Connect with us

Intelligence

Afghanistan: Anarchy in Practice

Published

on

In this globalized world, time and space are shrinking with the advent of technologies. But the prevailing global interconnections are creating some irreversible collision among the sovereign units, which suggest that this Liberal democratic world became so complicated and peculiar that at this stage no one can control anything, not even superpower. Though they can regulate to some extent but can’t control. Most of the sovereign units are running on democratic principles; nevertheless, there are still several unregulated territories are operating, which is a major concern for democratic nations to deal with them. Hence, these territories provide a breeding ground for illegal activities due to the absence of law and order in that particular area. Most critical of among those territories is the Afghanistan, which became a hub of illicit trade and drug trafficking as well as the global source of terroristic movements.

Afghanistan is not only posing severe hurdles to neighbouring countries, but it is a menace to global peace. Notwithstanding, a full-fledged Afghan government, Taliban are accompanying with Al-Qaeda is the major key players in the region. They entirely disregard the policies of the government, also seeks to counterbalance the power politics in its favour. In praxis, there is no indivisible supreme authority with the capability to command over the whole territory which renders sufficient space for anarchy and turbulence in the region. This implies that afghan, as a state, failed to administer in its real sense. Consequently, it inflates the mystery to classify the nature of Afghanistan to have a meaningful analysis. Presently, Ashraf Ghani, the successor of Hamid Karzai leading the country since 2014, which signifies that Afghanistan is not a completely failed state; instead, it has some fragmented parts. This inefficiency of the state to govern according to global norms is disrupting the peace and also serve as a reservoir of illegal activities. The attack of 9/11 is a suitable example of lawlessness accompanying with the grave consequences of outgrowth of terrorism. Briefly, the geographical terrain in and around the afghan region gives a very suitable space for terrorists to flourish and hide. Hence, these non-state actors are striving to expand their magnetism to the neighbouring countries, which may prompt major security implications for the bordering countries primarily for CAR due to the weak political system and porous borders. Similarly, India is also affected by radical and extremist tendencies that stem from volatile Afghanistan. Moreover, India commenced pursuing its interests in Afghanistan with the well-established engagement. Therefore, India needs to pedal carefully to remain intact in the Taliban headed Afghanistan.

Afghanistan: Failed or Fragmented state?

Afghanistan is known for the history of invasion following with its internal strife and open- ended battle that is intensifying the situation even further without any foreseeable end. All the international efforts have been ineffective to render any useful explication of the conflict chiefly because of ethnic clashes among the civilians and Pakistani interferences. As a consequence, this engendered into convulsions and disruptions within Afghanistan. The instability and the legacy of the Taliban is also a major cause of conflict which leaves no option for the government to execute any practical solutions. However, it is quintessential to identify the speculations behind the germination of non-state actors, nonetheless the world’s most potent military interventions. Why only Afghanistan, not Pakistan or Central Asia or any other region of the world? This question diverts the attention to diagnose the nature of Afghanistan as a state first.

According to Max Weber, the territorial boundary of the country is governed by an exclusive sovereign authority termed as government or state (Gauba, 2009). However, in the case of Afghanistan, not only the state but the non-state actors also regulating different territorial area within a country. There are numerous autonomous units operating to stretch their influence over the territory. This signifies that Afghanistan failed to perform the process of law and governance efficiently. In short, the Afghan government failed to comply with all the principal features of the state, which indicates that power is divided among various stakeholders primarily where the state is weak, fragmented or in extreme cases failed (Barfield, 2010). Hence, it is incompetent for the state to exert authority over all actors within the borders of the state. Mainly if there are non-state armed actors who are maintaining autonomous character mostly by force, then it is almost impossible for the government to execute any order in that region (Rotberg, 2005). On the other hand, Afghanistan has elected president including a political system which restrains us from distinguishing Afghanistan as a failed state.

Hamid Karzai was the first Democratically elected president of Afghanistan and subsequentially his successor Ashraf Ghani is leading the country since 2014 (Nick B. Mills, 2007). It exhibits that Afghanistan has unusual features of the state but not complying with all the authentic features of a nation-state. However, it is imprecise to delineate Afghan as a failed state; instead, it shows the symptoms of fragmentation. Therefore, there is a need to crystalize the understanding of failed state and fragmented state to have a feasible conclusion. State failure is a difficult situation where state agency ceases to operate entirely or partly. In Afghanistan, the circumstances are more similar to the fragmented state where the so-called illegal non-state actors have a significant role to play accompanying with state authorities. Lastly, non-state actors do not acknowledge the hierarchy of authorities which eventually drives to the anarchy and lawlessness within a state.

The threat for Democratic World Order

In the 21st century, the world regulates on the orbit of liberal principles. The post-soviet era with a twist from fixed to flexible exchange rate system gave enormous space to flourish the liberalism or in another way globalization to its zenith. Globalization not only demands the flexible economy but also requires a stable political system for its growth. In contrast, the political system of Afghanistan is precarious and led to the outgrowth of baneful factors. The politically destabilize country consists of numerous Clan leaders, which are the main components of the political fabric of the country. The presence of these clans with diverse and distinct social beliefs and norms paves the way of the tussle. Besides, the existence of external forces since the last half-century also contributing to antagonize the culture and ignited the growth of extremist ideologies. Ever since millions of dollars and human resources has been injected, but the story remains unchanged.

Gradually, Afghanistan became the hub of transnational organized crimes with the support of highly sophisticated weapon systems. Mostly, the funding for these activities is obtained with the help of illicit financial flows and the narco trade estimated around $400 in 2018. The growth of the illicit trade in Afghanistan is indestructible, and the country is now the origin of around 90% of the global supply of heroin (Gregorian, 2020). This opium poppy cultivation is one of the primary sources of livelihood in the region. On the other hand, it also serves as a platform to establish strong linkages among the farmers and illegal outsourcing agents, furthermore undermines the credibility of state authorities. These illegitimate connections deviate and alienate the civilians from state apparatuses and inclined them towards the radical or jihadist ideologies. The “Idea of Jihad” befuddles the individual to the extent that they can be used as a suicide bombers in the name of sacrifice. Therefore, the suicidal tactics became one of the unbeatable apocalyptic methods to perpetrate terror on a broader aspect. Moreover, these new tactics bashing the U.S. and NATO to reassess its counterterrorism measures and policies to secure peace and stability. Since the last two decades, the U.S. analysts and policymakers are incompetent to design the concrete path of victory despite the persistent multilateral engagements and consistent failure, eventually leading to an unsettled withdrawal of U.S. forces in a desultory manner.

According to the Council on Foreign Relations, the conflict status of Afghanistan is still getting worse notwithstanding multilateral peace talks among prominent leaders and stakeholders, which may undermine the future prospects of any settlement and inter-afghan mediations. Furthermore, the stage of reconciliation after year-long consultations once again lost its sanctity with the emergence of a global pandemic and declining interest of the Taliban. However, the Afghan crisis sinking a massive amount of human and financial resources following with the unprecedented deaths and casualties to settle the battle. Consequentially, it became a global solicitude to safeguard Afghanistan from turning into a terrorist safe haven. Terrorism and extremism are dangerous for all nations around the world. Also, the drug mafia within Afghanistan is posing a hard blow, domestically and internationally and expanding its root in the region due to its lawlessness. The development of these illegal movements within Afghanistan and around the region raises serious security concerns for the world, can also break off the stability and impede the global economic growth. Lastly, it can be said that without any focused effort to dismantle the unauthorized trade and activities, Afghanistan will continue to captivate the corruption and violence that have plagued the world throughout the turbulent history. Henceforth, it is essential to track the development process in Afghanistan and harmonize the situation with the help of the U.S. and other NATO allies to sustain a peaceful world order.

Security Implications on CAR

As it has been previously stated that Afghanistan is a war-torn nation and its devastating repercussions left the economy crumbled. This economic insufficiency plus unemployment constrain civilians to join the militancy groups. These groups have very active linkages from the Islamic world, especially from Pakistan and Saudi Arabia moreover, they were creating robust linkages to extend their scope in the other bordering countries to harbour themselves during the crisis. Additionally, they also try to woo the civilians of other nations in the name of holy wars.

Afghanistan crisis became a global threat due to the mounting narco trade and outreach of terrorist. Historical pieces of evidence reveal that religious extremism provides the base for terrorism while ultimately, Afghanistan is surrounded by the hard-core Islamic countries. Consequentially, the threat is not only confined to Afghanistan; slightly, it has flooded the neighbouring countries with severe repercussions. Most affected is Central Asia the immediate neighbours of Afghanistan, which provides a substantial base for the terrorist to deceive and accomplish their goals along with Pakistan’s strategic support. Central Asia’s corrupt bureaucracy and weak political system present ample possibilities to prosper the so-called unauthorized activities without any legal risk vis a vis militant groups in Afghanistan are also forming a very close nexus with the neighbouring countries to acquire human and financial resources, especially in CAR.

The threats emanating from Afghanistan is not only using Central Asia as a breeding ground for subversive activities; somewhat, it is also ruining the indigenous culture of these countries. Afghanistan is posing multifaceted economic, political and cultural challenges to the CAR because of the defective political system. The unsteady civic institutions of Central Asia and regional conflict gives leverage to infiltrators to operate under their nose. Besides, religious extremism, ethnic divisions, drug trafficking, illicit trade, and the supply of deadly weapons is the major security threats instigated by Afghanistan. Further, Central Asian routes are used for the opium trade, which is a major source of funding for the Afghan warlords. Moreover, the unresponsive governments of the region failed to harmonies the situation for better economic growth which is worrisome for the major trading partners, including India. Henceforth, the failing economies and the lack of a powerful motivation to engage with India is obstructing the fruits of mutual benefits.

India’s engagement with Afghan’s and Afghanistan

India and Afghanistan hold deep cultural linkages which can be traced back to antiquity simultaneously with the trade relations which proceeded in fragmented layers with the rise and fall of different regimes. This deep-rooted mutual connection underwent a major setback since the partition accompanied with organized stifling by Pakistan. Unquestionably, Afghanistan holds a vital status from the perspective of India’s security calculus. The vitality of Afghanistan for India are not precisely because of Pakistan but proportionately , if not more vital, attached to India’s aspiration to be and to be seen as a major player in the region. Besides, the undeniable fact is that India has always seen Afghanistan as a viaduct to extend its strategic reach beyond south Asia. However, Strategic calculations are not the sole factor; slightly, various other underlying factors are also responsible for India’s direct engagement with Afghanistan.

Firstly, due to the close alliance of mujahideen with ISI (Intelligence agency of Pakistan), Afghanistan poses serious security challenges to India. On the other hand, Pakistan has continuously tried to stimulate the turmoil in the Kashmir to disorientate the region from India, which is a primary cause of the contentious relationship between India and Pakistan. Islamabad also using Afghanistan as a vault of insurgent groups and trained them with core military tactics to meet the perverted interests against India. Pakistan is using Afghanistan, as a launchpad for training and sending Islamic militants to Kashmir. Hence, the stability of Afghanistan is the primary concern of India from Kashmir’s perspective.

Secondly, India’s engagement with Afghanistan strongly motivated with friendly gestures to advance  more  excellent  regional  stability  in entirely coincides with Kautilya’s Rajamandala theory (Circle of States). Although, the world is quite different now in comparison to the Kautilya’s age (Boesche, 2002)but the geopolitical scenario of the Afpak region utterly compatible with his theory. This theory illustrates the bordering nation (i.e., Pakistan) as a hostile and the country which has aligned borders to a hostile country (i.e. Afghanistan) is a natural ally (In case of India). Accordingly, it is imperative for India to maintain a cordial relation with Afghanistan. Additionally, India can use Afghanistan to keep a check on Pakistan to dismantle the Mujahideen’s sheltered by Pakistan from time to time.

Thirdly, India’s economy is proliferating to satisfy the daily demands of the nation, following with an ambition to become a global power. To sustain this economic growth, India needs an uninterrupted supply  of energy resources  which  can  be complemented  by  CAR.  Therefore, Afghanistan can provide a viable transit route to Central Asia to tap the unexplored chunk of energy reserves to relieve India’s energy thirst. India can utilize Afghanistan as a gateway to access Central Asian markets and to enhance energy and economic collaboration to foster the dream of South and Central Asian connectivity.

Though gradually India has advanced its position in Afghanistan with the projection of soft power and infrastructure development. This makes India as one of the largest donors to Afghanistan, which can be manifested through milestone projects concluded by India like Delaram-Zaranj

Highway, transmission lines, Salma Dam and a parliament building in Kabul. On the other aspects, India is also cementing its position through soft power in the field of education, medical and most significantly the passion for Indian cinemas. In spite of that, India needs to recalibrate its approach to root itself as a major player in the Taliban headed Afghanistan. It is also equally significant for India to obstruct the emergence of any radical regime in Afghanistan to pacify the whole South Asian Region.

Conclusion

Over the decades, Afghanistan became more volatile than it was ever before. The rationale behind this is not the external force rather internal radicalization targeted on vulnerable groups in and around the region. The insurgent groups have different origins and motives which is stretching across the South Asian Region and its more threatening for the neighbouring countries in particular, whereas the bordering nations around Afghanistan provide the source of shelter and various other assistance anonymously. The most unstable among them is the CAR which also became an alternate transit route for the contraband products. To sum up, it can be said that internally fractured central Asia needs to captivate the foreign investment and strengthen the security measures to overcome the crisis. The effects of the catastrophe are not only confined to bordering nations; preferably, it has also elongated to the Indian soil at a full-scale. This signifies that India has to contain numerous direct and indirect security challenges arising from Afghanistan, which derailed the bilateral progress between Central Asia and India.

References

Barfield, T. (2010). Afghanistan a cultural and political history. New Jersey: Princeton University Press Princeton & Oxford.

Boesche, R. (2002). The First Great Political Realist: Kautilya and His Arthashastra. Maryland: Lexington Books.

Gauba, O. (2009). An Introduction to Political Theory. New Delhi: Macmillan.

Gregorian, D. H. (2020, 03 21). Trialogue. Retrieved from Institute of World Affairs:

Nick B. Mills, N. D. (2007). Karzai: The Failing American Intervention and the Struggle for Afghanistan. New Jersey: John & Wiley sons.

Rotberg, R. I. (2005). State Failure and State Weakness in a Time of Terror. Washington, D.C.: Brookings Institution press.

I am a Post-graduate in Politics & International studies and currently working with Frank Creations as a PR manager. My primary areas of research include Chinese Foreign Policy, Indo-pacific, Para diplomacy, and International Security. The secondary areas of research include Central Asia& South Asia.

Continue Reading
Comments

Intelligence

The Nature of Islamist Violence in France

Published

on

France faces a persistent jihadist threat, and all indications suggest the violence afflicting the country will continue. France has been targeted for upwards of three decades, but the frequency of attacks has increased quite dramatically over the past ten years or so. There are several reasons why it is distinctly fertile territory for jihadist activity and why militants have declared France an enemy and priority Western target. France is a European hub of jihadism and has been hit particularly hard in recent years. It has the largest Islamic population in Western Europe and, recognizing this, militant organizations devote time, effort, and resources to media production aimed at existing supporters and potentially receptive elements within French society. While only a small percentage of this varied demographic is involved with jihadist activity, individuals residing in France conduct most attacks. In other instances, militants travel to France and gain entry prior to committing violence. The country’s population profile is important to consider but does not explain why some are willing to kill and die for their cause on French soil.


Historically, much of the Islamist violence against France has been motivated by French interference in Muslim lands. This was true of the Algerian Armed Islamic Group (GIA) in the 1990s and is largely the case with al-Qaeda and the Islamic State (IS) today. Jihadists have consistently made this clear in their propaganda and martyrdom statements. In addition to this, militants have struck religious targets and there has been imported conflict related to external events.


The 2015 attack on Charlie Hebdo’s offices and recent series of blasphemy-motivated incidents represent a marked typological development for jihadism in France. In response to the public’s demand for action, French President Emmanuel Macron has announced measures to fight “Islamist separatism” and has been working with European and international partners on matters of border security. Macron’s statements and announced policies have evoked outrage from some within France and internationally. Jihadists are capitalizing upon this and propagandizing Macron’s strategy in a way that hardens the enemy distinction of France, framing it as a nation that is waging war against Muslims at home and abroad. This is a very potent narrative for inciting violence.

National Security Profile
Emmanuel Macron has been criticized for his strategy as well as his comments about Islam being “in crisis”. Macron’s remarks are particularly noteworthy given the composition of French society. Islam is the second largest religion in France and Pew Research Center estimates there are 5,720,000 Muslims living in the country, accounting for 8.8% of the total population. Other sources place this figure closer to 5 million. Macron is accused of over-generalizing and stigmatizing the nation’s Islamic population in response to the actions of a comparative few.


The veracity of Macron’s claims can be debated, and the efficacy of his plan is unknown at this time but there is significant public pressure on the government to address the momentum of militant violence. The attacks have spurred discussion about strengthening French border security and immigration policy. Macron has called for the “refoundation” of the Schengen area and has urged Europe to do more to prevent illegal immigration, citing threats posed by trafficking networks with terror links.
 The global context saw tremendous geographical expansion and numerical growth in Islamist militancy over recent decades. These broader international trends have notably affected the European jihadist landscape and associated ideological currents have influenced some elements within France. France is as well a site of militant network formation and there is a degree of interplay between domestic and international dynamics.
In 2018, the Center for Strategic and International Studies estimated the number of “Sunni Islamic militants” worldwide to be around four times higher than on September 11, 2001. A study by the Dutch General Intelligence and Security Service (AIVD) found that France was the Western nation most often attacked from January 2004 to December 2018, accounting for 27% of all incidents. The AIVD says the first jihadist attack on French soil during this period was in 2012 and since then, the country has experienced frequent violence. Additionally, the Program on Extremism estimated that France has been the target of 35% of all combined attacks conducted in Europe and North America since 2014.


Several other assessments have illuminated the scale of France’s security troubles. In 2017, European Union anti-terror chief Gilles de Kerchove warned there were 17,000 militant Islamists living in the country. Following the December 2018 Christmas market attack in Strasbourg, France 24 reported that approximately “26,000 people who are believed to pose a danger to France are currently categorised as fiché S,” and “roughly 10,000 of those are believed to be religious extremists who have been radicalised, some in fundamentalist mosques, some online, some in prison and others abroad.” Upwards of2000 French nationals have reportedly joined the Islamic State and in 2016 the French government estimated that 1,400 prison inmates were “radicalized”.


Foreign Policy
From the Armed Islamic Group in the 1990s to al-Qaeda and the Islamic State today, France’s enemies have been forthright about what motivates them to conduct attacks. French intervention in Muslim lands has fueled decades of Islamist resentment. Jihadist leaders continually reiterate this in their messaging, as do attack perpetrators in their martyrdom statements and claims of responsibility.


France had various degrees of involvement in the Algerian Civil War, the Gulf War, the War in Afghanistan, the Libyan Civil War, and the conflict in Mali. France has deployed 5,100 military personnel to the Sahel and has around 1,000 more troops stationed in Iraq. It maintains a military presence in Mali, Chad, Niger, Ivory Coast, and Burkina Faso as part of Operation Barkhane. This is France’s largest operational military footprint in Africa since the 1950s. France has also played a highly visible and multifaceted role in fighting the Islamic State in the Middle East.


Jihadist propaganda frames the country as an aggressor, foreign occupier of Muslim lands, and a crusader state waging war on Islam. Following 9/11 and entry into the War in Afghanistan, France and other coalition nations were increasingly portrayed in this way. Al-Qaeda propagated similar narratives following the 2013 launch of Operation Serval in Mali.
The development of media campaigns specifically geared towards Western audiences has increased the reach and traction of jihadist narratives within these societies. Incorporating this approach into the overall military strategy against their enemies helped bring the war to the streets of Western cities. Al-Qaeda’s propaganda efforts in the 2000s and early 2010s had some success with incitement, but the Islamic State drastically increased the offensive tempo against the West in 2014. Although there were jihadist plots in the 2000s, militants did not have a great deal of operational success on French soil again until the turn of the decade. France notably refrained from the 2003 War in Iraq and seemingly avoided much of the violent backlash associated with it. The general growth of Islamist militancy since 9/11 is another contextual trend to consider.


The Islamic State demonstrated its capabilities through its sweeping military victories, caliphate, unprecedented propaganda infrastructure, and vast global reach. When the US-led coalition intervened against the organization in Iraq and Syria, IS harnessed its robust media apparatus to launch targeted campaigns against participating nations. The Islamic State’s top leadership declared France an enemy and the organization produced specialized French language video, audio, and online print materials. IS has also been very effective in its use of social media and messaging applications.    


The Islamic State’s spokesman at the time, Abu Muhammad al-Adnani, released a statement in September of 2014 that tracked with the evolving trends of jihadist violence in the West. Adnani was very explicit in his instructions, “If you can kill a disbelieving American or European – especially the spiteful and filthy French – or an Australian, or a Canadian, or any other disbeliever from the disbelievers waging war, including the citizens of the countries that entered into a coalition against the Islamic State, then rely upon Allah, and kill him in any manner or way however it may be.” He provided simple tactical advice to streamline the attack process, “If you are not able to find an IED or a bullet, then single out the disbelieving American, Frenchman, or any of their allies. Smash his head with a rock, or slaughter him with a knife, or run him over with your car, or throw him down from a high place, or choke him, or poison him.”


Blasphemy
There had been demonstrations against Salman Rushdie in the late 1980s and against the publication of cartoons depicting the prophet Muhammad by Denmark’s Jyllands-Posten in 2005, but not lethal attacks of this nature over such things on French soil. The recent surge in these kinds of incidents and the animosity over Emmanuel Macron’s plan to fight “Islamist separatism” have added dimension to France’s jihadist threat. Militant propaganda has focused on blasphemous acts by French citizens and has framed Macron’s strategy as a direct attack on the country’s Muslim population.


 There were several warning signs leading up to the 2015 Charlie Hebdo attack. A 2010 issue of al-Qaeda in the Arabian Peninsula’s (AQAP) Inspire magazine featured a timeline of events related to depictions of the prophet Muhammad from 2005 to 2010, which included explicit mention of Charlie Hebdo. Anwar al-Awlaki warned, “If you have the right to slander the Messenger of Allah, we have the right to defend him. If it is part of your freedom of speech to defame Muhammad it is part of our religion to fight you.” Awlaki wrote about “the hatred the West holds towards Islam and the Prophet of Islam”. He called for retaliation and claimed that “Defending the Messenger of Allah is a greater cause than fighting for Palestine, Afghanistan or Iraq; it is greater than fighting for the protection of Muslim life, honor or wealth.” Awlaki focused on Western insults towards the most sacredly held beliefs of many Muslims, sanctified anger over these offences, and gave the greenlight for reprisal.


A subsequent 2013 issue of AQAP’s Inspire included a section about the “French crusader intervention in Mali” and a wanted poster featuring individuals accused of insulting Islam. Charlie Hebdo’s Stéphane Charbonnier was among the designated figures. On January 7, 2015, brothers Said and Cherif Kouachi conducted a raid on Charlie Hebdo’s offices that killed 12 people, including Charbonnier. The shooters had trained in Yemen, identified with AQAP, and executed the attack in retaliation to the magazine’s depiction of the Prophet Muhammad.
Blasphemy-motivated violence has reemerged with intensity in recent weeks, sparked again by the republication of these cartoons. Events transpired rather quickly with the high-profile Charlie Hebdo trial, the stabbing near the magazine’s former offices, the announcement of Emmanuel Macron’s plan, the beheading of history teacher Samuel Paty, and the church attack in Nice. Leaders of Muslim nations have scorned Macron, anti-France protests have erupted across the Islamic world, consumer boycotts have been promoted against French products, and there was a stabbing and subsequent Islamic State-claimed bombing targeting French diplomatic personnel in Saudi Arabia. Jihadist organizations and their online supporters have been actively stoking hostilities, celebrating the attacks, and calling for more violence. They have focused on Macron as a figurehead for insults to Islam and the Prophet Muhammad. The French government is accused of enabling and even encouraging blasphemy.

France is faced with a complex threat from independent actors as well as militants directed, guided, and inspired by jihadist organizations. France is in a precarious position and faces potential violence if a certain foreign policy decision is made, a citizen blasphemes, the state enacts a security measure, or an external event occurs in some foreign flashpoint. This reality informs the French desire to assert national sovereignty. France’s security environment is showing signs of deterioration and there is nothing to suggest the violence will subside anytime soon. It is clear the French people want meaningful action and time will reveal if Emmanuel Macron’s approach will have any real impact.

Continue Reading

Intelligence

Europe’s Cyber Resilience

Published

on

In today’s world, no organization or enterprise is completely safe from cyber-attacks or their possible consequences. In fact, one may even argue that the effects of Cyber Security incidents on our increasingly interconnected world have the potential to negatively affect every single individual on this planet. As a result, and aided by a progressively complex landscape of regulatory and legal requirements in this field and beyond, raising awareness of Cyber Security threats and, by extension, building Cyber Resilience, have developed from a traditionally rather technical matter into an increasingly important strategic topic for businesses, on the one hand, and into a critical diplomatic challenge for States, on the other hand.

The EU Network and Information Security Directive was the first piece of EU-wide Cyber Security legislation and aims to enhance Cyber Security across the EU. The national supervision of critical sectors, such as energy, transport, water, health, and critical digital service providers, including online market places, as well as the enhancement of national Cyber Security capabilities and facilitation of cross-border collaboration, are the key topics covered by the NIS Directive.[1] Moreover, the NIS Directive is part of the EU Cyber Security Strategy, which states “achieving Cyber Resilience” as one of its five priorities.[2] However, the fact that the NIS Directive was only adopted in 2016, with a deadline for national transposition by EU member States as recent as May 9, 2018, illustrates that Cyber Security and Cyber Resilience are relatively new topics in international collaborative efforts surrounding security and stability in Europe. One may argue that this recency inherently implies a certain lack of preparation for Cyber Security incidents; thus, vulnerability.

“The technology of today serves not only a Weberian predictability imperative – to further rationalise society. It makes society less safe and its individuals less free” – recently stated my former professor Anis H. Bajrektarevic discussing the EU cyber-related legislation.[3]Hence, a preparation, in other words – strategic investment in preventative measures and resources, is considered an essential aspect of Cyber Security as well as critical to Cyber Resilience. While Cyber Security is primarily concerned with the protection of information technology and systems,[4] Cyber Resilience aims to ensure the effective continuation of an organizations operations and to prevent demobilization of business- or organization-critical functions in the event of security incidents.[5] To be more specific, it is “the ability to prepare for, respond to and recover from cyber attacks” and other security incidents, such as data breaches, that is commonly referred to as Cyber Resilience.[6]

In this context, it has been argued that the creation of a resilience-conscious culture is a key element of successful Cyber Resilience strategies.[7] Creating such a cyber resilient culture involves raising awareness of Cyber Security threats, such as phishing and malware, and communicating ways to minimize risks stemming from them to people outside of Cyber Security functions.[8] The main goal here is to facilitate a cyber resilient mindset through awareness-building measures, leading to the question: If promoting awareness of Cyber Security threats ultimately enhances Cyber Resilience, how can we, first of all, assess the status quo of Europe’s Cyber Resilience and subsequently, monitor the progress and effectiveness of such awareness building measures, in order to better understand, compare and ultimately enhance the Cyber Resilience of individual States and Europe in its entirety?

This essay will argue that “a false sense of security” in the private sector is a warning sign regarding the Cyber Resilience of States, hence, a warning sign regarding the status quo of Europe’s Cyber Resilience. Moreover, it will argue that “a false sense of security” can serve as a valuable indicator for the effectiveness of, and increased need for Cyber Security awareness measures. This will be accomplished through the following approach:

Firstly, the essential need for and feasibility of active preparation for seemingly unlikely crisis situations, will be emphasized. To illustrate this point, the controversy surrounding the classification of the COVID-19 pandemic as “black swan event” will be discussed. Secondly, the discussion of several recent Cyber Security related incidents and their implications, will highlight that businesses and governments worldwide must, more than ever, and especially due to the C-19 related acceleration of digitalization, improve their Cyber Resilience. The main goal here will be to draw attention to the worldwide existing deficiencies regarding Cyber Resilience and, based on this, illustrate the need for and value of finding new ways to assess Cyber Resilience, but also key aspects of Cyber Resilience. Thirdly, current insights from the recently published study “Cyber Security in Austria”[9] will be discussed and contrasted with the respective risk assessment from The Global Risks Report 2019[10] to illustrate apparent discrepancies in security related self-perception in the private sector versus the reality of the risk situation. It is important to note here that “a false sense of security” means feeling safe in an unsafe environment. Therefore, such discrepancies represent “a false sense of security”. As a final step, possible implications and limitations of the presented ideas will be discussed.

A black swan event is an unpredictable, highly improbable and rare event that has serious and potentially catastrophic consequences. One main characteristic of black swan events is the widespread insistence that their occurrence was obvious in hindsight; thus, should have been foreseen.[11] In the recent past, this concept, which the Lebanese-American philosopher, professor and former Wall Street trader, Nassim Nicholas Taleb, developed and already described in 2007, has, in connection with the C-19 pandemic, again become a topic of conversation – not least because of social media, such as Twitter (#blackswan). While there seems to be general disagreement as to whether the ongoing C-19 pandemic constitutes a “real” black swan event, Taleb himself stated in an interview that the eventual outbreak of a global pandemic with all its consequences was, in fact, a predictable “white swan” event, arguing that companies, corporations and especially governments, had no excuse, not to be prepared.[12]

Regardless of swan color, however, in connection with the aforementioned ability to prepare for cyber attacks, it can be argued that a particularly relevant consequence of the C-19 pandemic, in terms of Cyber Security and subsequently, security in Europe, has been the acceleration of digitalization throughout the world, affecting the public and private sector, as well as the private sphere of people’s homes. Exit restrictions and other social-distancing measures imposed by governments worldwide, in an effort to curb the spread of the virus, have caused the global demand for remote working technologies to skyrocket within a remarkably short period of time. For example, the video conferencing solution provider Zoom experienced, within just a few weeks, a surge from around 10 million daily active users at the end of December 2019, to over 200 million daily active users in March 2020.[13] It was not long before data privacy and data security related problems with Zoom became apparent: “Zoom bombing” or video hijacking, which refers to the unwanted and disruptive intrusion of a person into a Zoom video meeting, a lack of end-to-end encryption and, in this regard, misleading information advertised on part of the provider, along with various IT security related vulnerabilities that allowed hackers, among other things, unauthorized remote access to end user’s Mac computers – including webcam and microphone access, Zoom’s deployment of in-app surveillance features, as well as questionable handling and alleged trade with the obtained user data were, already by April 2020, seen as a considerable cause for concern, leading security experts to describe Zoom as “a privacy disaster”, and “fundamentally corrupt”. Moreover, Arvind Narayanan, associate computer science professor at Princeton University, was quoted as saying: “Zoom is malware”.[14] The most memorable piece of news concerning Zoom was, however, arguably about the British prime minister Boris Johnson accidentally posting sensitive information, including the Zoom meeting ID and the login names of several participants, when sharing a screenshot of his first-ever digital cabinet meeting via Twitter.[15]

The example of Zoom illustrates how companies, organizations, governments and private individuals benefit to an unprecedented extent from the advantages of digitalization, especially in the context of the ongoing C-19 pandemic, but also beyond such global crisis situations, while at the same time being faced with the considerable challenges and security risks brought about by the new technologies of what is known as the Fourth Industrial Revolution. This Fourth Industrial Revolution, being “characterized by a fusion of technologies that is blurring the lines between the physical, digital, and biological spheres”, is changing the ways we live, work and interact,[16] resulting in significant risks to the privacy of natural persons, as well as to security and stability in general.

Several recently occurring or publicly emerging Cyber Security incidents underpin the scope of these risks: A cyber-attack on the British airline EasyJet, in the course of which personal data including email addresses and travel plans of 9 million EasyJet customers and additionally, credit card details of over 2,000 customers, were stolen, became known in May 2020.[17] This once again demonstrates that companies of all kinds can at all times become targets and victims of cyber-attacks. Costly penalties for violations of the General Data Protection Regulation (EU) 2016/679 (GDPR), as well as claims for damages and lawsuits by those affected and, last but not least, the loss of reputation often caused by such security incidents, pose significant challenges for companies under any circumstances. These challenges can, however, easily become existence-threatening, especially in view of the C-19 induced crisis situation, in which particularly the aviation industry currently finds itself in, as recently highlighted, when Austrian Airlines received EUR 450 million in financial aid from the Austrian government.[18]

On the one hand, the EasyJet security incident illustrates that Cyber Resilience has, in recent years, developed from a formerly predominantly technical matter into a business-critical strategic topic and, in today’s world, competitive advantage for companies, whereas on the other hand, the case of Austrian Airlines requiring millions of Euros of state aid to continue their operations, illustrates how crisis situations faced by private companies can and do affect States. 

As a matter of fact, we live in a time where the vulnerability of critical infrastructure is a real concern among security specialists[19] and States, as illustrated by the following example: A joint memo, sent out in May 2020 by German intelligence and security agencies, warned German operators of critical infrastructure against hacker attacks. The memo included a description of the hackers’ approach as well as information indicating long-standing compromises in corporate networks of companies operating in the energy, water and telecommunications sector,[20] in other words, critical sectors covered by the EU Network and Information Security Directive 2016/1148 (NIS).

It is in light of security incidents like these, that the results of and contradictions arising from this year’s “Cyber Security isn Austria” study (KPMG, 2020),[21] may be perceived as especially worrying: According to the study, 27% of 652 companies surveyed place great trust in their Cyber Security measures, while 58% “rather” trust their Cyber Security measures. At the same time, 57% of participating companies became victims of cyber attacks in the past 12 months, of which 74% where phishing attacks.[22] It is important to note here, that, when it comes to the prevention of phishing attacks, security experts consider regularly training employees on security awareness, essential.[23] In the context of such Cyber Security awareness measures, it seems especially interesting that the study highlighted the significance of employees in the detection of cyber attacks, as opposed to merely focusing on employees as a potential weakness: 79% of companies stated that they had become aware of a cyber attack through their own employees, while internal security systems ranked second (72%) as a means of detection. Awareness building measures must, therefore, remain a high priority for companies.[24]

Furthermore, the study established that one third of companies believe it would take them 1 to 4 weeks to safely remove attackers from their systems, while a fourth of companies even believe it would merely take them between 2 and 6 days. These findings are in direct contradiction with the considerably longer and demonstrably increasing average “dwell time” (100 to 170 days) of attackers in corporate networks.[25] Regarding Cyber Resilience, it is worth noting here, that although 69% of companies surveyed invest in awareness and security monitoring to protect themselves against cyber attacks, only 25% prepare for possible damage through cyber insurance coverage.[26] Also, the study found that 82% of companies would like to see established a government agency dedicated exclusively to Cyber Security issues and 77% would like to be supported more by the State, while at the same time, 57% state that they do not trust the authorities when it comes to Cyber Security. Additionally, it was found that the primary expectation (64% of companies) companies have toward the State is the provision of information and EU-wide support as well as exchange between experts from the State and private sector, in order to learn from each other.[27] Considering the companies’ expectations regarding the exchange of information between experts, it seems particularly striking that about 90% declined to comment on the effects that past Cyber Security incidents had in terms of damage caused to their reputation. Based on this finding, it was concluded that a trustful exchange of information must be encouraged and observed, that changes to the existing legal framework would help facilitate open communication on cybercrime.[28]

All in all, it was concluded that Austrian companies mistrust others, but do not protect themselves sufficiently, that they demand cooperation, however, shy away from open communication and that they feel more secure than they are.[29] In other words, “a false sense of security” in the Austrian private sector, emerged as a key finding.

It was already established earlier that “a false sense of security” means feeling safe in an unsafe environment. Therefore, it seems only logical to look in more detail at the threat environment, also known as risk environment, in which businesses in today’s world operate in. For the sake of coherence and comparability, the following section will, first of all, examine Austria’s situation before briefly considering the global risk environment:

The “Risks of Doing Business 2019” report (World Economic Forum) rates cyber-attacks as the most critical business risk in Austria (46.7%) and data fraud or theft as second critical (34.1%).[30] Taking into account the previously discussed findings regarding levels of trust companies place in their security measures (27% trust “greatly”, 58% “rather” trust)[31] and unrealistic company estimates of attacker “dwell time” in corporate networks, “a false sense of security” clearly reemerges. The top Risks of Doing Business 2019 on a global scale are fiscal crises (28.9%), closely followed by cyber attacks (28.2%) as the second critical risk and unemployment or underemployment (28.2%) as the third critical risk, while data fraud or theft ranks seventh (22.4%),[32] firmly establishing technological risks among the most critical risks globally.

Overall, and especially against the background of the global risk environment and increasing interconnectedness of the public and private sector, “a false sense of security”, or to be more precise, “a false sense of Cyber Security” in the private sector must, therefore, be considered a significant threat for the security of private companies and, consequently, the security in Europe, a warning sign regarding the status quo of Europe’s Cyber Resilience and, one may argue, valuable instrument in assessing the effectiveness of Cyber Security awareness measures.

While the scope and purpose of this essay did not allow for an in-depth analysis of how “a false sense of security” may practically be translated into a quantifiable, clearly defined key performance or risk indicator, it may serve as a starting point in doing so. Also, it may rightfully be argued that any indicator of performance or risk must be evaluated in the context of already established key performance and risk indicators, as well as existing efforts, procedures and best practices in the field, in order to fully assess its value and usefulness. Again, the scope of this essay did not allow for an in-depth analysis in this regard. Nevertheless, it may prove useful as a starting point in doing so. Other limitations and challenges arising from the scope, purpose and choice of approach as well as ideas advanced in this essay, include the risk of bias when generalizing from Austria to Europe and the risk of response bias (demand bias) when utilizing survey questions to identify “a false sense of security” with the same participants.

Nevertheless, despite these limitations, it seems possible to derive the following conclusions from the analysis conducted in this essay: a) the security and stability in Europe depend on the ability of States to continuously improve and maintain their Cyber Resilience, b) Europe’s Cyber Resilience is closely tied to the Cyber Resilience of each States’ private sector and, as a result, the actors operating within them, c) improving cooperation and trust between the public and the private sector as well as between States is necessary to improve Europe’s Cyber Resilience and, d) an organization with the appropriate authority, financial and professional capacity as well as reach, such as, one may argue, the OSCE, must act as the initiator and governing body of projects aiming to utilize “a false sense of security” to assess Europe’s Cyber Resilience and existing security awareness measures.

All in all, one may conclude that in order to ensure and enhance security and stability in Europe in our increasingly interconnected world, especially in the face of rapid technological progress, new technologies and the recent acceleration of digitalization, an urgent need to continuously improve and monitor Europe’s Cyber Resilience exists. This will call for more and more cooperation between the public and private sector, as well as between States and will, consequently, likely even heighten the significance of international organizations, such as the OSCE, in initiating, financing, overseeing and supporting Cyber Resilience initiatives in Europe.


[1] ENISA. NIS Directive. n.d. https://www.enisa.europa.eu/topics/nis-directive (accessed June 25, 2020).

[2] European Commission. EU Cybersecurity plan to protect open internet and online freedom and opportunity. February 7, 2013. https://ec.europa.eu/commission/presscorner/detail/en/IP_13_94 (accessed June 25, 2020).

[3]Bajrektarevic, Anis. Twinning Europe and Asia in Cyberspace: the EU GDPR Legislation and its Transformative Power.January 2019. Diplomat Magazine (Hague-Brussels)

[4] RSI Security. What is cyber resilience and why is it important? August 14, 2019. https://blog.rsisecurity.com/what-is-cyber-resilience-and-why-is-it-important/ (accessed June 25, 2020).

[5] De Groot, Juliana. What is Cyber Resilience. February 4, 2019. https://digitalguardian.com/blog/what-cyber-resilience (accessed June 25, 2020).

[6] IT Governance Ltd. What is cyber resilience? n.d. https://www.itgovernance.co.uk/cyber-resilience (accessed June 25, 2020).

[7] Hughes, Mark. Beyond awareness: Create a cyber resilient culture. September 2019. https://thrive.dxc.technology/2019/09/10/beyond-awareness-create-a-cyber-resilient-culture/ (accessed June 6, 2020).

[8] Hughes. Beyond awareness: Create a cyber resilient culture. September 2019.

[9] KPMG. Cyber Security in Österreich. Study, Vienna: KPMG Security Services GmbH, 2020.

[10] World Economic Forum. Risks of Doing Business 2019. 2019. https://reports.weforum.org/global-risks-report-2020/survey-results/global-risks-of-highest-concern-for-doing-business-2020/ (accessed June 25, 2020).

[11] Chappelow, Jim. Black Swan. March 11, 2020. https://www.investopedia.com/terms/b/blackswan.asp (accessed June 25, 2020).

[12]Taleb, Nassim Nicholas, interview by Bloomberg TV. Taleb Says “White Swan” Coronavirus Was Preventable (March 31, 2020).

[13]Fuscaldo, Donna. Zoom’s Daily Active Users Surged to 200 Million in March… and That’s Part of the Problem. April 2, 2020. https://www.nasdaq.com/articles/zooms-daily-active-users-surged-to-200-million-in-march…-and-thats-part-of-the-problem (accessed June 25, 2020).

[14] Paul, Kari. ‘Zoom is malware’: why experts worry about the video conferencing platform. April 2, 2020. https://www.theguardian.com/technology/2020/apr/02/zoom-technology-security-coronavirus-video-conferencing (accessed June 25, 2020).

[15] futurezone. Netzpolitik: Boris Johnson postet aus Versehen sensible Infos.April 1, 2020. https://futurezone.at/netzpolitik/corona-boris-johnson-postet-aus-versehen-sensible-infos/400800110 (accessed June 25, 2020).

[16] Schwab, Klaus. The Fourth Industrial Revolution: what it means, how to respond. January 14, 2016. https://www.weforum.org/agenda/2016/01/the-fourth-industrial-revolution-what-it-means-and-how-to-respond/ (accessed June 25, 2020).

[17] Hauser, Christine. EasyJet Says Cyberattack Stole Data of 9 Million Customers. May 19, 2020. https://www.nytimes.com/2020/05/19/business/easyjet-hacked.html (accessed June 25, 2020).

[18] Hodoschek, Andrea. Wirtschaft: AUA-Rettungspaket steht: 450 Millionen Euro Staatshilfe.June 8, 2020. https://kurier.at/wirtschaft/aua-rettungspaket-steht-450-millionen-euro-staatshilfe/400934555 (accessed June 25, 2020).

[19] Allianz. Cyber attacks on critical infrastructure. n.d. https://www.agcs.allianz.com/news-and-insights/expert-risk-articles/cyber-attacks-on-critical-infrastructure.html (accessed June 25, 2020).

[20] Tanriverdi, Hakan. Kritische Infrastruktur: Behörden warnen vor Hackerangriffen.May 27, 2020. https://www.br.de/nachrichten/deutschland-welt/kritische-infrastruktur-behoerden-warnen-vor-hackerangriffen,S0CJ1JP (accessed June 25, 2020).

[21] KPMG. Cyber Security in Österreich. 2020.

[22] KPMG. Cyber Security in Österreich. 2020: 6.

[23] Lord, Nate. Phishing Attack Prevention: How to Identify & Avoid Phishing Scams in 2019. July 12, 2019. https://digitalguardian.com/blog/phishing-attack-prevention-how-identify-avoid-phishing-scams (accessed June 25, 2020).

[24] KPMG. Cyber Security in Österreich. 2020: 13.

[25] KPMG. Cyber Security in Österreich. 2020: 4.

[26] KPMG. Cyber Security in Österreich. 2020: 6.

[27] KPMG. Cyber Security in Österreich. 2020: 23.

[28] KPMG. Cyber Security in Österreich. 2020: 14.

[29] KPMG. Cyber Security in Österreich. 2020: 4.

[30] World Economic Forum. Risks of Doing Business 2019. 2019.

[31] KPMG. Cyber Security in Österreich. 2020: 6.

[32] World Economic Forum. Risks of Doing Business 2019. 2019.

Continue Reading

Intelligence

Extortion, bio-warfare and terrorism: Extremists are exploiting the pandemic

Published

on

Criminals and violent extremists are exploiting the pandemic to build their support networks, undermine trust in government and even weaponize the virus, according to a research report published on Wednesday by the United Nations Interregional Crime and Justice Research Institute (UNICRI). 

“Terrorist, violent extremist and organized criminal groups are trying to take advantage of the Coronavirus disease (COVID-19) pandemic to expand their activities and jeopardize the efficacy and credibility of response measures by governments”, UNICRI Director Antonia Marie De Meo wrote in the introduction to the report, entitled “Stop the virus of disinformation”.

Social media incitement

“It is also alarming that some terrorist and violent extremist groups have attempted to misuse social media to incite potential terrorists to intentionally spread COVID-19 and to use it as an improvised form of a biological weapon”, Ms. De Meo wrote.

Social media could be used to “inspire terrorism”, motivating self-radicalized terrorists to perpetrate real attacks, the researchers found.

“There are cases in which right-wing extremist groups… explicitly asked their followers to spread the virus by coughing on their local minority or by attending to specific places where religious or racial minorities gather. Other groups…advocate to spread the coronavirus disease in countries with large populations or high levels of pollution”, the report said.

‘Inspired terrorism’ case

A notable case of “inspired terrorism” was that of Timothy Wilson, who plotted to detonate a bomb in a hospital caring for coronavirus patients in Kansas City. He died during a firefight with the US Federal Bureau of Investigation in March.

He had been active in at least two neo-Nazi channels on the social media platform Telegram, and his last online comment was an antisemitic message regarding the origin of COVID-19, the report said.

The researchers examined three groups of non-State actors: right-wing extremists; groups associated with the ISIL or Da’esh terror group and Al-Qaida; and organized crime groups.

They described how extremists, especially right-wing groups, used social media to spread conspiracy theories and disinformation about the virus, expanding their networks by exploiting algorithms that identify potentially sympathetic people who have liked and forwarded particular memes.

Conspiracy theories

The conspiracy theories often melded different and contradictory stories, the report said, including “the identification of the 5G mobile phone signal as a vehicle to transmit the virus, or the false claim that the pandemic has been masterminded by Bill Gates to implant microchips into human beings, or the false idea that the virus is a hoax and does not exist”.

The economic crisis created by the pandemic was also giving criminal groups openings to take control of legitimate companies and shops that may be at risk of bankruptcy, citing the case of drug cartels trying to take over pharmacies in four Mexican states, and investigations into extortion in Italy.

Debunking tools

The UNICRI researchers identified several instruments to debunk disinformation and misinformation, including data science tools, fact-checking apps and artificial intelligence, but warned that technology countermeasures alone cannot stop abuse of social media.  

In a separate case of disinformation, the UN refugee agency (UNHCR), has warned about fake information circulating on social media concerning the refugee situation in Ethiopia, such as reports that UN staff had been arrested in the Tigray region and had their vehicles confiscated.  

“These are false. All of our personnel and vehicles in Tigray are accounted for. We urge those using social media to share information responsibly and from corroborated sources only”, the UN agency said.

Continue Reading

Publications

Latest

Americas1 hour ago

Why are some Muslims, from India to the U.S Voting against their Natural Allies

Recent national elections in the U.S. and regional elections in India have presented an interesting conundrum. The numbers show that...

Americas3 hours ago

Which Coronavirus Policies Succeed, And Which Fail: N.Y. Times Analysis Confirms Mine

According to an analysis by and in the New York Times on November 18th, which is headlined “States That Imposed...

Defense5 hours ago

The imperative of a military QUAD

After dithering for a while, India has chosen to make the Malabar naval exercise a quadrilateral one by inviting Australia...

Health & Wellness7 hours ago

‘Real hope’ surrounding COVID vaccines ‘cannot be overstated’: WHO

Along with other tried and tested public health measures, the head of the World Health Organization (WHO) told journalists on...

Environment9 hours ago

ADB, Indorama Ventures Sign $100 Million Blue Loan to Boost Recycling

The Asian Development Bank (ADB) and Indorama Ventures Public Company Limited (IVL) signed a $100 million financing package to reduce...

Development11 hours ago

Global leaders to shape the Davos Agenda ahead of ‘crucial year to rebuild trust’

The Davos Agenda is a pioneering mobilization of global leaders to rebuild trust to shape the principles, policies and partnerships...

EU Politics14 hours ago

G20 leaders united to address major global pandemic and economic challenges

President of the European Commission, Ursula von der Leyen, and President of the European Council, Charles Michel, represented the EU...

Trending