Connect with us

Science & Technology

Russian Cyber Sovereignty: One Step Ahead

Published

on

Authors: Alexander Tabachnik  and Lev Topor*

Cyber warfare is becoming more prominent and frequent than ever before in the international arena. Struggle for hegemony, influence and power pushes international actors, mainly states, into developing their cyber capabilities to spy, sabotage and influence other actors. Globalization and the proliferation of knowledge, know-how, expertise and technology in general have made cyber warfare relatively cheap and easy to execute in comparison with conventional warfare. In fact, international law regarding cyber warfare, specifically the lack of it, as well as newly emerging norms between states, have made cyber warfare especially lucrative. That is, since there are no biding norms or laws regarding cyber operations, and since it is extremely difficult to attribute a cyber attack with a real attacker, traditional military or economic punishment is difficult to justify. This makes deterrence slow, blunt and ineffective.

In this article, we seek to discuss the importance of the Russian cyber domain and its position in the international struggle for power, influence and national security. Specifically, we argue that Russia’s cyber domain acts as a barrier from foreign cyber operations, especially since the West has escalated its operations against Russia in recent years. We also argue that in the field of national security and national interests within the cybersphere, Russia has an advantage over other powers such as the United States or the United Kingdom. Further, we elaborate and discuss the structure, vulnerabilities and importance of cyberspace in international relations, as well as the current state of Russia’s defensive cyber domain.

Less-regulated cyber domains, such as those of the U.S. and UK, are vulnerable and prone to foreign attacks not only by their adversaries but by rogue and anonymous hacking groups and cyber criminals [1]. Interestingly, clandestine surveillance programs such as the American Presidential Policy Directive 20 (PPD-20), which was leaked by Edward Snowden in 2013, allows the U.S. to spy on citizens and foreigners, but not to completely protect itself from cyber operations. It is difficult to guarantee both security and privacy. However, since cyber attacks are on the rise, should security not come first?

Interestingly, in that regard, the Russian cyber domain is “one step ahead” of other international actors, mainly global powers such as the U.S., the UK, most of the European Union and others. Due to the problem of attribution and the increase in the practice of cyber warfare, Russia perceives the cyber domain, cyberspace, as a threat to Russian national security and stability. On the one hand, the U.S. unsuccessfully tried to present the norm of privacy as more important than security and executed espionage and regulations with hiding initiatives such as PPD-20. On the other hand, Russia acted with transparency when it placed the norm of security ahead of privacy and accordingly changed its regulation of the cyber domain. Indeed, criticism has been raised over recent Russian initiatives such as the Yarovaya Law or the Sovereign Internet Law. The criticism and concerns are legitimate. However, we argue that in respect to the international struggle over power and security Russia has the lead over Western powers. Philosophically speaking, what good is privacy if there is no national security. Moreover, Russian privacy is undermined by foreign forces (i.e., States, cyber criminals) that spy and exert influence.

Cyberspace: Structure and Vulnerabilities

Cyberspace is complex and ubiquitous. By the definition of the U.S. Joint Chief of Staff (JCS), cyberspace is “the domain within the information environment that consists of the interdependent network of information technology (IT) infrastructures and resident data. It includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers.” Moreover, the U.S. JCS refers mostly to the operational level of virtual cyber operations. At the same time, in practice, cyberspace is comprised of several layers, each with its own unique characteristics. Each layer facilitates and acts as the infrastructure for the next one. Thus, as suggested by Yochai Benkler or by Nazli Choucri and David D. Clark, there are four layers to cyberspace; the physical foundations, the logic layer, the information layer, and the users. These layers affect IR and IR affects them.

The physical layer of cyberspace is the infrastructure. It consists of the physical elements which are necessary for the function of the internet. Fiber optic cables, nodes of cables, satellites, cellular towers, servers, computers, and other physical components all serve as a base for the next layer (the logic). Fiber optic cables are of great importance since they interwind the world with mostly submarine cables. These cables make up approximately 95% of the intercontinental telecommunications traffic, with the rest being satellite communication used for military and research. Without such an extensive layout, the internet would have been in use only by state actors and not the general public, globally. The vulnerabilities of this layer lie within the physical elements themselves – cables can be cut, damaged, hacked, eavesdropped. Furthermore, physical damage is difficult to repair (in most cases) as it requires special ships and equipment. In the ce of satellite damage, a new one would probably be needed. Repairs are difficult and expensive.

The next layer is logical. The central nervous system of cyberspace is responsible for routing information and data, from clients to servers and back to clients. This happens through systems such as the domain name system (DNS), Transmission Control Protocol (TCP), internet protocols (IP), browsers, software that makes use of physical foundations, and websites, to name key examples. The vulnerabilities of this layer are numerous, while manipulations to the communication systems and denial of service (DoS) are just a few examples.

For instance, in regard to the physical and logical layer, Russia was accused of attacking the American power grid. The U.S., as it was mentioned earlier, also attacked the Russian power grid. Another example is that during the Cold War, American ships and submarines conducted espionage and eavesdropping operations on Soviet undersea communication cables. Today, both the U.S., Russia, China, and other capable powers conduct underwater espionage operations.

Next is the information layer, comprised of encoded text, photos, videos, audio, and any kind of data stored, transmitted, and transformed through the IPs. The main vulnerability of this layer is the information itself, which is susceptible to manipulation by malicious or unwanted means such as disinformation material and malware. Foreign actors can also steal valuable and protected information. Needless to mention that all of the mentioned types of information can be manipulated and adapted as needed for cyber operations.

The final layer consists of the users who shape the cyberspace experience and its nature by communicating with each other, creating and spreading content. The main vulnerability of the users are other manipulative users (i.e., foreign agents, criminals, terrorists). In this regard, for instance, the global Covid-19 crisis has also seen an “infodemic” alongside it. A “global battle of narratives” is taking place, as argued by the European Union High Representative for Foreign Affairs and Security Policy, Josep Borrell, on March 24, 2020. China is accused of promoting theories suggesting that the American Army was responsible for introducing the disease while visiting Wuhan in October 2019. Thus, while the outbreak might have occurred in Wuhan, this kind of disinformation campaign shifted the perception of origin away from China and blamed the virus on the U.S. “Not wishing to waste a good crisis,” China (as well as others) is promoting an intelligent and data-driven campaign against its global adversaries.

Cyber Warfare: A Tool of International Security

Since Westphalia, states longed to preserve their sovereignty. States, especially great powers, usually prefer to avoid conventional conflict and to avoid MAD (Mutual Assured Destruction), as was experienced during the Cold War. Whenever states do intervene in the affairs of others, they do so to acquire territory, domains or power to protect ethnonational groups, as well as economic, military or diplomatic interests. States also intervene due to ideological reasons and, lastly, to keep or adjust the regional or global balance of power. Hence, cyberspace serves as the perfect domain to avoid conventional military conflict and even a MAD situation while trying to obtain the reasons for intervention. Thus, states and other IR actors do so by using cyber warfare strategies and tactics.

Cyber warfare could be broadly defined as the use of cyber weapons and other systems and means in cyberspace for the purpose of injury, death, damage, destruction or influence of international actors and/or objects. Acts of cyber warfare can be executed by all types of IR actors, including individuals, organizations, companies, states, and state proxies. Cyber warfare is an integrated part of the defense and offense strategy used by many international actors. Russian military officials do not use the term “cyber warfare” as a standalone term. They prefer to conceptualize it within a wider framework of information warfare – a holistic approach which includes, inter alia, computer network operations, electronic warfare, and psychological and informational operations.

Regarding IR and international security (IS), cyber warfare can be viewed from two different perspectives. A revolutionary perspective and an evolutionary one. From a revolutionary perspective, cyber warfare and cyber weapons are a revolution of military affairs to some extent, in the same way that sailors once perceived the development and widespread of airplanes. That is, much like airplanes, cyber weapons can transform strategies and shift the balance of power in the international arena. From an evolutionary perspective, cyber warfare and cyber weapons serve merely as a tactical development with no drastic strategic changes. As mentioned before, IR actors still seek power and influence over others and are willing to fight over it, as they did for centuries. We assume that the Russian approach to the cyber domain can be defined as evolutionary. This argument was also proven to be valid for the term “Hybrid Warfare,” as recently published by Vassily Kashin.

Generally, the arsenal of cyber warfare tactics includes acts of espionage, propaganda, denial of service, data modification and infrastructure manipulation or sabotage. Further, according to the Tallinn Manual on The International Law Applicable to Cyber Operations, some tactics such as espionage or data modification and false information spread are not illegal. At the same time, cyber attacks can be regarded as kinetic attacks and retaliation can be justified only if the victim can reveal the true and full details of the perpetrator — a very limited and rare phenomenon nowadays.

Consequently, the characteristics of cyber tactics make them very attractive for use. Countries like the U.S., UK, Russia, China, smaller regional powers such as Israel or Iran, rogue states like North Korea and even terror organizations and human rights organizations are all shifting towards cyberspace.

Russian Cyber Sovereignty: A Barrier Against Foreign Influence

Russian authorities perceive cyberspace as a major threat to Russian national security, stability as the flow of information in cyberspace could undermine the regime. Social networks, online video platforms, secure messaging applications and foreign-based internet mass-media remain a great concern as Moscow has no control over information on these platforms, which are either created or influence by Russia’s global competitors such as the U.S. or the UK. Yet, as we show, cyberspace is a domain only partly controlled by the authorities, enabling a relatively free flow of information while Russia still seeks to take some necessary precautions.

Russian authorities, through legislation and cyber regulation, strive to control Russian cyberspace in order to prevent or deter, as much as possible, the dissemination of information which may mar the positive representation of its regime, or any activity which may endanger the regime’s stability. Therefore, Russian authorities seek to control the content of the information layer and the information circulating in Russian cyberspace.

Generally, Russian legislation directed at control over domestic cyberspace consists of two major categories, which are also interconnected. These categories can be defined as legal-technological and legal-psychological. The most prominent legal-technological efforts by Russian authorities consist of the following measures: the Yarovaya Law; Russia’s “sovereign internet” law; SORM system’s installation mandatory; and the law making Russian applications mandatory on smartphones or other devices. Simultaneously, the legal-psychological efforts consist of the three major measures: “disrespect law”; “fake news” law; and the new “foreign agent” law. As further explained, these are meant to pressure Russians and others from spreading disinformation from within.

The Yarovaya Law obliges provision of encryption/decryption keys (necessary for decoding transmitted electronic messages/information) to Russian special services (such as the FSB) upon request by distributors of information such as internet and telecom companies, messengers and other platforms that allow the exchange of information. Moreover, according to this law, Big Data attributed to activity in Russian cyberspace must be stored in Russian territory, while the special services should have unrestricted access to this data [2]. For example, companies like Facebook or Google must store information concerning data and activities of their Russian users in Russian territory and provide unrestricted access to the Russian special services.

Furthermore, the Decree of the Government of the Russian Federation from April 13, 2005, (number 214) with changes from October 13, 2008, regarding SORM (Russia’s System of Operational-Investigatory Measures), requires telecommunication operators to install equipment provided by the FSB. This allows the FSB and other security services to monitor unilaterally and unlimitedly, without a warrant, users’ communications metadata and content. This includes web browsing activity, emails, phone calls, messengers, social media platforms and so on. Moreover, the system has the capability of Deep Packet Inspection (DPI). Thus, the SORM system is one of the major tools helping implement and regulate the Yarovaya Law. While the Yarovaya Law is criticized by many for harming citizens’ privacy, it could be extremely effective for its initial and official purpose, which is counter-terrorism and foreign missionary interventions.

On December 2, 2019, Russian President Vladimir Putin signed a legislation bill requiring all computers, smartphones and smart devices sold in Russia to be pre-installed with Russian software. Afterwards, the government announced a list of applications developed in Russia that would need to be installed on the mentioned categories of devices. This legislation came into force on July 1, 2020. Apparently, an initiative will be promoted later on, calling to register devices with government-issued serial numbers. This will allow Moscow to tighten control over end-users through regulation, monitoring and surveillance. These kinds of laws can help Russia avoid the need to rely on technology companies for crime and terror forensics. For instance, such cases took place in the U.S., for instance, after the December 2019 terror attack at a Navy base in Florida.

On May 1, 2019, President Vladimir Putin signed the law on Russia’s “Sovereign Internet,” effectively creating the “RuNet” — Russia’s internal internet. The goal of this law is to enable the Russian internet to operate independently from the World Wide Web if and when requested by Moscow. In practice, this “kill switch” allows Russia to operate an intranet, a restricted regional network such in use by large corporations or militaries. This network gives authorities the capacity to deny access to parts of the internet in Russia, potentially ranging from cutting access to particular Internet Service Providers (ISPs) through cutting all internet access in Russia.” With risks of foreign cyber operations such as disinformation or even physical eavesdropping, this “kill switch” can prevent Russia from suffering a dangerous offensive. This can also mean that Russia could initiate cyber warfare but keep itself protected, at least from outside threats.

At the same time, the legal-psychological efforts consist of three laws directed at the prevention of distribution of unreliable facts and critique directed at the government’s activities and officials. For example, the law which regulates “disrespect” allows courts to fine and imprison people for online mockery of the government, its officials, human dignity and public morality. This law is relevant to the dissemination of information through informational-telecommunication networks. Additionally, the “fake news” law also outlaws the dissemination of what the government defines to be “fake news” – unreliable socially significant information distributed under the guise of reliable information.

These laws give Roskomnadzor (The Federal Service for Supervision of Communications, Information Technology and Mass Media) and the Kremlin’s censorship agency to remove unreliable content from the web. Moreover, the law prescribes heavy fines for knowingly spreading fake news and prescribes ISPs to deny access to websites disseminating fake news in the pretrial order following an appropriate decision issued by Roskomnadzor. Effectively, this puts a negative incentive to cooperate with foreign propaganda campaigns or other unwanted forces.

Next, the “Foreign Agent” law applies to any individual who distributes information on the internet and is funded by foreign sources. Interestingly, YouTube channels can be defined as such. According to this law, Russian citizens and foreigners can be defined as foreign agents. Consequently, all materials (including posts on social media) published by an individual who receives funds from non-Russian sources must be labeled as foreign agents. The commission of the Ministry of Justice and the Ministry of Foreign Affairs are endowed with powers to recognize individuals as foreign agents. Consequently, foreign agents will be obliged to create a legal entity and mark messages with a special mark.

Furthermore, individual foreign agents are subject to the same requirements as non-profit organizations recognized as foreign agents (the law regarding non-profit organizations was adopted in 2012). Therefore, foreign agents will be obliged to provide data on expenditures and audits regarding their activities to the Ministry of Justice. It should be noted that these administrative obligations are time consuming, complicated and expensive — they are aimed to discourage foreign agents from their activities. Overall, the purpose of the legal-psychological efforts is to discourage the population from participating in any king of anti-government activities in cyberspace. This law is of similar nature to the Foreign Agents Registration Act (FARA) enacted by the U.S. in 1938.

Conclusion: Structural Advantage and Strategic Superiority

In her article from August 25, 2017, Maria Gurova asked, “How to Tame the Cyber Beast?” Since offensive cyber operations are becoming more prominent and frequent, including cyber crime and cyber terrorism, and since these attacks are becoming more political, Russia chose to protect itself from foreign forces and global adversaries by regulating and monitoring its cyber domain directly, in contrast to Western proxy regulation practices. Interestingly, it has also created a “Kill Switch” which, if threatened by foreign forces, will allow the RuNet to keep internal internet connection — a significant need, especially for the largest country in the world. In fact, while other, less strategically sophisticated, countries will have to rely on outdated means of communication in the case of a major cyber attack, Russia can remain relatively safe and connected.

The negative aspect of the aforementioned regulation is the incompatibility to Western norms, mainly to the General Data Protection Regulation (GDPR) and the European Court of Human Rights (ECHR) decisions. This incompatibility can undermine Russian economic and socio-political relations and developments with the U.S., UK and EU, pushing Western hi-tech companies away. These regulations may also harm freedom of speech in the Russian cyber domain, as users may feel threatened to criticize the authorities. This is despite the fact that the regulations are to be implemented mostly on security-related issues. However, Western proxy regulation practices are having trouble addressing this issue as well.

All in all, Russia has the lead over Western powers — it controls all of its own cyberspace layers. In fact, as an international actor, Russia has an offensive and defensive strategic edge over its global competition. As articulated in this article, Russia has built a strategic “firewall” against foreign cyber attacks. Currently, there is no binding international law that forbids cyber attacks. In this case, the anarchy in IR and IS must be dealt with domestic solutions by each international actor. For instance, it was reported that the American Central Intelligence Agency conducted offensive cyber operations against Russia and others after a secret Presidential order in 2018. Of course, Russia had also conducted cyber and hybrid operations against its global adversaries. A U.S. special report from August 2020 concluded that Russia had created an entire ecosystem of cyber operations. This means that while Russia has a relatively secure infrastructure, the U.S., with no proper regulations, is one step behind. In this regard, China is also a step ahead of the U.S. and the EU.

*Lev Topor, PhD, Senior Research Fellow, Center for Cyber Law and Policy, University of Haifa, Israel

[1] We ask to clarify that the U.S. and the UK do regulate their cyber domains extensively. However, they mainly focus on privacy and not security and conduct some regulation through Public-Private Partnerships (PPP). For more, see Madeline Carr or Niva Elkin-Koren and Eldar Haber.

[2] Metadata is stored for a period of one year and data (messages of internet users, voice information, images, sounds, video etc.) for a period of six months.

From our partner RIAC

Continue Reading
Comments

Science & Technology

At Last A Malaria Vaccine and How It All Began

Published

on

A health worker vaccinates a man against the Ebola virus in Beni, eastern Democratic Republic of the Congo. (file photo) World Bank/Vincent Tremeau

This week marked a signal achievement.  A group from Oxford University announced the first acceptable vaccine ever against malaria.  One might be forgiven for wondering why it has taken so long when the covid-19 vaccines have taken just over a year … even whether it is a kind of economic apartheid given that malaria victims reside in the poorest countries of the world.

It turns out that the difficulties of making a malaria vaccine have been due to the complexity of the pathogen itself.  The malarial parasite has thousands of genes; by way of comparison, the coronavirus has about a dozen.  It means malaria requires a very high immune response to fight it off.  

A trial of the vaccine in Burkina Faso has yielded an efficacy of 77 percent for subjects given a high dose and 71 percent for the low-dose recipients.  The World Health Organization (WHO) had specified a goal of 75 percent for effective deployment in the population.  A previous vaccine demonstrated only 55 percent effectiveness.  The seriousness of the disease can be ascertained from the statistics.  In 2019, 229 million new malaria infections were recorded and 409 thousand people died.  Moreover, many who recover can be severely debilitated by recurring bouts of the disease.

Vaccination has an interesting history.  The story begins with Edward Jenner.  A country doctor with a keen and questioning mind, he had observed smallpox as a deadly and ravaging disease.  He also noticed that milkmaids never seemed to get it.  However, they had all had cowpox, a mild variant which at some time or another they would have caught from the cows they milked.

It was 1796 and Jenner desperate for a smallpox cure followed up his theory, of which he was now quite certain, with an experiment.  On May14, 1796 Jenner inoculated James Phipps, the eight-year-old son of Jenner’s gardener.  He used scraped pus from cowpox blisters on the hands of Sarah Nelmes, a milkmaid who had caught cowpox from a cow named Blossom.  Blossom’s hide now hangs in the library of St. George’s Hospital, Jenner’s alma mater. 

Phipps was inoculated on both arms with the cowpox material.  The result was a mild fever but nothing serious.  Next he inoculated Phipps with variolous material, a weakened form of smallpox bacteria often dried from powdered scabs.  No disease followed, even on repetition.  He followed this experiment with 23 additional subjects (for a round two dozen) with the same result.  They were all immune to smallpox.  Then he wrote about it. 

Not new to science, Edward Jenner had earlier published a careful study of the cuckoo and its habit of laying its eggs in others’ nests.  He observed how the newly hatched cuckoo pushed hatchlings and other eggs out of the nest.  The study was published resulting in his election as a Fellow of the Royal Society.  He was therefore well-suited to spread the word about immunization against smallpox through vaccination with cowpox. 

Truth be told, inoculation was not new.  People who had traveled to Constantinople reported on its use by Ottoman physicians.  And around Jenner’s time, there was a certain Johnny Notions, a self-taught healer, who used it in the Shetland Isles then being devastated by a smallpox epidemic.  Others had even used cowpox earlier.  But Jenner was able to rationally formalize and explain the procedure and to continue his efforts even though The Royal Society did not accept his initial paper.  Persistence pays and finally even Napoleon, with whom Britain was at war, awarded him a medal and had his own troops vaccinated. 

Continue Reading

Science & Technology

The Dark Ghosts of Technology

Published

on

Last many decades, if accidently, we missed the boat on understanding equality, diversity and tolerance, nevertheless,  how obediently and intentionally we worshiped the technology no matter how dark or destructive a shape it morphed into; slaved to ‘dark-technology’ our faith remained untarnished and faith fortified that it will lead us as a smarter and successful nation.

How wrong can we get, how long in the spell, will we ever find ourselves again?

The dumb and dumber state of affairs; extreme and out of control technology has taken human-performances on ‘real-value-creation’ as hostage, crypto-corruption has overtaken economies, shiny chandeliers now only cast giant shadows, tribalism nurturing populism and  socio-economic-gibberish on social media narratives now as new intellectualism.

Only the mind is where critical thinking resides, not in some app.   

The most obvious missing link, is theabandonment of own deeper thinking. By ignoring critical thinking, and comfortably accepting our own programming, labeled as ‘artificial intelligence’ forgetting in AI there is nothing artificial just our own ‘ignorance’ repackaged and branded.  AI is not some runaway train; there is always a human-driver in the engine room, go check. When ‘mechanized-programming, sensationalized by Hollywood as ‘celestially-gifted-artificial-intelligence’ now corrupting global populace in assuming somehow we are in safe hands of some bionic era of robotized smartness. All designed and suited to sell undefined glittering crypto-economies under complex jargon with illusions of great progress. The shiny towers of glittering cities are already drowning in their own tent-cities.

A century ago, knowing how to use a pencil sharpener, stapler or a filing cabinet got us a job, today with 100+ miscellaneous, business or technology related items, little or nothing considered as big value-added gainers. Nevertheless, Covidians, the survivors of the covid-19 cruelties now like regimented disciples all lining up at the gates.  There never ever was such a universal gateway to a common frontier or such massive assembly of the largest mindshare in human history.

Some of the harsh lessons acquired while gasping during the pandemic were to isolate techno-logy with brain-ology.  Humankind needs humankind solutions, where progress is measured based on common goods. Humans will never be bulldozers but will move mountains. Without mind, we become just broken bodies, in desperate search for viagra-sunrises, cannabis-high-afternoons and opioid-sunsets dreaming of helicopter-monies.

Needed more is the mental-infrastructuring to cope with platform economies of global-age and not necessarily cemented-infrastructuring to manage railway crossings. The new world already left the station a while ago. Chase the brain, not the train.  How will all this new thinking affect the global populace and upcoming of 100 new National Elections, scheduled over the next 500 days? The world of Covidians is in one boat; the commonality of problems bringing them closer on key issues.

Newspapers across the world dying; finally, world-maps becoming mandatory readings of the day

Smart leadership must develop smart economies to create the real ‘need’ of the human mind and not just jobs, later rejected only as obsolete against robotization. Across the world, damaged economies are visible. Lack of pragmatic support to small medium businesses, micro-mega exports, mini-micro-manufacturing, upskilling, and reskilling of national citizenry are all clear measurements pointing as national failures. Unlimited rainfall of money will not save us, but the respectable national occupationalism will.  Study ‘population-rich-nations’ and new entrapments of ‘knowledge-rich-nations’ on Google and also join Expothon Worldwide on ‘global debate series’ on such topics.

Emergency meetings required; before relief funding expires, get ready with the fastest methodologies to create national occupationalism, at any costs, or prepare for fast waves of populism surrounded by almost broken systems. Bold nations need smart play; national debates and discussions on common sense ideas to create local grassroots prosperity and national mobilization of hidden talents of the citizenry to stand up to the global standard of competitive productivity of national goods and services.

The rest is easy

Continue Reading

Science & Technology

China and AI needs in the security field

Published

on

On the afternoon of December 11, 2020, the Political Bureau of the Central Committee of the Communist Party of China (CPC) held the 26th Collective Study Session devoted to national security. On that occasion, the General Secretary of the CPC Central Committee, Xi Jinping, stressed that the national security work was very important in the Party’s management of State affairs, as well as in ensuring that the country was prosperous and people lived in peace.

In view of strengthening national security, China needs to adhere to the general concept of national security; to seize and make good use of an important and propitious period at strategic level for the country’s development; to integrate national security into all aspects of the CPC and State’s activity and consider it in planning economic and social development. In other words, it needs to builda security model in view of promoting international security and world peace and offering strong guarantees for the construction of a modern socialist country.

In this regard, a new cycle of AI-driven technological revolution and industrial transformation is on the rise in the Middle Empire. Driven by new theories and technologies such as the Internet, mobile phone services, big data, supercomputing, sensor networks and brain science, AI offers new capabilities and functionalities such as cross-sectoral integration, human-machine collaboration, open intelligence and autonomous control. Economic development, social progress, global governance and other aspects have a major and far-reaching impact.

In recent years, China has deepened the AI significance and development prospects in many important fields. Accelerating the development of a new AI generation is an important strategic starting point for rising up to the challenge of global technological competition.

What is the current state of AI development in China? How are the current development trends? How will the safe, orderly and healthy development of the industry be oriented and led in the future?

The current gap between AI development and the international advanced level is not very wide, but the quality of enterprises must be “matched” with their quantity. For this reason, efforts are being made to expand application scenarios, by enhancing data and algorithm security.

The concept of third-generation AI is already advancing and progressing and there are hopes of solving the security problem through technical means other than policies and regulations-i.e. other than mere talk.

AI is a driving force for the new stages of technological revolution and industrial transformation. Accelerating the development of a new AI generation is a strategic issue for China to seize new opportunities in the organisation of industrial transformation.

It is commonly argued that AI has gone through two generations so far. AI1 is based on knowledge, also known as “symbolism”, while AI2 is based on data, big data, and their “deep learning”.

AI began to be developed in the 1950s with the famous Test of Alan Turing (1912-54), and in 1978 the first studies on AI started in China. In AI1, however, its progress was relatively small. The real progress has mainly been made over the last 20 years – hence AI2.

AI is known for the traditional information industry, typically Internet companies. This has acquired and accumulated a large number of users in the development process, and has then established corresponding patterns or profiles based on these acquisitions, i.e. the so-called “knowledge graph of user preferences”. Taking the delivery of some products as an example, tens or even hundreds of millions of data consisting of users’ and dealers’ positions, as well as information about the location of potential buyers, are incorporated into a database and then matched and optimised through AI algorithms: all this obviously enhances the efficacy of trade and the speed of delivery.

By upgrading traditional industries in this way, great benefits have been achieved. China is leading the way and is in the forefront in this respect: facial recognition, smart speakers, intelligent customer service, etc. In recent years, not only has an increasing number of companies started to apply AI, but AI itself has also become one of the professional directions about which candidates in university entrance exams are worried.

According to statistics, there are 40 AI companies in the world with a turnover of over one billion dollars, 20 of them in the United States and as many as 15 in China. In quantitative terms, China is firmly ranking second. It should be noted, however, that although these companies have high ratings, their profitability is still limited and most of them may even be loss-making.

The core AI sector should be independent of the information industry, but should increasingly open up to transport, medicine, urban fabric and industries led independently by AI technology. These sectors are already being developed in China.

China accounts for over a third of the world’s AI start-ups. And although the quantity is high, the quality still needs to be improved. First of all, the application scenarios are limited. Besides facial recognition, security, etc., other fields are not easy to use and are exposed to risks such as 1) data insecurity and 2) algorithm insecurity. These two aspects are currently the main factors limiting the development of the AI industry, which is in danger of being prey to hackers of known origin.

With regard to data insecurity, we know that the effect of AI applications depends to a large extent on data quality, which entails security problems such as the loss of privacy (i.e. State security). If the problem of privacy protection is not solved, the AI industry cannot develop in a healthy way, as it would be working for ‘unknown’ third parties.

When we log into a webpage and we are told that the most important thing for them is the surfers’ privacy, this is a lie as even teenage hackers know programs to violate it: at least China tells us about the laughableness of such politically correct statements.

The second important issue is the algorithm insecurity. The so-called insecure algorithm is a model that is used under specific conditions and will not work if the conditions are different. This is also called unrobustness, i.e. the algorithm vulnerability to the test environment.

Taking autonomous driving as an example, it is impossible to consider all scenarios during AI training and to deal with new emergencies when unexpected events occur. At the same time, this vulnerability also makes AI systems permeable to attacks, deception and frauds.

The problem of security in AI does not lie in politicians’ empty speeches and words, but needs to be solved from a technical viewpoint. This distinction is at the basis of AI3.

It has a development path that combines the first generation knowledge-based AI and the second generation data-driven AI. It uses the four elements – knowledge, data, algorithms and computing power – to establish a new theory and interpretable and robust methods for a safe, credible and reliable technology.

At the moment, the AI2 characterised by deep learning is still in a phase of growth and hence the question arises whether the industry can accept the concept of AI3 development.

As seen above, AI has been developing for over 70 years and now it seems to be a “prologue’.

Currently most people are not able to accept the concept of AI3 because everybody was hoping for further advances and steps forward in AI2. Everybody felt that AI could continue to develop by relying on learning and not on processing. The first steps of AI3 in China took place in early 2015 and in 2018.

The AI3 has to solve security problems from a technical viewpoint. Specifically, the approach consists in combining knowledge and data. Some related research has been carried out in China over the past four or five years and the results have also been applied at industrial level. The RealSecure data security platform and the RealSafe algorithm security platform are direct evidence of these successes.

What needs to be emphasised is that these activities can only solve particular security problems in specific circumstances. In other words, the problem of AI security has not yet found a fundamental solution, and it is likely to become a long-lasting topic without a definitive solution since – just to use a metaphor – once the lock is found, there is always an expert burglar. In the future, the field of AI security will be in a state of ongoing confrontation between external offence and internal defence – hence algorithms must be updated constantly and continuously.

The progression of AI3 will be a natural long-term process. Fortunately, however, there is an important AI characteristic – i.e. that every result put on the table always has great application value. This is also one of the important reasons why all countries attach great importance to AI development, as their national interest and real independence are at stake.

With changes taking place around the world and a global economy in deep recession due to Covid-19, the upcoming 14th Five-Year Plan (2021-25) of the People’s Republic of China will be the roadmap for achieving the country’s development goals in the midst of global turmoil.

As AI is included in the aforementioned plan, its development shall also tackle many “security bottlenecks”. Firstly, there is a wide gap in the innovation and application of AI in the field of network security, and many scenarios are still at the stage of academic exploration and research.

Secondly, AI itself lacks a systematic security assessment and there are severe risks in all software and hardware aspects. Furthermore, the research and innovation environment on AI security is not yet at its peak and the relevant Chinese domestic industry not yet at the top position, seeking more experience.

Since 2017, in response to the AI3 Development Plan issued by the State Council, 15 Ministries and Commissions including the Ministry of Science and Technology, the Development and Reform Commission, etc. have jointly established an innovation platform. This platform is made up of leading companies in the industry, focusing on open innovation in the AI segment.

At present, thanks to this platform, many achievements have been made in the field of security. As first team in the world to conduct research on AI infrastructure from a system implementation perspective, over 100 vulnerabilities have been found in the main machine learning frameworks and dependent components in China.

The number of vulnerabilities make Chinese researchers rank first in the world. At the same time, a future innovation plan -developed and released to open tens of billions of security big data – is being studied to promote the solution to those problems that need continuous updates.

The government’s working report promotes academic cooperation and pushes industry and universities to conduct innovative research into three aspects: a) AI algorithm security comparison; 2) AI infrastructure security detection; 3) AI applications in key cyberspace security scenarios.

By means of state-of-the-art theoretical and basic research, we also need to provide technical reserves for the construction of basic AI hardware and open source software platforms (i.e. programmes that are not protected by copyright and can be freely modified by users) and AI security detection platforms, so as to reduce the risks inherent in AI security technology and ensure the healthy development of AI itself.

With specific reference to security, on March 23 it was announced that the Chinese and Russian Foreign Ministers had signed a joint statement on various current global governance issues.

The statement stresses that the continued spread of the Covid-19 pandemic has accelerated the evolution of the international scene, has caused a further imbalance in the global governance system and has affected the process of economic development while new global threats and challenges have emerged one after another and the world has entered a period of turbulent changes. The statement appeals to the international community to put aside differences, build consensus, strengthen coordination, preserve world peace and geostrategic stability, as well as promote the building of a more equitable, democratic and rational multipolar international order.

In view of ensuring all this, the independence enshrined by international law is obviously not enough, nor is the possession of nuclear deterrent. What is needed, instead, is the country’s absolute control of information security, which in turn orients and directs the weapon systems, the remote control of which is the greedy prey to the usual suspects.

Continue Reading

Publications

Latest

Middle East35 mins ago

Why the West Want to Stop Iran Becoming a Nuclear Power?

Iran is a regional powerhouse in the Middle East only rivals Saudi Arabia, Egypt and Turkey. The rivalry between Saudi...

New Social Compact3 hours ago

Debunking Magical realism through Marquez’s “A Very Old Man with Enormous Wings”

There are few names in the Latin American literature, which it comes to famous novels and short stories, Columbian writer...

Americas5 hours ago

Why Congress should be rough on Chris Miller at his testimony on Wednesday

FBI director Chris Wray’s weak congressional testimony in March left most of the Capitol attack questions unanswered and most of...

Africa7 hours ago

Nigeria- Ghana Trade War: Where to from here

Several months after a series of bilateral talks between the Nigerian government and authorities in Ghana aimed toward addressing the...

Economy9 hours ago

Biden’s shift from neo-liberal economic model

Mercantilism; which was the ‘Hall of Fame’ from 15th-18th Century had emerged from the decaying of feudal economic system in...

Europe11 hours ago

The billion-dollars closer to disaster: China’s influence in Montenegro

Montenegro is building its first-ever motorway. Due to a huge loan scandal, it’s now become the country’s highway to hell....

South Asia13 hours ago

Afghanistan: the US and NATO withdrawal and future prospects

On April 14, the United States of America announced that it would withdraw all its troops stationed in Afghanistan from...

Trending