Connect with us

Science & Technology

Russian Cyber Sovereignty: One Step Ahead

Published

on

Authors: Alexander Tabachnik  and Lev Topor*

Cyber warfare is becoming more prominent and frequent than ever before in the international arena. Struggle for hegemony, influence and power pushes international actors, mainly states, into developing their cyber capabilities to spy, sabotage and influence other actors. Globalization and the proliferation of knowledge, know-how, expertise and technology in general have made cyber warfare relatively cheap and easy to execute in comparison with conventional warfare. In fact, international law regarding cyber warfare, specifically the lack of it, as well as newly emerging norms between states, have made cyber warfare especially lucrative. That is, since there are no biding norms or laws regarding cyber operations, and since it is extremely difficult to attribute a cyber attack with a real attacker, traditional military or economic punishment is difficult to justify. This makes deterrence slow, blunt and ineffective.

In this article, we seek to discuss the importance of the Russian cyber domain and its position in the international struggle for power, influence and national security. Specifically, we argue that Russia’s cyber domain acts as a barrier from foreign cyber operations, especially since the West has escalated its operations against Russia in recent years. We also argue that in the field of national security and national interests within the cybersphere, Russia has an advantage over other powers such as the United States or the United Kingdom. Further, we elaborate and discuss the structure, vulnerabilities and importance of cyberspace in international relations, as well as the current state of Russia’s defensive cyber domain.

Less-regulated cyber domains, such as those of the U.S. and UK, are vulnerable and prone to foreign attacks not only by their adversaries but by rogue and anonymous hacking groups and cyber criminals [1]. Interestingly, clandestine surveillance programs such as the American Presidential Policy Directive 20 (PPD-20), which was leaked by Edward Snowden in 2013, allows the U.S. to spy on citizens and foreigners, but not to completely protect itself from cyber operations. It is difficult to guarantee both security and privacy. However, since cyber attacks are on the rise, should security not come first?

Interestingly, in that regard, the Russian cyber domain is “one step ahead” of other international actors, mainly global powers such as the U.S., the UK, most of the European Union and others. Due to the problem of attribution and the increase in the practice of cyber warfare, Russia perceives the cyber domain, cyberspace, as a threat to Russian national security and stability. On the one hand, the U.S. unsuccessfully tried to present the norm of privacy as more important than security and executed espionage and regulations with hiding initiatives such as PPD-20. On the other hand, Russia acted with transparency when it placed the norm of security ahead of privacy and accordingly changed its regulation of the cyber domain. Indeed, criticism has been raised over recent Russian initiatives such as the Yarovaya Law or the Sovereign Internet Law. The criticism and concerns are legitimate. However, we argue that in respect to the international struggle over power and security Russia has the lead over Western powers. Philosophically speaking, what good is privacy if there is no national security. Moreover, Russian privacy is undermined by foreign forces (i.e., States, cyber criminals) that spy and exert influence.

Cyberspace: Structure and Vulnerabilities

Cyberspace is complex and ubiquitous. By the definition of the U.S. Joint Chief of Staff (JCS), cyberspace is “the domain within the information environment that consists of the interdependent network of information technology (IT) infrastructures and resident data. It includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers.” Moreover, the U.S. JCS refers mostly to the operational level of virtual cyber operations. At the same time, in practice, cyberspace is comprised of several layers, each with its own unique characteristics. Each layer facilitates and acts as the infrastructure for the next one. Thus, as suggested by Yochai Benkler or by Nazli Choucri and David D. Clark, there are four layers to cyberspace; the physical foundations, the logic layer, the information layer, and the users. These layers affect IR and IR affects them.

The physical layer of cyberspace is the infrastructure. It consists of the physical elements which are necessary for the function of the internet. Fiber optic cables, nodes of cables, satellites, cellular towers, servers, computers, and other physical components all serve as a base for the next layer (the logic). Fiber optic cables are of great importance since they interwind the world with mostly submarine cables. These cables make up approximately 95% of the intercontinental telecommunications traffic, with the rest being satellite communication used for military and research. Without such an extensive layout, the internet would have been in use only by state actors and not the general public, globally. The vulnerabilities of this layer lie within the physical elements themselves – cables can be cut, damaged, hacked, eavesdropped. Furthermore, physical damage is difficult to repair (in most cases) as it requires special ships and equipment. In the ce of satellite damage, a new one would probably be needed. Repairs are difficult and expensive.

The next layer is logical. The central nervous system of cyberspace is responsible for routing information and data, from clients to servers and back to clients. This happens through systems such as the domain name system (DNS), Transmission Control Protocol (TCP), internet protocols (IP), browsers, software that makes use of physical foundations, and websites, to name key examples. The vulnerabilities of this layer are numerous, while manipulations to the communication systems and denial of service (DoS) are just a few examples.

For instance, in regard to the physical and logical layer, Russia was accused of attacking the American power grid. The U.S., as it was mentioned earlier, also attacked the Russian power grid. Another example is that during the Cold War, American ships and submarines conducted espionage and eavesdropping operations on Soviet undersea communication cables. Today, both the U.S., Russia, China, and other capable powers conduct underwater espionage operations.

Next is the information layer, comprised of encoded text, photos, videos, audio, and any kind of data stored, transmitted, and transformed through the IPs. The main vulnerability of this layer is the information itself, which is susceptible to manipulation by malicious or unwanted means such as disinformation material and malware. Foreign actors can also steal valuable and protected information. Needless to mention that all of the mentioned types of information can be manipulated and adapted as needed for cyber operations.

The final layer consists of the users who shape the cyberspace experience and its nature by communicating with each other, creating and spreading content. The main vulnerability of the users are other manipulative users (i.e., foreign agents, criminals, terrorists). In this regard, for instance, the global Covid-19 crisis has also seen an “infodemic” alongside it. A “global battle of narratives” is taking place, as argued by the European Union High Representative for Foreign Affairs and Security Policy, Josep Borrell, on March 24, 2020. China is accused of promoting theories suggesting that the American Army was responsible for introducing the disease while visiting Wuhan in October 2019. Thus, while the outbreak might have occurred in Wuhan, this kind of disinformation campaign shifted the perception of origin away from China and blamed the virus on the U.S. “Not wishing to waste a good crisis,” China (as well as others) is promoting an intelligent and data-driven campaign against its global adversaries.

Cyber Warfare: A Tool of International Security

Since Westphalia, states longed to preserve their sovereignty. States, especially great powers, usually prefer to avoid conventional conflict and to avoid MAD (Mutual Assured Destruction), as was experienced during the Cold War. Whenever states do intervene in the affairs of others, they do so to acquire territory, domains or power to protect ethnonational groups, as well as economic, military or diplomatic interests. States also intervene due to ideological reasons and, lastly, to keep or adjust the regional or global balance of power. Hence, cyberspace serves as the perfect domain to avoid conventional military conflict and even a MAD situation while trying to obtain the reasons for intervention. Thus, states and other IR actors do so by using cyber warfare strategies and tactics.

Cyber warfare could be broadly defined as the use of cyber weapons and other systems and means in cyberspace for the purpose of injury, death, damage, destruction or influence of international actors and/or objects. Acts of cyber warfare can be executed by all types of IR actors, including individuals, organizations, companies, states, and state proxies. Cyber warfare is an integrated part of the defense and offense strategy used by many international actors. Russian military officials do not use the term “cyber warfare” as a standalone term. They prefer to conceptualize it within a wider framework of information warfare – a holistic approach which includes, inter alia, computer network operations, electronic warfare, and psychological and informational operations.

Regarding IR and international security (IS), cyber warfare can be viewed from two different perspectives. A revolutionary perspective and an evolutionary one. From a revolutionary perspective, cyber warfare and cyber weapons are a revolution of military affairs to some extent, in the same way that sailors once perceived the development and widespread of airplanes. That is, much like airplanes, cyber weapons can transform strategies and shift the balance of power in the international arena. From an evolutionary perspective, cyber warfare and cyber weapons serve merely as a tactical development with no drastic strategic changes. As mentioned before, IR actors still seek power and influence over others and are willing to fight over it, as they did for centuries. We assume that the Russian approach to the cyber domain can be defined as evolutionary. This argument was also proven to be valid for the term “Hybrid Warfare,” as recently published by Vassily Kashin.

Generally, the arsenal of cyber warfare tactics includes acts of espionage, propaganda, denial of service, data modification and infrastructure manipulation or sabotage. Further, according to the Tallinn Manual on The International Law Applicable to Cyber Operations, some tactics such as espionage or data modification and false information spread are not illegal. At the same time, cyber attacks can be regarded as kinetic attacks and retaliation can be justified only if the victim can reveal the true and full details of the perpetrator — a very limited and rare phenomenon nowadays.

Consequently, the characteristics of cyber tactics make them very attractive for use. Countries like the U.S., UK, Russia, China, smaller regional powers such as Israel or Iran, rogue states like North Korea and even terror organizations and human rights organizations are all shifting towards cyberspace.

Russian Cyber Sovereignty: A Barrier Against Foreign Influence

Russian authorities perceive cyberspace as a major threat to Russian national security, stability as the flow of information in cyberspace could undermine the regime. Social networks, online video platforms, secure messaging applications and foreign-based internet mass-media remain a great concern as Moscow has no control over information on these platforms, which are either created or influence by Russia’s global competitors such as the U.S. or the UK. Yet, as we show, cyberspace is a domain only partly controlled by the authorities, enabling a relatively free flow of information while Russia still seeks to take some necessary precautions.

Russian authorities, through legislation and cyber regulation, strive to control Russian cyberspace in order to prevent or deter, as much as possible, the dissemination of information which may mar the positive representation of its regime, or any activity which may endanger the regime’s stability. Therefore, Russian authorities seek to control the content of the information layer and the information circulating in Russian cyberspace.

Generally, Russian legislation directed at control over domestic cyberspace consists of two major categories, which are also interconnected. These categories can be defined as legal-technological and legal-psychological. The most prominent legal-technological efforts by Russian authorities consist of the following measures: the Yarovaya Law; Russia’s “sovereign internet” law; SORM system’s installation mandatory; and the law making Russian applications mandatory on smartphones or other devices. Simultaneously, the legal-psychological efforts consist of the three major measures: “disrespect law”; “fake news” law; and the new “foreign agent” law. As further explained, these are meant to pressure Russians and others from spreading disinformation from within.

The Yarovaya Law obliges provision of encryption/decryption keys (necessary for decoding transmitted electronic messages/information) to Russian special services (such as the FSB) upon request by distributors of information such as internet and telecom companies, messengers and other platforms that allow the exchange of information. Moreover, according to this law, Big Data attributed to activity in Russian cyberspace must be stored in Russian territory, while the special services should have unrestricted access to this data [2]. For example, companies like Facebook or Google must store information concerning data and activities of their Russian users in Russian territory and provide unrestricted access to the Russian special services.

Furthermore, the Decree of the Government of the Russian Federation from April 13, 2005, (number 214) with changes from October 13, 2008, regarding SORM (Russia’s System of Operational-Investigatory Measures), requires telecommunication operators to install equipment provided by the FSB. This allows the FSB and other security services to monitor unilaterally and unlimitedly, without a warrant, users’ communications metadata and content. This includes web browsing activity, emails, phone calls, messengers, social media platforms and so on. Moreover, the system has the capability of Deep Packet Inspection (DPI). Thus, the SORM system is one of the major tools helping implement and regulate the Yarovaya Law. While the Yarovaya Law is criticized by many for harming citizens’ privacy, it could be extremely effective for its initial and official purpose, which is counter-terrorism and foreign missionary interventions.

On December 2, 2019, Russian President Vladimir Putin signed a legislation bill requiring all computers, smartphones and smart devices sold in Russia to be pre-installed with Russian software. Afterwards, the government announced a list of applications developed in Russia that would need to be installed on the mentioned categories of devices. This legislation came into force on July 1, 2020. Apparently, an initiative will be promoted later on, calling to register devices with government-issued serial numbers. This will allow Moscow to tighten control over end-users through regulation, monitoring and surveillance. These kinds of laws can help Russia avoid the need to rely on technology companies for crime and terror forensics. For instance, such cases took place in the U.S., for instance, after the December 2019 terror attack at a Navy base in Florida.

On May 1, 2019, President Vladimir Putin signed the law on Russia’s “Sovereign Internet,” effectively creating the “RuNet” — Russia’s internal internet. The goal of this law is to enable the Russian internet to operate independently from the World Wide Web if and when requested by Moscow. In practice, this “kill switch” allows Russia to operate an intranet, a restricted regional network such in use by large corporations or militaries. This network gives authorities the capacity to deny access to parts of the internet in Russia, potentially ranging from cutting access to particular Internet Service Providers (ISPs) through cutting all internet access in Russia.” With risks of foreign cyber operations such as disinformation or even physical eavesdropping, this “kill switch” can prevent Russia from suffering a dangerous offensive. This can also mean that Russia could initiate cyber warfare but keep itself protected, at least from outside threats.

At the same time, the legal-psychological efforts consist of three laws directed at the prevention of distribution of unreliable facts and critique directed at the government’s activities and officials. For example, the law which regulates “disrespect” allows courts to fine and imprison people for online mockery of the government, its officials, human dignity and public morality. This law is relevant to the dissemination of information through informational-telecommunication networks. Additionally, the “fake news” law also outlaws the dissemination of what the government defines to be “fake news” – unreliable socially significant information distributed under the guise of reliable information.

These laws give Roskomnadzor (The Federal Service for Supervision of Communications, Information Technology and Mass Media) and the Kremlin’s censorship agency to remove unreliable content from the web. Moreover, the law prescribes heavy fines for knowingly spreading fake news and prescribes ISPs to deny access to websites disseminating fake news in the pretrial order following an appropriate decision issued by Roskomnadzor. Effectively, this puts a negative incentive to cooperate with foreign propaganda campaigns or other unwanted forces.

Next, the “Foreign Agent” law applies to any individual who distributes information on the internet and is funded by foreign sources. Interestingly, YouTube channels can be defined as such. According to this law, Russian citizens and foreigners can be defined as foreign agents. Consequently, all materials (including posts on social media) published by an individual who receives funds from non-Russian sources must be labeled as foreign agents. The commission of the Ministry of Justice and the Ministry of Foreign Affairs are endowed with powers to recognize individuals as foreign agents. Consequently, foreign agents will be obliged to create a legal entity and mark messages with a special mark.

Furthermore, individual foreign agents are subject to the same requirements as non-profit organizations recognized as foreign agents (the law regarding non-profit organizations was adopted in 2012). Therefore, foreign agents will be obliged to provide data on expenditures and audits regarding their activities to the Ministry of Justice. It should be noted that these administrative obligations are time consuming, complicated and expensive — they are aimed to discourage foreign agents from their activities. Overall, the purpose of the legal-psychological efforts is to discourage the population from participating in any king of anti-government activities in cyberspace. This law is of similar nature to the Foreign Agents Registration Act (FARA) enacted by the U.S. in 1938.

Conclusion: Structural Advantage and Strategic Superiority

In her article from August 25, 2017, Maria Gurova asked, “How to Tame the Cyber Beast?” Since offensive cyber operations are becoming more prominent and frequent, including cyber crime and cyber terrorism, and since these attacks are becoming more political, Russia chose to protect itself from foreign forces and global adversaries by regulating and monitoring its cyber domain directly, in contrast to Western proxy regulation practices. Interestingly, it has also created a “Kill Switch” which, if threatened by foreign forces, will allow the RuNet to keep internal internet connection — a significant need, especially for the largest country in the world. In fact, while other, less strategically sophisticated, countries will have to rely on outdated means of communication in the case of a major cyber attack, Russia can remain relatively safe and connected.

The negative aspect of the aforementioned regulation is the incompatibility to Western norms, mainly to the General Data Protection Regulation (GDPR) and the European Court of Human Rights (ECHR) decisions. This incompatibility can undermine Russian economic and socio-political relations and developments with the U.S., UK and EU, pushing Western hi-tech companies away. These regulations may also harm freedom of speech in the Russian cyber domain, as users may feel threatened to criticize the authorities. This is despite the fact that the regulations are to be implemented mostly on security-related issues. However, Western proxy regulation practices are having trouble addressing this issue as well.

All in all, Russia has the lead over Western powers — it controls all of its own cyberspace layers. In fact, as an international actor, Russia has an offensive and defensive strategic edge over its global competition. As articulated in this article, Russia has built a strategic “firewall” against foreign cyber attacks. Currently, there is no binding international law that forbids cyber attacks. In this case, the anarchy in IR and IS must be dealt with domestic solutions by each international actor. For instance, it was reported that the American Central Intelligence Agency conducted offensive cyber operations against Russia and others after a secret Presidential order in 2018. Of course, Russia had also conducted cyber and hybrid operations against its global adversaries. A U.S. special report from August 2020 concluded that Russia had created an entire ecosystem of cyber operations. This means that while Russia has a relatively secure infrastructure, the U.S., with no proper regulations, is one step behind. In this regard, China is also a step ahead of the U.S. and the EU.

*Lev Topor, PhD, Senior Research Fellow, Center for Cyber Law and Policy, University of Haifa, Israel

[1] We ask to clarify that the U.S. and the UK do regulate their cyber domains extensively. However, they mainly focus on privacy and not security and conduct some regulation through Public-Private Partnerships (PPP). For more, see Madeline Carr or Niva Elkin-Koren and Eldar Haber.

[2] Metadata is stored for a period of one year and data (messages of internet users, voice information, images, sounds, video etc.) for a period of six months.

From our partner RIAC

Continue Reading
Comments

Science & Technology

From nanotechnology to solar power: Solutions to drought

Published

on

While the drought has intensified in Iran and the country is facing water stress, various solutions from the use of solar power plants to the expansion of watershed management and nanotechnology are offered by experts and officials.

Iran is located in an arid and semi-arid region, and Iranians have long sought to make the most of water.

In recent years, the drought has intensified making water resources fragile and it can be said that we have reached water bankruptcy in Iran.

However, water stress will continue this fall (September 23-December 21), and the season is expected to be relatively hot and short of rain, according to Ahad Vazifeh, head of the national center for drought and crisis management.

In such a situation, officials and experts propose various solutions for optimal water management.

Alireza Qazizadeh, a water and environment expert, referring to 80 percent of the arid regions in the country, said that “Iran has one percent of the earth’s area and receives only 36 percent of renewable resources.

The country receives 250 mm of rainfall annually, which is about 400 billion cubic meters, considering 70 percent evaporation, there is only 130 billion cubic meters of renewable water and 13 billion cubic meters of input from border waters.”

Referring to 800 ml of average rainfall and 700 mm of global evaporation, he noted that 70 percent of rainfall in Iran occurs in only 25 percent of the country and only 25 percent rains in irrigation seasons.

Pointing to the need for 113 billion cubic meters of water in the current year (began on March 21), he stated that “of this amount, 102 billion is projected for agricultural use, 7 percent for drinking and 2 percent for industry, and at this point water stress occurs.

In 2001, 5.5 billion cubic meters of underground resources were withdrawn annually, and if we consider this amount as 20 years from that year until now, it means that we have withdrawn an equivalent of one year of water consumption from non-renewable resources, which is alarming.”

The use of unconventional water sources can be effective in controlling drought, such as rainwater or river runoff, desalinated water, municipal wastewater that can be reused by treatment, he concluded.

Rasoul Sarraf, the Faculty of Materials at Shahid Modarres University, suggests a different solution and states that “To solve ease water stress, we have no choice but to use nanotechnology and solar power plants.

Pointing to the sun as the main condition for solar power plant, and while pointing to 300 sunny days in the country, he said that at the Paris Convention, Iran was required to reduce emissions by 4 percent definitively and 8 percent conditionally, which will only be achieved by using solar power plants.

Hamidreza Zakizadeh, deputy director of watershed management at Tehran’s Department of Natural Resources and Watershed Management, believes that watershed management can at least reduce the effects of drought by managing floods and extracting water for farmers.

Amir Abbas Ahmadi, head of habitats and regional affairs of Tehran Department of Environment, also referring to the severe drought in Tehran, pointed to the need to develop a comprehensive plan for water management and said that it is necessary to cooperate with several responsible bodies and develop a comprehensive plan to control the situation.

He also emphasizes the need to control migration to the capital, construction, and the implementation of the Comprehensive Plan of Tehran city.

While various solutions are proposed by officials and experts to manage water and deal with drought, it is necessary for the related organizations to work together to manage the current situation.

Mohammad Reza Espahbod, an expert in groundwater resources, also suggested that while the country is dealing with severe drought due to improper withdrawal of groundwater and low rainfall, karst water resources can supply the whole water needed by the country, only if managed.

Iran is the fifth country in the world in terms of karst water resources, he stated.

Qanats can also come efficient to contain water scarcity due to relatively low cost, low evaporation rates, and not requiring technical knowledge, moreover, they proved sustainable being used in perpetuity without posing any damages to the environment.

According to the Ministry of Energy, about 36,300 qanats have been identified in Iran, which has been saturated with water for over 2,000 years.

In recent years, 3,800 qanats have been rehabilitated through watershed and aquifer management, and people who had migrated due to water scarcity have returned to their homes.

Water resources shrinking

Renewable water resources have decreased by 30 percent over the last four decades, while Iran’s population has increased by about 2.5 times, Qasem Taqizadeh, deputy minister of energy, said in June.

The current water year (started on September 23, 2020) has received the lowest rain in the past 52 years, so climate change and Iran’s arid region should become a common belief at all levels, he lamented.

A recent report by Nature Scientific Journal on Iran’s water crisis indicates that from 2002 to 2015, over 74 billion cubic meters have been extracted from aquifers, which is unprecedented and its revival takes thousands of years along with urgent action.

Three Iranian scientists studied 30 basins in the country and realized that the rate of aquifer depletion over a 14-year period has been about 74 billion cubic meters, which is recently published in Nature Scientific Journal.

Also, over-harvesting in 77 percent of Iran has led to more land subsidence and soil salinity. Research and statistics show that the average overdraft from the country’s aquifers was about 5.2 billion cubic meters per year.

Mohammad Darvish, head of the environment group in the UNESCO Chair on Social Health, has said that the situation of groundwater resources is worrisome.

From our partner Tehran Times

Continue Reading

Science & Technology

Technology and crime: A never-ending cat-and-mouse game

Published

on

Is technology a good or bad thing? It depends on who you ask, as it is more about the way technology is used. Afterall, technology can be used by criminals but can also be used to catch criminals, creating a fascinating cat-and-mouse game.

Countless ways technology can be used for evil

The first spear was used to improve hunting and to defend from attacking beasts. However, it was also soon used against other humans; nuclear power is used to produce energy, but it was also used to annihilate whole cities. Looking at today’s news, we’ve learned that cryptocurrencies could be (and are) used as the preferred form of payments of ransomware since they provide an anonymous, reliable, and fast payment method for cybercriminals.

Similarly, secure phones are providing criminal rings with a fast and easy way to coordinate their rogue activities. The list could go on. Ultimately, all technological advancements can be used for good or evil. Indeed, technology is not inherently bad or good, it is its usage that makes the difference. After all, spears served well in preventing the extinction of humankind, nuclear power is used to generate energy, cryptocurrency is a promise to democratize finance, and mobile phones are the device of choice of billions of people daily (you too are probably reading this piece on a mobile).

However, what is new with respect to the past (recent and distant) is that technology is nowadays much more widespread, pervasive, and easier to manipulate than it was some time ago. Indeed, not all of us are experts in nuclear material, or willing and capable of effectively throwing a spear at someone else. But each of us is surrounded by, and uses, technology, with a sizeable part of users also capable of modifying that technology to better serve their purposes (think of computer scientists, programmers, coding kids – technology democratization).

This huge reservoir of people that are capable of using technology in a way that is different from what it was devised for, is not made of just ethical hackers: there can be black hats as well (that is, technology experts supporting evil usages of such technology). In technical terms, the attack vector and the security perimeter have dramatically expanded, leading to a scenario where technology can be easily exploited for rogue purposes by large cohorts of people that can attack some of the many assets that are nowadays vulnerable – the cybersecurity domain provides the best example for the depicted scenario. 

Fast-paced innovation and unprecedented threats

What is more, is that technology developments will not stop. On the contrary, we are experiencing an exponentially fast pace in technology innovation, that resolves in less time between technology innovations cycles that, while improving our way of living, also pave the way for novel, unprecedented threats to materialize. For instance, the advent of quantum computers will make the majority of current encryption and digital signature methods useless and what was encrypted and signed in the past, exposed.

The tension between legitimate and illegitimate usages of technology is also heating up. For instance, there are discussions in the US and the EU about the need for the provider of ICT services to grant the decryption keys of future novel secure applications to law enforcement agencies should the need arise –a debatable measure.

However, technology is the very weapon we need to fight crime. Think of the use of Terahertz technology to discover the smuggling of drugs and explosives – the very same technology Qatar      has successfully employed. Or the infiltration of mobile phone crime rings by law enforcement operators via high tech, ethical hacking (as it was the case for the EncroChat operation). And even if crime has shown the capability to infiltrate any sector of society, such as sports, where money can be laundered over digital networks and matches can be rigged and coordinated via chats, technology can help spot the anomalies of money transfer, and data science can spot anomalies in matches, and can therefore thwart such a crime – a recent United Nations-sponsored event, participated by the International Centre for Sport Security (ICSS) Qatar and the College of Science and Engineering (CSE) at Hamad Bin Khalifa University (HBKU) discussed      the cited topic. In the end, the very same technology that is used by criminals is also used to fight crime itself.

Don’t get left behind

In the above-depicted cybersecurity cat-and-mouse game, the loser is the party that does not update its tools, does not plan, and does not evolve.

In particular, cybersecurity can help a country such as Qatar over two strategic dimensions: to better prevent/detect/react to the criminal usage of technology, as well as to advance robustly toward a knowledge-based economy and reinforce the country’s presence in the segment of high value-added services and products to fight crime.

In this context, a safe bet is to invest in education, for both governments and private citizens. On the one hand, only an educated workforce would be able to conceptualize/design/implement advanced cybersecurity tools and frameworks, as well as strategically frame the fight against crime. On the other hand, the same well-educated workforce will be able to spur innovation, create start-ups, produce novel high-skill products, and diversify the economy. 

In this context, Qatar enjoys a head start, thanks to its huge investment in education over the last 20 years. In particular, at HBKU – part of Qatar Foundation – where we have been educating future generations. 

CSE engages and leads in research disciplines of national and global importance. The college’s speciality divisions are firmly committed to excellence in graduate teaching and training of highly qualified students with entrepreneurial  capacity.

For instance, the MS in Cybersecurity offered by CSE touches on the foundations of cryptocurrencies, while the PhD in Computer Science and Engineering, offering several majors (including cybersecurity), prepares future high-level decision-makers, researchers, and entrepreneurs in the ICT domain  – the leaders who will be driving the digitalization of the economy and leading the techno-fight against crime. 

Continue Reading

Science & Technology

Enhancing poverty measurement through big data

Published

on

Authors: Jasmina Ernst and Ruhimat Soerakoesoemah*

Ending poverty in all its forms is the first of the 17 Sustainable Development Goals (SDGs). While significant progress to reduce poverty had been made at the global and regional levels by 2019, the Covid-19 pandemic has partly reversed this trend. A significant share of the population in South-East Asia still lacks access to basic needs such as health services, proper nutrition and housing, causing many children to suffer from malnutrition and treatable illnesses. 

Delivering on the commitments of the 2030 Agenda for Sustainable Development and leaving no one behind requires monitoring of the SDG implementation trends. At the country level, national statistics offices (NSOs) are generally responsible for SDG data collection and reporting, using traditional data sources such as surveys, census and administrative data. However, as the availability of data for almost half of the SDG indicators (105 of 231) in South-East Asia is insufficient, NSOs are exploring alternative sources and methods, such as big data and machine learning, to address the data gaps. Currently, earth observation and mobile phone data receive most attention in the domain of poverty reporting. Both data sources can significantly reduce the cost of reporting, as the data collection is less time and resource intensive than for conventional data.

The NSOs of Thailand and the Philippines, with support from the Asian Development Bank, conducted a feasibility study on the use of earth observation data to predict poverty levels. In the study, an algorithm, convolutional neural nets, was pretrained on an ImageNet database to detect simple low-level features in images such as lines or curves. Following a transfer learning technique, the algorithm was then trained to predict the intensity of night lights from features in corresponding daytime satellite images. Afterwards income-based poverty levels were estimated using the same features that were found to predict night light intensity combined with nationwide survey data, register-based data, and geospatial information. The resulting machine learning models yielded an accuracy of up to 94 per cent in predicting the poverty categories of satellite images. Despite promising study results, scaling up the models and integrating big data and machine learning for poverty statistics and SDG reporting still face many challenges. Thus, NSOs need support to train their staff, gain continuous access to new datasets and expand their digital infrastructure.

Some support is available to NSOs for big data integration. The UN Committee of Experts on Big Data and Data Science for Official Statistics (UN-CEBD) oversees several task teams, including the UN Global Platform which has launched a cloud-service ecosystem to facilitate international collaboration with respect to big data. Two additional task teams focus on Big Data for the SDGs and Earth Observation data, providing technical guidance and trainings to NSOs. At the regional level, the weekly ESCAP Stats Café series provides a knowledge sharing platform for experiences related to the impact of COVID-19 on national statistical systems. The Stats Café includes multiple sessions dedicated to the use of alternative data sources for official statistics and the SDGs. Additionally, ESCAP has published policy briefs on the region’s practices in using non-traditional data sources for official statistics.

Mobile phone data can also be used to understand socioeconomic conditions in the absence of traditional statistics and to provide greater granularity and frequency for existing estimates. Call detail records coupled with airtime credit purchases, for instance, could be used to infer economic density, wealth or poverty levels, and to measure food consumption. An example can be found in poverty estimates for Vanuatu based on education, household characteristics and expenditure. These were generated by Pulse Lab Jakarta – a joint innovation facility associated with UN Global Pulse and the government of Indonesia.

Access to mobile phone data, however, remains a challenge. It requires long negotiations with mobile network operators, finding the most suitable data access model, ensuring data privacy and security, training the NSO staff and securing dedicated resources. The UN-CEBD – through the Task Team on Mobile Phone Data and ESCAP – supports NSOs in accessing and using mobile phone data through workshops, guides and the sharing of country experiences. BPS Statistics Indonesia, the Indonesian NSO, is exploring this data source for reporting on four SDG indicators and has been leading the regional efforts in South-East Asia. While several other NSOs in Asia and the Pacific can access mobile phone data or are negotiating access with mobile network operators, none of them have integrated it into poverty reporting.

As the interest and experience in the use of mobile phone data, satellite imagery and other alternative data sources for SDGs is growing among many South-East Asian NSOs, so is the need for training and capacity-building. Continuous knowledge exchange and collaboration is the best long-term strategy for NSOs and government agencies to track and alleviate poverty, and to measure the other 16 SDGs.

*Ruhimat Soerakoesoemah, Head, Sub-Regional Office for South-East Asia

UNESCAP

Continue Reading

Publications

Latest

Southeast Asia1 hour ago

AUKUS: A Sequela of World War II and US Withdrawal from Afghanistan

Deemed as a historic security pact, AUKUS was unveiled by the leaders of the US, the UK and Australia –...

Americas5 hours ago

Interpreting the Biden Doctrine: The View From Moscow

It is the success or failure of remaking America, not Afghanistan, that will determine not just the legacy of the...

Urban Development9 hours ago

WEF Launches Toolbox of Solutions to Accelerate Decarbonization in Cities

With the percentage of people living in cities projected to rise to 68% by 2050, resulting in high energy consumption,...

Development11 hours ago

Demand for Circular Economy Solutions Prompts Business and Government Changes

To truly tackle climate goals, the world must transform how it makes and consumes. To support this effort, circular economy...

Africa13 hours ago

Money seized from Equatorial Guinea VP Goes into Vaccine

As a classic precedence, the Justice Department of the United States has decided that $26.6m (£20m) seized from Equatorial Guinea’s...

forest forest
Environment15 hours ago

More Than 2.5 Billion Trees to be Conserved, Restored, and Grown by 2030

Companies from across sectors are working to support healthy and resilient forests through the World Economic Forum’s 1t.org trillion tree...

Americas17 hours ago

AUKUS aims to perpetuate the Anglo-Saxon supremacy

On September 15, U.S. President Joe Biden worked with British Prime Minister Boris Johnson and Australian Prime Minister Scott Morrison...

Trending