Connect with us


Cyber-Security Threat And Italian Resilience



There is a war out there, old friend. A world war. And it is not about who has got the most bullets. It is about who controls the information. What we see and hear, how we work, what we think…it is all about the information. (From the movie Sneakers, 1992)

Cyber security is today a matter which concernsorganisations, institutions and companies. It represents a war fought with a simple computer and can target anyone, anywhere, anytime. A war that does not involve the use of bombs, missiles and tanks; a silent war, which leaves neither marks nor fallen warriors, but which is capable of producing the same devastating results as a bombing. Thus, cyber warfare is the old war with new weapons.

In recent years, however, cybercrime has changed radically: at the beginning, independent and anarchist hackers of the 90’s organised themselves into professional groups but they were divided in two categories: those ones who pursued anarchist and political purposes – such as Snowden, Assange or Anonymous – and the other ones who pursued profit intents, such as most cyber-criminals.More recently, the arch-enemy has turned out to be a sovereign state, any terrorist organisation or a single hacker who steals identity, violates privacy and hunts for secrets to be disclosed.

The world at large is becoming increasingly connected and integrated andit inevitably leads to the need of benefitting from auniversal access to data and information. The dependence of the modern society on a system of a functional, secure and resistant networkentails the institution of a new operational domain, the cybernetic one, which must be preserved and defended. In 2012, the World Economic Forum in Davos already pinpointed cyber-attacks among the top five global threats due to their likelihood of occurrence.

In fact, the impact of cyber-attacks on networks and IT services can be outstandingly destructive and cause unpredictable consequences for the society as a whole.Furthermore, especially in recent years, there has been a transition from cybercrime, which affected private individuals, to attacks affecting and paralyzing the IT structures of entire country systems, as known as critical infrastructures.

Then, as well as the battlefor medical research inevitably stumbles on a new virus that requires a cutting edge therapy, also the exponential technological evolution of cyber weapons needsthe development of security countermeasures.

In the last annual report to the Parliament, the Italian Department and Security (DIS) has illustrated the most salient aspects of the cyber threat and the measures adopted by Italy to copy with this phenomenon.

In detail, DIS highlighted how the cyber threat still represents a privilegedtoolin attacking both public and private targets of strategic importance forthe country.Moreover, thanks to a constant and massive monitoring on Techniques, Tactics and Procedures (TTP) adopted by cyber-criminals, the Department has detected a progressive enhancement in the quality and complexity of cyber-attacks.

Hence, the primary challenge for DIS continues to be the contrast to cyber offensive operations through a strengthening of its countermeasures for protecting information systems.

The more a cyber-attack is well-identified, the more the countermeasures are effective. For this reason, the Department analyses the cyber threat by two aspects: potential targetsand perpetrators.

On the prospective of targets, in 2019,IT systems of central and local public administrations were the most affected, specifically 73 percent. The most noteworthy detail is that the attacks against central public administrations have increased by 10 percent, while those ones affecting local authorities have registered a 16 percent decrease. This privileged interest of cyber criminals against central public administrationsfinds its meaning in the great quantity of data managed by thesebodies.

Looking at the threat from the perspective of hostile actors, the Department pinpoints hacktivists as the principal perpetrators (73 percent), followed up by state-origin groups (12 percent) which have recorded a decrease compared to 2018.

This decrease, however, instead of an effective drop in state-origin attacks,might be the result ofa growing availability of malicious systems in the dark web which contribute to obscure the cyber-attackers identity.

DIS has acknowledged that technological development- along with its related challenges – has taken on a relevant geopolitical and geostrategic dimension, thus upholding the need to strengthen the cyber resilience of our country. By virtue of this latter purpose, the Department is strong-willed to manage the risks linked to the implementation of 5G technology, which could act as a backdrop of an abuse from hostile actors.

Furthermore, the most significant development recorded by the national cybersecuritystrategy has been the establishment of the “cyber security perimeter”: it identifies and protects public and private operators which have a key-role in the state market and usenetworks, information systems and IT services which, if attacked, would cause enormous damage to national security. The perimeter foresees:

notification of attacks, to ensure an immediate reaction from the structures involved;

security measures meant to boost the overall level of cybersecurity in Italy;

technological screening of ICT supplies belonging to specific, crucial categories;

inspection and sanctioning activities by the Presidency of the Council of Ministers and the Economic Development Ministry (MiSE), respectively for public and private subjects.

In 2019,the Italian Computer Security Incident Response Team (CSIRT) has been established within the Department of Intelligence and Security to tackle the cyber threat, according to the European Directive on security of Network and Information Systems (NIS) enacted in 2016 and adopted by Italy in 2018.

CSIRT aims to optimize the effectiveness of the country’s prevention and response to cyber-attacks against public and private targets, through led-in-depth analysis of risks and their management.

In case of a serious and imminent risk for national security connected to the vulnerability of networks, information systems and IT services, the Italian Premier is empowered to order – after deliberation by Inter-ministerial Committee for the Security of the Republic (CISR) – the total or partial deactivation of the devices employed in networks, systems or services involved.

The advent of new technologies and artificial intelligence has certainly contributed to the technological and economic development of single countries and it allows them to keep up with the world’s super powers. However, what could be considered as a quid pluris for a specific country, can result in the increased risk to be targeted by cyber-attacks with the intent of stealing sensitive data and knowledge.

Italy is facing this challenge through growing investments and sharpening its national security-architecture.

However, along with a national commitment in the sector, it is necessary to extend international cooperation in order to further ensure each state the security of own networks and interconnected systems.

After all, no nation is safe until every nation is safe.

Continue Reading


Biological warfare: A global security threat



Biological warfare is not a new concept in arena of international politics as it has been used as a tool to sabotage enemy in previous centuries. Biological weapons are a sub-category of Weapons of Mass destruction (WMDs) in which there is a deliberate use of micro-organisms like pathogens and toxins to cause disease or death in humans, livestock and yields.Form its usage in 14th century by Mongols to its usage by imperial Japan during 1930s-40s against Chinese, it has always been a threat to global security. The evolution of bio-weapons can be broadly categorized into four phases; first phase includes the post WWII developments with the evident use of chlorine and phosgene in Ypres.The second phase was marked by the use of nerve agents like tabun, cholinesterase inhibitor and anthrax and plague bombs. The initiation of third phase was marked by the use of biological weapons in Vietnam war during 1970s where deadly agents like Agent orange were used. 4th and last phase include the time of biological and technological revolution where genetic engineering techniques were at their peak. Traditionally they have been used in wartime in order to defeat enemy but with the emergence of violent non-state actors, bioterrorism is another potential threat to the security of states. There are certain goals that are associated with the use of biological weapons. Firstly, it is purposed to hit to economy of the targeted country, breaking down government authority and have a psychological effect on masses of the targeted population. It is also a kind of psychological warfare as it may hit a smaller number of people but leaves impact on wider audience through intimidation and spreading fear. It also creates natural circumstances under which a population is induced with disease without revealing the actual perpetrator.

With the advancement in genetic engineering techniques more lethal biological weapons are being produced everyday around the world. Countries which are economically deprived are more likely to pursue such goals as it is difficult for them to go for heavy military sophistication keeping into consideration their poor economic conditions. Biological weapons serve as inexpensive tool for developing countries to address their issues in prevailing international security environment. During the initial decades of cold war, united states of America (USA) and Soviet Union went for acquiring tons of biological weapons alongside nuclear proliferation.

 The quest for these weapons reduced during 1970s with the formation of Biological and Toxin Weapons Convention (BWC). This convention was presented in 1972 before countries and finally came into force in 1975 with 150 countries who signed this convention and 140 countries who fully joined this treaty. This convention prohibits any biological weaponization in order to promote peace and stability around the world. But this convention has obvious defects as it is unable to address many issues like it doesn’t prevents itself the use of biological weapons but just reinforces 1925 Geneva Protocol which forbids the use of bio-weapons. Convention allows ‘defensive research’ to which there are many objections that what is incorporated into this defensive research. It is non-binding to the signatory states and in case if countries are proliferating it lacks the effective oversight techniques to look after them either they are pursuing these biological weapons capabilities or not. Since the inception of this convention till now it has clearly failed in stopping the countries from acquisition as well as usage of these weapons. This is evident as there were many cases after 1975 where these weapons were used as in 1980s when Iraq used mustard gas, sarin and tabun against Iran and many other ethnic groups inside Iran. Another incident which was highlighted was Sarine nerve gas attack in Tokyo subway system leaving thousands injured and many got killed. In post-cold war era, however, the number of these attacks reduced as much attention was shifted to terrorism after 9/11 attacks with the change in global security architecture.

“Anthrax letters” in post 9/11 attacks revealed yet another dimension of bio-weapons which was the threat of bioterrorism from non-state actors. US became a victim of bio-terrorism when in 2001 a powder was transported through letters containing bacterium called anthrax infecting many people. One purpose which terrorists have is to make general masses feel as if they are unsafe in the hands of their government which can be best achieved through the use of these weapons. The fact that biological weapons are cheaper and more devastating than conventional weapons make it more likely for biological weapons to be used by terrorists. Also, the fact that they are easy to hide and transport and a smaller quantity can leave long-lasting impacts on larger population makes these weapons more appealing.  Now that we are facing a global pandemic in the form of COVID-19 which according to some conspiracy theories is a biological weapon pose even more serious challenge to the international security in coming decades. There is no such scientific research which proves Corona Virus as a biological weapon but the realization here is that whether or not it is a biological weapon but world was least prepared for it. Not only the developing countries but also developed states suffered more despite having enormous medical infrastructure. The fact that there has been decline in the incidents related to bioterrorism should never let us think that there is no possibility of such attacks. The fact that world failed to handle Covid-19 puts a question mark on the credibility of measures if we are faced with bio-terrorism. The medical community as well as general population needs to develop an understanding of how to respond if there is such attack. At the international level there is a dire need to develop some strong norms which discourage the development and use of such weapons in any capacity.    

Continue Reading


The ‘Post-Covid-19 World’ Will Never Come



On May 3rd, the New York Times bannered “Reaching ‘Herd Immunity’ Is Unlikely in the U.S., Experts Now Believe” and reported that “there is widespread consensus among scientists and public health experts that the herd immunity threshold is not attainable — at least not in the foreseeable future, and perhaps not ever.”

In other words: the ‘news’-sources that were opposing the governments’ taking action against Covid-19 — libertarian ’news’-sites that oppose governmental laws and regulations, regardless of the predominant view by the vast majority of the scientists who specialize in studying the given subject — are looking wronger all the time, as this “novel coronavirus” (which is what it was originally called) becomes less and less “novel,” and more and more understood scientifically.

The “herd immunity” advocates for anti-Covid-19 policies have been saying that governments should just let the virus spread until nature takes its course and such a large proportion of the population have survived the infection as to then greatly reduce the likelihood that an uninfected person will become infected. An uninfected person will increasingly be surrounded by people who have developed a natural immunity to the disease, and by people who don’t and never did become infected by it. The vulnerable people will have become eliminated (died) or else cured, and so they won’t be spreading the disease to others. That’s the libertarian ’solution’, the final solution to the Covid-19 problem, according to libertarians.

For example, on 9 April 2020, Forbes magazine headlined “After Rejecting A Coronavirus Lockdown, Sweden Sees Rise In Deaths” and reported that, “Sweden’s chief epidemiologist Anders Tegnell has continuously advocated for laid back measures, saying on Swedish TV Sunday that the pandemic could be defeated by herd immunity, or the indirect protection from a large portion of a population being immune to an infection, or a combination of immunity and vaccination. However, critics have argued that with a coronavirus vaccine could be more than a year away, and insufficient evidence that coronavirus patients that recover are immune from becoming infected again, the strategy of relying on herd immunity and vaccinations [is] ineffective.”

The libertarian proposal of relying upon “herd immunity” for producing policies against this disease has continued, nonetheless.

CNN headlined on 28 April 2020, “Sweden says its coronavirus approach has worked. The numbers suggest a different story”, and reported that 

On March 28, a petition signed by 2,000 Swedish researchers, including Carl-Henrik Heldin, chairman of the Nobel Foundation, called for the nation’s government to “immediately take steps to comply with the World Health Organization’s (WHO) recommendations.”

The scientists added: “The measures should aim to severely limit contact between people in society and to greatly increase the capacity to test people for Covid-19 infection.”

“These measures must be in place as soon as possible, as is currently the case in our European neighboring countries,” they wrote. “Our country should not be an exception to the work to curb the pandemic.”

The petition said that trying to “create a herd immunity, in the same way that occurs during an influenza epidemic, has low scientific support.”

Swedish authorities have denied having a strategy to create herd immunity, one the UK government was rumored to be working towards earlier on in the pandemic — leading to widespread criticism — before it enforced a strict lockdown.

FORTUNE magazine headlined on 30 July 2020, “How parts of India inadvertently achieved herd immunity”, and reported that, “Around 57% of people across parts of India’s financial hub of Mumbai have coronavirus antibodies, a July study found, indicating that the population may have inadvertently achieved the controversial ‘herd immunity’ protection from the coronavirus.” Furthermore:

Herd immunity is an approach to the coronavirus pandemic where, instead of instituting lockdowns and other restrictions to slow infections, authorities allow daily life to go on as normal, letting the disease spread. In theory, enough people will become infected, recover, and gain immunity that the spread will slow on its own and people who are not immune will be protected by the immunity of those who are. University of Chicago researchers estimated in a paper published in May that achieving herd immunity from COVID-19 would require 67% of people to be immune to the disease. Mayo Clinic estimates 70% of the U.S. population will need to be immune for the U.S. to achieve herd immunity, which can also be achieved by vaccinating that proportion of a population.

On 27 September 2020, Reuters bannered “In Brazil’s Amazon a COVID-19 resurgence dashes herd immunity hopes”, and reported that, “The largest city in Brazil’s Amazon has closed bars and river beaches to contain a fresh surge of coronavirus cases, a trend that may dash theories that Manaus was one of the world’s first places to reach collective, or herd, immunity.”

Right now, the global average of Covid-19 intensity (total cases of the disease thus far) is 19,693 persons per million population. For examples: Botswana is barely below that intensity, at 19,629, and Norway is barely above that intensity, at 20,795. Sweden is at 95,905, which is nearly five times the global average. Brazil is 69,006, which is around 3.5 times worse than average. India is 14,321, which is slightly better than average. USA is 99,754.  

However, the day prior, on May 2nd, America had 30,701 new cases. Brazil had 28,935. Norway had 210. India had 370,059. Sweden’s latest daily count (as-of May 3rd) was 5,937 on April 29th, 15 times Norway’s 385 on that date. Sweden’s population is 1.9 times that of Norway. India’s daily count is soaring. Their population is four times America’s, but the number of new daily cases in India is twelve times America’s. Whereas India has had only one-seventh as much Covid-19 intensity till now, India is soaring upwards to become ultimately, perhaps, even worse than America is on Covid-19 performance. And Brazil is already almost as bad as America, on Covid-19 performance, and will soon surpass America in Covid-19 failure.

There is no “herd immunity” against Covid-19, yet, anywhere. It’s just another libertarian myth. But libertarians still continue to believe it — they refuse to accept the data.

Continue Reading


Application of Cyber Security: A Comparative Analysis of Pakistan and India



In today’s world, communication is controlled by the internet. The Internet is what links the communication protocol of a state to its cyber domain. Cyber security encompasses techniques, technologies, methods and blueprints made to secure networking systems from potential cyber-attacks. Efficient systems of cyber security therefore mitigate and reduce the danger of network systems being attacked or accessed by unauthorized systems.

Despite the existence of such robust networks and security protocols, the exploit of such systems is always a click away, due to the integration of the internet as a worldwide network, and in times of global outbreaks and crisis, internet activity also inevitably increases. This was particularly observable with the spread of the Covid-19 as a global pandemic, which also saw an increase in over-the-web activity, and gave a new breathing space for cyber-criminals. According to estimates, Covid-19, as a pandemic, can already be classified as the largest ever existing threat to cyber-security across the globe, since the induction of the world wide web as a global chain of networks. Thus, it would be fair to say that the effects of the covid-19 were not selectively felt by developing states only, but also encapsulated great powers of the contemporary era.

While contextualizing Pakistan and India in the cyber-security debate following the events of the covid-19 scenario, the trend in increased virtual cyber-attacks and espionage was no different to the rest of the world. The real question mark lies in the ability of both countries to effectively deal with the overwhelming cyber-activity in the post-pandemic era. The government of Pakistan established the National Center for Cyber Security (NCCS) in June 2018, and continues to strengthen its cyber-security domain, with a dynamic change in policy making, centric to cybersecurity and threats to cybersecurity from its immediate adversary, India. The current Prime Minister of Pakistan, Mr. Imran Khan, also launched ‘Digital Pakistan Vision’, with the primary   objectives of  increasing connectivity, rectifying digital infrastructure, and investing in the awareness of digital skills and promotion of entrepreneurship. Pakistan also approved the first ‘Digital Pakistan Policy’, aiming to focus on investment opportunities by IT companies and building the framework necessary for a digital ecosystem. Although a sustained effort has been made to strengthen the cyber-domain of Pakistan, there are many technicalities and loopholes that must be addressed with high priority. One, the lack of an effective communication method, that is free from external intrusion, and allows for the restriction of unwanted network traffic on its master server. In more recent times, an intrusion occurred during the webinar of Institute of   Strategic Studies (ISSI) due to non-encrypted internet connection, which allowed unspecified individuals access to the digital webinar. Two, the lack of stable internet connectivity, which prevents effective implementation of security protocols and acts as a hindrance to critical data packets, that must be sent between cyber-security officials in an event of a cyber-attack or espionage of any degree. Three, the existence of exploitable source code in key governmental websites and pages that are always prone to cyber-attacks, and must be revisited in the near future.

On the other hand, India saw a 37% in cyber-activity in the wake of the covid-19 pandemic; an eye-opener for state officials, who have prioritized cybersecurity as the next immediate threat to Indian National Security. In recent developments, India has also launched several directives to its cyber-security strategy in the post-pandemic era, including the initiative launched by The Ministry of Electronics and Information Technology (MEITY), namely ‘Cyber Surakshit Bharat’ with the coordination and support of the  National E-Governance Division. According to MIETY, 44 training and mock drills are being given to 265 organizations from different states of the world, a landmark achievement in Indian cyber-security history. However, just like its South Asian neighbor Pakistan, India is also equally overwhelmed by the threat and emergence of hostile cyber-activity. With a 45% ratio of internal cyber attacks, and a 38% ratio of external intrusions from proposed adversaries, China and North Korea, India has strengthened its ties with Israel to revamp its cyber-security strategy,  in order to mitigate the immediate threat to its cyber-domain, both internally and externally.

Conclusion and Recommendations

There is an immediate need to extend and further research the cyber capabilities of both Pakistan and India, which would primarily define the different types of technologies and how they are being actively made a part of the National security policy of both Pakistan and India. These efforts must be the immediate need of the hour, with the uncertainty of the Covid-19 and its irregular patterns becoming an inevitable fate of regional and global politics, in the times to come. While India seems to have its primary bases covered, there is no denying that the Covid-19 pandemic did not have a sparing effect on its cyber-domain, either, leaving the door open for Pakistan to make significant improvements to its cyber domain and cyber-security strategy, in order to effectively deter the threat faced from its adversary. Moreover, Pakistan can also seek inspiration from a potential integrated tri-service defense cyber strategy, that is being highly considered by Indian cyber-security and state officials, which would aid in keeping any form of cyber-hostility at bay in upcoming times.

Continue Reading