Connect with us

Intelligence

Emerging Cyber warfare threats to Pakistan

Published

on

The potential for the next Pearl Harbor could very well be a cyber-attack.” -Leon Panetta

In the modern era, war has been revolutionized due to rapid advancements in technology. As a result, cyber security along with its pros and cons is contributing increasingly to modern warfare. Pakistan, however, is still in the developmental phase of cyber security. Although Pakistan has passed its first law related to cyber-crimes, in the form of the 2016 Prevention of Electronic Crime Act, the overall legislation related to cyber security is still vague and not as strong to deal with the dynamic and broad-ranging nature of threats that emanate from the realms of cyber security.

In recent years, the government has taken some initiatives in order to build capacity amongst the general public such as through PAK-CERT, Presidential Initiative for Artificial Intelligence & Computing (PIAIC), Skills for all Hunarmand Pakistan, Kamyab Jawan, and National Vocational & Technical Training (NAVTTC).Yet, as has been the case for quite some time, most of these initiatives are aimed simply at spreading greater awareness to help lay the foundations for a more robust cyber security architecture. Amidst such developments, the question that arises for Pakistani policymakers is thus where their country currently stands in the cyber domain and how cyber warfare is posing threats to its national security.

In this era of innovation and connectivity even major powers such as the U.S, Russia, China, Israel and the United Kingdom remain vulnerable to an evolving spectrum of cyber threats. Across the world, states are now increasingly dependent on cyber technology which has greatly increased their chances of vulnerability. The most known example is 2015 Stuxnet virus, whereby a devastating cyber-attack on Iranian nuclear facilities wreaked havoc such as at the Nantaz Nuclear facility, significantly rolling back the Iranian nuclear program. Similarly, the WannaCry outbreak in 2017 caused mass disruption by shutting down vital computing systems in more than 80 NHS organizations in England alone. This resulted in almost 20,000 cancelled appointments, 600 GP surgeries having to return to pen and paper, and five hospitals simply diverting ambulances, unable to handle any more emergency cases. Widely attributed as being state sponsored, the attack set another devastating precedent testifying to the wide-ranging vulnerabilities that exist even in some of the world’s most advanced countries. 

Pakistan’s cyber space too is insecure for many reasons because Pakistan is dependent on others for technology. According to leading global cyber security firms such as Symantec, Pakistan is among the ten most targeted countries in the world. Main targets include Pakistan’s nuclear and other critical installations, with publicly revealed assaults on an assortment of media houses, as well as the communications networks, of key government departments including, transport and, basic utilities. Such threats for instance were further confirmed by the Snowden documents released between 2013-2014 that had showed how the NSA was keeping an eye on Pakistan’s civilian and military leaders, utilizing a malware called SECONDATE.

Recently in the year 2019, Rising Security Research Institute has captured the attack launched by the internationally renowned Advanced Persistent Threat (APT) organization “Rattlesnake” through the Rising Threat Intelligence System. This time, the organization had targeted the Pakistani Navy via Target collision hijacking method. Specifically targeting the Pakistan Naval Public Relations Bureau, the attempt was aimed at stealing vital information from secure military networks while planting misleading documents masquerading as official statements from the Pakistan Navy regarding its regional neighbors such as China and India.  Based on such threats, Pakistan must be readily prepared for any kind of cyber espionage and take steps towards establishing a strong national cyber policy to protect its civilian and military infrastructure.

Therefore, at this stage it is imperative that Pakistan seriously focus on the development of a robust cyber war apparatus. This would especially help mitigate the numerous threats being posed to its banking system, as well as major government networks such as its ministry of Foreign Affairs as well as other military networks that have been previously targeted such as in the case shown above. As such Pakistan can take a number of initial steps by developing strategies to prevent malwares and denial of service (DOS) attacks to reduce such threats at least to a certain level.

Yet, Pakistan has still not developed a cohesive Cyber Command or any National Cyber Policy to deal with the regional cyber threats being posed to Pakistan. Even though Pakistan has recently developed a cyber-security auditing and evaluation lab, it is still in its formative stages. There is still immense space to develop advanced tools and research technologies to protect Pakistan’s cyberspace, sensitive data, and local economy from cyber-attacks while restricting illegal penetrations in it. Especially such as the initiative taken by the newly setup National Centre for Cyber Security which aims increase the number of indigenously trained cyber security professionals within the public sector.

Keeping to this trajectory Pakistan should emphasize more on indigenously developing its own cyber security industry so that in the near future it could benefit both its civilian and military infrastructure in the long run. Hence, while Pakistan may be limited in its ability to wage a strong offensive campaign within the realm of cyber warfare at the moment, such steps would go a long way in helping lay the foundations to build something greater on.

Continue Reading
Comments

Intelligence

Coronavirus: Bioterrorism or Not, Who Is the Winner?

Sajad Abedi

Published

on

Authors: Sajad Abedi and Mohammad Amin Zabihi*

It has been so long since the early instances of using toxins, chemicals, and diseases as agents of assassinations and/or even mass murder. There are numerous historical and even modern instances of using toxins in assassinations, or using contagious diseases in warfare without even knowing about the bacteria or virus. For example, (allegedly) the first registered event of such method goes back to 14th century when Tatar army, desperate to win after three years of siege, threw corpses of plague victims to the Caffa city[1], causing an outbreak of this disease within the city. But the most important part happened afterwards; some soldiers could manage to escape on boats – Caffa was a port city on the Crimea Sea – to Italy, unaware of the fact that they were already infected. Nevertheless, most of them died along the way, but infected rats and remaining bodies caused one the major waves of plague pandemic[2] all over the Europe.

The paramount point is that in our modern world, it is just a matter of hours to leave New York and land somewhere else, thousands of miles away, even before the first symptoms of your disease manifest itself. In fact, the most horrifying factor of any contagious disease could be its latent period.

On the other hand, considering the unprecedent pace of ever-growing biological technologies, many developed countries possess the ability to develop an intelligent virus equipped with customized features in order to remain unnoticed on the victim’s (vector’s) body for quiet a time, and only manifest itself after it infected a considerable number of surrounding people. More interestingly, such customized virus can be planned whether to disable a specific organ or to metastasize within the whole system of the host. Even more, it can be planned according to the genetic map of people within a given region.

Looking at the whole picture with broader perspective, it does not matter whether the agent is toxic, chemical, or biological. The capability to produce and employ a virus, bacteria, or toxin by malicious actors, namely terrorists or criminals, could bring disastrous results.As we witnessed such case during 1990s in Japan – the Aum Shinrikyo Cult.

In fact, if we are going to prevent such disasters, first we should find the potential actors who may resort to such actions, investigate the probable ways, and also understand the costs, benefits, motives, and risks of which for these potential actors.

Of course, terrorists and criminals are the first probable examples which may pop up in our minds, but looking more rigorously, state actors are also among the potential cases. In the case of Coronavirus outbreak, if one considers it as an instance of bioterrorism/biological-war act, the probability of participation of terrorist or criminal organizations seems to be low, due to the complexity of production process and the highly advanced technologies required to produce such virus at the first place. On the other hand, a terrorist organization typically claims the responsibility of such attack in order to earn the reputation, and a criminal organization may demand ransom prior to release the virus – otherwise it would not be beneficial, unless they already have the cure (vaccine/antidote) ready to sell. In any case, it doesn’t seem probable. 

Considering the fact that, in the case of a pandemic, finding the main cause and the zero patient in this complex, interconnected world is significantly difficult (if possible), state actors may resort to such options due to multiple reasons. They may try to initiate a hidden biological war against another country (countries), in order to cause economic interruptions, socio-political chaos, create power vacuum in a specific area, forcing another actor to leave a region, or just simply to enjoy the economic benefits of selling the vaccine or antidote to victims. Obviously, there will be some serious prosecutions and consequences in the case that some concrete evidence shows any tracks of participation of an actor – whether a sovereign state or even a pharmaceutical company; but in such cases, states usually start to throw allegations at each other anyway.

We are living in a world that any kind of news affect the open markets immediately; the more important the news is, the deeper it affects the markets. In this case – Coronavirus – we witnessed a serious drop in international stock markets –especially oil markets – all over the world, which coincided with Russia’s ambivalence approach regarding the cutting supply decision made by OPEC – and also Saudi Arabia’s reaction to the whole story. Altogether, these factors caused a serious drop in different markets which, in fact, started with the news of Coronavirus outbreak at the first place. Who gets the best use of such scenario? The oil and gas producers are the main victims, obviously; but if one (the alleged perpetrator) knows the whole story before it happens, he would sell at the highest price and buy at the lowest price again – after the price crash, president Trump ordered to stock up the US oil reserves.

Although it seems pretty convincing, but is it really rational? What are the risks and costs? In reality, the pandemic of a dangerous virus – one like Coronavirus – equipped with a two-week latent period, in a high-populated country like China can cause sever problems in almost every corner of the planet; in fact, the bigger economy you have, the deeper your challenge would be. The implications of such outbreak are considerably wide: (1) it causes decrease in oil prices which will result in budget deficits in oil-dependent countries – like Russia, Iran, Saudi Arabia; (2) it interrupts the production process and consequently the sale chains – like China; (3) reduces the tourists travels which will consequently result in budget deficits in tourist-dependent countries – like Turkey and most of EU; (4) it causes sever socio-economic costs, especially for populated countries – like China, US, and Russia.

Altogether, if one state actor decides to initiate a biological war against another state, using a virus agent which has the potential to cause a global pandemic, it should consider the possibility of backfiring the same gun inside its own country in numerous ways. In an interconnected world like the one we are living in, such actions cause gargantuan reactions in different ways, one may not be able to predict all of them. Considering such costs and also the risk of being traced back and accused of committing such horrifying act, the possibility of state-sponsorship in these cases will be considered relatively low (but still possible). It is not like creating a computer virus – like Stuxnet – that may or may not blow back to your face; it is the matter of people’s lives. 

*Mohammad Amin Zabihi, MSc. Regional Studies, Allameh Tabatabaei University


[1] Nowadays it is Feodosia, Ukraine 

[2]Also known as Black Death

Continue Reading

Intelligence

The Prospect of Bioterrorism: The Threat of Pathogen, Biting Insects and Dirty Bomb in Europe and UK

Published

on

The recent coronavirus attacks authenticate my postulation of the intensification of bioterrorism in Europe and Asia in 2020. The blame game between Washington and China further prompted misunderstanding about the hegemonic role of the US army that it wants to mitigate the future role of nuclear weapons and missile technology in peace and war. Chinese Ambassador was summoned in Washington when Foreign Ministry in Beijing tweeted that the deadly coronavirus was seeded in Wuhan by the US military. US President Donald Trump also called Covid-19 a “Chinese” and “foreign” virus, earning condemnations not only from Beijing but also from much of the mainstream media. However, China categorically stated that the coronovirus attack was a hybrid war against its economy and industry. Moreover, initially, Iranian officials also declared that the coronavirus was a biological weapon created in US military laboratories. Some state in Europe demonstrated weakness in fighting the Coronavirus war against their population.

Italy and France have been irritated in overcoming the death rate from the disease, while the British Prime Minister become frustrated in changing his controversial approach to the pandemic spread across the country. On 22 March 2020, the Guardian newspaper reported frustration of Downing Street about the shameless statement of controversial adviser to the Prime Minister Boris Johnson, Dominic Mckenzie Cummings, who argued in a private meeting that the government’s strategy towards the coronavirus was “herd immunity, protect the economy and if some pensioners die”. The allegations, which were widely circulated online widely criticised that the government response to the Coronavirus was initially too weak, frustrated and controversial based on a notion that rather than limiting its spread, enough people could be allowed to contract it to give population-wide “herd immunity”. Dominic Mckenzie Cummings was born 25 November 1971 is a British political strategist who has been serving as Chief Adviser to Prime Minister Boris Johnson since July 2019.

Since 9/11, the threat of nuclear and biological terrorism has been at the forefront of the international security agenda. Bio terror experts have stressed the need on prevention of terrorist groups operating in Europe and the UK from gaining access to weapons of mass destruction and from perpetrating atrocious acts of biological terrorism. Recent events in Europe have raised the prospect of extremist and jihadist groups using biological, radiological and chemical attacks against civilian and military installations. The greatest threat to the national security of Europe and the UK stems from smuggling of material of dirty bomb, pathogen and smuggling of biting insects. As international media focused on the looming threat of chemical and biological terrorism in Europe, extremist and jihadist groups are seeking these weapons to inflict fatalities on civilian population.

Bioterrorism is terrorism involving the intentional release or dissemination of biological agents. These agents are bacteria, viruses, fungi, or toxins, and may be in a naturally occurring or a human-modified form, in much the same way in biological warfare. Biological agents are used by the terrorists to attain their social or political goals and are used for killing or injuring people, plants and animals. Response of Europe to the threat of future bioterrorism seems limited due to political and economic reservations of some member states. The approach to searching for biological agents at airports and shipping container entry points, and promoting bio-hazard awareness raised several important questions. Biological terrorism can be loosely categorised based on the agent used. The virus threat including smallpox, influenza, dengue fever, yellow fever, Rift Valley fever, and haemorrhagic fevers like Lassa, Ebola, and Marburg. Smallpox spreads directly from person to person. The third category of bio-threat is ‘bacteria’, which includes anthrax, plague, and cholera. There are numerous reports on the genetically development of viruses by some states to use it and achieve their political and economic goal.

One of these reports on insect war is the investigative report of Bulgarian investigative journalist and Middle East correspondent Dilyana Gaytandzhieva (12 September 2018), who published a series of reports. Her current work focuses on war crimes and illicit arms exports to war zones around the world. The Alternative World Website and Zodlike Productions, a news forum has published her fresh analysis of future insect war. She has painted a consternating picture of US insect war in her investigative report, and warns that the prospect of biological terrorism is consternating:

“Pentagon’s scientists have been deployed in 25 countries and given diplomatic immunity to research deadly viruses, bacteria and toxins at US military offshore biolaboratories under a $2.1 billion DoD program. The US Embassy to Tbilisi transports frozen human blood and pathogens as diplomatic cargo for a secret US military program. Internal documents, implicating US diplomats in the transportation of and experimenting on pathogens under diplomatic cover were leaked to me by Georgian insiders. According to these documents, Pentagon scientists have been deployed to the Republic of Georgia and have been given diplomatic immunity to research deadly diseases and biting insects at the Lugar Center–the Pentagon biolaboratory in Georgia’s capital Tbilisi. In 2014, The Lugar Center was equipped with an insect facility and launched a project on Sand Flies in Georgia and the Caucasus. In 2014-2015 sand fly species were collected under another project “Surveillance Work on Acute Febrile Illness” and all (female) sand flies were tested to determine their infectivity rate. A third project, also including sand flies collection, studied the characteristics of their salivary glands. Sand flies carry dangerous parasites in their saliva which they can transmit to humans through a bite”.

With the establishment of Islamic State ISIS in Syria and Iraq, Pakistan and Afghanistan, and its secret networks in Europe, international community has now focused on the proliferation and smuggling of chemical and biological weapons in the region. Recent debate in Europe-based think tanks suggests that, as the group retrieved nuclear and biological material from the Mosul University in Iraq, it can possibly make Nuclear Explosive Devices (NED) with less than eight kilogrammes plutonium. The debate about bioterrorism and bio-defence is not entirely new in the military circles of Europe; the involvement of ISIS in using biological weapons against the Kurdish army in Kobane is a warning for the UK and European Union member states to deeply concentrate on the proliferation of these weapons in the region.

  As Islamic State ISIS now controls parts of Iraq and Syria and has carried out successful attacks in France, Germany, UK and Brussels, the group now wants to expand its terror networks to the borders of Russia and China. According to some confirmed reports, hundreds of Pakistanis have joined the army of ISIS in Syria and Iraq, while a women brigade of the ISIS army is operating in Pakistan. The problem of nuclear and biological terrorism deserves special attention from the EU and UK governments because experts warned that the army of ISIS has retrieved capabilities to develop a dirty bomb in which explosives can be combined with a radioactive source like those commonly used in hospitals or extractive industries. The use of this weapon might have severe health effects, causing more disruption than destruction.

In Europe, there is a general perception that ISIS has already used some dangerous gases in Iraq, and it could use biological weapons against civilian populations in UK and EU. If control over these weapons is weak, or if their components are available in the open market, there would be huge destruction in the region. In July 2014, the government of Iraq notified that nuclear material had been seized by the ISIS army from Mosul University. The ISIS published a 19-page document in Arabic on how to develop biological weapons, and a 26-page religious fatwa that allows the use of weapons of mass destruction. “If Muslims cannot defeat the kafir (non-believers) in a different way, it is permissible to use weapons of mass destruction,” warns the fatwa.

The effects of biological weapons are worse as they cause death or disease in humans, animals or plants. The fatalities of dengue and ebola viruses in West Africa are the worst forms of bioterrorism. There are speculations that, in future, measles, dengue, polio and the ebola viruses can be used as weapons of bioterrorism in Europe and the UK. Some states might use drones for the purposes of bio-war against their rival states. In 2013, writing in the Global Policy journal, Amanda M Teckman warned that ISIS might possibly use ebola as a weapon against the civilian population: “It remains to be seen if a terrorist group like ISIS, which has demonstrated a willingness to engage in large scale mass murder, including the uninhibited murder of civilians, has the capability to produce a weaponised version of ebola.”

Debate among the European Union intelligence experts normally starts with the assumption that without a professional intelligence analysis on law enforcement level, prevention of bioterrorism is impossible. In the wake of the terrorist attacks in Brussels, security experts raised the question of intelligence-sharing failure, which caused huge infrastructural destruction and the killings of innocent civilians. Terrorists killed more than 34 innocent people and injured over 200 in Brussels. The failure of French and Brussels intelligence agencies to tackle the menace of extremism and the exponentially growing networks of the Islamic State (ISIS) prompted a deep distrust between the law enforcement agencies and civil society of the two states. The French and Belgium intelligence infrastructure also suffered from a lack of check and balance. This huge intelligence gap has badly affected the intelligence cooperation with other EU member states. The Belgian Foreign Minister warned that more intelligence on home-growing extremism was a must after the EU secret agencies came under heavy criticism immediately after they failed to share intelligence with France about the Paris attackers. French Interior Minister complained that no information about possible attacks was provided by EU secret agencies.

Continue Reading

Intelligence

Cybercrime effecting banking sector/economy of Pakistan

Published

on

Cyber-crime is not a conventional offence as its ramifications transcend borders.  It affects a society in different ways. The term “cybercrime” denotes any sort of illegal activity that uses a computer, cell phone or any other electronic device as its primary means of commission. The computer and electronic devices serve as the agents and the facilitator of the crime. Cyber criminals take full advantage of obscurity, secrecy, and interconnectedness provided by the internet and are able to attack the foundations of our modern information society. Breaching of cyber space is an issue of utmost concern for the banks and financial institutions. The menace of data theft is growing in magnitude with huge financial impact. As custodian of highly valuable customer information, banks have always been the favorite target of the cyber-attacks.

Moreover it is estimated that banks are more frequently targeted by the hackers than any other business organization. IT based financial solutions of the banks such as ATMs, mobile banking and internet banking are exposed to various forms of frauds including skimming and phishing etc. Affected banks may also witness decline in their share prices. Banking industry is more susceptible to the breach of cyber security due to its financial lure for the transgressors. In Pakistan, banking is increasing its user base at a brisk pace; the resulting threats are also multiplying. Financial services in Pakistan i.e. credit cards, accounts information and other, can also be acquired for theft or fabrication. During last few years Pakistan faced some serious cyber breaches in the banking sector. In 2018 it lost US $6 million in cyber-attacks as online security measures failed to prevent breach of security in which overseas hackers stole customer’s data.Data from 19,864 debit cards belonging to customers of 22 Pakistani banks has been put on sale on the dark web, according to an analysis conducted in year 2018 by Pakistan’s Computer Emergency Response Team, PakCERT.

However Cyber breaches of January 24 and January 30, 2019 included such data in large quantities pertaining to bank Meezan Bank Ltd. Gemini Advisory; a body that provides guidance with addressing emerging cyber threats stated that the compromised records posted between January 24 and January 30, 2019 is associated with a compromise of Meezan Bank Limited’s internal systems. Cyber security company “Group-IB”on  a February  22,2019  in advisory stated that money mules use the fake cards, to either withdraw money from ATMs or buy goods” that are later resold by fraudsters. Despite efforts of banks to eliminate ATM card fraud, criminals still find ways around security measures to acquire card data at the point of sale.

The impact of a single, successful cyber-attack can have far-reaching implications including financial losses, theft of intellectual property, and loss of consumer confidence and trust. The overall monetary impact of cyber-crime on society and government is estimated to be billions of dollars a year. While, the banks in Pakistan claim that they have insurance policies, they do not seem much interested in securing their system and the public remains highly affected by such attacks. There is growing sense of distrust in the online banking. Several banking organizations fail to provide proper insurance to their customer. That is why people are more comfortable in keeping their money and reserves at home rather than banks. This is one of the major factors that add to country’s severe economic decline.

Pakistan needs to develop its cyber capabilities infrastructure and should invest in the youth to build a cyber security force of young experts. Simultaneously, there is a need to focus on artificial intelligence, block chains and software robots as suggested by Chief Technology Officer Huawei (Middle East and European Union) Jorge Sebastiao in the recent international seminar on Global Strategic Threat and Response (GSTAR). Establishing a stronger cyber infrastructure will provide stronger security guarantees to the IT enabled services especially to the banking systems of Pakistan. This will in turn enhance the economic growth and security. Furthermore, the transnational nature of cyber-crime makes cyber-security a global challenge and, hence, demands collective and collaborative measures at the international level with flawless and strong legal and cyber policy framework.

In this regard, Pakistan’s cyber-law provides for ‘international cooperation.’ It has the membership of the International Multilateral Partnership against Cyber Threats (ITUIMPACT) and participates in Asia Pacific Security Incident Response Coordination Working Group (APSIRC-WG). However, cyber-security does not appear to be a priority on the country’s agenda for international dialogue and agreements.  Pakistan needs to review the Prevention of Electronic Crimes Bill which will contribute mainly to increase the security of banking systems.

Continue Reading

Publications

Latest

New Social Compact2 hours ago

Covid-19 Might not be the End

The world seems to be oblivious when it comes to the non-traditional security paradigms hence certain natural cycles repeat overtime....

Newsdesk3 hours ago

Peru Will Receive US$ 50M from the World Bank to Strengthen Key Social Protection

The World Bank Board of Directors today approved a US$ 50 million loan to strengthen key policies and strategies to...

Newsdesk5 hours ago

AIIB To Scale Up Public Health Infrastructure in Wake of COVID-19

Recognizing that countries with fragile infrastructure have less capacity to handle health crises, the Asian Infrastructure Investment Bank (AIIB) is...

South Asia7 hours ago

Pakistan is striving enthusiastically to quell the COVID-19

International cooperation has become necessary for the nations across the globe, to defeat the Coronavirus pandemic -an invisible enemy. For...

Americas9 hours ago

Coronavirus is Trump’s most important electoral rival

The Earth is intertwined with space in various group, ethnic, religious, national, and other forms. National spaces within countries are...

Tourism11 hours ago

Calling on Innovators and Entrepreneurs to Accelerate Tourism Recovery

In the face of an unprecedented challenge, the World Tourism Organization (UNWTO), with the support of the World Health Organization...

Diplomacy13 hours ago

COVID-19 Diplomacy and the Role of the United Nations Security Council

On 30th January 2020 World Health Organisation declared COVID-19 a Public Health Emergency of International Concern, soon after on 11th...

Trending