The Soviets called it “the shadow theatre”, i.e. the set of psychological warfare techniques of the time, in the Cold War world.
Maskirovka, in particular, e.g. everything is camouflage, deception, real psychological warfare, disinformation.
In fact, if we analyze the psywar techniques currently used, we realize that we are still at the Cretaceous period.
No sectoral influence operations, no action on subjects or public targets, little knowledge of the new discoveries of social psychology and biopsychic evolution.
The scenario of Western psywar operations is still not very brilliant.
Obviously, explaining to the Defense Ministers of Western countries what these operation are about is a very difficult mission that few people would be able to accomplish successfully.
Actually, nowadays the old maskirovka is not the cover, the shell of real operations, but its true essence.
Just as today’s industrial production is, above all, communication, induction of a certain behaviour, identification of a target of customers, development of a product that meets their psychological and symbolic needs, currently also war is above all maskirovka well before being military and destructive struggle.
Nobody cares where engines are produced, which are now all the same, but certainly the market is interested in the symbolism of goods, in its evocative potential and in the ability to define the status of those who buy them.
Furthermore, in an old CIA manual, the Soviet “active measures” were defined and classified as follows: a) the Center gives the green light for a strategic disinformation campaign; b) the news, which is never entirely true or entirely false, is prepared and packed; c) the dezinformatsja news is disseminated abroad so as to later check the results.
The results are eminently practical: the “Euromissile battle” narrated by Michel Tatu, the long end of the Vietnam war, the management of Soviet foreign policy after the Helsinki Treaty.
But that is not all: currently, the intelligence mainly consists of economic effects, which are continuous and complex. The shift from the Soviet “active measures” and from the political-military clash to the industrial one marks a large part of the post-Cold War period.
All true psychological warfare is active and proactive, but the whole Western warfare doctrine is defensive and passive, which means it does not exist.
Hence it is not necessary to wage war manumilitari, for the additional reason that the enemy’s enterprises and infrastructure will be good also for us. At a time when the value chains are now fully global, when cars are manufactured in Spain for the German market and in China for the Indian one – not to mention drugs, the active ingredients of which are produced in India for the French market and even in Mexico, but for the Canadian one.
All contemporary intelligence, however, is targeted to the economic and technological resources of the possible enemy and operates – 24 hours a day – on the Web and also in the traditional media machinery.
Hence, those who win are not those who have the best weapons or the best products, but those who creates the best and most convincing storytelling around them.
It is therefore useful to see how the old “shadow theatre” is being changed and perfected.
This is what is needed in a situation of actual integration of all large companies, not only global but also national ones.
In the field of social media, for example, the most widespread tactics are those of “selective censorship”, or the hacking of sensitive information, which becomes hegemonic in the common discourse, or even the manipulation of the Internet search algorithms, with a view to linking some content to other one, in a completely unreasonable way.
30-40% of the news that can be found online is designed to deceive at least some of the readers.
Deception: not to mention something and tell the truth about everything else or, instead, to create a storytelling in which real things appear surrounded by completely fake data.
By changing the perception of facts, or the news about the facts, with strong or weak adjectives and nouns, or with universal symbols, and even with references to people or things of great fame, either negative or positive.
15% is the average quota of experts taken out by the automated texts that can be found on the World Wide Web, while about 60% of all readers are usually put on the spot by the texts and news available on the Web.
The Canadian Services have provided this statistics.
The operating techniques are now known to everybody: a) the Bot, a software that automatically operates on the Web, by selecting the content; b) the countermessage, indeed a message that offers the “true” or “fake” version of what has been said previously; 3) the Denial of Service (DOS), the temporary disruption of the Web for a certain user, and the old Disinformation; 4) the Noise that covers the relevance of the data sequence useful for understanding a certain message; 5) the Search Engine Optimization (SEO), the optimization of the number of visitors to any website.
On the technical and ideological levels, there are other online practices that are used daily by the authors of Disinformation: a) the BOTs coordinated with each other, which create a series of cross-references that reinforce the (fake) news that is to be spread; b) the use of false Internet “domains” in which websites and content similar to those of the “enemy” are created; c) the use of e-mails or websites that are pirated and disseminate news opposite to those that the primary user would like to spread.
Contradiction, lie, defamation.
We are still at the old theme of the aria “La Calunnia” (“slander is a little breeze”) of the Barber of Seville, as well as the “flower duet” of Madama Butterfly, but all with a firepower that Rossini or Puccini could not even imagine.
There are two profound and conceptual limits to these operations. The first is that, in spite of all possible technological refinement, the basic psychological mechanisms are always the same: personal defamation by sexual or other means- just think of the “Tangentopoli” operation in Italy (the judiciary probe known as Bribesville) at the end of the Cold War and, finally, of the elites’ structural inability to separate wheat from chaff, news from disinformation.
If we do something to help a government and then it falls into the trap of dezinformatsja, everything is useless. And this has often happened.
Ministers who tell you that they read it in the newspaper “Corriere della Sera” (bravo!) or that it was whispered to them by some intelligence agents without any qualification – and hence you need to check whether, as Harlequin, they are Servants of two Masters. It has often happened.
Hence, in many cases, currently the maskirovka strikes back and negatively changes the decision-making of those who have carried it out. The ruling classes that know it can save themselves, while the others and their countries are bound to become “servant of two masters” and, in any case, irrelevant.
There are also the undesired effects.
For example, it happened that the reputation of a ruling class was tarnished by convincing citizens that all politicians were “dishonest and thieving” and later we needed to stabilize a country in disarray and adrift without a guide, possibly recovering some of those who had been dismissed as “thieves”, thus creating a cognitive dissonance with the previous message conveyed.
However, how can we optimally develop the possibility of an IT attack (but not necessarily this type of attack only) on the decision-making system and on the public of a target country?
The attack will be successful if, for example, there are no useful sources of good information.
Without a reserve of serious, objective and truthful news and interpretations, the whole public and private system of security and education will fail in the long run.
Another excellent condition to launch an attack is uncertainty: in a phase of financial, geopolitical, technological and even military insecurity, with terrorism any news – regardless of its importance -can generate innumerable domino effects.
Probably those who maintain uncertainty have a return – in this case mainly and economic and industrial one.
Nor should we neglect the fact that, if there is a lack of effective information available, the media channels can be bought and sold, infected by adverse agents and induced to acquire information only from certain sources, which are already compromised.
If the commercial goal is the target and above all the audience, everything becomes possible for a foreign operator with bad intentions.
No country, not even those which control the Web at best, is protected from similar operations.
With a view to keeping the situation under control – and this applies above all to those who deal with State Security – we need, at first, to ascertain who makes disinformation.
Very often an individual or a private organisation.
Then, obviously, the exact opposite must be done, but preferably using different mechanisms of action: a similar and possibly “fake” website in case of a Bot, or a personal attack if we are faced with a press campaign.
Hence never use the same usual means and mechanisms.
Generally, abstract and political motivations should not be overlooked: there are NGOs, States, political parties, and companies that usually keep on misinforming.
And often they are not even traced by the intelligence Services.
Obviously, there are also terrorists – but in this case we are talking about another communication system.
Who can say, for example, that German cars are better than Italian ones? Yet it is common sense, albeit wrong.
Nowadays all the environmental propaganda consists of behaviours that favour some countries and companies instead of others. But no one tells you so.
Indeed, this is the real news.
Fake news to be spread, of course, but also generic discontent and uncertainty.
A mass perception that a great Portuguese poet, Pessoa, would have defined as desassosego (disquiet and restlessness).
Obviously, it is even better to let all disinformation go on, with its parallel and unexpected processes, so as to see who makes it and what goals are pursued.
Usually such operations end quickly, but neither the perpetrator nor the victim knows their effects or duration.
Hence the primary goal of all dezinformacja techniques is the partial or complete alteration of the perception of reality.
It is therefore essential to understand the divisions within the opponent’s field.
Popular or elitist.
If we believe that all enemies are the same, we operate for their propaganda and any operation of “psychological warfare” is always inhibited to us.
An essential resource in this field is the conspiracy theory.
The field of others is segmented, but the absolute uniqueness of those who generated the content we do not like or that harm us is assumed.
A well-managed conspiracy manages to work well where few other maskirovka techniques do so.
Perfect for simplifying all matters, it immediately identifies the aim of each psywar: to find the enemy, either true or false.
Another procedure is usually to use entities that everybody deems “third parties” to spread messages against the enemy (once again the current ecologism is full of examples in this regard) and then reinforce their message through other information sources: truth comes from repetition and the mind learns not from a single fact or event, or from a single person, but always from what Fritj of Capra called the mental ecosystem.
The human brain is made in such a way that it tends to believe both in repetition, but also in similarity and homogeneity.
Our brain has evolved only among human groups already formed. It is not by chance that, unlike what happens to animals, our brain maturation must take place in a post-natal social, family and group context.
Otherwise – as Nietzsche said – to live alone, one must be either a beastor a god.
Another factor not to be overlooked is that, as in all Gestalt psychologies, what counts is not only what you see, but also what you do not see.
As in the Rorschach test, the inkblots can be perceived either as a glass or two butterflies, but it is the outline, not the inside of the image that can suggest one answer or the other.
However, how can we counteract such an operation? Denial is always the best answer.
But it is simple and repetitive, always prone to others’ psyops.
We can simply deny having received funding from a certain country.
Mere denial stops the game of cross-references and shadows that would develop if the victim of the operation were to dwell and go into explanations that 87% of the audience – on the Webor even in the old media, never follow. Those who justify themselves are always wrong.
Denial is used to make a quick fix, but it is certainly not a stable and definitive answer.
Another technique is to defame and attack those who make disinformation.
It works well, but once again it is a mechanism that does not last long.
A disinformation campaign is never opposed with temporary and limited makeshift interventions and stopgap measures.
Dezinformatsja is always a potentially endless flow, to which we must respond by creating a state of mind (not “news”, but a stable and possibly ungrounded mental state) that is always potentially and equally endless.
It should also be added that our intelligence Services know nothing about these things. We are still focused on the protection of redundant critical infrastructure and possibly even of selected military and information networks. Everything is even too obvious.
Nevertheless, how can we avoid the defamation of one of our most famous chocolate creams in China?
Furthermore no one will be able to tell you what happens when there is defamation against our production system, as well as against our political system, which is, in fact, also a critical infrastructure.
Goodness knows what happened to our rubber before Pirelli’s deal with ChemChina. And it was not China that took the first step.
If we also study the issue of the F-35 fighter that was not acquired by the German Armed Forces, you will also understand the resulting weakness of Chancellor Merkel and her “heir”, as well as the short-lived successes of the Right, which always remains under the threat of being dismissed as neo-Nazi.
The neo-Nazis, however, were still pasture land mainly for the Eastern and Russian intelligence Services.
Hence using the professional ignorance of our politicians to defame our intelligence Services – as is currently happening – is certainly a perfectly orchestrated defamation operation.
A cheap politician who uses the intelligence Services to protect himself is like the main character of the “Manuscript Found in Saragossa”, who files the silver ball he will put into the gun to commit suicide.
In a different way and with different effects, Italy is drifting to a condition very similar to Great Britain’s in the Brexit phase.
A slow and subtle Italian destabilization, with a terrible and useless fragmentation of the voters and the political classes.
Nowadays in Italy there is a sort of geopolitical strike: the country is on the sidelines and reluctant to understand the reality of power relations and national interests.
In the case of the operations carried out by China, however, we have a completely different picture.
It should be recalled that, as early as 2014, China established the Central Leading Group for Internet Security and Informatization, chaired directly by Xi Jinping, in addition to the Cyberspace Administration of China. The Chinese leaders’ central idea is to make national sovereignty possible in cyberspace.
This is not easy, but it can be achieved with technological hegemony and strategic wisdom.
Hence the importance of Huawei’s 5G global fight and the concrete possibility of “controlling world innovation”, as some Chinese leaders say.
Therefore, in the “war of shadows”, we currently have to deal with the great influence operations, which are actions of cognitive modification, i.e. actions to change the perceptions, behaviours and decisions of certain target groups, in the country to be influenced, which can be changed to the benefit of the acting Power.
Or even very broad operations, which regard the whole political audience.
Conversely, the “influence campaigns” are operations carried out by an adverse and alien Power that tend to put together various small-scale and sectoral influence actions, which may have common goals or, in any case, not contradictory and opposed goals.
This means that through “influence operations”, we can influence the actions of the rulings class, as well as all or part of the public in a country, or the activities of an allied country.
Influence actions are always linked to strategic deception and the possibility of exploiting the enemy’s weaknesses, particularly those typical of moralism.
Currently moralism is a tool used by some countries against others.
Hence influence operations are certainly deception, but above all they mark a new Intention, or an Interference.
Nevertheless everything happens in the epistemic chain formed by single individuals, and then in the social or para-social sphere, characterized by the real relations among individuals, the real public sphere, the media, the elites, the “experts”, the scientific and technical system of a country.
Currently all Western media are ever weaker and often not very attentive to influence operations because they are subjected to a very fast change of technologies, as well as a quick commercial trend of the system. We are all market oriented in the short term, and currently all the influence operations made so far exploit above all the technological, legal and economic weaknesses of the various countries to reach their own aims.
The vulnerability of the public is yet another issue. Considering the new technologies, there is not only the possibility for each psywar operator to change the perception of others’ world, but also to do so in a covert way.
This applies to any Internet operator and any millennial kid.
And that is what counts. One hundred “denials”, however developed, are always news.
There is also a psychological problem.
The above mentioned evolution has not provided us with a brain that always seeks the objective truth of facts, but we have a cognitive system that finds an acceptable reality day by day.
Phylogenetically, the conformity to a group is more important than a subjective psychology that always seeks only truth, be it objective or linguistic.
In economics as in politics, free riders always have a hard life. And they are always those who define a new paradigm. Enzo Ferrari invented luxury sports cars against everything and everyone. Some pasta makers in Northern Italy discovered they could sell dried Italian pasta any where in the world.
Not to mention advanced technologies, where Italian companies were bought to be destroyed (Hewlett-Packard with Olivetti, for example) or to be put out of business, or the export of mass technologies, such as Piaggio in India.
Hence we often have to deal with the confirmation bias, i.e. the psychological tendency to ignore information that goes against accepted beliefs, or with the creation of a protective apparatus against threats to identity and team spirit.
Therefore we have to do with a series of mass influence actions that are now typical:
a) Terrorism. Creation of fear, an essential element of influence operations, but also of the radicalization of certain themes. A primitive, but very effective solution. In this respect, just consider the case of Italy in the 1970s and in the 80s. The sword jihad is a different story, but often not dissimilar to that of “red” terrorism in Europe.
b) The operations of para-State organizations, i.e. criminal structures and vast organized crime. Or do you really think that the international crime organizations have been created and have become powerful on their own, like the Baron Munchausen, who rescued himself from quicksand by pulling himself out at his own hair? All criminal organizations have always been influence instruments.
c) There are also hackers, who operate divided to strike together. Consciously or not, 78% of them are operators of the Powers that support their projects.
d) Not to mention hackers having only economic goals. After making money they, too, are not aware of the fact they have resold their data to some countries, but not always those they like.
Hence how can you create a “narrative” for influence operations?
Nowadays you can certainly create a consistent, long, credible and wide-ranging storytelling.
Conversely, “negative” techniques tend to disrupt the narrative over a long period of time.
There is also distraction, the creation of an external objective far from the themes discussed.
Therefore, we propose to create an Agency or a unit of it dealing with the disruption of influence operations which, before the end of the Cold War, Italy hosted like no other country in the world to later maintain its Kantian “minority status” in the following years.
An Agency that can really carry out influence operations – actively, with no curbs and restraints other than the operational and technical ones.
Therefore, in terms of protection of Italy’s industrial values, patents, as well as “reputation” of the country and its brands, even the less famous ones, we are now almost at death’s door.
Hence it will be good to quickly reverse the course.
ISIS-K, Talc, Lithium and the narrative of ongoing jihadi terrorism in Afghanistan
Chinese and Russian efforts are underway to strengthen the Taliban government economically and militarily, along with legitimacy and international recognition. In return, Pakistan is trying to disrupt the Taliban government’s relations with Iran and Tajikistan, as well as with China and Russia. Subsequent to the fall of the previous republican government, following Russia and China, Iran is a major supporter of the Taliban.
Iran plays a significant role in a new intelligence surge launched by major regional players in Afghanistan, which includes ISIS-K campaign against the Taliban government in country. Although Taliban have been able to crush, ISIS-K in several provinces of Afghanistan, but the group was able to mobilize a bunch of other terrorist organizations such as Turkistan Islamic Party, Khetabat Iman Ul Bekhari, Khetabat ultauhied Waljihad, Islamic Jihad Union, Jamaat Ansarullah and East Turkistan Islamic Movement, and The Army of Justice. According to sources on the ground, the group has also established contacts with the resistance front led by Ahmad Massoud to fight Taliban.
Seemingly, the group joined forces with the Resistance Front in northern part of the country to downfall the Taliban particularly in northern Afghanistan. In addition to defeating the Taliban in the central and southern provinces of Afghanistan, the group has started a sectarian war between the Sunnis and Shiites, which has partly soured relations between the Afghan Taliban and Iran. The group had the support of Pakistan as well as other regional countries and beyond. Furthermore, Lashkar-e-Taiba fighters entered Afghanistan with the help of the Pakistani army, joining the fight between Sunni and Shia in Afghanistan. Efforts are underway to start a civil war in the country. According to the information, ISIS militants have been mostly funded and financed by the Saudi government, as well as other Salafi Gulf States to minimize and even eradicate Shiites in the region.
In accordance with some sources, additional costs are being borne by the United States and Great Britain. Beside all such financial support, Islamic State (ISIS-K) militants also obtain some funding and thrive through mining and establishing business firms throughout the region.
Let us say, Islamic State militants relatively control the oil reserves in Iraq and they illegally extract it, meantime they have hands on talc and other precious stones in Afghanistan to cover their propaganda campaign expenses. ISIS-K uses the same tactics applied by Taliban during the US occupation; Taliban began illegal mining in Afghanistan to finance their activities in order to wage the war against the US aggression. During the Taliban’s resistance, Taliban fighters had also a strong financial support from Pakistan, and the Pakistani government accordingly received that financial sustenance from other countries namely western and the Arab world. However, the Taliban forcibly mined Afghanistan’s lapis lazuli and smuggled it to Pakistan. Under the auspices of the Pakistani government, the gems were shipped to the United States and the European countries. In return, the Taliban were paid in cash. Likewise, the Taliban, ISIS chose the same path, and made the most of money via mining in Afghanistan.
Subsequently, the ISIS group has chosen Nangarhar province as its stronghold in Afghanistan, since it has mineral deposits of talc, chromite, marble and other precious and rare earth minerals in addition, the group is also trying to control smuggling routes, to launch cross border terrorism.
Consequently, ISIS-K endeavors to bring Ghazni province under its control, since a huge Lithium, mine exists in the province. The group is well aware of its preciousness in the world market because the element is mainly used by automotive industries to produce batteries for electric cars.
The anti-corruption network of the former Afghan government reported that the Taliban and the Islamic State together received about 46 million in 2016 thru illegal mining from a single district of Nangarhar province. That is why ISIS has spent millions of dollars in Afghanistan because of holding its campaign and propaganda, allegedly, most of which came from mining.
Furthermore, district governors have been appointed by ISIS for Afghanistan’s 387 major districts, with a monthly salary of up to 80,000 Afghanis. This is a huge financial burden for the Islamic State, but the Islamic State group’s representatives say that they stick to their words, so that everyone will be paid on time. The ISIS group needs a large amount of financial support to achieve its major goals, but the group is not overstrained financially, because it receives a chockfull financial support.
Conversely, Iran is trying to increase the number of Shiite orientated proxies in the world and especially in Afghanistan to eliminate ISIS-K in return; the Saudi and other Gulf Sates want to prevent it. Therefore, they use ISIS and other associates of the group to counter Iran’s ambitious trans-national agenda; ISIS-K takes advantage of having been provided with huge financial support by anti-Iran camp.
Iran has repeatedly tried to spread Shia religion around the world, most notably at Mustafa International School in Bamko, the capital of Mali in Africa. There have been several attempts by the Iranian government to convert the students to Shi’ism, an issue that has become the topic of international debate supported by Saudi Arabia. Finally, all of these events are currently having a direct and indirect impact on Afghanistan and the country’s ongoing security crisis, which will affect the entire region at the end.
The means to manage cyberspace and the duty of security
Over and above the ethical concepts regarding the near future, it is also good to focus on the present. Governments are required to protect their national resources and infrastructure against foreign and domestic threats, to safeguard the stability and centrality of human beings and political systems and to ensure modern services for civilians. Suffice it to recall the chaos that arose some time ago in the Lazio region for the well-known health issues.
Governments must play a key role in developing and leading the local ecosystems, but this national effort must involve many other stakeholders: local businesses, entrepreneurs, multinational companies, local and foreign investors, State agencies, Ministries and academics, people in education, professional institutions and the public at large.
Furthermore, cybersecurity is a national opportunity for developing the local economy and for positioning any country in the international arena as a safe place to establish and develop economic relations between States and companies. It is also important as a regional cyber hub.
Cyber strategy therefore consists in prioritising operational cyber activities with a view to optimising and monitoring the overdevelopment of cyber intelligence that could one day take such turns as to be ungovernable.
This is the reason why investment in technology, local capacity building and resource allocation and concentration are required. This means providing strategic advisory services to government agencies that are seeking to advance cyber security at a strategic and operational level.
It is therefore necessary to work with governments to develop their strategic and operational capabilities in cybersecurity, either at the national or sectoral level, as well as providing comprehensive cyber projects that combine cyber defence and the development of a local cyber ecosystem, based on the models tried and tested by various countries around the world, such as the People’s Republic of China, Israel, the United States of America, etc.
There is a need to specialise in setting up Cyber Units and Cyber Centres (SOC & Fusion Centres) and in developing Cyber Eco-Systems and Cyber Strategies. This means providing various cyber solutions, services and know-how to companies in various sectors, such as financial, industrial, energy, health, technology and many other sectors.
Stable OT (operational technology) security services and strategic advice to companies in the fields of energy, manufacturing, security, medicine, transport, critical infrastructure and many others create the prerequisites for defending cyberspace. As well as helping OT-based organisations integrate cybersecurity into their processes and products. Design, develop and deliver advanced technologies and solutions to protect critical assets in OT environments, such as ICS, SCADA, IIoT, PLC, etc.
In this regard there is a basic need for creating professional IT schools around the world that teach the meaning of cyberspace, and not just how to use Word and other simple Office programs.
The expansion and creation of universities and institutes of cyber knowledge is a starting point from which partnerships are launched with organisations seeking to create their own cyber schools or with academic or educational organisations offering cyber training to their students.
Providing comprehensive solutions for IT schools, enables the training of IT professionals and new recruits in all IT roles, so that hackers do not remain the sole repository of digital truth. Advanced training is a solid starting point for organisations seeking to train their IT professionals. Professionals who can manage and master schemes such as Cyber Defender, Cyber Warrior, Cyber Manager, SOC Analyst, Digital Forensics, Basic Training and many others, including through the use of simulation.
Leading the creation and development of the high-level cybersecurity ecosystem is a duty of States towards the citizens who elect their leaders. The same holds true for seeking and employing highly experienced experts in the various security subject matters, including strategic cyber defence, cyber warfare, cyber intelligence, cyber research and development and cyber strategy, as well as defining training policies for these branches of operation.
Having examined the prerequisites for protecting cyberspace, it is worth addressing the structure of some of the risks faced by institutional network systems.
One of the most typical operations made by hackers relates to the use of client/server technology to combine several computers as a platform to launch DDoS (Distributed Denial of Service) attacks against one or more targets, thus exponentially increasing damage.
A malicious user normally uses a stolen account to install the DDoS master programme on a computer. The master programme will communicate with a large number of agents at any given time and the agent programmes have been installed on many computers in the network. The agent launches an attack when it receives an instruction. Using client/server technology, the master control programme can activate hundreds of agent programmes in a matter of seconds.
A DDoS uses a group of controlled machines to launch an attack on a computer, be it server or client. It is so fast and hard to prevent that is therefore more destructive. If we consider that in the past network administrators could adopt the method of filtering IP addresses against DDoS, it becomes more difficult to prevent such actions today. How can measures be taken to respond effectively?
If the user is under attack, defence will be very limited. If there is a catastrophic attack with a large amount of traffic pouring onto the unprepared user, it will very likely that the network will be paralysed before the user can recover. Users, however, can still take the opportunity to seek defence.
Hackers usually launch attacks through many fake IP addresses. At that juncture, if users can distinguish which IPs are real and which are fake – and hence understand from which network segments these IPs come – they can ask the network administrator to change them. Firstly, the PCs should be turned off to try to eliminate the attack. If it is found that these IP addresses are coming from outside rather than from the company’s internal IP, a temporary investigation method can be used to filter these IP addresses on the server or router.
The solution would be to discover the route through which the attackers pass and block them. If hackers launch attacks from certain ports, users can block these ports to prevent intrusion. After the exit port is closed, all computers cannot access the Internet.
A more complex method consists in filtering the Internet Control Message Protocol (ICMP), a service protocol for packet networks transmitting information regarding malfunctioning, monitoring and control information or messages between the various components of a computer network. Although it cannot completely eliminate the intrusion during the attack, filtering the ICMP can effectively prevent the escalation of the aggression and can also reduce the level of constant damage to a certain extent.
The DDoS attack is the most common attack method used by hackers. Some conventional methods of dealing with it are listed below.
1. Filter all RFC1918 IP addresses. The RFC1918 IP address is the address of the internal network, such as 10.0.0.0, 192.168.0.0, 172.16.0.0, etc. These are not fixed IP addresses of a particular network segment, but confidential local IP addresses within the Internet, which should be filtered out. This method serves to filter out a large number of fake internal IPs during an attack, and can also mitigate DDoS attacks.
2. Use many PCs to resist hacker attacks. This is an ideal response phase, if the user has sufficient ability and resources to enable a defence against hackers who attack and continue to access and take over resources. Before the user is fatally attacked, the hacker has little means to control many PCs. This method requires considerable investment and most of the equipment is usually idle, which does not correspond to the actual functioning of the current network of small and medium-sized enterprises.
3. Make full use of network equipment to protect resources. The so-called network equipment refers to load balancing hardware and software such as routers and firewalls, which can effectively protect the network. When the network is attacked, the router is the first to fail, but the other devices have not yet collapsed. The failed router will return to normalcy after being restarted and will restart quickly without any loss. If other servers collapse, their data will be lost and restarting them is a lengthy process. In particular, a company uses load balancing equipment so that when a router is attacked and crashes, the other will work immediately. This minimizes DDoS attacks.
4. Configure the firewall. The firewall itself can resist DDoS and other attacks. When an attack is discovered, it may be directed to certain sacrificial hosts, which are able to protect the actual host from the attack. The sacrificial hosts may obviously choose to redirect to unimportant hosts or to those having systems with fewer vulnerabilities than some operating systems and with excellent protection against attacks.
5. Filter unnecessary services and ports. Many tools can be used to filter out unnecessary services and ports, i.e. filter out fake IPs on the router. For example, Cisco’s CEF (Cisco Express Forwarding) can compare and filter out Source IP and Routing Table packets. Opening only service ports has become a common practice for many servers. For example, WWW servers open only 80 ports and close all the others or use a blocking strategy on the firewall.
6. Limit SYN/ICMP traffic. The user must configure the maximum SYN/ICMP traffic on the router to limit the maximum bandwidth that SYN/ICMP packets can occupy. Therefore, when there is a large amount of SYN/ICMP traffic exceeding the limit, this means it is not normal network access, but hacking. In the beginning, limiting SYN/ICMP traffic was the best way to prevent DDoS. Although the effect of this method on DDoS is currently not widely used, it can still play a certain role.
7. Scan regularly. Existing network master nodes should be scanned regularly, checked for security vulnerabilities and new vulnerabilities cleaned up promptly. Computers on backbone nodes are the best locations for hackers to use because they have higher bandwidth. It is therefore very important to strengthen the security of these hosts. Furthermore, all computers connected to the major nodes of the network are server-level computers. Hence regular scanning for vulnerabilities becomes even more important.
8. Check the source of the visitor. Use suitable software to check whether the visitor’s IP address is true. This should be done by reverse-searching the router: if it is fake, it will be blocked. As said above, many hacker attacks often use fake IP addresses to confuse users and it is hard to find out from where they come. Therefore, for example, the use of Unicast Reverse Path Forwarding can reduce the occurrence of fake IP addresses and help improve network security.
As seen above, we need experts who know more than hackers, and this is the duty that States and governments have towards their institutions, but primarily towards their citizens.
The visit of the head of Israeli Mossad intelligence to Bahrain
The visit of the UAE Foreign Minister, Sheikh Abdullah bin Zayed to Damascus on Tuesday, November 9, 2021 and the meeting with Syrian President Bashar Al-Assad, sparked a great controversy that began from the moment it was announced, which was highlighted by Western analyzes mainly from outside the region, that it comes for a (comprehensive Arab reassessment of the reality of the relationship with Syria and its importance in combating terrorism in the region, and the importance of the current Syrian reality in the calculations of Arab and Gulf national security, primarily towards Iran, and breaking the American “Caesar Law” towards imposing an economic blockade on Syria), and various analyzes and speculations about the future of these have increased. The Emirati step, its implications and dimensions in the Arab and Gulf relations towards the Syrian regime, and whether it represents one of the indicators of the transition to another new phase of political action towards opening up to Damascus, and the return of Syria to its regional and international role. Especially with the clarification of the “Emirati-Syrian coordination” some time before that visit to arrange the rapprochement between the two sides, which became clear by the announcement of the contact between the Crown Prince of Abu Dhabi (Sheikh Mohammed bin Zayed and President Bashar Al-Assad), as well as an official invitation to Syria to participate in the “International Expo Exhibition In Dubai” and then my meeting with the Syrian and Emirates oil ministers in Moscow.
But what stopped me in that Emirates visit, was perhaps other events that were not addressed during those analyzes, which caught my attention analytically and academically, and the most different of them was (I was alerted by a foreign researcher during my commentary on the same analysis, that the Emirates move is mainly in the interest of Tehran the Iranian regime, not to stifle and besiege Iran in its areas of influence and its known role in Syria). Despite the strangeness of this analysis, I occupied my mind with another matter to respond to it, regarding: (the significance of the visit of the head of the Israeli Mossad to Bahrain, and the visit of Emirates officials to Tel Aviv, and what is even clearer to the public is the organization of joint naval exercises in the Red Sea with the joint Israeli naval forces with Bahrain and the UAE), at the same time as the aforementioned visit.
Accordingly, my analysis mainly focuses on whether that visit took place through (arranging and coordinating with Tel Aviv to curb Iran in Syria and the region, by attracting Syria to the Arab League and collective Arab action again), and the Gulf rejectionist and Arab reservations towards the step of rapprochement. The Syrian-Iranian, or did I aim for a clearer Gulf rapprochement with Iran through rapprochement with Syria, as I went to a number of mainly Western analyzes, which I received. From here, the Egyptian researcher will analyze all the following elements:
Analyzing the implications of the visit of the UAE Foreign Minister (Bin Zayed) to Syria on November 9, 2021.
And its relationship to the “joint naval maneuvers” between (Israel, the UAE and Bahrain) in the Red Sea on November 10, 2021 on the Iranian existence at Syria
The visit of (the head of the Israeli Mossad intelligence service to Bahrain) at the time of the naval joint maneuvers with Israel in the Red Sea, with (the visit of the UAE Air Force commander to Israel).
Then, finally, analyzing the impacts of the Israeli Mossad intelligence moves in the Red Sea on its rapprochement with the USA in the face of (China, Russia and Iran).
To answer those questions, it is necessary to verify and respond to number of inquires and some other different analyses, such as:
The UAE’s motives for taking such a step of rapprochement with Syria, through the visit of the UAE Foreign Minister “Sheikh Abdullah bin Zayed” to Damascus on Tuesday, November 9, 2021, and the meeting with Syrian President “Bashar Al-Assad”.
Rather, will this Emirates step (encourage the rest of the Arab countries to follow the Emirates footsteps) and open up to the Syrian regime?
What is the fate of the “Syrian opposition to the Emirati-Syrian rapprochement”, and is this Emirates move aimed at weakening the Syrian opposition track, especially the Syrians opposing the regime of President “Bashar Al-Assad” abroad?
Then, it will remain to analyze (the Syrian opposition’s options if more Arab countries open up to the Al-Assad’s regime).
Will there be a (Syrian-Emirati consensus) towards the step of solving the (return of Syrian refugees from abroad and the settlement of their situation with the current Syrian regime)?
Finally, the question arises, regarding: (the impact of the intensity of American and international criticism of the UAE’s step of rapprochement with the Syrian regime and President “Bashar Al-Assad” on the completion of the remaining Arab steps seeking to integrate and return Syria once more to its membership in the League of Arab States)?
In fact, the most dangerous and important analysis for me remains completely analytical, namely: (What was raised about the fact that the UAE obtained the green light from the United States of America itself and from the Israeli side before the visit of the UAE Foreign Minister “Bin Zayed” to the Emirates, in pursuit of forming (Gulf-UAE-Israeli alliance against Iran), and seeking to neutralize the Syrian regime in the face of these Iranian moves as a closely related ally of the Iranians?) Accordingly, we can analyze that, as follows:
Perhaps what reinforces and supports my recent view regarding the “Israeli Gulf mobilization with the help of the UAE and Washington’s support to confront Iran through Syria” is (the joint security coordination between Israel and the Emirati and Bahraini naval forces to conduct joint naval maneuvers in the Red Sea, which lasted for five full days), which began on Wednesday, November 10, 2021, which comes at the same time as the UAE rapprochement with Syria, meaning:
(There are joint security arrangements between Israel, the UAE and Bahrain in the face of Iran through the move of rapprochement with Syria as an ally of Iran)
As I mentioned, the joint naval maneuvers between Israel and the UAE at the same time as the UAE visit confirms (the continuation of joint security coordination between Israel and the UAE), especially to curb and limit Iranian influence. Knowing that the step of joint security coordination between the Emirates and Israel began three years ago, when the naval forces of the Gulf states, mainly the “UAE and Bahrain”, began conducting joint naval maneuvers with the Israeli side, which were the first for them ever with their Israeli counterpart, in cooperation with the forces of the United States of America’s Navy.
We find that the current joint naval maneuvers in the Red Sea with the participation of the UAE and Israel, with the participation of (warships from the Emirates, Bahrain and Israel), in addition to the United States of America, is a “joint Israeli-Gulf assertion” to send a message to the Iranian side, that these naval maneuvers with Israel, aims to:
“Securing the maritime traffic in the face of Iran, and seeking to secure the movement of the straits and maritime navigation in the Red Sea with the help of Israeli security, especially that these joint maritime training operations included training on encirclement and raid tactics”
This was confirmed by the US Naval Forces Central Command, in an official statement, to confirm that:
“The Israeli, Emirates, and Bahraini training aims to enhance the ability to work collectively among the forces participating in the maneuvers”
From here, we understand that the step of joint Israeli-Emirati security coordination, and the consequent step of the joint naval maneuvers, came after the signing of the “Abraham Accords” in September 2020, and the normalization of their relations with Israel by the UAE and Bahrain. Since then, it has strengthened the (diplomatic, military, and intelligence relations between Israel, the UAE and Bahrain, as the two most important Gulf countries that share Tel Aviv’s concerns about Iran’s activities in the Red Sea and the region).
The most prominent here, is (the visit of the head of the Israeli intelligence service Mossad in a public visit to Bahrain at the time of the joint naval maneuvers with Israel in the Red Sea, with the commander of the UAE Air Force heading at the same time also on a first-of-its-kind visit to Israel in October 2021).
In general, the (re-opening of the Emirati and Bahraini embassies in Damascus) in December 2018, was considered at that time as (a major change in the Gulf policy towards Syria, and it was among the first indications of a more comprehensive normalization). There is no doubt that these steps came after consulting Saudi Arabia. However, it seems that Saudi Arabia, as usual, is taking a cautious and secretive attitude towards the move of rapprochement with Syria due to its fear of the “Al-Assad regime’s relations with Tehran”.
At the time, the UAE and Bahrain talked about (the geopolitical benefits of rehabilitating the regime of President Bashar Al-Assad). The State of Bahrain confirmed that “the step of integrating Bashar Al-Assad aims to strengthen the Arab role and prevent regional interference in Syrian affairs”.
The most important analytical question for me is whether Abu Dhabi has completely severed its relations with Damascus at all, given (the continued presence of prominent Syrian figures loyal to Damascus living and working in the Emirates).
In general, this (continuous stream of signals emanating from Damascus and other Arab capitals, led by the Emirates for rapprochement with Syria), indicates that the former opponents of the Syrian government have come close to reaching mutually beneficial arrangements with the Syrian government, some of which pledged a few years ago to drop it.
The most important gains for the Syrian regime from that rapprochement with the UAE and the rest of the Arab countries will be (reconstruction contracts for Syria and energy deals), in addition to the markets that will be opened to it if they reconcile with the Arab countries, which may later pave the way for “inclusion of Damascus again and returning its membership in the League of Arab States”, which is of course the most important strategic step for the UAE and the Gulf states, to help Syria to return back to the “Arab House”, and consequently put pressure on it not to rapprochement with Iran, as it is a rival opponent for the UAE and the Gulf states.
In this context, the Syrian capital, Damascus is now hoping for (influential Arab voices to exert international pressure in order to lift the severe sanctions imposed on the Syrian regime), which aims to (punish Syrian officials and Syrian organizations for their alleged involvement in human rights violations).
India’s and Pakistan’s attitude towards Afghanistan | podcast
The CIA, MI6 and the Russian Security Council have recently pointed out that India is emerging as a global hub...
Looming Humanitarian Crisis – Millions May Die in Afghanistan
There is a dire need for massive funds transfer to Afghanistan in present circumstances where banks and businesses have collapsed,...
Middle Eastern autocrats sigh relief: the US signals Democracy Summit will not change policy
The United States has signalled in advance of next week’s Summit for Democracy that it is unlikely to translate lip...
WHO and Future Frontiers of Global Pandemic Governance
The Covid-19 pandemic has revealed the deep fissures among the countries with regards to governance of the pandemic .The uncoordinated...
Local Wisdom Brings Everybody Towards Sustainability
Climate change, carbon emission, zero waste, circular economy, and sustainability. If you are anywhere on the internet just like 62%...
China will donate 1 billion covid-19 vaccines to Africa
Chinese President Xi Jinping during his keynote speech, via video link, at the opening ceremony of the Eighth Ministerial Conference...
Shifting Geography of the South Caucasus
One year since the end of the second Nagorno-Karabakh war allows us to wrap up major changes in and around...
Intelligence3 days ago
ISIS-K, Talc, Lithium and the narrative of ongoing jihadi terrorism in Afghanistan
Economy4 days ago
Gender-based violence in Bangladesh: Economic Implications
Africa3 days ago
What a Successful Summit for Democracy Looks Like from Africa
Middle East3 days ago
Vienna Talks: US-Russia-China trilateral and Iran
Africa3 days ago
Q&A: Arguments for Advancing Russia-African Relations
Africa3 days ago
Nigeria’s role in ECOWAS peacekeeping
Reports4 days ago
Small Businesses Adapting to Rapidly Changing Economic Landscape
Middle East3 days ago
Saudi religious moderation is as much pr as it is theology