Connect with us

Intelligence

It’s Hard to Find a Black Cat in a Dark Room, Especially If It Isn’t There: RAND on the Search for Cyber Coercion

Published

on

What is cyber coercion and how have states used cyber operations to coerce others? These are the questions addressed in the RAND think tank’s recent reportFighting Shadows in the Dark. Understanding and Countering Coercion in Cyberspace“. The authors discuss cyber operations conducted by four states — Russia, China, Iran and North Korea — and try to determine whether those activities amounted to cyber coercion.

Starting with the study findings, we will highlight the following points. Cyber operations intended to coerce are a small subset of overall cyber operations globally. Espionage remains the predominant purpose of states’ cyber operations. Despite that, the authors think that states like Russia and North Korea appear to be more likely to have used cyber operations as a coercive tool than China and Iran. The authors also find that, contrary to what coercion theory would predict, states do not make distinct threats with unambiguous demands for changes in behaviour often. Instead, they deny responsibility, hiding behind proxies. Despite the low probability of success, the authors anticipate states will continue to use and may, in fact, come to employ cyber operations more often in the future to coerce. To prepare for this outcome, the United States and its allies need to work now to develop methods to discern cyber coercion as it emerges and strategies to deter and counter it in the future.

Even though the report has certain scientific value, the authors have left quite a lot of space for criticism. First, we need to examine several serious methodological issues. Second, setting aside the fact that the study was sponsored by the United States Department of Defence and its affiliated entities, the authors specifically mention that they only used data from open sources. Indeed, the evidence is mostly taken from reports published by companies such as Mandiant and its eventual buyer FireEye, whose leadership has certain connections both with the Department of Defence and with the U.S. intelligence community. So the evidence of countries’ involvement in cyber operations cannot be seen as objective. Finally, it is lamentable that the ways suggested by the authors for solving problems are strikingly one-sided and do not contain the slightest hint of any possible affirmative action.

Coercion

The authors attempt to base their methodology for defining coercion in cyberspace on the seminal work by the American economist Thomas Schelling Arms and Influence, among other things. They claim that Schelling described two forms of coercion: active coercion (compellence) and passive coercion (deterrence). In their words, the former involves the active use of force in some form to compel action by another. In contrast, the latter involves the threatened use of force to either motivate action or refrain from a particular activity. Schelling himself says the following:

“… partly deterrence has been a euphemism for the broader concept of coercion, as ‘defence’ has replaced words like ‘war’ and ‘military’ in our official terminology. It is a restrictive euphemism if it keeps us from recognizing that there is a real difference between deterrence and what, in Chapter 2, I had to call ‘compellence,’ that is, a real difference between inducing inaction and making somebody perform.” [1]

“… brute force succeeds when it is used, whereas the power to hurt is most successful when held in reserve. It is the threat of damage, or of more damage to come, that can make someone yield or comply. It is latent violence that can influence someone’s choice — violence that can still be withheld or inflicted … The threat of pain tries to structure someone’s motives, while brute force tries to overcome his strength. Unhappily, the power to hurt is often communicated by some performance of it. Whether it is sheer terroristic violence to induce an irrational response, or cool premeditated violence to persuade somebody of your intent and willingness to repeat, it is not the pain and damage itself but its influence on somebody’s behaviour that matters. It is the expectation of more violence that gets the wanted behaviour, if the power to hurt can get it at all.” [2]

It is obvious that Schelling draws a clear line between deterrence and coercion and, more importantly, points out that coercion implies limited use of force: force plays a secondary part, while the central condition is threatening damage.

Further, while describing the logic of coercion, the authors quote several scholarly works that repeat the key points made by Schelling. In one of them, coercion is summarized with the phrase “if you do not do X, I will do Y.” [3] Another work states that a coercive action or threat “demands clarity in the expected result … [and to] be accompanied by some signal of urgency.” [4] These appear to be true and ought to have been taken as the basis. Yet the authors of the report choose another path: they declare that the observed practice differs from the theory of cyber coercion (which, it should be noted, was inferred from practice) and claim that demands and threats expressed as part of such coercion are sometimes ambiguous, as identification of the threatening party can be. But what remains of coercion if its defining characteristics are removed? Large-scale cyber-attacks are not just a show of force but achievement of specific objectives, so they have nothing to do with coercion.

The above seems to challenge the accuracy of the question asked at the beginning of the paper under review: “What is cyber coercion?” Let us first consider what coercion is. It appears to be primarily a form of policy aimed at maintaining or changing the existing order of distribution of power and wealth in the global community [5]. From this standpoint, the essence of coercion is to change the political behaviour of other actors in the global political arena with the possibility of a limited demonstration of force that does not escalate into full-scale warfare. To some extent, the essence of coercive policy is described in the Art of War by Chinese General Sun Tzu: “Therefore the skilful leader subdues the enemy’s troops without any fighting; he captures their cities without laying siege to them; he overthrows their kingdom without lengthy operations in the field.” Even so, coercive violence is also possible: discussing this, Schelling cites an example from the history of the Wild West: raids on some Indian settlements were intended to break the resistance of and subjugate all tribes. But here the Indians were clear about the source of the threat, the possible consequences of resistance and the demands that were put forward, as well as the ways out — either to submit or to retreat.

If we base our discussion on the above premise that coercion is a form of policy, a more appropriate question arises: can cyber-means be used to implement a coercion policy and, if so, how effectively? Based on the definition of coercion, its implementation generally requires A to demand that B change its policy in a specific way — with a demonstration of force that can be used to its full extent if the demand is not satisfied. In individual cases, demands, threats or demonstration of force can be implicit. Still, it is evident that the victimized party needs to be aware of such risks and understand them correctly. This imposes certain conditions on the means used for implementing a coercion policy.

The ICT environment has a number of properties making it an attractive medium for influence. First of all, it offers anonymity and action across borders, which complicates attribution, i.e., identification of the source of influence. The “plausible deniability” of involvement in cyber-attacks is one of their most significant benefits as a military-political tool. Experience shows that cyber-attacks can be used to project and demonstrate power. Still, the party that uses them for coercive purposes has to assume responsibility or reveal its involvement in some other way. According to some statistics, numerous cyber-attacks are carried out against the Russian public infrastructure every day (2.4 billion hostile actions were detected in 2017, rising to 4 billion in 2018). Recognizing a demonstration of force or a demand to change one’s policy within such a torrent of events appears impossible. Using the possibility of a cyber-attack as a threat also seems ineffective because it allows the potential adversary to prepare for the attack and to fend it off.

Public Policy

The authors of the report claim that, as the development of more connected and interconnected information systems and networks proceeds, the potential for actors to use cyber operations to exert influence and impact the economic, political, and social wellbeing of other states is incresing. When examining possible episodes of cyber coercion, however, the authors confine themselves to just four key global political actors identified by the U.S. Government: Russia, China, Iran and North Korea. For each country, open-source research was conducted to develop an overview of their capabilities, published doctrine on cyber operations, as well as available data on government-affiliated cyber operations groups.

The authors’ research into doctrines and documents disclosing states’ positions concerning operations in cyberspace is incomplete, inconsistent and sometimes merely erroneous. For example, when quoting strategic planning documents of the Russian Federation, the authors state that “[a]lthough Russia sees its adversaries conducting such [information] operations against it, these writings indicate how Russia thinks about the potential role for cyber operations in its operations as well.” Here it would suffice to consult the Russian Federation Armed Forces’ Information Space Activities Concept, which reads: “Cyberspace conflict settlement shall be carried out in the first place by means of negotiation, conciliation, addressing to the U.N. Security Council or regional agencies or agreements, or by other peaceful means.” The authors also quote Chinese experts, who point out a whole range of disadvantages of network deterrence and coercion operations, above all the fact that the ambiguous nature of cyber operations may reduce their efficacy [6]. Successful deterrence and coercion results from effective signalling — the adversary must first be aware of the source and motivation for the influence for it to take actions expected by the attackers. The authors conclude that China “is taking a more circumspect approach to using cyber operations for coercive purposes, focusing largely on stealing data or silencing critics of the regime. China may, however, seek to expand its use of cyber operations to coerce in the future.” It is an entirely groundless conclusion, especially considering all the disadvantages the Chinese experts have pointed out.

As for the specific cyber capabilities of each state, the work done by RAND is not based on concrete facts. For example, as corroboration of the claims of Russia’s involvement in cyber-attacks on Montenegro in 2018, they refer to an article stating that: “Three international I.T. security companies say the emails [containing malware] came from APT28, also known as Fancy Bear, which U.S. intelligence services say is connected to the Russian military intelligence service, GRU.” China’s involvement in cyber-attacks on South Korean networks and systems, as well as other episodes of cyber influence, are proven similarly. A case from 2017 is mentioned, when the U.S. Department of Justice brought cyber-espionage charges against three employees of the Chinese company Boyusec. Even though federal prosecutors deliberately avoided the question of whether Boyusec was affiliated or connected with the Chinese government, private sector representatives noted that they assumed that Boyusec had been working for the Ministry of State Security of China. Myths are born from repetition and persistent emphasis on facts long disproven. For instance, Russia is alleged to have carried out cyber-attacks on Estonian government agencies in 2008, even though this allegation has long been refuted: an independent investigation confirmed that the operation was, in fact, the work of activists with no government affiliation.

The RAND report relies on a biased selection of evidence provided by entities associated with the United States intelligence community, and it gives the impression of stretching facts to create a negative image of Russia, China, Iran and North Korea as malicious actors in cyberspace. Meanwhile, it is the current U.S. strategic planning documents that articulate a clear vision of a threat to freedom and democracy and set the goal of ensuring peace using force. This implies identifying adversaries and exerting influence using all available means. Coercion policy has already become the norm in the United States. Take, for example, this summer, when The New York Times published a piece claiming that the U.S. secret services have carried out offensive operations against the Russian electricity grid and power plants. The purpose of that publication is still unclear: was it a leak and, if so, was it intended? Or was it disinformation? U.S. President Donald Trump accused journalists of treason, and representatives of the U.S. National Security Council said there were no risks to national security. If we take the lead from RAND, however, and look at the broader context, we see that, against the backdrop of tension between Russia and the U.S., this publication was a clear signal of coercive policy.

Establishing peace through force does not provide a mutually acceptable mechanism for reducing tensions in the ICT sphere. And though, as the authors themselves note, not all of the cases examined in the report are explicit acts of cyber coercion, it is necessary to develop the means to detect early signs of cyber coercion and to craft deterrence and resilience strategies. It is assumed to be enough to respond successfully to cyber coercion. The authors see no ways of solving the problem other than developing strategies to counter this phenomenon (it may be assumed that those will include all available means, including “public attribution”).

In conclusion, the authors repeat the message that cyber operations may not be accompanied by clear signalling of a threat or expected behaviour, let alone means that can be used for coercion. It is also challenging to determine what exactly cyber operations carried out against another country are aimed at. Maybe the argument would benefit from Occam’s methodological principle: “entities should not be multiplied without necessity.” Indeed, just as the authors state, ICT tools are widely used by many states to accomplish military and political objectives. Yet, if an action is not aimed at changing the political behaviour of another country and if there is no direct threat or use of force (which would be a violation of the United Nations Charter, by the way), should we speak of so-called coercion or is it just regular cyber activity, which is now commonplace? A vivid example of a coercive policy that is mentioned, but not discussed by the authors, is the cyber-attack on Iranian nuclear programme facilities in 2010. First, specific countries demanded that Iran wind down its nuclear programme. Second, there was talk of a possible strike if the conditions were not fulfilled. As we know, Iran did not change its policy, and the cyber-attack that followed was not an act of coercion or a limited demonstration of force but fulfilled particular tasks: Iran’s nuclear programme was slowed down considerably.

What we need is not strategies against cyber coercion, which RAND experts call for, but international frameworks for precluding conflicts in cyberspace. One such framework could be built up from the norms, rules and principles of responsible behaviour in the ICT environment formulated by the international community through the United Nations Group of Governmental Experts.

From our partner RIAC

1. Thomas C. Schelling, Arms and Influence, New Haven, Conn.: Yale University Press, 1966., P. 174–175.

2. Ibid. P. 3.

3. Erica D. Borghard and Shawn W. Lonergan, “The Logic of Coercion in Cyberspace”, Security Studies, Vol. 26. No. 3, 2017, pp. 433–34.

4. Christopher Whyte, “Ending Cyber Coercion: Computer Network Attack, Exploitation and the Case of North Korea”, Comparative Strategy, Vol. 35, No. 2, 2016.

5. For a definition of policy, see Kokoshin A.A. Global politics: theory, methodology, applied analysis [Mirovaya politika: teoria, metodologia, prikladnoy analiz]. Komkniga, 2005. ISBN 5484000874 (in Russian).

6. Shou Xiaosong, ed., The Science of Military Strategy [战略学], Beijing, China: Military Science Press, 2013, p. 194.

Continue Reading
Comments

Intelligence

Contours of India’s economic and cyber-warfare against China

Amjed Jaaved

Published

on

In his book The Age of the Economist, Daniel R. Fusfeld tells how economics governs our life today. In today’s market or quasi-market economies, no country can live in economic isolation (sakoku). India is quite adept in using its economic clout, including defence purchases, as a tool of coercive diplomacy.

Amid Ladakh border standoff, India’s defence ministry approved purchase proposals amounting to an estimated Rs 38,900 crores. They include procurement of 21 MiG-29s, upgrading Indian Air Force’s existing MiG-29 aircraft, procurement of 12 Su-30 MKI aircraft. The MiG-29 procurement and up gradation from Russia will cost Rs 7418 crores. The Su-30 MKI will however be procured from Hindustan Aeronautics Limited (HAL) at an estimated cost of Rs 10,730 crores. The Indian Railways on Thursday terminated its dedicated freight corridor contract with the Chinese firm ostensibly due to “poor progress” on the signalling and

telecommunication work on the Eastern Dedicated Freight Corridor’s 417-km section between Kanpur and Mughalsarai (India Today, July 2, 2020). Action is underway to replace “Chinese giants” with Indian firms in the construction of the Delhi-Meerut road-transport project. India has directed all companies to label the origin of import. Custom duties on all Chinese imports, particularly power sector’s.

By way of a cyber attack, India took down 59 Chinese applications on Google Play Store. The removed apps include UC Browser, SHAREit, WeChat, CamScanner, and Mi Community, and TikTok.Indian government announced the applications are engaged in activities “prejudicial to sovereignty and integrity of India, defence of India, security of state and public order.”

The ban has been imposed under Section 69A of the Information Technology Act read with relevant provisions of the Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules 2009, it said. The govt. also cited complaints about data on Indian users being transferred abroad without authorisation.

The move is intended to serve as a blow to China’s Digital Silk Route ambitions, eroding the valuation of the companies. The USA has lauded India’s draconian initiative.

How India economic clout serves its coercive diplomacy: The world should shun India because of its human-rights violations in Kashmir. But, it isn’t so because of its economic clout. Through aid to or trade, India influences not only internal but also external policies of client states: Rafale deal with France, US$3 billion Raytheon/Lockheed helicopter and air defence deal with USA, and trade relations with Saudi Arabia and the United Arab Emirates.

In Sri Lanka, India brokered to remove Mahinda Rajapaksa from office 2015. Rajapakse had given China strategic entry into Sri Lanka, by leasing out Hambantota port to China and allowing it to build Colombo port and dock its submarines in Sri Lanka.  Now Sri Lanka has handed over control of Humbantota to India. India gave $45.27 million aid to develop KKS harbour in Sri Lanka (Jan 12, 2018).

India extended 2.1-billion Nepalese Rupee (NR) aid to Nepal as reimbursement of the first tranche of housing support to 42,086 governments of India- supported beneficiaries in Nuwakot and Gorkha districts. It pledged Nepal US $1 billion aid and soft loan (25%) for Nepal’s post-earthquake. Recently, India occupied some Nepalese territories including Kala Pani.

She pledged to contribute Rs 4,500 crore to Bhutan’s twelfth five-year plan (2018 to 2023). It completed Mangdhechu Hydroelectric project and Ground Earth Station for South Asia Satellite and launch of RuPay card in Bhutan. Besides, it committed assistance of Rs 4,500 Crore for implementation of development projects and Rs 400 Crore for transitional Trade Support Facility during Bhutan’s 12th Five Year Plan (2018 – 2023). Under the 12th 5-Year Plan, 51 large and intermediate projects and 359 Small Development Projects (SDPs)/High Impact Community Development Projects (HICPDs) are being carried out. India’s commitment to the 12th Plan constitutes about 14.5 per cent of the Plan outlay which is around 38.75 per cent of the capital outlay and 71 per cent of the total external assistance.

Bhutan asked India to stop Chinese road construction at Doklam. India did so as a `super-power’.

To Bangladesh, India extended three $8 billion loans. A total of 1.16 Gigawatts of power is now being supplied by India to Bangladesh. The increase, in the reckoning of the Prime Minister, signifies a “quantum jump from megawatts to Gigawatts and is symbolic of a golden era” in bilateral ties. Markedly, Mamata Banerjee has pledged to raise the power supply to Bangladesh to 1,000 MW. Though electricity will not be a substitute for Teesta water, the plan to boost power supply is on anvil.

Launching the ‘Act Far East’ policy, India’s Prime Minister Narendra Modi announced (September 5, 2019) that India will give a line of credit worth US$ 1 billion to Russia for the development of the Far East.

India has provided Lines of Credit worth $ 96.54 million to Niger for projects in transport, electrification, solar energy and potable drinking water. It granted $15 million to Niger for organising African Union Summit

India and Japan have launched their own joint initiative in the shape of Asia-Africa Growth Corridor (AAGC) vis-a-vis China’s Belt-Road Initiative for undertaking development and cooperation projects in the African continent.

China’s boycott: There are shrill calls for boycott of Chinese imports. However, it is easier said than done. Imports from China to India are close to five times more than exports from India to China. The figures for 2019-20 are $74 billion and $18 billion respectively. A majority of the imports are in crucial sectors such as antibiotics and pharmaceutical ingredients, telecom equipment and semiconductor devices.

In each of these sectors, the imports are to the tune of above 70 per cent of India’s requirements. Chinese investments have also seen a whopping increase over the past five years. The figures for the 2014-17 period show that investments rose from $1.6 billion in 2014 to $8 billion in 2017.

These investments are in sectors as broad-based as automobiles, electronics and pharmaceuticals and are across the country. One of the top destinations in Gujarat, a State that the BJP has ruled for 19 years at a stretch.

States such as Haryana, Karnataka and Maharashtra have also welcomed huge Chinese investments in infrastructure projects over the past decade.  Bilateral trade between India and China increased from $38 billion in 2007-08 to $89.6 billion in 2017-18, and of this, the rise in imports from China was to the tune of $50 billion, while Indian exports increased only by $2.5 billion. Trade with China constituted more than 40 per cent of India’s total trade deficit.  Chinese trade was galloping in pharmaceuticals, solar power and textiles. India’s dependence on China for life-saving drugs was to the tune of 90 per cent, and in solar energy China’s penetration was up to 84 per cent.

India’s knee jerks to Malaysia and Turkey: Malaysian prime minister Mahathir Mohammad had said in September that India had “invaded and occupied” Kashmir. He was joined by Turkey’s President Recep Tayyip Erdogan, who said that India had virtually imposed “a blockade” on Kashmiris.Their views on Kashmir and the Citizenship (Amendment) Act (CAA) irked India.India lodged a formal protest stating that it went against the accepted diplomatic practice of “non-interference in each other’s internal affairs”.

Already, India was angry as Malaysia refused to hand over Indian Islamic tele-evangelist Zakir Naik.  He was given asylum in Malaysia in 2018 despite the Indian allegations of money laundering and “hate speech”. Zakir disclosed India punished him for his views about Kashmir. Pakistan’s friend Mahathir Mohammad is no longer at helm of affairs in Malaysia.

The Indian government also sought to penalise Turkey by not allowing it to bid for construction contracts. During his February 2020 visitto Pakistan, he desired Turkey to be a partner in CPEC construction projects. India’s frantic effort to get Pakistan blacklisted is well known.

 Nascent resistance to Indian coercion: Offended at occupation of its territories including Kala Pani, Nepal took legislative steps to show Kala Pani as its territory. It reportedly allowed China to occupy Rui village, and 11 other strategic locations (China occupies Nepal village, Tribune India, June 24, 2020). India activated its stooges to pass a no-confidence motion against prime minister Oli (who averted the move by getting parliament prorogued). Bhutan stopped a river flow to India. Bangladesh, Maldives, Sri Lanka, and Myanmar also have expressed ennui on some Indian policies.

Labelling China ‘a pariah state’: India and the USA want to portray or declare China as a pariah state.  Economic sanctions, aid or trade embargo or `terror’ labels are extensively used to punish weak states by powerful states.  See how the USA uses  a flexible format to dub or delete a country as axis of evil, money-laundering conduit, sponsor of terrorism or pariah (Tamil paraiyar, outcastes), or rogue (Iran, Sudan, North Korea, Cuba, Venezuela). Ottoman Empire was persecuted as an outcast by European States since the Treaty of Westphalia in 1648 until the nineteenth century on a religious basis’.

Deon Geldenhuys. points out criteria for declaring a state pariah_ having ‘artificial borders’ (Iraq), siege mentality, anti-West sentiments and desire to subvert the international status quo (Pakistan?), or not being a considerable `world power’(“Pariah States in the Post-Cold War World: A Conceptual Exploration,  March 5, 1997).  China being a `world power’ is not pariah despite human-rights complaints in Xinjiang.

Inference: Indian prime minister Modi himself told an all-party conference, “Neither have they [Chinese] intruded into our border, nor has any post been taken over by them (China)”. Even former defence minister AK Antony and former foreign secretary Shyam Saran denied China had taken over 640 sq km of Ladakh territory. Even, “The Indian army denied that Ladakh had shrunk. Change in the river course was cited as a reason for the loss of 500-1,500 meters of land annually”. Then, why the storm in a teacup.

Obviously, India is exerting diplomatic, economic and military pressure on its neighbours, including China to accept India’s `annexation’ of the disputed Kashmir state as a fait accompli.

Continue Reading

Intelligence

The Diversification of Violence and Foreign Policy

Published

on

In a recently published essay for e-ir.info, Marianna Albuquerque, Coordinator of the South American Political Observatory, provides a succinct and accessible history of the theory of war as it has evolved according to shifting economic, geopolitical, and institutional realities.

Beginning with a brief discussion of what Élie Tenenbaum has elsewhere referred to as the system of “Westphalian regularity” that for many centuries defined the parameters of traditional warfare between and among states, Albuquerque pivots to an analysis of “irregular” or “asymmetrical” wars that, to a certain degree, have become anever more commonplace aspect of inter- and intra-national conflict in the modern era. She is keen to point out, however, that while irregular war does not in and of itself constitute a wholly new phenomenon, what is of significance is “the extent of its use.”

Accordingly, with the advent of not just new kinds of war but also of the ways in which wars are conceived of and prosecuted, Albuquerque asserts that right now what is needed is a “new lexicon” that “must consider the social character and the human consequences of the diversification of violence” (emphasis added).This richly suggestive phrase establishes a useful prism through which it becomes possible to consider the potential ramifications of the various ways in which nations or non-state entities, be they corporations, drug cartels, or revolutionary organizations, aggressively pursue their interests.

Of primary importance is the necessity to briefly consider the relationship between the diversification of violence and the proliferation of violence. In the simplest of terms, the primary difference between these two ideas or concepts is what some analysts and scholars have identified as the emergence of new forms of violence or discord and merely the exponential multiplication of violence as a defining element of present-day politics. Ultimately, it is not that violence has expanded or increased in terms of magnitude. Rather, what is noteworthy is the observation that it is highly adaptive; that is, violence changes as a function of or response to innovations in the fields of technology, politics, commerce, and industry, among others.

It is impossible to provide a full and exhaustive catalogue of the many new forms of irregular or asymmetrical war that the world faces today. Included below, however, is an admittedly short and incomplete survey that can serve as a point of departure for further analysis of novel types of conflict and for thinking about how a progressive foreign policy can respond to the challenges they present.

The emergence and evolution of cyber warfare as a serious threat to national security and economic stability is certainly high on the list of potential disruptors to the global status quo.From the sophisticated joint U.S.-Israeli Stuxnet attack on Iranian nuclear infrastructure, to the North Korean operation against Sony Pictures in the wake of that studio’s production and release of the satirical film The Interview, cyber warfare has become an increasingly common tactic employed by states and non-state actors to project power and influence beyond and across borders.

Similarly, the well-documented and exhaustively covered attempt by Russian troll farms and twitter bots to influence the American presidential contest in 2016 reveals the extent to which social media has become weaponized in order to sow chaos and confusion on the world stage. Regardless of the eventual result or actual degree of effectiveness of this campaign, what is certain is that this operation did cause many observers to call into question the integrity and security of U.S. elections and to raise doubts concerning the sanctity and legitimacy of the democratic process in this country.

Of related and increasingly relevant concern is the emergence of so-called of “stochastic terrorism.” In a post from January 2011, an anonymous blogger breaks down this concept into two constituent elements: 1. The use of mass communication to incite random actors to carry out violent or terrorist acts that are statistically predictable but individually unpredictable. 2. Remote-control murder by lone wolf. Thus, in an age in which a post on a message board or a provocative tweet can potentially lead to catastrophic violence, it is imperative to address the fragile balance of preserving the fundamental right of freedom of expression and the need to predict and prevent acts of terror.

Other manifestations of irregular war include the evolution of the exploitation and deployment of mercenaries, paramilitary forces, and private security contractors in various hotspots such as Libya, Afghanistan, and Mozambique. Again, while this practice is not in and of itself entirely “new” per se, the extent of its use and its wide acceptance as an instrument of state power or international relations certainly demands the attention of those tasked with diplomacy and de-escalation of conflicts.

Additionally, economic policies like the institution of tariffs and the placing of sanctions, the formation of regional trade blocs and associations, and even debt ownership as a means of exerting influence over poorer nations, are ways in which different governments around the world often times project power.

In order to adequately address this diversification of violence, then, a progressive foreign policy must include certain fundamental priorities. Among these are taking the concrete and verifiable steps necessary to adhere to international peace treaties, trade agreements that protect workers and the environment, and promises to decrease and regulate existing stockpiles of nuclear, chemical, and biological weapons.

Furthermore, it is of paramount importance to re-evaluate government spending priorities and resource allocation in order to properly fund and support the necessary work of various international aid organizations and non-profit groups that advocate for increasing the health and well-being of vulnerable and marginalized populations. And perhaps most obviously, as the climate crisis becomes ever more acute with each successive year, the increased investment in new technologies that continue to diminish our reliance on fossil fuels and that address the profound threat posed by the scarcity of resources, including the limited availability of fresh water and adequate housing, should be a primary concern.

Finally, in a time defined as it is by increasingly high levels of insecurity, imbalance, and turmoil, revisiting the idea of hybrid peacebuilding has the potential to yield positive results. In its simplest formulation, hybrid peacebuilding“ signals a willingness to accept and work with traditional institutions and values based on religious, tribal, and kinship connections, and to explore how they can be combined with those of modernity to bring a lasting peace.”Perhaps by constructing lines of contact between the global and the subnational, an innovative and mutually beneficial solution to the problem of the diversification of violence can be achieved.

Continue Reading

Intelligence

Covid-19: Impacts on Pakistan’s Cybersecurity

Published

on

The Covid-19 pandemic still remains the most dominant factor affecting global scenario. Neither the superpowers nor the developing countries are spared of its curse. Whole world is in a crisis like situation whether it’s a super power or state like Pakistan, which has already been facing external threat and internal instabilities. Like every other state in the world to continue the routine activities, Pakistan has shifted its workload to online databases. The shift to online forum has increased dependence on internet making the country equally concerned about safeguarding its cyber security  – as safeguards and security systems of our cyber infrastructure are not so protective keeping in view the dynamic nature of cyber security. The government has recently launched its Digital Pakistan Policy which has acquired renewed significance in the current pandemic. Although it is a good initiative to facilitate the public but there are some loopholes that need to be addressed as Covid crisis seems to have prolonged indefinitely. There is a need to adopt effective measures so the weakness in the system can be effectively resolved on priority bases.

The current crisis situation has adversely impacted the educational hubs and other academic institutes which almost stopped functioning for a while. The government encourages the online classes and examination system. This not only helped schools and universities, but the research thinks thanks and other organizations were also able to resume their functions by utilizing online forum. Here the challenge for a country like Pakistan is the provision of fast and smooth internet connections in all the districts of country.  But now days, students of KPK, Balochistan, Gilgit Baltistan and even in some districts of Punjab are facing connectivity issues. Students have raised their voices through social media forum and student Unions. Other than smooth provision of internet facility, state need to have a robust independent network security systems during Covid-19 because of more dependence on computer and internet networks and keep up with the rapidly changing cyber technologies. Dependence on foreign developed applications like ‘Zoom’ can be harmful in the longer term for privacy. Recently, an intrusion occurred during the webinar of Institute of  Strategic Studies (ISSI) due to non-encrypted internet connection. In encrypted connection the risk factor still exists as the de-encrypted data is retained with the developers who can use it for their self-interest to harm the security of any state especially the states like Pakistan which is still in the nascent stage of acquiring and developing advanced cyber technology related tools. Another such incident occurred wherein the official website of Pakistan’s Higher Education Commission was attacked by scammers but later on it was clarified by HEC that it was just that someone just took the screenshot and make changes in its HTML coding and uploads it , which seems to be , that website is hacked . Although this scam   carried out in anger by internal rudiments was not so harmful and serious, but still it’s an alarm to be prepared for the rising threats and technological challenges that could be hazardous. It is, thus a big question mark on the Pakistan’s preparedness to face such challenges in future that could be serious in their nature. 

Covid-19 has quarantined the people inside their homes; activities are limited to internet and computers. This has provided the cyber-criminals with the opportunity to breach the privacy and use it for their own interests. During this quarantine, people to kill boredom are downloading different kind of applications in their mobile phones and PCs and agreeing to give that application access to mobile data. This can be harmful and data of people can be used to cause damage to personal as well as national security, because this is an era of information warfare and any entity or state can take advantage of the data provided to them unknowingly. Cyber criminals and hackers whether they are from within the state or outside; sponsored by rival states can easily exploit the loophole of the existing cyber infrastructure as previously before Covid-19 crises, Pakistani infrastructure has been attacked several times which includes the banking sector as well as armed forces infrastructure. For instance cyber-attacks carried out by Indian organization   Rattle snake on Navy’s Public relations Branch tried to manipulate the statements released by Public relations Branch. Above mentioned attacks carried out by India before Covid-19 were very alarming and threatening to national security. One can gauge the level of threat during Covid-19 when the whole country is working online. There have been efforts to digitize all the sectors of Pakistan with which whole data will be shifted to data clouds. This may lead to losing control over the data because once data is placed online, it will be available to everyone who can then penetrate easily and will be hazardous for national security.

To address the threats to data and preserve its national security, Pakistan needs a workable solution to protect its servers to store such huge bulks of national data. It also needs to maintain backup of the data to be on safer side. It needs to develop its own strong firewall security software against online viruses and Trojan horses to protect the data rather than being dependent on borrowed technologies and software because dependency in such domains in the longer runs can be harmful. So keeping in view the upcoming technological era and Covid-19 has to some added acceleration in the process of doing so. At this very moment, Pakistan needs to have a formalized national cyber security policy as an important pillar of national security.

Continue Reading

Publications

Latest

Trending