Connect with us

Intelligence

Cyber-Security Threat And Italian Resilience

Published

on

There is a war out there, old friend. A world war. And it is not about who has got the most bullets. It is about who controls the information. What we see and hear, how we work, what we think…it is all about the information. (From the movie Sneakers, 1992)

Cyber security is today a matter which concernsorganisations, institutions and companies. It represents a war fought with a simple computer and can target anyone, anywhere, anytime. A war that does not involve the use of bombs, missiles and tanks; a silent war, which leaves neither marks nor fallen warriors, but which is capable of producing the same devastating results as a bombing. Thus, cyber warfare is the old war with new weapons.

In recent years, however, cybercrime has changed radically: at the beginning, independent and anarchist hackers of the 90’s organised themselves into professional groups but they were divided in two categories: those ones who pursued anarchist and political purposes – such as Snowden, Assange or Anonymous – and the other ones who pursued profit intents, such as most cyber-criminals.More recently, the arch-enemy has turned out to be a sovereign state, any terrorist organisation or a single hacker who steals identity, violates privacy and hunts for secrets to be disclosed.

The world at large is becoming increasingly connected and integrated andit inevitably leads to the need of benefitting from auniversal access to data and information. The dependence of the modern society on a system of a functional, secure and resistant networkentails the institution of a new operational domain, the cybernetic one, which must be preserved and defended. In 2012, the World Economic Forum in Davos already pinpointed cyber-attacks among the top five global threats due to their likelihood of occurrence.

In fact, the impact of cyber-attacks on networks and IT services can be outstandingly destructive and cause unpredictable consequences for the society as a whole.Furthermore, especially in recent years, there has been a transition from cybercrime, which affected private individuals, to attacks affecting and paralyzing the IT structures of entire country systems, as known as critical infrastructures.

Then, as well as the battlefor medical research inevitably stumbles on a new virus that requires a cutting edge therapy, also the exponential technological evolution of cyber weapons needsthe development of security countermeasures.

In the last annual report to the Parliament, the Italian Department and Security (DIS) has illustrated the most salient aspects of the cyber threat and the measures adopted by Italy to copy with this phenomenon.

In detail, DIS highlighted how the cyber threat still represents a privilegedtoolin attacking both public and private targets of strategic importance forthe country.Moreover, thanks to a constant and massive monitoring on Techniques, Tactics and Procedures (TTP) adopted by cyber-criminals, the Department has detected a progressive enhancement in the quality and complexity of cyber-attacks.

Hence, the primary challenge for DIS continues to be the contrast to cyber offensive operations through a strengthening of its countermeasures for protecting information systems.

The more a cyber-attack is well-identified, the more the countermeasures are effective. For this reason, the Department analyses the cyber threat by two aspects: potential targetsand perpetrators.

On the prospective of targets, in 2019,IT systems of central and local public administrations were the most affected, specifically 73 percent. The most noteworthy detail is that the attacks against central public administrations have increased by 10 percent, while those ones affecting local authorities have registered a 16 percent decrease. This privileged interest of cyber criminals against central public administrationsfinds its meaning in the great quantity of data managed by thesebodies.

Looking at the threat from the perspective of hostile actors, the Department pinpoints hacktivists as the principal perpetrators (73 percent), followed up by state-origin groups (12 percent) which have recorded a decrease compared to 2018.

This decrease, however, instead of an effective drop in state-origin attacks,might be the result ofa growing availability of malicious systems in the dark web which contribute to obscure the cyber-attackers identity.

DIS has acknowledged that technological development- along with its related challenges – has taken on a relevant geopolitical and geostrategic dimension, thus upholding the need to strengthen the cyber resilience of our country. By virtue of this latter purpose, the Department is strong-willed to manage the risks linked to the implementation of 5G technology, which could act as a backdrop of an abuse from hostile actors.

Furthermore, the most significant development recorded by the national cybersecuritystrategy has been the establishment of the “cyber security perimeter”: it identifies and protects public and private operators which have a key-role in the state market and usenetworks, information systems and IT services which, if attacked, would cause enormous damage to national security. The perimeter foresees:

notification of attacks, to ensure an immediate reaction from the structures involved;

security measures meant to boost the overall level of cybersecurity in Italy;

technological screening of ICT supplies belonging to specific, crucial categories;

inspection and sanctioning activities by the Presidency of the Council of Ministers and the Economic Development Ministry (MiSE), respectively for public and private subjects.

In 2019,the Italian Computer Security Incident Response Team (CSIRT) has been established within the Department of Intelligence and Security to tackle the cyber threat, according to the European Directive on security of Network and Information Systems (NIS) enacted in 2016 and adopted by Italy in 2018.

CSIRT aims to optimize the effectiveness of the country’s prevention and response to cyber-attacks against public and private targets, through led-in-depth analysis of risks and their management.

In case of a serious and imminent risk for national security connected to the vulnerability of networks, information systems and IT services, the Italian Premier is empowered to order – after deliberation by Inter-ministerial Committee for the Security of the Republic (CISR) – the total or partial deactivation of the devices employed in networks, systems or services involved.

The advent of new technologies and artificial intelligence has certainly contributed to the technological and economic development of single countries and it allows them to keep up with the world’s super powers. However, what could be considered as a quid pluris for a specific country, can result in the increased risk to be targeted by cyber-attacks with the intent of stealing sensitive data and knowledge.

Italy is facing this challenge through growing investments and sharpening its national security-architecture.

However, along with a national commitment in the sector, it is necessary to extend international cooperation in order to further ensure each state the security of own networks and interconnected systems.

After all, no nation is safe until every nation is safe.

Continue Reading
Comments

Intelligence

USA and Australia Worry About Cyber Attacks from China Amidst Pegasus Spyware

Published

on

Pegasus Spyware Scandal has shaken whole India and several other countries. What will be its fallout no one knows as we know only tip of iceberg. Amidst Pegasus Spyware Scandal USA and Australia both have shown serious concerns about Cyber Attacks on US and Australian interests. Both say that China is hub of malware software and both face millions of such attacks daily.

I am trying to understand why a software is needed to spy on a particular individual when all calls, messages, data, emails are easily accessible from server. In most of cases these servers are located in USA and some cases these are located in host country. In certain sensitive cases Government Agencies have their own server like Central Intelligence Agency and hundreds of other agencies and military establishment world over including India. Now point is who installs those servers.

A couple of years back I had talked to Mr Mike Molloy who is Chief Executive Officer of Orion Global Technologies previously known as Orion SAS. He had explained me how his company installs servers in host countries on request of private or gov bodies. He talks about contract and trust. That means even when a company or Gov buys a server or software for designated uses the “Secrecy” Factor remain on discretion of company which has supplied server or software.

Now  if all data, e-mail, chat, messages, calls are accessible to Gov as per law and technology (Through Server all components of Communication are accessible and thats why  me and you see start seeing call recording of a person even after many years later), I am unable to understand why a Gov will be needing a software to Spy on any one.

Now coming to where Australia and USA wants to carry the whole debate.

Australian Foreign Minister Sen Marise Payne said, “Australian Government joins international partners in expressing serious concerns about malicious cyber activities by China’s Ministry of State Security.

“In consultation with our partners, the Australian Government has determined that China’s Ministry of State Security exploited vulnerabilities in the Microsoft Exchange software to affect thousands of computers and networks worldwide, including in Australia. These actions have undermined international stability and security by opening the door to a range of other actors, including cybercriminals, who continue to exploit this vulnerability for illicit gain”, She further added.

She opined, ”The Australian Government is also seriously concerned about reports from our international partners that China’s Ministry of State Security is engaging contract hackers who have carried out cyber-enabled intellectual property theft for personal gain and to provide commercial advantage to the Chinese Government”.

She warned China by saying, “Australia calls on all countries – including China – to act responsibly in cyberspace.  China must adhere to the commitments it has made in the G20, and bilaterally, to refrain from cyber-enabled theft of intellectual property, trade secrets and confidential business information with the intent of obtaining competitive advantage”.

On other hand USA’s The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory on Chinese State-Sponsored Cyber Operations. National Security Advisor said, ”Chinese state-sponsored cyber activity poses a major threat to U.S. and allied systems. These actors aggressively target political, economic, military, educational, and critical infrastructure personnel and organizations to access valuable, sensitive data. These cyber operations support China’s long-term economic and military objectives”.

The information in this advisory builds on NSA’s previous release “Chinese State-Sponsored Actors Exploit Publicly Known Vulnerabilities.” The NSA, CISA, and FBI recommended mitigations empower our customers to reduce the risk of Chinese malicious cyber activity, and increase the defensive posture of their critical networks. 

Continue Reading

Intelligence

Afghan issue can not be understood from the simplistic lens of geopolitical blocs

Published

on

pakistan-terrorism

Authors: Tridivesh Singh Maini  and Varundeep Singh*

On July 14, 2021 a terror attack was carried out in Khyber Pakhtunkhwa (KPK) province in which a number of Chinese engineers, working on the Dasu hydropower project (a project which is part of the China Pakistan Economic Corridor) were killed. The attack predictably evinced a strong response from China. The Chinese foreign minister, Wang Yi speaking before a Shanghai Cooperation Organisation (SCO) Foreign Minister’s meeting asked the Taliban to disassociate itself from ‘terrorist elements’ and in a meeting with Pakistan Foreign Minister, Shah Mehmood Qureshi, asked Pakistan to bring the perpetrators to book. Earlier in April 2021, a car bomb attack took place at Serena hotel in Quetta which was hosting China’s Ambassador to Pakistan (four people were killed and twelve were injured)

Wang Yi significantly praised the Ashraf Ghani government, for its attempts towards building national unity and providing effective governance. Beijing clearly realizes that its economic investments in the country as well as big ticket infrastructural projects can not remain safe if there is no security. Afghanistan also criticized Pakistan for its role in sending 10000 Jihadis to Taliban, this is important in the context of the region’s geopolitics.

 Like all other countries, Beijing and Islamabad, would have expected uncertainty after the US withdrawal of troops but perhaps over estimated their capabilities in dealing with the turbulence which had been predicted by many.

Importance of Chinese Foreign Minister’s statements

Wang Yi’s statements are important because days earlier a Taliban spokesman, Suhail Shaheen had praised China and welcomed its role in the country’s reconstruction. He had also assured China that those involved in the insurgency in Xinjiang would not be given refuge in Afghanistan (one of China’s major concerns has been the support provided by Taliban to the East Turkmenistan movement)

While Beijing may have opened back channels with the Taliban and realized that it needs to adapt to the changing geopolitics, recent developments would have increased its skepticism vis-à-vis the Taliban. On the other hand, Russia has been more favorable towards the Taliban. Russia’s Deputy Chief of Mission in India, Roman Babushkin argued that the Taliban are a reality which needs to be accepted, and also that any military activities without a political process are insufficient.

Babushkin did make the point that for successful negotiations, Taliban needed to end violence.

‘that Taliban should deal with the problem of terrorism and other related issues in order to become legitimate, in order to [get] delisted [at the UN Security Council], in order to go ahead with the future Afghanistan and creation of the inclusive government

It would be pertinent to point out, that Zamir Kabulov, Russian President’s Afghanistan envoy went a step further and said that the Afghan government was not doing enough to make talks with Taliban a success.

China’s statements subtle warning to the Taliban, indicating its reservations, and praise of Ghani indicate a possibility of greater understanding between Washington and Beijing (even though Beijing has repeatedly attributed the current troubles in Afghanistan to Washington’s decision to withdraw troops).

Can US and China find common ground

 It remains to be seen if Biden who has exhibited dexterity on a number of complex issues reaches out to Xi Jinping to find common ground with regard to Afghanistan. Significantly, while US-Turkey relations had witnessed a downward trajectory and Biden has been critical of Turkish President Recep Tayyip Erdogan’s authoritarian tendencies and Human rights record, both leaders met on the sidelines of the NATO Summit in June 2021. During the meeting Turkey agreed to secure Kabul Airport. US National Security Advisor Jake Sullivan while commenting on Turkey’s assurance said

‘The clear commitment from the leaders was established that Turkey would play a lead role in securing Hamid Karzai International Airport, and we are now working through how to execute to get to that,’

Taliban earlier this week warned Turkey of ‘consequences’ if the Middle Eastern nation increased its troop presence in Afghanistan.

Conclusion

Russia’s statements with regard to the Taliban indicate that it is not totally on the same page as China (its prior experience in Afghanistan has made it more cautious and circumspect), and that the Afghan issue can not be understood from the simplistic lens of geo-political blocs and traditional lenses. All major stakeholders in Afghanistan, both within the region and outside, seem to be understandably befuddled by the turn of events. It is not just the US, but even China which would be worried not just from an economic stand point but the overall security implications of the turmoil in Afghanistan. The terror attack in KPK indicates that other CPEC related projects could also face threats from militant groups. Beijing would thus need to be quick to react to the overtures from the Taliban in order to secure its economic assets and lives of Chinese workers in neighbouring Pakistan.

 It is especially important for Washington, Beijing and other important stakeholders in the region to work together for dealing with the near term turbulence as well as long term challenges Afghanistan is likely to face.

*Varundeep Singh is an Independent Policy Analyst.

Continue Reading

Intelligence

Pegasus: Human rights-compliant laws needed to regulate spyware

Published

on

The UN human rights chief on Monday said the apparent widespread use of Pegasus spy software to illegally undermine the rights of those under surveillance, including journalists and politicians, was “extremely alarming” and confirmed “some of the worst fears” surrounding the potential misuse of such technology. 

“Various parts of the UN Human Rights system, including my own Office, have repeatedly raised serious concerns about the dangers of authorities using surveillance tools from a variety of sources supposed to promote public safety in order to hack the phones and computers of people conducting legitimate journalistic activities, monitoring human rights or expressing dissent or political opposition”, said High Commissioner Michelle Bachelet in a statement

According to reports, the Pegasus data leak allegations which surfaced through a consortium of media organisations over the weekend, suggests widespread and continuing abuse of the software, which the manufacturers insist, is only intended for use against criminals and terrorists. 

The Pegasus malware infects electronic devices, enabling operators of the tool to obtain messages, photos and emails, record calls, and even activate microphones, according to the consortium’s reporting. The leak contains a list of more than 50,000 phone numbers which reportedly belong to those identified as people of interest, by clients of the company behind Pegasus, including some governments.  

‘Indispensable role’ 

Surveillance software has been linked to the arrest, intimidation and even killing of journalists and human rights defenders, according to the senior UN official.  

Reports of surveillance also trigger fear and cause people to censor themselves.   

“Journalists and human rights defenders play an indispensable role in our societies, and when they are silenced, we all suffer”, she said, reminding all States that surveillance measures can only be justified in narrowly defined circumstances when necessary and proportional to a legitimate goal.  

‘Deep intrusions’ 

Given that Pegasus spyware, “as well as that created by Candiru and others, enable extremely deep intrusions into people’s devices, resulting in insights into all aspects of their lives”, the UN rights chief underscored, “their use can only ever be justified in the context of investigations into serious crimes and grave security threats.” 

If recent allegations about the use of Pegasus are even partly true, she maintained that the “red line has been crossed again and again with total impunity”. 

‘Due diligence’ 

Companies developing and distributing surveillance technologies are responsible for avoiding human rights abuses, she said, and they must take immediate steps to mitigate and remedy the damage their products are causing, or contributing to, and carry out “human rights due diligence” to ensure that they no longer play a part in “such disastrous consequences” now, or in the future. 

States also have a duty to protect individuals from privacy rights abuses by companies, she added.  

One key step in this direction is for States to require by law that the businesses meet their human rights responsibilities by becoming more transparent in their design and use of products and by putting in place effective accountability mechanisms. 

Better regulation key 

Reports also confirm “the urgent need to better regulate the sale, transfer and use of surveillance technologies and ensure strict oversight and authorization.” 

Governments should not only immediately stop using surveillance technologies in ways that violate human rights, but also “take concrete actions” to protect against such invasions of privacy by “regulating the distribution, use and export of surveillance technology created by others”, the High Commissioner said.  

Without human rights-compliant regulatory frameworks, Ms. Bachelet upheld that there are “simply too many risks” that the tools could be used to intimidate critics and silence dissent.

Continue Reading

Publications

Latest

Trending