Connect with us

Intelligence

U.S. vs Iran, a Cybersecurity Update

Published

on

The relationship between the United States and Iran has perhaps reached a very low levein in recent weeks, following the 1979 Khomenist Revolution and the occupation of the US Embassy in Tehran by Iranian students.

According to American sources, on 20th June the United States launched offensive cyber-operations against Iranian intelligence computer systems, the same day that the US President, Donald J. Trump, had before ordered a military attack and then revoked the order before it actually left.

The United States Cyber Command – a department recently promoted by Trump as a unified combat command under the direction of the Department of Defense – allegedly attacked the computer systems used to control missile and rocket launches.

Such a cyberattack would have been the White House‘s response to the actions of the Iranian authorities who, the day before, had shot down an American spy drone – a Global Hawk produced by Northrop Grumman – as it was guilty of violating the airspace of the Islamic Republic.

After accusations and threats to each other, the US President decided to impose new sanctions on Iran and Ayatollah Ali Khamenei. That was not welcomed by the Government of Tehran, which spoke, earlier, of “end of diplomatic path with the United States” and announced that it had exceeded the uranium enrichment limit imposed by the JCPOA – Joint Comprehensive Plan of Iran Nuclear Deal – from which the United States unilaterally exited in May 2018.

It remains to be seen, therefore, after the escalation of the last few weeks, whether the United States will try to make more and more use of cyber-attacks to solve the delicate international issues, primarily the Iranian one.

After the cyber-space was recognized as a strategic domain by NATO in 2016, on par with land, water, sky and space, it has been increasingly seen that countries use this domain to plead their own interests and also to carry out operations – this new type of military activity should not come as a surprise, because you only have to look at the National Cyber Strategy, published in September 2019 by the US, which shows that there has been a paradigm shift from what was the protection of American interests in the cyber space, moving from a more classical deterrence to the purpose of defence to a more offensive deterrence.

The fact that this document was only published last September suggests that the field of cybersecurity is fundamentally new and still to be explored.

On the one hand, cybernetic space is a totally man-made space and where you can have very high levels of ambiguity, through non-identification strategies from where attacks start, on the other hand, it is one of the most unregulated space at the level of behaviour that all countries shoud adopt with the specifice the responsibilities in cyber-operations.

This is a field in which the international law must be adapted as it is vital to understand how international law applies to the cyber-space and to see how it can be applied in practice: there is a long-time discussion between experts in the United Nations about cyber-space and, moreover, you can conduct operations that may fall into the category of attacks that are below the threshold of the use of force. So, it is still unclear whether a cyber-attack can be responded to with a classic attack byusing any classic military tools.

That is why American cybersecurity policy has changed in recent years, starting with the different pillars on which the National Cyber Strategy is based:

1) defending the homeland by protecting networks, systems, functions and data;promote American prosperity by fostering a secure digital economy and promoting strong domestic innovation;

2) preserving peace and security by strengthening the ability of the United States – along with allies and partners – to deter and, if necessary, punish those who use cyber-tools for malicious purposes;

3) expansion of American influence abroad to extend the key principles of an open, reliable and secure Internet.

Within the cyber-space, the United States have adopted a so-called “continuous engagement” – an ongoing commitment to counter possible threats even before they can materialize through targeted attacks, with the transition from a defensive to an offensive approach, with the American presence in the cyber-space that will more and more increas in order to actively dissuade potential enemies.

Historically, the United States are not new to carrying out cyber-attacks on Iran, in fact, as early as 2010, the United States and Israel are believed to have spread a virus, created by the US Government, to slow down the process of enriching uranium in Iran’s nuclear power plants.

That cyber-attack of the United States against the Iranian intelligence unit is part of a context that has seen Washington’s intensifying cyber-operations also against Russia and Iran – it is important to be aware of the cybersecurity space for their own interests and that they have had a particularly aggressive posture in this area.

The United States and Iran are two of the world’s most advanced, active and capable hacking powers at a time when governments regularly use cyber-attacks to achieve important goals and shape geopolitics.

Tensions between the two countries and their allies have produced a long history of extraordinary cyber-attacks in addition to traditional kinetic warfare – for these reasons, Iran’s revenge for the killing of General Qassim Suleimani could also be served on the ground of cyber-war.

Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency – CISA – of the U.S. Department of Homeland Security, warned the entire community to re-investigate Tehran’s tactics, procedures and techniques in detail in cyberspace, after reporting the increase in the activity of malicious cyber-attacks directed against the American companies and government agencies.

The hackers of the Iranian regime have increasingly used destructive windshield wipers in order to spear phishing, email scam to gain unauthorized access to sensitive data – it is a hackerial attempt to decode a common user password across multiple accounts before switching to a second password that allows you to circumvent account lockouts.

This is an attack that leverages the likelihood that people can use the same username and password to access multiple applications, sites, and services – in fact, cyber-criminals are able to get the details of stolen accounts from a platform and implement the bots needed to log into many other accounts with the same credentials.

Once they have found a way to log in, the criminals will break the account by making fraudulent purchases or stealing confidential information – before the 2015 nuclear deal was negotiated between the United States, Iran, Europe, Russia and China, Iranian hackers regularly targeted American financial companies and critical infrastructure.

Over the past year, Iran and the United States have repeatedly targeted each other in hacking operations – Iranian government hackers have attempted to breach President Trump’s re-election campaign: in fact the U.S. Cyber Command reportedly warned against Iran’s paramilitary force attacks during a period of high tensions, earlier this year.

More than 150 American sites have already been victims of defacement by Iranian hackers also because of the supreme leader, Ayatollah Ali Khamenei, had promised “a strong vengeance” for Suleimani’s killing – this is a modern conflict, to date not only threatened but it is a long-time a cyber war – in recent days, hackers of Tehran have hacked the website of the Federal Depository Library Program – FDLP – with a defacement operation, leaving a message stating that “this is only a small part of Iran’s cyber-capabilities.”

The attack targeted a “weak” target, but it is a sign that the Islamic Republic’s cyber-army has been activated to strike US-linked targets, any critical infrastructure in particular..

The U.S. cyber-army believe, in fact, that the attacks could take place in five ways:

– DDoS attacks, in which you flood a site with access requests and crash it.

– data deletion (or wiper attack), actions to delete data in infected databases.

– attacks on industrial control systems, information-related operations and as well as cyber espionage.

The latter two to steal data for use then in physical, military actions – for example, by committing targeted murders or attacks on infrastructure.

But the Islamic Republic could suffer from the American reaction far more damage than it could cause: it has already happened in the past, as confirmed by the head of the “cyber police” in Tehran, General Kamal Hadianfar, who admitted that Iran in 2017 suffered 296 serious cyber-attacks against paramount infrastructures and on several occasions some experts in the field were mysteriously dead.

In conclusion, after sanctions and threats on both sides, could we really lead to an escalation of cyber-attacks and, because of that, does it seem to be a new Cold War ?

Dr. Luciano Magaldi Orta Nova, after his PhD in Cloud Computing at Cloud Universityby Rackspace in San Antonio, Texas, a Master of Science in Security Engineeering at Cibrary Faculty of Washington, the Tesol certificate at Arizona State University in Tempe, a Bachelor of arts in Interpreting and Translating at Lus Pio V in Rome, an SEO specialization at the University of California Davis (UC Davis), a DSA specialisation at the University of London, an ETL specialisation at the Universitat Aut'onoma of Barcelona, an academic diploma in Forensic Sciences at Oxford Royale Academy, a specialising certificate in American Politics at Harvard Kennedy School, a professional certificate in mathematics at Stanford University, a Copyright Law certificate at MIT in Cambridge, used to work for Google Ireland in Dublin, Apple European campus in Cork, Ireland, and Amazon Slovakia in Bratislava. Dr. Luciano Magaldi finally obtained his specialisation in journalism at Michigan State University School of Journalism. His career as a journalist began writing articles for AgoraVox France and AgoraVox Italia about world politics, military issues and cyber-tech.

Continue Reading
Comments

Intelligence

Indian Chronicle: Exposing the Indian Hybrid warfare against Pakistan

Published

on

In recent years Indian hybrid warfare against Pakistan has intensified manifold to malign Pakistan Internationally through disinformation and propaganda tactics. Hybrid warfare has mainly been described as achieving war-like objectives with the help of fake news, disinformation, and propaganda. The Objectives of Hybrid warfare are mostly to secure long term victory against the opponent. Similarly, India has launched massive hybrid warfare against Pakistan, which was uncovered by EU DisinfoLab in its report called “Indian Chronicle”.

EU DisinfoLab is an independent organization working to expose and tackle disinformation campaigns targeting the European Union and its member states. The organization has claimed that the disinformation campaign against Pakistan has been active since 2005, “a massive online and offline 15-year ongoing influence operation supporting Indian interests and discrediting Pakistan internationally”.

In a recent investigation EU DisinfoLab has exposed a malicious Indian campaign against Pakistan. In the report, “Indian Chronicle” EU DisinfoLab has exposed the dubious use of media outlets, NGOs, and fake personnel by India to malign Pakistan. The disinformation campaign mainly targeted the United Nations and the European Union through more than 750 fake media outlets and 10 fake NGOs. According to the report, “uncovered an entire network of coordinated UN-accredited NGOs promoting Indian interests and criticizing Pakistan repeatedly. We could tie at least 10 of them directly to the Srivastava family, with several other dubious NGOs pushing the same messages.”

According to the report the disinformation campaign is supported by the Srivastava group. The Srivastava group has helped in “resurrected dead NGOs” to spread fake news. The report says that “Our investigation led to the finding of 10 UN-accredited NGOs directly controlled by the Srivastava Group, which our full report introduces at length. Their common trait? The fact that they all rose from the ashes of real NGOs. Indian Chronicles effectively benefited from the track record of these organizations while pursuing their agenda: discrediting Pakistan and promoting Indian interests at UN conferences and hearings,”.

Moreover, Asian News International (ANI), a major news agency in India has provided a platform for suck fake news campaigns. The aim of the Srivastava group and ANI media outlet is “to reinforce pro-Indian and anti-Pakistan (and anti-Chinese) feelings” in India, and “internationally, to consolidate the power and improve the perception of India, to damage the reputation of other countries and ultimately benefit from more support from international institutions such as the EU and the UN”.

The report claim that the organizations funded by the Srivastava group-sponsored trips for European Parliament members to Kashmir. “The organizations created by the Srivastava Group in Brussels organized trips for Members of the European Parliament (MEPs) to Kashmir, Bangladesh, and the Maldives. Some of these trips led to much institutional controversy, as the delegations of MEPs were often presented as official EU delegations when they were in fact not traveling on behalf of the Parliament,”. Such sponsored trips aimed to build a positive image of India, while spreading disinformation about the alleged claims of Pakistan-sponsored terrorism in Kashmir.

Moreover, India has been actively involved in portraying Pakistan as a terrorist-sponsored state through its disinformation and fake news technique. For instance, India is lobbying strongly at FATF to put Pakistan on the blacklist.

India has also supported and sponsored Baloch separatist leaders and spread disinformation through their fake media outlets as mentioned in the EU DisinfoLab report.“These UN-accredited NGOs work in coordination with non-accredited think-tanks and minority-rights NGOs in Brussels and Geneva. Several of them – like the European Organization for Pakistani Minorities (EOPM), Baluchistan House, and the South Asia Democratic Forum (SADF) – were directly but opaquely created by the Srivastava group,”one of the examples is Kulbhushan Jadhav, an Indian spy who was captured in Pakistan.

The Indian Chronicle report has exposed the dubious face of India and the administrative structure of the United Nations and the European Union. Indian involvement in the spread of disinformation and resurrection of dead people and NGOs has exposed its long-standing for Human rights and democracy. Meanwhile, the reports have also exposed the administrative structure of the UN and EU, as they failed to notice the activities of fake UN-accredited NGOs and spread of disinformation through their affiliated NGOs.

Continue Reading

Intelligence

Hybrid Warfare: Threats to Pakistani Security

Published

on

‘Victory smiles upon those who anticipate the changes in the character of war’-Giulio Douhet

Hybrid threats are becoming a norm in Pakistan and if we want to move forward in this age of technological advancements, cybercrimes, and the use of social media, we must have a wholesome response mechanism.

Hybrid warfare is a military strategy that employs not only conventional forms of warfare but irregular with it as well. It involves propaganda, cyber-attacks, state-sponsored terrorism, electoral intervention, and many more means of multi-dimensional approaches towards war which are used by militarized non-state actors. The term ‘Hybrid’ came into use around 2005-2006 due to the Israel-Hezbollah war (“Lessons from Lebanon: Hezbollah and Hybrid Wars – Foreign Policy Research Institute” 2016) and became a hot-topic in 2014 after the annexation of Crimea. Using non-confrontational means can lead to internal struggles and crumbling of the target. What direct force won’t get you can be easily achieved by infiltration and multi-faceted resources. It’s neither character of war nor its outcome that defines it as a hybrid war, but the changing tactics (“State and Non-State Hybrid Warfare” 2018). In a world where everyone, from wealthy states to those caught in throes of hunger, is armed to the teeth, there are ways to achieve socio-political objectives through the use of violent and non-violent non-state actors.

Pakistan – A Target

Pakistan has risen to incredible heights despite it being a relatively young nation and this is only proved further by the interest international players have in its internal workings. Several factors contribute to the important stature Pakistan holds in the international community such as the Pak-China alliance, its geostrategic location, military aptitude, Russian interests in the Indian Ocean, Deep Sea Gwadar Port (One Belt One Road Project), neighbor to Afghanistan (a country existing as a battleground for proxies), etc. All these reasons make sure to keep Pakistan on the radar.

Though it may be secure militarily, Pakistan is still vulnerable to hybrid threats due to internal dynamics, numerous conflicting interests of nations in state-affairs, and increasing non-state actors. South Asian nuclearization has all but guaranteed that a full-fledged war between Pakistan and India is unlikely therefore the latter uses hybrid warfare to weaken Pakistan from within.

Evolutionary Nature of War

There was truth to Heraclites’s words when he claimed that change is the only constant in our world. The social theory of evolutionary change tells us that individuals, communities, societies, and states are always in a state of motion, continuously evolving according to the era. War is born from man, it is only fair that if a man changes, so shall war. It has become more complex; the stakes have raised from territorial boundaries to the maintenance of world order and preservation of state sovereignty. Wars are no longer fought on the borders, skirmishes aside, the real destruction takes place within. Due to the paradigm shift after the Cold War (Ball 2018), there rose a need for legal, economical, socio-political, and informational means of warfare. It is used as a way to undermine other nation-states in pursuit of national power; the international system is not only a race but also a way to tear others down.

Threats to Pakistani Security

To secure Pakistan from all sides, we must first analyze the threats it faces from all sides. Conventional Warfare used to be seen as one dimensional and it only perceived assault to be done through the land, air, or sea channels. However, now it is fought in various intangible zones.

·         External

India

India is a budding regional hegemon due to its political and economic growth including hidden agendas. Pakistan is perceived to be a direct threat to India especially after the launch of the CPEC project, perceived to be undermining its hold over the region, which is why it is employing stratagems of hybrid warfare to internally weaken Pakistan. Till now India has used State-Sponsored terrorism, funded insurgencies, operated terror cells, and even sent fighter jets into Pakistani Airspace as an attempt to ruin its reputation in the international community.

Afghanistan

There has been growing instability in Afghanistan which has led to mass migrations across the porous border into Pakistan, with around 1.4 million registered Afghans (United Nations High Commissioner for Refugees 2018) and 1 million unregistered (“Amnesty International” 2019). India has its claws in Afghan matters as well and will use it to exploit Pakistan’s weaknesses even after US forces leave the arena. Afghan Government’s poor administrative capability especially after the return of DAESH (Tribune 2020) and Tehrik-e-Taliban Afghanistan are threats to Pakistan as well as regional peace and are a major cause of lawlessness in the country and has a spillover effect for its neighbors.

Iran

Ideologically speaking, Iran is a sectarian threat to Pakistan and its Port Chahbahar stands to lose active traffic once CPEC is fully functional which means it stands as an instigator of hybrid warfare and it would be a risk to overlook it based on past good relations.

USA

Even after the Cold War, strategic rivalry and animosity between the powers including Russia, America, and China still exist. The emergence of China as an economic superpower is perceived as a threat to the US due to which there is a major shift in its defensive posture towards the region.

The US has shown significant interest in Pakistan due to its geo-strategic location but not all interest has yielded positive results. They carried out a surgical strike for the capture and assassination of Osama-Bin-Laden. Such a breach of sovereignty and security is a hybrid threat.

·         Internal

Sectarian

There are several lobbies in Pakistan all vying for their own cause. The Iranian lobby has sectarian undercurrents. Sectarianism has always been one of the leading factors of the divide in the Muslim civilization and is the rising trend of terrorism.Such conflict itself is volatile and is deepening the rift between different sects(Shia-Sunni) of Pakistan, causing unrest.

Economic

Rising prices of commodities such as flour and sugar can lead to social unrest and discord. Such industries and their stocks are under the thumb of a select few, the elites. With the right bribes and conditions, even they would agree to sell out society.

Non-State Actors

Non-state actors are groups or organizations that have influence in the state but work independently and have their socio-political agendas (“Towards a Typology of Non-State Actors in ‘Hybrid Warfare’: Proxy, Auxiliary, Surrogate and Affiliated Forces” 2019). They work on political opportunities and mobilized grievances. Groups like BLA (Balochistan Liberation Army), TTP (Tehrik-e-Taliban Pakistan), and Lashkar-e-Taiba (LeT) are some of the major actors. Pakistan needs to focus on curbing Jihadist Terrorism as it is keeping it from leaving the grey list of FATF.

·         Technological

Information

It refers to the spread of miscommunication. Propaganda and circulation of false news through social media are a relatively common way to cause turmoil in a community. Once a rumor is circling, there is no way to erase it. India claims that Pakistan is spreading the false narrative of ‘Islam being in danger’ to justify its actions, although untrue, is something that the Indians fully believe now. That Pakistani Intelligentsia is made solely to create narratives under which to attack India. Such beliefs further antagonize the states against each other.

Indian Chronicles are a prime example of information warfare being waged against Pakistan.

Cyber

Channels such as Cyber-Jihad and Dark Web come under the purview of cyber warfare and are a threat to the fabric of society and its security in Pakistan.

Given the above discussed bleak prevailing internal security situation, Pakistan needs to formulate a short to mid and long-term response that curbs all external and internal parties alongside proxies from infiltrating and influencing the working of the state and affecting the masses.

For a full-spectrum approach, all domains should be covered such as diplomacy, defense, internal and external security, economic, informational, cyber, and media security.

There are steps to be followed through for active and effective quelling of hybrid threats. First, a strategy must be put for, then tactical action should be taken and lastly, the implementation process should be supervised and fully followed through.

The main focus of the state should be on deterrence towards, protection from, and prevention of hybrid threats to the state.

One must not forget that Hybrid war is a mix of both unconventional and conventional warfare, therefore a nation-wide response should include the intertwined operational capabilities of armed forces alongside political actors. Pakistan sees its security being threatened both by internal factors and external hostile/proxy elements. This is hampering state development. State-building and nation-building must go hand in hand if counter and deter such threats effectively.

Continue Reading

Intelligence

The Impact of Management in Information Security

Published

on

Authors: Sajad Abedi and Mahdi Mohammadi

Due to the increasing role of information security in the management of any society, public and private organizations and institutions are inevitably required to provide the necessary infrastructure to achieve this. In addition to material resources, management techniques also have a great impact on the optimal and successful implementation of information security management systems. The recording of management standards in the field of ICT information security can be designed in a planned way to change the security situation of organizations according to the needs of the organization and ensure security in terms of business continuity and to some extent at other levels (crisis management and soft war). Despite extensive research in this area, unfortunately for various reasons, including the level of security of the issue for governmental and non-governmental institutions or the direct relationship of the field with their interests, clear and useful information on how to implement and prioritize the implementation of a system over the years. The past has not happened until today.

The protection of the organization’s information resources is essential to ensure the successful continuation of business activities. The fact that information and information assets play a key role in the success of organizations has necessitated a new approach to protecting them. Until now, risk analysis and management has been used to identify the information security needs of the organization. After analyzing the risks, security controls were identified and implemented to bring the risks to an acceptable level. But it seems that risk analysis is not enough to identify the information security needs of the organization. Evidence of this claim is that risk analysis does not take into account legal requirements, regulations and other factors that are not considered as risk, but are mandatory for the organization.

Identifying, assessing and managing information security risks is one of the key steps in reducing cyber threats to organizations and also preventing the unfortunate consequences of security incidents that make organizations more prepared to face cyber risks. The risk assessment process, which is the first phase of a set of risk management activities, provides significant assistance to organizations in making the right decision to select security solutions. Risk assessment is actually done to answer the following questions: * If a particular hazard occurs in the organization, how much damage will it cause? * What is the probability of any risk occurring? * Controlling how much each risk costs. Is it affordable or not? The results of risk assessment can help in the correct orientation in choosing solutions (which is to eliminate the main threats) and can also be used in formulating and modifying the security policies of the organization. Risk management is a comprehensive process used to determine, identify, control, and minimize the effects and consequences of potential events. This process allows managers to strike the right balance between operating costs and financial costs, and to achieve relevant benefits by protecting business processes that support the organization’s goals. The risk management process can greatly reduce the number and severity of security incidents that occur in the organization. Risk management has 5 steps, which are: 1. Planning: At this stage, how to manage potential risks in the organization is determined and completed by developing a risk management plan. This plan defines the risk management team, defines the roles and responsibilities of individuals and the criteria for assessing identified risks. Documented. 2. Identification: At this stage, team members gather around each other, identify potential hazards, and record them in the organization’s risk list. Arranging group brainstorming sessions is a good way to identify hazards 3. Assessment: In this step, the assessment of identified risks is performed using the criteria defined in the risk management plan. Risks are assessed based on their probability of occurrence and possible consequences.

Continue Reading

Publications

Latest

Russia19 mins ago

Russia is a part of Europe, which never became a part of Russia

The process of the new European integration coincided in time with the intensification of the process of globalization, which has...

Development2 hours ago

World Bank and EU to Help Iraq Strengthen Public Financial Management Oversight

The Government of Iraq, the World Bank Group, and the European Union signed today a grant agreement aimed at strengthening...

Defense5 hours ago

The Proxy War of Libya: Unravelling the Complexities

The African continent has been infamous for its desolate conditions and impoverished lifestyle for years. The violence has not spared...

Reports7 hours ago

Private markets forecast to grow to $4.9tn globally by 2025 and make up 10% of global AuM

Assets under management (AuM) in private markets to expand by between $4.2 trillion and $5.5 trillion in the years up...

Tourism8 hours ago

Opportunities for Women in Tourism Increasing Across Middle East

Fewer than one in 10 tourism workers in the Middle East are women though this proportion is steadily increasing, new...

South Asia10 hours ago

Hambantota: The Growing Nightmare For India

Authors: G Nitin &Juhi* China’s inroads in the Indian Ocean Region has alarmed India. Particularly since the controversial Hambantota Port...

Reports12 hours ago

Key Reforms Needed to Grow Albania’s E-commerce Sector

A new World Bank Albania E-Commerce Diagnostic highlights key reforms needed to better leverage digital trade as opportunity for economic...

Trending