‘Azadi’ or other fabricated local issues, the locals in south rather remain isolated cases.
Impact of Radicalisation
The impact of global jihad on radicalization is quite visible in West and South India. Majority of the radicalised people, arrested in West and South India, were in fact proceeding to to join IS in Syria and Iraq. It included the group of 22 people from a Kerala’s family, who travelled (June 2016) to Afghanistan via Iran. There obvious motivation was to migrate from Dar-ul-Harb (house of war) to Dar-ul-Islam (house of peace/Islam/Deen).
While comparing the ground impact of radicalization in terms of number of cases of local militants in J&K as well as IS sympathisers in West and South India, it becomes clear that radicalisation was spread more in J&K, owing to Pak-sponsored logistical and financial support. Significantly, despite hosting the third largest Muslim population, the number of Indian sympathisers to terror outfits, particularly in West and South India is very small as compared to the western countries. Main reasons attributed to this, include – religious and cultural pluralism; traditionally practice of moderate Islamic belief-systems; progressive educational and economic standards; and equal socio-economic and political safeguards for the Indian Muslims in the Indian Constitution.
Apart from varied challenges, including Pak-sponsored anti-India activities, regional, local and political challenges, media wings of global jihadi outfits continue to pose further challenges to Indian security agencies. While IS through its media wing, ‘Al Isabah’ has been circulating (through social media sites) Abu Bakr al Baghdadi’s speeches and videos after translating them into Urdu, Hindi, and Tamil for Indian youth (Rajkumar 2015), AQIS too have been using its media wing for the very purpose through its offshoots in India. Some of the challenges, inter alia include –
Islam/Cleric Factor – Clerics continue to play a crucial role in influencing the minds of Muslim youth by exploiting the religion of Islam. A majority of 127 arrested IS sympathizers from across India recently revealed that they were following speeches of controversial Indian preacher Zakir Naik of Islamic Research Foundation (IRF). Zakir has taken refuge in Malaysia because of warrants against him by the National Investigation Agency (NIA) for alleged money laundering and inciting extremism through hate speeches. A Perpetrator of Dhaka bomb blasts in July 2016 that killed several people confessed that he was influenced by Naik’s messages. Earlier, IRF had organised ‘peace conferences’ in Mumbai between 2007 and 2011 in which Zakir attempted to convert people and incite terrorist acts. Thus, clerics and preachers who sbverts the Muslim minds towards extremism, remain a challenge for India.
Propaganda Machinery – The online uploading of young militant photographs, flaunting Kalashnikov rifles became the popular means of declaration of youth intent against government forces. Their narrative of “us versus them” narrative is clearly communicated, creating groundswell of support for terrorism.In its second edition (March 2020) of its propaganda magazine ‘Sawt al-Hind’ (Voice of Hind/India) IS, citing an old propaganda message from a deceased (2018) Kashmiri IS terrorist, Abu Hamza al-Kashmiri @ Abdul Rehman, called upon Taliban apostates and fighters to defect to IS. In the first edition (Feb. 2020) the magazine, eulogized Huzaifa al-Bakistani (killed in 2019), asking Indian Muslims to rally to IS in the name of Islam in the aftermath of the 2020 Delhi riots. Meanwhile, a Muslim couple arrested by Delhi Police for inciting anti-CAA (Citizenship Amendment) Bill protests, were found very active on social media. They would call Indian Muslims to unite against the Indian government against the CAA legislation. During 2017 Kashmir unrest, National Investigation Agency (NIA) identified 79 WhatsApp groups (with administrators based in Pakistan), having 6,386 phone numbers, to crowd source boys for stone pelting. Of these, around 1,000 numbers were found active in Pakistan and Gulf nations and the remaining 5,386 numbers were found active in Kashmir Valley.
Deep fakes/Fake news – Another challenge for India is spread of misinformation and disinformation through deep fakes by Pakistan. Usage of deepfakes, in manipulating the speeches of local political leaders to spread hate among the youth and society was done to large extent.
India’s Counter Measures
To prevent youth straying towards extremism, India’s Ministry of Home Affairs has established a Counter-Terrorism and Counter-Radicalisation Division (CT-CR) to help states, security agencies and communities.
Various states, including Kerala, Maharashtra and Telangana have set up their own de-radicalisation programmes. While in Maharashtra family and community plays an important role, in Kerala clerics cleanse the poisoned minds of youth with a new narrative. A holistic programme for community outreach including healthcare, clergies and financial stability is being employed by the Indian armed forces. An operation in Kerala named Kerala state police’ ‘Operation Pigeon’ succeeded in thwarting radicalization of 350 youths to the propaganda of organizations such as Islamic State, Indian Mujahideen (IM) and Lashkar-e-Taiba (LeT) via social media monitoring. In Telangana, outreach programs have been developed by local officers like Rema Rajeshwari to fight the menace of fake news in around 400 villages of the state.
In Kashmir the government resorts to internet curfews to control the e-jihad. While state-owned BNSL network, used by the administration and security forces, remains operational 3G and 4G networks and social media apps remain suspended during internet curfews.
India certainly needs a strong national counter- Radicalisation policy which would factor in a range of factors than jobs, poverty or education because radicalization in fact has affected even well educated, rich and prosperous families. Instead of focusing on IS returnees from abroad, the policy must take care of those who never travelled abroad but still remain a potential threat due to their vulnerability to radicalization.
Of course, India would be better served if deep fakes/fake news and online propaganda is effectively countered digitally as well as through social awakening measures and on ground action by the government agencies. It is imperative that the major stakeholders i.e. government, educational institutions, civil society organisations, media and intellectuals play a pro-active role in pushing their narrative amongst youth and society. The focus should apparently be on prevention rather than controlling the radicalisation narrative of the vested interests.
Is Deterrence in Cyberspace Possible?
Soon after the Internet was founded, half of the world’s population (16 million) in 1996 had been connected to Internet data traffic. Gradually, the Internet began to grow and with more users, it contributed to the 4 trillion global economies in 2016 (Nye, 2016). Today, high-speed Internet, cutting-edge technologies and gadgets, and increasing cross-border Internet data traffic are considered an element of globalization. Deterrence seems traditional and obsolete strategy, but the developed countries rely on cyberspace domains to remain in the global digitization. No matter how advanced they are, there still exist vulnerabilities. There are modern problems in the modern world. Such reliance on the Internet also threatens to blow up the dynamics of international insecurity. To understand and explore the topic it is a must for one to understand what cyberspace and deterrence are? According to Oxford dictionary;
“Cyberspace is the internet considered as an imaginary space without a physical location in which communication over computer networks takes place (OXFORD University Press)”
For readers to understand the term ‘deterrence’; Collins dictionary has best explained it as;
“Deterrence is the prevention of something, especially war or crime, by having something such as weapons or punishment to use as a threat e.g. Nuclear Weapons (Deterrence Definition and Meaning | Collins English Dictionary).”
The purpose of referring to the definition is to make it easy to discern and distinguish between deterrence in International Relations (IR) and International Cyber Security (ICS). Deterrence in cyberspace is different and difficult than that of during the Cold War. The topic of deterrence was important during Cold Wat for both politicians and academia. The context in both dimensions (IR and ICS) is similar and aims to prevent from happening something. Cyberspace deterrence refers to preventing crime and I completely agree with the fact that deterrence is possible in Cyberspace. Fischer (2019) quotes the study of (Quinlan, 2004) that there is no state that can be undeterrable.
To begin with, cyber threats are looming in different sectors inclusive of espionage, disruption of the democratic process and sabotaging the political arena, and war. Whereas international law is still unclear about these sectors as to which category they fall in. I would validate my affirmation (that deterrence is possible in Cyberspace) with the given network attacks listed by Pentagon (Fung, 2013). Millions of cyber-attacks are reported on a daily basis. The Pentagon reported 10 million cyberspace intrusions, most of which are disruptive, costly, and annoying. The level of severity rises to such a critical level that it is considered a threat to national security, so professional strategic assistance is needed to deal with it. The past events show a perpetual threat that has the ability to interrupt societies, economies, and government functioning.
The cyberspace attacks were administered and portrayal of deterrence had been publicized as follows (Fung, 2013);
- The internet service was in a continuous disruption for several weeks after a dispute with Russia in 2007.
- Georgian defense communications were interrupted in 2008 after the Russian invasion of Georgia.
- More than 1000 centrifuges in Iran were destroyed via the STUXNET virus in 2010. The attacks were attributed to Israel and the United States of America.
- In response to STUXNET virus attacks, Iran also launched a retaliatory attack on U.S financial institutions in 2012 and 2013.
- Similarly in 2012, some 30,000 computers had been destroyed with a virus called SHAMOON in Saudi Aramco Corporation. Iran was held responsible for these attacks.
- North Korea was accused of penetrating South Korean data and machines in 2014, thus interrupting their networks in 2014.
- A hybrid war was reported between Russia and Ukraine in 2015 that left Ukraine without electricity for almost six hours.
- Most critical scandal, which is still in the limelight call WikiLeaks released distressing and humiliating emails by Russian Intelligence at the time of the U.S presidential campaigns in 2016.
While such incidents may be considered a failure of deterrence, this does not mean that deterrence is impossible. Every system has some flaws that are exposed at some point. At this point, in some cases a relatively low level of deterrence was used to threaten national security, however, the attacks were quite minor in fulfilling the theme affecting national security. Nye (2016:51) in his study talks about the audience whose attribution could facilitate deterrence. (I). intelligence agencies should make sure highest safeguarding against escalation by third parties, and governments can also be certain and count on intelligence agencies’ sources. (II). the deterring party should not be taken easy, as I stated (above) about the lingering loopholes and flaws in the systems, hence, governments shall not perceive the intelligence forsaken. (III). lastly, it is a political matter whether international and domestic audiences need to be persuaded or not, and what chunk of information should be disclosed.
The mechanisms which are used and helpful against cyberspace adversary actions are as follows (Fischer, 2019);
- Deterrence by denial means, the actions by the adversary are denied that they failed to succeed in their goals and objectives. It is more like retaliating a cyberattack.
- Threat of punishment offers severe outcomes in form of penalties and inflicting high costs on the attacker that would outweigh the anticipated benefits if the attack takes place.
- Deterrence by Entanglement has the features and works on a principle of shared, interconnected, and dependent vulnerabilities. The purpose of entanglement is to embolden and reassure the behavior as a responsible state with mutual interests.
- Normative taboos function with strong values and norms, wherein the reputation of an aggressor is at stake besides having a soft image in the eyes of the international community (this phenomenon includes rational factors because hard power is used against the weaker state). The deterrence of the international system works even without having any credible resilience.
Apparently, the mechanisms of deterrence are also effective in cyber realms. These realms are self-explaining the comprehensive understanding and the possibility of deterrence in cyberspace. The four mechanisms (denial, punishment, entanglement, and normative taboos) are also feasible to apply deterrence in the cyber world. Factually, of many security strategies, cyber deterrence by using four domains could be a versatile possibility. Conclusively, as far as the world is advancing in technological innovations, cyberspace intrusions would not stop alike the topic of deterrence in the digital world.
 An updated list of cyberspace intrusions from 2003 till 2021 is available at (Center for Strategic and International Studies, 2021).
China and Indo-Pacific democracies in the face of American boycott of Beijing Winter Olympics
Despite the US administration’s announcement of a boycott of the Winter Olympics in Beijing, with the “American Olympic Committee allowing...
E-resilience readiness for an inclusive digital society by 2030
The COVID-19 pandemic has clearly demonstrated the link between digitalization and development, both by showing the potential of digital solutions...
Maintenance Tips for Second-Hand Cars
With a shortage of semiconductors continuing to plague the automotive industry, many are instead turning to the second-hand market to...
Delivering on Our Promise for Universal Education
On the International Day of Education, we call on world leaders to transform how we deliver on education. The clock...
Bringing dry land in the Sahel back to life
Millions of hectares of farmland are lost to the desert each year in Africa’s Sahel region, but the UN Food...
“Kurdish Spring”: drawing to a close?
For decades, the Kurdish problem was overshadowed by the Palestinian one, occasionally popping up in international media reports following the...
Great powers rivalry in Central Asia: New strategy, old game
In international politics, interstate rivalry involves conflicting relations between two international rivalries that are nation states. A fundamental feature of...
Defense3 days ago
In 2022, military rivalry between powers will be increasingly intense
South Asia3 days ago
India is in big trouble as UK stands for Kashmiris
East Asia3 days ago
The Global (Dis) Order Warfare: The Chinese Way
Central Asia4 days ago
Unrest in Kazakhstan Only Solidifies China-Russia Ties
Crypto Insights4 days ago
The Subtle Dominance of Stablecoins: A Ruse of Stability
Central Asia2 days ago
Post-Protest Kazakhstan Faces Three Major Crises
East Asia4 days ago
Rebuilding the World Order
Americas3 days ago
Perils of Belligerent Nationalism: The Urgent Obligations of Planetary Community