Connect with us

Intelligence

It’s Hard to Find a Black Cat in a Dark Room, Especially If It Isn’t There: RAND on the Search for Cyber Coercion

Published

on

What is cyber coercion and how have states used cyber operations to coerce others? These are the questions addressed in the RAND think tank’s recent reportFighting Shadows in the Dark. Understanding and Countering Coercion in Cyberspace“. The authors discuss cyber operations conducted by four states — Russia, China, Iran and North Korea — and try to determine whether those activities amounted to cyber coercion.

Starting with the study findings, we will highlight the following points. Cyber operations intended to coerce are a small subset of overall cyber operations globally. Espionage remains the predominant purpose of states’ cyber operations. Despite that, the authors think that states like Russia and North Korea appear to be more likely to have used cyber operations as a coercive tool than China and Iran. The authors also find that, contrary to what coercion theory would predict, states do not make distinct threats with unambiguous demands for changes in behaviour often. Instead, they deny responsibility, hiding behind proxies. Despite the low probability of success, the authors anticipate states will continue to use and may, in fact, come to employ cyber operations more often in the future to coerce. To prepare for this outcome, the United States and its allies need to work now to develop methods to discern cyber coercion as it emerges and strategies to deter and counter it in the future.

Even though the report has certain scientific value, the authors have left quite a lot of space for criticism. First, we need to examine several serious methodological issues. Second, setting aside the fact that the study was sponsored by the United States Department of Defence and its affiliated entities, the authors specifically mention that they only used data from open sources. Indeed, the evidence is mostly taken from reports published by companies such as Mandiant and its eventual buyer FireEye, whose leadership has certain connections both with the Department of Defence and with the U.S. intelligence community. So the evidence of countries’ involvement in cyber operations cannot be seen as objective. Finally, it is lamentable that the ways suggested by the authors for solving problems are strikingly one-sided and do not contain the slightest hint of any possible affirmative action.

Coercion

The authors attempt to base their methodology for defining coercion in cyberspace on the seminal work by the American economist Thomas Schelling Arms and Influence, among other things. They claim that Schelling described two forms of coercion: active coercion (compellence) and passive coercion (deterrence). In their words, the former involves the active use of force in some form to compel action by another. In contrast, the latter involves the threatened use of force to either motivate action or refrain from a particular activity. Schelling himself says the following:

“… partly deterrence has been a euphemism for the broader concept of coercion, as ‘defence’ has replaced words like ‘war’ and ‘military’ in our official terminology. It is a restrictive euphemism if it keeps us from recognizing that there is a real difference between deterrence and what, in Chapter 2, I had to call ‘compellence,’ that is, a real difference between inducing inaction and making somebody perform.” [1]

“… brute force succeeds when it is used, whereas the power to hurt is most successful when held in reserve. It is the threat of damage, or of more damage to come, that can make someone yield or comply. It is latent violence that can influence someone’s choice — violence that can still be withheld or inflicted … The threat of pain tries to structure someone’s motives, while brute force tries to overcome his strength. Unhappily, the power to hurt is often communicated by some performance of it. Whether it is sheer terroristic violence to induce an irrational response, or cool premeditated violence to persuade somebody of your intent and willingness to repeat, it is not the pain and damage itself but its influence on somebody’s behaviour that matters. It is the expectation of more violence that gets the wanted behaviour, if the power to hurt can get it at all.” [2]

It is obvious that Schelling draws a clear line between deterrence and coercion and, more importantly, points out that coercion implies limited use of force: force plays a secondary part, while the central condition is threatening damage.

Further, while describing the logic of coercion, the authors quote several scholarly works that repeat the key points made by Schelling. In one of them, coercion is summarized with the phrase “if you do not do X, I will do Y.” [3] Another work states that a coercive action or threat “demands clarity in the expected result … [and to] be accompanied by some signal of urgency.” [4] These appear to be true and ought to have been taken as the basis. Yet the authors of the report choose another path: they declare that the observed practice differs from the theory of cyber coercion (which, it should be noted, was inferred from practice) and claim that demands and threats expressed as part of such coercion are sometimes ambiguous, as identification of the threatening party can be. But what remains of coercion if its defining characteristics are removed? Large-scale cyber-attacks are not just a show of force but achievement of specific objectives, so they have nothing to do with coercion.

The above seems to challenge the accuracy of the question asked at the beginning of the paper under review: “What is cyber coercion?” Let us first consider what coercion is. It appears to be primarily a form of policy aimed at maintaining or changing the existing order of distribution of power and wealth in the global community [5]. From this standpoint, the essence of coercion is to change the political behaviour of other actors in the global political arena with the possibility of a limited demonstration of force that does not escalate into full-scale warfare. To some extent, the essence of coercive policy is described in the Art of War by Chinese General Sun Tzu: “Therefore the skilful leader subdues the enemy’s troops without any fighting; he captures their cities without laying siege to them; he overthrows their kingdom without lengthy operations in the field.” Even so, coercive violence is also possible: discussing this, Schelling cites an example from the history of the Wild West: raids on some Indian settlements were intended to break the resistance of and subjugate all tribes. But here the Indians were clear about the source of the threat, the possible consequences of resistance and the demands that were put forward, as well as the ways out — either to submit or to retreat.

If we base our discussion on the above premise that coercion is a form of policy, a more appropriate question arises: can cyber-means be used to implement a coercion policy and, if so, how effectively? Based on the definition of coercion, its implementation generally requires A to demand that B change its policy in a specific way — with a demonstration of force that can be used to its full extent if the demand is not satisfied. In individual cases, demands, threats or demonstration of force can be implicit. Still, it is evident that the victimized party needs to be aware of such risks and understand them correctly. This imposes certain conditions on the means used for implementing a coercion policy.

The ICT environment has a number of properties making it an attractive medium for influence. First of all, it offers anonymity and action across borders, which complicates attribution, i.e., identification of the source of influence. The “plausible deniability” of involvement in cyber-attacks is one of their most significant benefits as a military-political tool. Experience shows that cyber-attacks can be used to project and demonstrate power. Still, the party that uses them for coercive purposes has to assume responsibility or reveal its involvement in some other way. According to some statistics, numerous cyber-attacks are carried out against the Russian public infrastructure every day (2.4 billion hostile actions were detected in 2017, rising to 4 billion in 2018). Recognizing a demonstration of force or a demand to change one’s policy within such a torrent of events appears impossible. Using the possibility of a cyber-attack as a threat also seems ineffective because it allows the potential adversary to prepare for the attack and to fend it off.

Public Policy

The authors of the report claim that, as the development of more connected and interconnected information systems and networks proceeds, the potential for actors to use cyber operations to exert influence and impact the economic, political, and social wellbeing of other states is incresing. When examining possible episodes of cyber coercion, however, the authors confine themselves to just four key global political actors identified by the U.S. Government: Russia, China, Iran and North Korea. For each country, open-source research was conducted to develop an overview of their capabilities, published doctrine on cyber operations, as well as available data on government-affiliated cyber operations groups.

The authors’ research into doctrines and documents disclosing states’ positions concerning operations in cyberspace is incomplete, inconsistent and sometimes merely erroneous. For example, when quoting strategic planning documents of the Russian Federation, the authors state that “[a]lthough Russia sees its adversaries conducting such [information] operations against it, these writings indicate how Russia thinks about the potential role for cyber operations in its operations as well.” Here it would suffice to consult the Russian Federation Armed Forces’ Information Space Activities Concept, which reads: “Cyberspace conflict settlement shall be carried out in the first place by means of negotiation, conciliation, addressing to the U.N. Security Council or regional agencies or agreements, or by other peaceful means.” The authors also quote Chinese experts, who point out a whole range of disadvantages of network deterrence and coercion operations, above all the fact that the ambiguous nature of cyber operations may reduce their efficacy [6]. Successful deterrence and coercion results from effective signalling — the adversary must first be aware of the source and motivation for the influence for it to take actions expected by the attackers. The authors conclude that China “is taking a more circumspect approach to using cyber operations for coercive purposes, focusing largely on stealing data or silencing critics of the regime. China may, however, seek to expand its use of cyber operations to coerce in the future.” It is an entirely groundless conclusion, especially considering all the disadvantages the Chinese experts have pointed out.

As for the specific cyber capabilities of each state, the work done by RAND is not based on concrete facts. For example, as corroboration of the claims of Russia’s involvement in cyber-attacks on Montenegro in 2018, they refer to an article stating that: “Three international I.T. security companies say the emails [containing malware] came from APT28, also known as Fancy Bear, which U.S. intelligence services say is connected to the Russian military intelligence service, GRU.” China’s involvement in cyber-attacks on South Korean networks and systems, as well as other episodes of cyber influence, are proven similarly. A case from 2017 is mentioned, when the U.S. Department of Justice brought cyber-espionage charges against three employees of the Chinese company Boyusec. Even though federal prosecutors deliberately avoided the question of whether Boyusec was affiliated or connected with the Chinese government, private sector representatives noted that they assumed that Boyusec had been working for the Ministry of State Security of China. Myths are born from repetition and persistent emphasis on facts long disproven. For instance, Russia is alleged to have carried out cyber-attacks on Estonian government agencies in 2008, even though this allegation has long been refuted: an independent investigation confirmed that the operation was, in fact, the work of activists with no government affiliation.

The RAND report relies on a biased selection of evidence provided by entities associated with the United States intelligence community, and it gives the impression of stretching facts to create a negative image of Russia, China, Iran and North Korea as malicious actors in cyberspace. Meanwhile, it is the current U.S. strategic planning documents that articulate a clear vision of a threat to freedom and democracy and set the goal of ensuring peace using force. This implies identifying adversaries and exerting influence using all available means. Coercion policy has already become the norm in the United States. Take, for example, this summer, when The New York Times published a piece claiming that the U.S. secret services have carried out offensive operations against the Russian electricity grid and power plants. The purpose of that publication is still unclear: was it a leak and, if so, was it intended? Or was it disinformation? U.S. President Donald Trump accused journalists of treason, and representatives of the U.S. National Security Council said there were no risks to national security. If we take the lead from RAND, however, and look at the broader context, we see that, against the backdrop of tension between Russia and the U.S., this publication was a clear signal of coercive policy.

Establishing peace through force does not provide a mutually acceptable mechanism for reducing tensions in the ICT sphere. And though, as the authors themselves note, not all of the cases examined in the report are explicit acts of cyber coercion, it is necessary to develop the means to detect early signs of cyber coercion and to craft deterrence and resilience strategies. It is assumed to be enough to respond successfully to cyber coercion. The authors see no ways of solving the problem other than developing strategies to counter this phenomenon (it may be assumed that those will include all available means, including “public attribution”).

In conclusion, the authors repeat the message that cyber operations may not be accompanied by clear signalling of a threat or expected behaviour, let alone means that can be used for coercion. It is also challenging to determine what exactly cyber operations carried out against another country are aimed at. Maybe the argument would benefit from Occam’s methodological principle: “entities should not be multiplied without necessity.” Indeed, just as the authors state, ICT tools are widely used by many states to accomplish military and political objectives. Yet, if an action is not aimed at changing the political behaviour of another country and if there is no direct threat or use of force (which would be a violation of the United Nations Charter, by the way), should we speak of so-called coercion or is it just regular cyber activity, which is now commonplace? A vivid example of a coercive policy that is mentioned, but not discussed by the authors, is the cyber-attack on Iranian nuclear programme facilities in 2010. First, specific countries demanded that Iran wind down its nuclear programme. Second, there was talk of a possible strike if the conditions were not fulfilled. As we know, Iran did not change its policy, and the cyber-attack that followed was not an act of coercion or a limited demonstration of force but fulfilled particular tasks: Iran’s nuclear programme was slowed down considerably.

What we need is not strategies against cyber coercion, which RAND experts call for, but international frameworks for precluding conflicts in cyberspace. One such framework could be built up from the norms, rules and principles of responsible behaviour in the ICT environment formulated by the international community through the United Nations Group of Governmental Experts.

From our partner RIAC

1. Thomas C. Schelling, Arms and Influence, New Haven, Conn.: Yale University Press, 1966., P. 174–175.

2. Ibid. P. 3.

3. Erica D. Borghard and Shawn W. Lonergan, “The Logic of Coercion in Cyberspace”, Security Studies, Vol. 26. No. 3, 2017, pp. 433–34.

4. Christopher Whyte, “Ending Cyber Coercion: Computer Network Attack, Exploitation and the Case of North Korea”, Comparative Strategy, Vol. 35, No. 2, 2016.

5. For a definition of policy, see Kokoshin A.A. Global politics: theory, methodology, applied analysis [Mirovaya politika: teoria, metodologia, prikladnoy analiz]. Komkniga, 2005. ISBN 5484000874 (in Russian).

6. Shou Xiaosong, ed., The Science of Military Strategy [战略学], Beijing, China: Military Science Press, 2013, p. 194.

Continue Reading
Comments

Intelligence

Burning Planet: Climate Fires and Political Flame Wars Rage

MD Staff

Published

on

Economic and political polarization will rise this year, as collaboration between world leaders, businesses and policy-makers is needed more than ever to stop severe threats to our climate, environment, public health and technology systems. This points to a clear need for a multistakeholder approach to mitigating risk at a time when the world cannot wait for the fog of geopolitical disorder to lift. These are the findings of the World Economic Forum’s Global Risks Report 2020, published today.

The report forecasts a year of increased domestic and international divisions and economic slowdown. Geopolitical turbulence is propelling us towards an “unsettled” unilateral world of great power rivalries at a time when business and government leaders must focus urgently on working together to tackle shared risks.

Over 750 global experts and decision-makers were asked to rank their biggest concerns in terms of likelihood and impact and 78% said they expect “economic confrontations” and “domestic political polarization” to rise in 2020.

This would prove catastrophic, particularly for addressing urgent challenges like the climate crisis, biodiversity loss and record species decline. The report, produced in partnership with Marsh & McLennan and Zurich Insurance Group, points to a need for policy-makers to match targets for protecting the Earth with ones for boosting economies – and for companies to avoid the risks of potentially disastrous future losses by adjusting to science-based targets.

For the first time in the survey’s 10-year outlook, the top five global risks in terms of likelihood are all environmental. The report sounds the alarm on:

  • Extreme weather events with major damage to property, infrastructure and loss of human life
  • Failure of climate-change mitigation and adaptation by governments and businesses.
  • Human-made environmental damage and disasters, including environmental crime, such as oil spills, and radioactive contamination.
  • Major biodiversity loss and ecosystem collapse (terrestrial or marine) with irreversible consequences for the environment, resulting in severely depleted resources for humankind as well as industries.
  • Major natural disasters such as earthquakes, tsunamis, volcanic eruptions, and geomagnetic storms.

It adds that unless stakeholders adapt to “today’s epochal power-shift” and geopolitical turbulence – while still preparing for the future – time will run out to address some of the most pressing economic, environmental and technological challenges. This signals where action by business and policy-makers is most needed.

“The political landscape is polarized, sea levels are rising and climate fires are burning. This is the year when world leaders must work with all sectors of society to repair and reinvigorate our systems of cooperation, not just for short-term benefit but for tackling our deep-rooted risks,” said Borge Brende, President of the World Economic Forum.

The Global Risks Report is part of the Global Risks Initiative which brings stakeholders together to develop sustainable, integrated solutions to the world’s most pressing challenges.

Systems-level thinking is required to confront looming geopolitical and environmental risks, and threats that may otherwise fall under the radar. This year’s report focuses explicitly on impacts from rising inequality, gaps in technology governance, and health systems under pressure.

John Drzik, Chairman of Marsh & McLennan Insights, said: “There is mounting pressure on companies from investors, regulators, customers, and employees to demonstrate their resilience to rising climate volatility. Scientific advances mean that climate risks can now be modeled with greater accuracy and incorporated into risk management and business plans. High profile events, like recent wildfires in Australia and California, are adding pressure on companies to take action on climate risk at a time when they also face greater geopolitical and cyber risk challenges.”

To younger generations, the state of the planet is even more alarming. The report highlights how risks are seen by those born after 1980. They ranked environmental risks higher than other respondents, in the short- and long- terms. Almost 90% of these respondents believe “extreme heat waves”, “destruction of ecosystems” and “health impacted by pollution” will be aggravated in 2020; compared to 77%, 76% and 67% respectively for other generations. They also believe that the impact from environmental risks by 2030 will be more catastrophic and more likely.

Human activity has already caused the loss of 83% of all wild mammals and half of plants – which underpin our food and health systems. Peter Giger, Group Chief Risk Officer, Zurich Insurance Group warned of the urgent need to adapt faster to avoid the worst and irreversible impacts of climate change and to do more to protect the planet’s biodiversity:

“Biologically diverse ecosystems capture vast amounts of carbon and provide massive economic benefits that are estimated at $33 trillion per year – the equivalent to the GDP of the US and China combined. It’s critical that companies and policy-makers move faster to transition to a low carbon economy and more sustainable business models. We are already seeing companies destroyed by failing to align their strategies to shifts in policy and customer preferences. Transitionary risks are real, and everyone must play their part to mitigate them. It’s not just an economic imperative, it is simply the right thing to do,” he said.

The Global Risks Report 2020 has been developed with the invaluable support of the World Economic Forum’s Global Risks Advisory Board. It also benefits from ongoing collaboration with its Strategic Partners Marsh & McLennan and Zurich Insurance Group and its academic advisers at the Oxford Martin School (University of Oxford), the National University of Singapore and the Wharton Risk Management and Decision Processes Center (University of Pennsylvania).

Annex

Respondents were asked to assess: (1) the likelihood of a global risk occurring over the course of the next 10 years, and (2) the severity of its impact at a global level if it were to occur.

These are the top 5 risks by likelihood over the next 10 years:

  • Extreme weather events (e.g. floods, storms, etc.)
  • Failure of climate change mitigation and adaptation
  • Major natural disasters (e.g. earthquake, tsunami, volcanic eruption, geomagnetic storms)
  • Major biodiversity loss and ecosystem collapse
  • Human-made environmental damage and disasters

These are the top 5 risks by severity of impact over the next 10 years:

  • Failure of climate change mitigation and adaptation
  • Weapons of mass destruction
  • Major iodiversity loss and ecosystem collapse
  • Extreme weather events (e.g. floods, storms, etc.)
  • Water crises

Global risks are not isolated, and so respondents were asked to assess the interconnections between pairs of global risks.

These are the top most strongly connected global risks:

  • Extreme weather events + failure of climate change mitigation and adaptation
  • Large-scale cyberattacks + breakdown of critical information infrastructure and networks
  • High structural unemployment or underemployment + adverse consequences of technological advances
  • Major biodiversity loss and ecosystem collapse + failure of climate change mitigation and adaptation
  • Food crises + extreme weather events

Short-term risks: percentage of respondents who think a risk will increase in 2020:

  • Economic confrontations = 78.5%
  • Domestic political polarization = 78.4%
  • Extreme heat waves = 77.1%
  • Destruction of natural resource ecosystems = 76.2%
  • Cyberattacks: infrastructure = 76.1%

Continue Reading

Intelligence

Anti-Russian Ideology of Central Asian Salafi-Jihadi Groups: Causes and Consequences

Uran Botobekov

Published

on

Uzbek jihadists in Syria

Russia and Muhajireen are both interventionists in Syria

The Russian military intervention in the Syrian civil war has strengthened the anti-Russian ideological wave of the al-Qaeda-aligned Central Asian and North Caucasian Salafi-Jihadi groups fighting alongside the Hayat Tahrir al-Sham (HTS) against the Bashar al-Assad regime. After the outbreak of the Syrian civil war in 2011, fueled by the Arab Spring protests, several hundred Central Asian Islamic radicals, calling themselves Muhajireen (Migrants, i.e. Sunni foreign fighters), performed a Hijrah (the migration of Muslims for Jihad) in response to the call of al-Qaeda to Syria.

Since then, Syria’s northwest Idlib province, long a hotbed of armed resistance and the heartland of al-Qaeda-linked operations has become a real-life shelter for Muhajireen from the former Soviet Union and Chinese Xinjiang. Among them, the Uzbek groups Katibat al-Tawhid wal Jihad (KTJ) and Katibat Imam al-Bukhari (KTB), Uighur fighters of Turkestan Islamic Party (TIP), as well as Chechen’s Jaish al-Muhajireen wal-Ansar (JMA) and Ajnad al Kavkaz (AK) are affiliated with al Qaeda. They share al Qaeda’s ideological doctrine and consider its leader Ayman al-Zawahiri their ideological mastermind. The activities of TIP and KTJ jihadists, which have remained loyal to al Qaeda but simultaneously subordinate to HTS, indicate that they have become a link between al Qaeda and HTS after their formal detachment of ties. That is, today they coordinate all their military operations in Syria and conduct them under the leadership of the Hayat Tahrir al-Sham, the largest Sunni jihadist group, controlling most of Idlib province which is the last major opposition stronghold.

At the beginning of the Syrian jihad, the ideology of the Central Asian Salafi groups was not particularly distinguished by anti-Russian hostility but after the Russian invasion of Syria in support of the Bashar al-Assad regime in 2015, Central Asian jihadists and the Russian military found themselves on opposite sides of the front line and became sworn enemies. This was also facilitated by the fact that many Uzbek and Tajik Muhajireen came from Russia, where they worked as labor migrants and were often discriminated against by Russian nationalists. They also experienced moral and psychological humiliation by the corrupt Russian police, local officials and employers. Some Mujahideen admitted on the social networks Telegram and Odnoklassniki that the unfair Russian reality inflicted unbearable humiliation which contributed to their migration to Syria and joining jihadist groups.That is, the anti-Russian ideology of the Central Asian Salafi-Jihadi groups appeared not only because of the radicalization of their religious views but also as a response to discrimination by Russian nationalists and the invasion of Russian troops in Syria.Thus, over the past five years, al Qaeda’s Takfiri ideology of conducting global jihad against the infidel regimes of the West has been supplemented by the anti-Russian ideology of the Central Asian Muhajireen.

Abu Saloh, former leader of Katibat al-Tawhid wal Jihad, a famous ideologist of anti-Russian jihadism. His fighters swore allegiance to al Qaeda

In order to better understand the roots and causes of the anti-Russian ideology of the Central Asian Sunni extremist movements, it is necessary to analyze the Khutbah preaching (Sermons) of their leaders and famous ideologists during Jumma Namaz (Muslim Friday Prayer Service), which they actively disseminate on the Internet in Uzbek, Russian, Tajik, Kyrgyz, and Arabic.

Characteristic features of the Muhajireen’s anti-Russian ideology

Over the past five years, Idlib has become not only the real-life shelter for Russian-Speaking foreign fighters but also the place of fueling the aggressive anti-Russian ideology of the Central Asian Salafi-Jihadi groups. It’s interesting to note that they are actively using the Russian entrepreneur Durov’s social networking Telegram channel to widely disseminate anti-Russian ideology. Central Asian Muhajireen have the radio station “Voice of Sham” which also has the website “www.muhajeer.com” and provides daily updates over ten channels on Telegram through which they praise holy Jihad and spread anti-Russian propaganda.

Leaders and ideologues of the Central Asian Salafi-Jihadi groups advance the idea that al-Qaeda’s global network needs more support from like-minded Muslims around the world, who are willing to help its jihad. Therefore, in order to catalyze support, mobilize the base, and expand awareness of the Syrian jihad, they are waging an active “anti-Russian ideological war” on the Internet. Jihadist websites are designed to entice, inform, and rally Russian-speaking Muslims to join in the fight to safeguard Islam in Syria.

The ideologues and propagandists of al Qaeda-linked Central Asian movements seek to use Moscow’s heavy hand to recruit new fighters and accumulate financial resources.Each time after the Russian aviation’s scorched-earth tactics and indiscriminate bombing of civilian areas in the province of Idlib, the anti-Russian ideology of Central Asian jihadists intensifies on the Internet.

KTJ former leader Abu Saloh (his real name Sirojiddin Mukhtarov), who possesses excellent oratory skills and deep knowledge of the Quran, is the fiery voice of the anti-Russian ideology. He urges his listeners to establish religiously pure communities governed by a strict Salafi reading of Sharia or Islamic law.He regards modern post-Soviet countries in Central Asia to be illegitimate and desires not only the overthrow of these states but the creation of a new theocratic state in their place that unites all Muslims and, ultimately, a global Islamic Caliphate.In his opinion, the ideal conditions for conducting jihad today arose precisely in Syria and the Muslim Ummah should achieve an inevitable victory over the enemies of Islam by which he means not only the West but also the Bashar al-Assad’s regime, its military and political patrons, Russia and Iran. Abu Saloh believes that the victory of the Ahlus Sunnah (Sunni Islam) begins precisely with the holy land of Sham, where the Prophet Muhammad and his Sahaba (companions) shed their blood to raise the banner of jihad.

Abu Yusuf Muhojir, leader of Katibat Imam al-Bukhari, is an ardent foe of Russia. His group swore allegiance to Taliban

In the last video published on December 26, 2019, on Telegram, entitled “Appeal from the Blessed Sham to the Muslim Ummah” he calls on Muslims of Central Asia and Russia to make financial donations for jihad. He argues that jihad can be done in the path of Allah against the infidels in three ways: by one’s life, wealth, and speech. If Central Asian migrant workers in Russia make financial donations to support jihad in Syria, then Allah will consider them as participants in holy jihad who have fulfilled their mission to the Almighty. Participation in the wealth jihad will atone for their sins before Allah on Judgment Day. Therefore, migrant workers are required to participate in the wealth jihad, even while in Russia, he said. He calls on Central Asian Muslims not to become slaves of Russian kafirs (infidel) and warns that jihad is an obligation of every Muslim and that any Muslim who denies its sanctity should be considered as a kufr (unbeliever in Allah).

It should be noted that Russia accused Abu Saloh of the terror attack on St. Petersburg’s metro in April 2017 and the Kyrgyz authorities blamed him for the attack on the Chinese Embassy in Bishkek on August 30, 2016.He and his Uzbek-speaking fighters from the Fergana Valley of Central Asia swore allegiance to al-Qaeda leader Ayman al-Zawahiri.

Another well-known ideologist of Central Asian jihadism and a vocal critic of Russian occupation of Sham is the KIB’s leader Abu Yusuf Muhojir. On January 3, 2020, he posted his video message on the KIB’s webpage on Telegram entitled “Appeal from the mountain range Jebel al-Turkman of Latakia.”He claims that only jihad can to protect the Islam Ummah from Russia’s and Iran’s oppressors and free our occupied land of the blessed Sham from the terrorists of the Nusayri regime (Alawites).Following the concepts of the militant Salafi ideology, Abu Yusuf Muhojir regards violent jihad as an obligation for all Muslims and seeks to engage in jihad in both Khorasan and Sham, where opportunities have arisen.Then he quotes the Quran’s Surah of Al-Ankabut (The Spider) in Arabic and says that Allah is testing Muslims in Sham, and that only jihad will help us to pass this test with dignity. In conclusion, he said neither America nor Russia can close the path of holy jihad since jihad is the path to Allah. If the Mujahideen get killed in the jihad, he affirms that Allah himself will guide them and admit them to Paradise. Furthermore, Uzbek militants ofKIB have sworn allegiance to the Taliban and are conducting jihad in both Syria and Afghanistan.On March 22, 2018, the US State Department designated KIB a global terrorist organizations.

The root of the Jihadists’ anti-Russian ideology

The so-called “media activists” (Faruk Shami, Muhammad Jazira, Gulyam Muhammad,Saad Muhtor, Abdul Aziz Kazanly) who live and work among the Central Asian jihadists in Syria play a significant role in increasing anti-Russian ideology. They organize live broadcasts, interviews with leaders of Central Asian and Caucasian Salafi-Jihadi groups on YouTube and Instagram, and translate theological works of al Qaeda’s ideologues from Arabic into Russian, Uzbek, Tajik, Kyrgyz and Uighur.

One of the channels called “Mujahideen of Sham” in Kyrgyz on the Telegram, for instance, published short information: “Russian kafirs, who were the enemies of our ancestors, bombed the city of Sarakib on December 21, 2019, as a result of which they were killed more 120 innocent Muslims of Sham.” Further, this channel posted an audio message from a Kyrgyz Muhajir to the Russian military: “Oh, Russian infidels, keep your eyes peeled, we are attacking to shed your blood. As you love vodka, Zina (illicit sexual relations), so we are in a hurry to die in the name of Allah to stop the kafirs’ invasion on Islamic lands.”

Al Qaeda-linked Central Asian jihadists sometimes use some historical events of the Russian colonial policy of the 18-19 centuries in Central Asia to rally support for the Islamist agenda and radicalize those sympathetic to the plight of Muslims in Syria. The same channel “Mujahideen of Sham” writes: “Russian Tsarist forces, which killed tens of thousands of Kyrgyz during the Genocide of 1916, today are massacring innocent Muslims of the blessed Sham. The colonial policy of the Russian Empire continues. Make dua (prayer) for Muslims of Sham.” It is probably about the ‘Urkun’ (“Exodus”) tragedy 1916, when 150 thousand Kyrgyz died during the uprising against Russian Tsarist forces and a mass exodus to China. Such information is aimed at winning the hearts and minds of Central Asian jihadists who are familiar with historical events.

Translation of books, essays and videos of medieval and modern jihadi thinkers from Arabic into Russian and local languages and its distribution on the Telegram channel is an important part of the work of Central Asian jihadists. Spreading classic works of Salafi-Takfiri thinkers help legitimize anti-Russian Jihadi ideology and stoke the fire of jihad. Crucial spiritual nourishment for Central Asian Muhajireen are the essays of Ibn Taymiyyah, Abd al-Wahhab, Sayyid Qutb, Abdullah Azzam, Abu Muhammad al-Maqdisi, Sulayman al-ʿAlwān, Osama bin Laden, Ayman al-Zawahiri, Abu Qatada al-Filistini and other scholars of Salafism. This clearly indicates the ideological affinity of Central Asian Muhajireen with transnational Islamic fundamentalist groups that utilize sacred violence in their war against Russia and the West. Moreover, KTJ, KIB, and TIP explicitly try to define its ideological and operational agenda as being intimately tied to an integrated effort of al Qaeda aimed at asserting the global dominance of Islam through armed jihad.

Despite the fact that the Central Asian jihadists are seen as a small cog in the transnational Sunni-Jihadi network, they are actually drawing up and spreading anti-Russian ideology in the post-Soviet space and the Middle East alongside Chechen and Uighur jihadists. They are using pejorative terms in reference to Russia such as “Russian terrorists,” “Russian bandits,” “Russian pig executioners,” as well as pejoratives directed toward Vladimir Putin such as “Putin is a killer,” “Putin is a war criminal,” and “Slaves of Putin’s Chef Prigozhin,” as well a variety of generalized pejoratives comparing Russians to Fascists, swine and vermin. 

The anti-Russian ideology of the Central Asian jihadists in Syria has gone far beyond the national and geographical framework and they are trying to create the image of Putin’s Russia as an enemy of the entire Muslim Ummah.The Russian military operation in support of the Bashar al-Assad regime, the destruction of hospitals, schools, and other social facilities in Idbil by Russian aircraft, the flow of refugees towards the Turkish borders, the deaths of hundreds of civilians, children and women from the bombing create a favorable background for strengthening the trend of anti-Russian ideology among the Muhajireen in Syria.

Muhajireen’s propagandists also skillfully manipulate the historical rivalry between Sunnis and Shia. The analysis showed that they consider the enemies of Ahl al-Sunna of all Nuseyrites, Rafidites and their ally Russian Crusaders. The Jihadi ideologists claim that Russia is a leading player in the global conspiracy to destroy Ahl al-Sunna in Sham, and therefore helps Nuseyrites. The call to defend the last stronghold of Ahl al-Sunna gives them the opportunity to recruit new militants from the Sunni population of Central Asia and Russia.

At the same time, some facts of atrocities and heinous crimes perpetrated by Russian mercenaries of the Wagner group and Iranian proxy militias in Syria, which became public knowledge, create spaces for promoting Central Asian Jihadi ideas. Recently, after a video appeared on the Internet in November 2019 in which four Russian mercenaries tortured, stabbed and beheaded a Syrian man, Russian President Putin has become the main target of criticism of Salafi-Jihadi agitators from the former Soviet countries. This gave Central Asian jihadists a reason to accuse Putin’s Russia of using terror policy against Islam and the Muslims of Sham.

In order to foment jihadist sentiments in the Russian speaking Eurasian region, Salafi-Jihadi ideologists are manipulating the strongman Putin’sphrase that “Syria has become a field for testing the latest Russian weapons systems.” They regularly publish victims’ photographs of Russian air bombing, which are intended to rally support for the Islamist agenda and radicalize those sympathetic to the plight of Sunni Muslims in northwest Syria. They wonder “how much longer will Putin’s terrorists be testing their weapons in Syria and using civilian Muslims as living targets?”

Conclusion

The Central Asian Muhajireen’s anti-Russian ideology and the aggressive imposition of global Jihadi ideas on the internet undoubtedly pose a threat to Russia’s national security but, at the same time, the major actors of the Syrian conflict, primarily Russia, Iran and the Syrian government must understand that further tightening the screws of the Syrian war, exacerbating the humanitarian catastrophe and a new mass influx of refugees, will lead to further strengthening of anti-Russian and anti-Shiite ideology. Because of this, Central Asian Jihadi groups, following the strategy of al Qaeda, are trying to infiltrate local Sunni communities of Syria, build influence there by expressing the interests of the Ansar (natives).

Continue Reading

Intelligence

U.S. vs Iran, a Cybersecurity Update

Dr.Luciano Magaldi

Published

on

The relationship between the United States and Iran has perhaps reached a very low levein in recent weeks, following the 1979 Khomenist Revolution and the occupation of the US Embassy in Tehran by Iranian students.

According to American sources, on 20th June the United States launched offensive cyber-operations against Iranian intelligence computer systems, the same day that the US President, Donald J. Trump, had before ordered a military attack and then revoked the order before it actually left.

The United States Cyber Command – a department recently promoted by Trump as a unified combat command under the direction of the Department of Defense – allegedly attacked the computer systems used to control missile and rocket launches.

Such a cyberattack would have been the White House‘s response to the actions of the Iranian authorities who, the day before, had shot down an American spy drone – a Global Hawk produced by Northrop Grumman – as it was guilty of violating the airspace of the Islamic Republic.

After accusations and threats to each other, the US President decided to impose new sanctions on Iran and Ayatollah Ali Khamenei. That was not welcomed by the Government of Tehran, which spoke, earlier, of “end of diplomatic path with the United States” and announced that it had exceeded the uranium enrichment limit imposed by the JCPOA – Joint Comprehensive Plan of Iran Nuclear Deal – from which the United States unilaterally exited in May 2018.

It remains to be seen, therefore, after the escalation of the last few weeks, whether the United States will try to make more and more use of cyber-attacks to solve the delicate international issues, primarily the Iranian one.

After the cyber-space was recognized as a strategic domain by NATO in 2016, on par with land, water, sky and space, it has been increasingly seen that countries use this domain to plead their own interests and also to carry out operations – this new type of military activity should not come as a surprise, because you only have to look at the National Cyber Strategy, published in September 2019 by the US, which shows that there has been a paradigm shift from what was the protection of American interests in the cyber space, moving from a more classical deterrence to the purpose of defence to a more offensive deterrence.

The fact that this document was only published last September suggests that the field of cybersecurity is fundamentally new and still to be explored.

On the one hand, cybernetic space is a totally man-made space and where you can have very high levels of ambiguity, through non-identification strategies from where attacks start, on the other hand, it is one of the most unregulated space at the level of behaviour that all countries shoud adopt with the specifice the responsibilities in cyber-operations.

This is a field in which the international law must be adapted as it is vital to understand how international law applies to the cyber-space and to see how it can be applied in practice: there is a long-time discussion between experts in the United Nations about cyber-space and, moreover, you can conduct operations that may fall into the category of attacks that are below the threshold of the use of force. So, it is still unclear whether a cyber-attack can be responded to with a classic attack byusing any classic military tools.

That is why American cybersecurity policy has changed in recent years, starting with the different pillars on which the National Cyber Strategy is based:

1) defending the homeland by protecting networks, systems, functions and data;promote American prosperity by fostering a secure digital economy and promoting strong domestic innovation;

2) preserving peace and security by strengthening the ability of the United States – along with allies and partners – to deter and, if necessary, punish those who use cyber-tools for malicious purposes;

3) expansion of American influence abroad to extend the key principles of an open, reliable and secure Internet.

Within the cyber-space, the United States have adopted a so-called “continuous engagement” – an ongoing commitment to counter possible threats even before they can materialize through targeted attacks, with the transition from a defensive to an offensive approach, with the American presence in the cyber-space that will more and more increas in order to actively dissuade potential enemies.

Historically, the United States are not new to carrying out cyber-attacks on Iran, in fact, as early as 2010, the United States and Israel are believed to have spread a virus, created by the US Government, to slow down the process of enriching uranium in Iran’s nuclear power plants.

That cyber-attack of the United States against the Iranian intelligence unit is part of a context that has seen Washington’s intensifying cyber-operations also against Russia and Iran – it is important to be aware of the cybersecurity space for their own interests and that they have had a particularly aggressive posture in this area.

The United States and Iran are two of the world’s most advanced, active and capable hacking powers at a time when governments regularly use cyber-attacks to achieve important goals and shape geopolitics.

Tensions between the two countries and their allies have produced a long history of extraordinary cyber-attacks in addition to traditional kinetic warfare – for these reasons, Iran’s revenge for the killing of General Qassim Suleimani could also be served on the ground of cyber-war.

Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency – CISA – of the U.S. Department of Homeland Security, warned the entire community to re-investigate Tehran’s tactics, procedures and techniques in detail in cyberspace, after reporting the increase in the activity of malicious cyber-attacks directed against the American companies and government agencies.

The hackers of the Iranian regime have increasingly used destructive windshield wipers in order to spear phishing, email scam to gain unauthorized access to sensitive data – it is a hackerial attempt to decode a common user password across multiple accounts before switching to a second password that allows you to circumvent account lockouts.

This is an attack that leverages the likelihood that people can use the same username and password to access multiple applications, sites, and services – in fact, cyber-criminals are able to get the details of stolen accounts from a platform and implement the bots needed to log into many other accounts with the same credentials.

Once they have found a way to log in, the criminals will break the account by making fraudulent purchases or stealing confidential information – before the 2015 nuclear deal was negotiated between the United States, Iran, Europe, Russia and China, Iranian hackers regularly targeted American financial companies and critical infrastructure.

Over the past year, Iran and the United States have repeatedly targeted each other in hacking operations – Iranian government hackers have attempted to breach President Trump’s re-election campaign: in fact the U.S. Cyber Command reportedly warned against Iran’s paramilitary force attacks during a period of high tensions, earlier this year.

More than 150 American sites have already been victims of defacement by Iranian hackers also because of the supreme leader, Ayatollah Ali Khamenei, had promised “a strong vengeance” for Suleimani’s killing – this is a modern conflict, to date not only threatened but it is a long-time a cyber war – in recent days, hackers of Tehran have hacked the website of the Federal Depository Library Program – FDLP – with a defacement operation, leaving a message stating that “this is only a small part of Iran’s cyber-capabilities.”

The attack targeted a “weak” target, but it is a sign that the Islamic Republic’s cyber-army has been activated to strike US-linked targets, any critical infrastructure in particular..

The U.S. cyber-army believe, in fact, that the attacks could take place in five ways:

– DDoS attacks, in which you flood a site with access requests and crash it.

– data deletion (or wiper attack), actions to delete data in infected databases.

– attacks on industrial control systems, information-related operations and as well as cyber espionage.

The latter two to steal data for use then in physical, military actions – for example, by committing targeted murders or attacks on infrastructure.

But the Islamic Republic could suffer from the American reaction far more damage than it could cause: it has already happened in the past, as confirmed by the head of the “cyber police” in Tehran, General Kamal Hadianfar, who admitted that Iran in 2017 suffered 296 serious cyber-attacks against paramount infrastructures and on several occasions some experts in the field were mysteriously dead.

In conclusion, after sanctions and threats on both sides, could we really lead to an escalation of cyber-attacks and, because of that, does it seem to be a new Cold War ?

Continue Reading

Latest

Environment50 mins ago

Technology can help track choices to balance nutrition and climate impact

Like the popular fitness apps, which help users track their exercise activities, food intake and more, an app called Evocco...

South Asia2 hours ago

Pakistan Facing New Type of Hybrid War

Since the Pak-US relations faced tough time almost a decade ago, not only the US has written off Pakistan, but...

Reports3 hours ago

US Dealmaker Optimism Holds Strong as Economic Slowdown Talk Continues

The market is entering a new decade on the outer edges of the longest run in M&A history, but even...

African Renaissance4 hours ago

Marilyn Monroe: A cuckoo hatchling pushing eggs outside of its nest

They took photographs of you. Might as well been from dawn to dark photographs. In pictures, in films, the light...

Tech News5 hours ago

Governing the Coin: WEF Announces Global Consortium for Digital Currency Governance

Following extensive consultation with the global community, the World Economic Forum announced today the Global Consortium for Digital Currency Governance....

Newsdesk6 hours ago

Uncertainty and Instability: The World in Two Words

“I would use two words to describe the state of the world today: uncertainty and instability,” said António Guterres, Secretary-General...

Newsdesk7 hours ago

World Economic Forum and OECD Sign Strategic Partnership Framework

The World Economic Forum and the Organisation for Economic Co-operation and Development signed today a Strategic Partnership Framework to deepen...

Trending