Connect with us

Intelligence

Emerging Cyber warfare threats to Pakistan

Published

on

The potential for the next Pearl Harbor could very well be a cyber-attack.” -Leon Panetta

In the modern era, war has been revolutionized due to rapid advancements in technology. As a result, cyber security along with its pros and cons is contributing increasingly to modern warfare. Pakistan, however, is still in the developmental phase of cyber security. Although Pakistan has passed its first law related to cyber-crimes, in the form of the 2016 Prevention of Electronic Crime Act, the overall legislation related to cyber security is still vague and not as strong to deal with the dynamic and broad-ranging nature of threats that emanate from the realms of cyber security.

In recent years, the government has taken some initiatives in order to build capacity amongst the general public such as through PAK-CERT, Presidential Initiative for Artificial Intelligence & Computing (PIAIC), Skills for all Hunarmand Pakistan, Kamyab Jawan, and National Vocational & Technical Training (NAVTTC).Yet, as has been the case for quite some time, most of these initiatives are aimed simply at spreading greater awareness to help lay the foundations for a more robust cyber security architecture. Amidst such developments, the question that arises for Pakistani policymakers is thus where their country currently stands in the cyber domain and how cyber warfare is posing threats to its national security.

In this era of innovation and connectivity even major powers such as the U.S, Russia, China, Israel and the United Kingdom remain vulnerable to an evolving spectrum of cyber threats. Across the world, states are now increasingly dependent on cyber technology which has greatly increased their chances of vulnerability. The most known example is 2015 Stuxnet virus, whereby a devastating cyber-attack on Iranian nuclear facilities wreaked havoc such as at the Nantaz Nuclear facility, significantly rolling back the Iranian nuclear program. Similarly, the WannaCry outbreak in 2017 caused mass disruption by shutting down vital computing systems in more than 80 NHS organizations in England alone. This resulted in almost 20,000 cancelled appointments, 600 GP surgeries having to return to pen and paper, and five hospitals simply diverting ambulances, unable to handle any more emergency cases. Widely attributed as being state sponsored, the attack set another devastating precedent testifying to the wide-ranging vulnerabilities that exist even in some of the world’s most advanced countries. 

Pakistan’s cyber space too is insecure for many reasons because Pakistan is dependent on others for technology. According to leading global cyber security firms such as Symantec, Pakistan is among the ten most targeted countries in the world. Main targets include Pakistan’s nuclear and other critical installations, with publicly revealed assaults on an assortment of media houses, as well as the communications networks, of key government departments including, transport and, basic utilities. Such threats for instance were further confirmed by the Snowden documents released between 2013-2014 that had showed how the NSA was keeping an eye on Pakistan’s civilian and military leaders, utilizing a malware called SECONDATE.

Recently in the year 2019, Rising Security Research Institute has captured the attack launched by the internationally renowned Advanced Persistent Threat (APT) organization “Rattlesnake” through the Rising Threat Intelligence System. This time, the organization had targeted the Pakistani Navy via Target collision hijacking method. Specifically targeting the Pakistan Naval Public Relations Bureau, the attempt was aimed at stealing vital information from secure military networks while planting misleading documents masquerading as official statements from the Pakistan Navy regarding its regional neighbors such as China and India.  Based on such threats, Pakistan must be readily prepared for any kind of cyber espionage and take steps towards establishing a strong national cyber policy to protect its civilian and military infrastructure.

Therefore, at this stage it is imperative that Pakistan seriously focus on the development of a robust cyber war apparatus. This would especially help mitigate the numerous threats being posed to its banking system, as well as major government networks such as its ministry of Foreign Affairs as well as other military networks that have been previously targeted such as in the case shown above. As such Pakistan can take a number of initial steps by developing strategies to prevent malwares and denial of service (DOS) attacks to reduce such threats at least to a certain level.

Yet, Pakistan has still not developed a cohesive Cyber Command or any National Cyber Policy to deal with the regional cyber threats being posed to Pakistan. Even though Pakistan has recently developed a cyber-security auditing and evaluation lab, it is still in its formative stages. There is still immense space to develop advanced tools and research technologies to protect Pakistan’s cyberspace, sensitive data, and local economy from cyber-attacks while restricting illegal penetrations in it. Especially such as the initiative taken by the newly setup National Centre for Cyber Security which aims increase the number of indigenously trained cyber security professionals within the public sector.

Keeping to this trajectory Pakistan should emphasize more on indigenously developing its own cyber security industry so that in the near future it could benefit both its civilian and military infrastructure in the long run. Hence, while Pakistan may be limited in its ability to wage a strong offensive campaign within the realm of cyber warfare at the moment, such steps would go a long way in helping lay the foundations to build something greater on.

Continue Reading
Comments

Intelligence

Engaging with Local Stakeholders to Improve Maritime Security and Governance

Michael Van Ginkel

Published

on

Illicit activity in the maritime domain takes place within a complex cultural, physical, and political environment. When dialogue is initiated with a diverse range of stakeholders, policy recommendations can take into account region-specific limitations and opportunities. As noted in the Stable Seas: Sulu and Celebes Seas maritime security report, sectors like fisheries, coastal welfare, and maritime security are intrinsically linked, making engagement with a diverse range of local stakeholders a necessity. This collaborative approach is essential to devising efficient and sustainable solutions to maritime challenges. Engagement with local stakeholders helps policymakers discover where in these self-reinforcing cycles additional legislation or enforcement would have the greatest positive impact. Political restrictions against pursuing foreign fishing trawlers in Bangladesh, for example, have allowed the trawlers to target recovering populations of hilsa while local artisanal fishers suffer. In the context of the Philippines, the Stable Seas program and the Asia Pacific Pathways to Progress Foundation recently conducted a workshop that highlighted the importance of consistent stakeholder engagement, resulting in a policy brief entitled A Pathway to Policy Change: Improving Philippine Fisheries, Blue Economy, and Maritime Law Enforcement in the Sulu and Celebes Seas.

Physical Environment

Consistent communication with local stakeholders on regional anomalies allows policymakers to modify initiatives to adjust for the physical, cultural, and political context of a maritime issue. The physical environment affects how, where, and why illicit actors operate in the maritime domain. Knowledge held by local stakeholders about uninhabited coastlines, local currents, and the locations of important coastal communities helps policymakers find recognizable patterns in the locations and frequency of maritime incidents. The 36,289 km of coastline in the Philippine archipelago means that almost 60 percent of the country’s municipalities and cities border the sea. The extensive coastline and high levels of maritime traffic make monitoring coastal waters and achieving maritime domain awareness difficult for maritime law enforcement agencies. A Pathway to Policy Change outlines several recommendations by regional experts on ways to improve maritime domain awareness despite limitations imposed by a complex physical environment. The experts deemed collaboration with local government and land-based authorities an important part of addressing the problem. By engaging with stakeholders working in close proximity to maritime areas, policymakers can take into account their detailed knowledge of local environmental factors when determining the method and motive behind illicit activity.

Cultural Environment

Culture shapes how governments respond to non-traditional maritime threats. Competition and rivalry between maritime law enforcement agencies can occur within government structures. A clearer understanding of cultural pressures exerted on community members can help policymakers develop the correct response. Strong ties have been identified between ethnic groups and insurgency recruiting grounds in Mindanao. The Tausug, for instance, tend to fight for the MNLF while the MILF mostly recruits from the Maguindanaons and the Maranao. Without guidance from local stakeholders familiar with cultural norms, correlations could be left unnoticed or the motivations for joining insurgency movements could be misconstrued as being based solely on extremist or separatist ideology. Local stakeholders can offer alternative explanations for behavioral patterns that policymakers need to make accommodations for.

Political Environment

Local stakeholder engagement allows policymakers to work on initiatives that can accommodate limitations imposed by the political environment. Collaboration with local stakeholders can provide information on what government resources, in terms of manpower, capital, and equipment, are available for use. Stakeholders also provide important insights into complex political frameworks that can make straightforward policy implementation difficult. Understanding where resource competition and overlapping jurisdiction exist enables policymakers to formulate more effective initiatives. Despite strong legislation regulating IUU fishing in the Philippines, local stakeholders have pointed out that overlapping jurisdictions have created exploitable gaps in law enforcement. In A Pathway to Policy Change, local experts suggested that the government should lay down an executive order to unify mandates in the fisheries sector to address the issue. Similarly, the Bangsamoro Autonomous Region of Muslim Mindanao (BARMM) is highlighted as a region that heavily influences maritime security in the Sulu and Celebes seas. Working with government officials to understand how policy initiatives need to adjust for the region’s semi-autonomous status ensures maritime issues are properly addressed. BARMM, for instance, issues fishing permits for its own waters in addition to government permits, which can cause inconsistencies. Working alongside local stakeholders allows policymakers to create initiatives that take into account special circumstances within the political system.

Private Sector Engagement

Extending engagement with local stakeholders to the private sector is particularly important during both the policy research and implementation processes. Encouraging private stakeholders to actively help counter illicit activity can help policymakers create a more sustainable and efficient solution to security threats. As A Pathway to Policy Change highlights, private companies already have a strong incentive from a business perspective to involve themselves in environmental and social issues. Governments can encourage further involvement of private stakeholders like blue economy businesses and fishers by offering tax breaks and financial compensation for using sustainable business practices and for helping law enforcement agencies gather information on illicit activity. Offering financial rewards to members of the Bantay Dagat program in the Philippines, for example, would encourage more fishers to participate. Governments can also double down on educational programs to raise awareness of important issues threatening local economic stability. By communicating consistently with local stakeholders, policymakers can both more accurately identify maritime security needs and more comprehensively address them.

Conclusion

The unique physical, cultural, and political context in which maritime issues take place makes the knowledge of local stakeholders an invaluable asset. While many important types of information can be collected without working closely with stakeholders, there are also innumerable important aspects of any given context which cannot be quantified and analyzed from afar. Engagement with stakeholders provides a nuanced understanding of more localized and ephemerial factors that affect regional maritime security. Engaging with local stakeholders allows policymakers to capitalize on opportunities and circumvent limitations created by the political, cultural, and physical environment surrounding maritime issues in order to create sustainable, long-term solutions.

Continue Reading

Intelligence

Turkey Faced With Revolt Among Its Syrian Proxies Over Libyan Incursion

Published

on

Relations between Turkey and Syrian armed groups that used to be considered cordial due to massive support provided by the Turkish authorities to the Syrian opposition are rapidly deteriorating over Turkey’s incursion into the Libyan conflict, according to sources among the Syrian militants fighting in Libya.

Last month, over 2,000 fighters defected from Sultan Murad Division, one of the key armed factions serving the Turkish interests in Syria. The group’s members chose to quit after they were ordered to go to Libya to fight on the side of the Turkey-backed Government of National Accord (GNA). This marks a drastic shift in the attitude of the Syrian fighters towards participation in the Libyan conflict: just a few months ago there was no shortage of mercenaries willing to fly to Libya via Turkey for a lucrative compensation of $2,000 – 5,000 and a promise of Turkish citizenship offered by Ankara.

Both promises turned out to be an exaggeration, if not a complete lie. The militants who traveled to Libya got neither the money nor the citizenship and other perks that were promised to them, revealed a fighter of Ahrar al-Sharqiya faction Zein Ahmad. Moreover, he pointed out that after the fighters arrived in Libya they were immediately dispatched to Tripoli, an arena of regular clashes between GNA forces and units of the Libyan National Army despite Turkish promises of tasking them with maintaining security at oil facilities.

Data gathered by the Syrian Observatory for Human Rights shows that around 9,000 members of Turkey-backed Syrian armed factions are currently fighting in Libya, while another 3,500 men are undergoing training in Syria and Turkey preparing for departure. Among them are former members of terror groups such as Al-Qaeda affiliate in Syria Hayat Tahrir al-Sham, as confirmed by reports of capture of a 23-years-old HTS fighter Ibrahim Muhammad Darwish by the LNA forces. Another example is an ISIS terrorist also captured by the LNA who confessed that he was flown in from Syria via Turkey.

By sending the Syrian fighters to Libya Ankara intended to recycle and repurpose these groups for establishing its influence without the risks and consequences of a large-scale military operation involving major expenses and casualties among Turkish military personnel. However, the recent developments on the ground show that this goal was not fully achieved.

The Syrian fighters sustain heavy casualties due to the lack of training and weaponry. Total count of losses among the Turkey-backed groups reached hundreds and continue to grow as GNA and LNA clash with intermittent success. Until Turkey’s President Recep Erdogan curbs his ambition, destructive nature of involvement of the Syrian armed groups in Libya may result in the downfall of Turkey’s influence over the Syrian opposition.

Continue Reading

Intelligence

Covid-19: A New Non-traditional Security Threat

Dhritiman Banerjee

Published

on

Authors: Dhritiman Banerjee & Ayush Banerjee

Traditional Security vs Non-traditional Security

There exist various types of threats that a nation faces in today’s world. These primordial threats, in turn, affect a nation’s security dilemma in ways more than one. These can be of two primary type- traditional security threats and non-traditional security threats. Traditional security threats are threats to national security that arise out of conventional international issues such as water sharing, land sharing, etc. These disputes often result in a full-scale war or conventional conflicts among the nations involved.

Similarly, non-traditional security threats are the concerns that a nation faces due to the increased complexity in the conduct of foreign relations after the wake of the new world order, post-1945. As more nations gained their independence and as more international organisations were formed, these threats spread throughout the world resulting in diplomatic tensions and, intra-state and inter-state armed conflicts. At times these conflicts also involve non-state belligerents as well. Large scale migration, environmental degradation and climate change action, intensification of ethnocentrism towards ethnonationalism leading to ethnic conflicts, cyberspace security risks, terrorism and violent extremism, etc. are examples of such non-traditional security threats.

Traditional security threats were directly aimed at the system of governance of the involved international actors, often involving various proportions of military conduct and an aggressive foreign policy coupled with intelligence operations. Meanwhile, non-traditional security threats are complex systems of organised opposition to a dominant entity or actor. These may not involve armed warfare or an aggressive foreign policy as such. For instance, the 9/11 attack on the twin towers in the United States by Al-Qaeda affiliates amount to a non-traditional security threat, in general, and terrorism, in particular. This attack was not directly aimed at toppling over the regime in power, rather spread the message of radical extremism globally by a non-state actor of violent nature. Such threats are becoming more and more predominant in the 21st century.

Another instance of a non-traditional security threat stemmed out of the growing resentment for the authoritarian regime in power in Syria, which triggered the Syrian refugee crisis in 2011-12. The rapid displacement of people in rural locals within the nation created large scale dissatisfaction in terms of the economy with a rise in unemployment rates and poverty among with the loss of their means of livelihood. This displaced populace travelled beyond the already fragile Syrian border into several European states that triggered a spillover of the Syrian refugee crisis resulting in a security risk for most south European states such as Greece and Italy. Invariably, most of the European states shut down their borders due to an imminent security risk from extremism and rising ethnocentrism that may have resulted from integrating the refugees into their formal economies. More recently, India shut down its borders on the displaced Rohingya refugees from Myanmar, stating the probable cause of extremism being imminent within such a marginalised, persecuted populace.

The Case of Covid-19

This year shook the global political order. By March 2020, the coronavirus outbreak in Wuhan turned into a full-scale health crisis across the world. The virus had spread throughout the globe and new epicentres were discovered almost every week. Nations such as the United States, Spain, Italy, India, United Kingdom, among others have been severely affected ever since. However, alongside the health risks associated with the virus, as most governments focus on the research and development of a safe vaccine, the security risks are becoming more important as a part of this discourse with each passing day. There are restrictions on fundamental freedoms such the freedom of movement and assembly. While most major channels of information have shifted to the domains of cyberspace, governments have become heavily reliant on data infrastructures and domestic resource capacities. The transportation industry alongside others has been severely affected, affecting the national economy. The food supply chain has frayed. There have been no practical international trade operations except for highly politicised transfers of essentials and medicare. Millions have lost their employment and means of livelihood. Fear and panic have spread among the public at large. In a few nations, internal displacement has risen hundred folds.

However, as the Covid-19 pandemic spreads chaos, non-traditional security issues may not result in a nuclear catastrophe, but it may directly or indirectly threaten the survival of States. This time period is extremely important for all governments to reshape their policy processes to curtail the social, economic, political, diplomatic and human security risks associated with the outbreak. While many governments have opted to follow a phased lockdown model to tackle the health-related issues associated with the outbreak, they have failed to implement public policy to curtail the other risks associated with it. This nonchalance has resulted in a new age security dilemma that coerces the States into taking policy actions they never planned to adopt.

There are several security threats that pose a risk to major governments due to the Covid-19 pandemic. In the economic context, Covid-19 has increased market volatility such that the price of risk assets has fallen sharply with economies both large and small recording a significant drop of at least 30% at the trough. Tobias Adrian and Fabio Natalucci estimate that “Credit spreads have jumped, especially for lower-rated firms. Signs of stress have also emerged in major short-term funding markets, including the global market for U.S. dollars. Volatility has spiked, in some cases to levels last seen during the global financial crisis, amid the uncertainty about the economic impact of the pandemic. With the spike in volatility, market liquidity has deteriorated significantly, including in markets traditionally seen as deep, like the U.S. Treasury market, contributing to abrupt asset price moves.” It is said that all jobs created since the financial crisis in the US, have been completely wiped away during this Covid-19 outbreak. This creates an atmosphere of public agitation against the government that continues to trigger mass protests and activism. The financial security, housing security, employment security concerns are paramount in this distraught for the public and government alike. International trade is at a standstill affecting all the export-oriented economies around the globe. These nations are now bound by self-reliance on domestic industries creating a need to romp up securitisation efforts at the domestic level itself.

Moreover, Covid-19 is set to increase political instability in countries such as Japan, South Korea, India, Italy, China and the US due to the economic repercussions of the lockdown and also due to the public reaction to governmental policy in efforts towards eradicating the virus. In fact, if the virus causes a global economic meltdown or a global recession, it will perhaps be due to the economic perils the US economy shall face in the coming years. This will also considerably influence Trump’s reelection campaign, as he may be forced to prioritise digital media campaigns over public campaigns due to the risks emanating from Covid-19. There will be rising security concerns with regard to the same considering the fact that there has already been illegitimate involvement of foreign actors in the previous election campaigns wherein Cambridge Analytica was allegedly charged for deliberating manipulating audience content with the help of the Russian Federation.

The Covid-19 pandemic has increased the dependence on cyberspace as software applications such as Google Meet, Skype and Zoom gain in popularity. This gain has been noticeably triggered by the idea of working from home and due to the conversion of physical classroom education to online learning modules. This brings into focus the need for an enhanced cybersecurity mechanism that can allow easy access while also protect the private and personal data of the users. There have already been reports which suggest that the security at Zoom has already been breached. This called for close inspection and proper securitisation of the features to ensure its clients’ next-generation data protection, as a remarkable landmark in the domains of cyberspace security. It is also said that the spread of Covid-19 will increase strategic disinformation campaigns leading to the spreading of propaganda, fake news and manipulated content. Much of this content may also undertake dubious angles on the virus outbreak itself inciting public dissatisfaction leading to panic and mass hysteria. While governments may also attempt at withholding valuable information and data on the actual consequences of the virus especially by downlisting the rate of mortality and infection behind the veil of public security.

The Council of Europe Cybercrimes division has reported that there is valuable evidence that malicious actors are exploiting the cyberspace vulnerabilities to cater to their own advantage. For example, it stated that phishing campaigns and malware distribution through seemingly genuine websites or documents providing information or advice on Covid-19 are used to infect computers and extract user credentials. Attacks against critical infrastructures or international organizations, such as the World Health Organization are becoming seemingly probable. Such agents also use ransomware targeting the mobile phones of individuals using applications that claim to provide genuine information on Covid-19 in order to extract financial information of the user. They can also obtain access to the systems of organisations by targeting employees who are teleworking or video conferencing. Fraudulent schemes where people are tricked into purchasing goods such as masks, hand sanitizers and fake cheap medicines claiming to prevent or cure Covid-19 are also being used for the same purpose by the cybercriminals. These are a few instances that add to the security dilemma the nations face due to the rapid spread of Covid-19 across the world.

Alongside these, the defence industry is set to experience a major slowdown due to the pandemic. Production, manufacturing facilities and supply chains could be affected as the requirements shift towards civilian and police equipment from heavy military equipment. More importance will be given to recovery and aid systems than weapons and ordnances. However, defensive readjustments continue to remain important for ensuring adequate security especially with respect to border control, protection of personnel and institutions, protection of natural resources from exploitation, ensuring law and order as law enforcement and paramilitary operations remain the primary preventive measures at the monopoly of the governments. This crisis will also have profound geopolitical consequences, particularly for the US-China relationship.

Tarık Oğuzlu believes, “the years ahead will likely see the geopolitical rivalry between the U.S. and China intensify. This power competition will likely transpire within a post-liberal international order in which neither the U.S. will continue to act as the chief provider of global public goods nor China will acquiesce in the role of norm-taker.” We already know that the USA under President Trump’s presidency has already begun questioning the liberal international order from within. Notwithstanding Trump’s reelection in November, the isolationist and nationalist tendencies within the current American society will continue to grow more radical and dominant. There may be smear campaigns that could affect the well-settled Chinese populace in order to expunge them from the integrated American society. Instances of racism and ethnocentrism will grow and lead to civic hostilities threatening public order and human security norms. Similarly, China under President Xi Jinpinghas adopted a more assertive and claimant role in international politics, and China has changed its course from the ‘bide your time and hide your capabilities’ dictum in history. Trade between the two major powers has already come to a standstill.

In the words of Ahyousha Khan, “…it is essential for states to counter non-traditional security threats because they can potentially reduce national resilience of states to prosper. The consequences of these threats would be more damaging for developing world, where there is population density, lack of medical facilities and most importantly economic vulnerability of the state to handle such threats for a prolonged period of time.” It is evident from the aforementioned instances that Covid-19 is, in fact, a non-traditional security threat in ways more than one. It leads to multitudes of security concerns hat encompasses most major domains of politics including the economy and cyberspace. Securitisation and protection services are of paramount importance in the same regard. It can be stated that the need to protect the civilians from such non-traditional security threats will lead States to assume a more authoritarian role whereby the State will increase surveillance on its citizens and will curtail the freedoms of movement and expression. Political leaders often exploit these non-traditional security threats to fulfill their own political interests and to secure their own position as the leader of the party. Such is the security risk arising out of the pandemic at large.

Continue Reading

Publications

Latest

Trending