In today’s world, no organization or enterprise is completely safe from cyber-attacks or their possible consequences. In fact, one may even argue that the effects of Cyber Security incidents on our increasingly interconnected world have the potential to negatively affect every single individual on this planet. As a result, and aided by a progressively complex landscape of regulatory and legal requirements in this field and beyond, raising awareness of Cyber Security threats and, by extension, building Cyber Resilience, have developed from a traditionally rather technical matter into an increasingly important strategic topic for businesses, on the one hand, and into a critical diplomatic challenge for States, on the other hand.
The EU Network and Information Security Directive was the first piece of EU-wide Cyber Security legislation and aims to enhance Cyber Security across the EU. The national supervision of critical sectors, such as energy, transport, water, health, and critical digital service providers, including online market places, as well as the enhancement of national Cyber Security capabilities and facilitation of cross-border collaboration, are the key topics covered by the NIS Directive. Moreover, the NIS Directive is part of the EU Cyber Security Strategy, which states “achieving Cyber Resilience” as one of its five priorities. However, the fact that the NIS Directive was only adopted in 2016, with a deadline for national transposition by EU member States as recent as May 9, 2018, illustrates that Cyber Security and Cyber Resilience are relatively new topics in international collaborative efforts surrounding security and stability in Europe. One may argue that this recency inherently implies a certain lack of preparation for Cyber Security incidents; thus, vulnerability.
“The technology of today serves not only a Weberian predictability imperative – to further rationalise society. It makes society less safe and its individuals less free” – recently stated my former professor Anis H. Bajrektarevic discussing the EU cyber-related legislation.Hence, a preparation, in other words – strategic investment in preventative measures and resources, is considered an essential aspect of Cyber Security as well as critical to Cyber Resilience. While Cyber Security is primarily concerned with the protection of information technology and systems, Cyber Resilience aims to ensure the effective continuation of an organizations operations and to prevent demobilization of business- or organization-critical functions in the event of security incidents. To be more specific, it is “the ability to prepare for, respond to and recover from cyber attacks” and other security incidents, such as data breaches, that is commonly referred to as Cyber Resilience.
In this context, it has been argued that the creation of a resilience-conscious culture is a key element of successful Cyber Resilience strategies. Creating such a cyber resilient culture involves raising awareness of Cyber Security threats, such as phishing and malware, and communicating ways to minimize risks stemming from them to people outside of Cyber Security functions. The main goal here is to facilitate a cyber resilient mindset through awareness-building measures, leading to the question: If promoting awareness of Cyber Security threats ultimately enhances Cyber Resilience, how can we, first of all, assess the status quo of Europe’s Cyber Resilience and subsequently, monitor the progress and effectiveness of such awareness building measures, in order to better understand, compare and ultimately enhance the Cyber Resilience of individual States and Europe in its entirety?
This essay will argue that “a false sense of security” in the private sector is a warning sign regarding the Cyber Resilience of States, hence, a warning sign regarding the status quo of Europe’s Cyber Resilience. Moreover, it will argue that “a false sense of security” can serve as a valuable indicator for the effectiveness of, and increased need for Cyber Security awareness measures. This will be accomplished through the following approach:
Firstly, the essential need for and feasibility of active preparation for seemingly unlikely crisis situations, will be emphasized. To illustrate this point, the controversy surrounding the classification of the COVID-19 pandemic as “black swan event” will be discussed. Secondly, the discussion of several recent Cyber Security related incidents and their implications, will highlight that businesses and governments worldwide must, more than ever, and especially due to the C-19 related acceleration of digitalization, improve their Cyber Resilience. The main goal here will be to draw attention to the worldwide existing deficiencies regarding Cyber Resilience and, based on this, illustrate the need for and value of finding new ways to assess Cyber Resilience, but also key aspects of Cyber Resilience. Thirdly, current insights from the recently published study “Cyber Security in Austria” will be discussed and contrasted with the respective risk assessment from The Global Risks Report 2019 to illustrate apparent discrepancies in security related self-perception in the private sector versus the reality of the risk situation. It is important to note here that “a false sense of security” means feeling safe in an unsafe environment. Therefore, such discrepancies represent “a false sense of security”. As a final step, possible implications and limitations of the presented ideas will be discussed.
A black swan event is an unpredictable, highly improbable and rare event that has serious and potentially catastrophic consequences. One main characteristic of black swan events is the widespread insistence that their occurrence was obvious in hindsight; thus, should have been foreseen. In the recent past, this concept, which the Lebanese-American philosopher, professor and former Wall Street trader, Nassim Nicholas Taleb, developed and already described in 2007, has, in connection with the C-19 pandemic, again become a topic of conversation – not least because of social media, such as Twitter (#blackswan). While there seems to be general disagreement as to whether the ongoing C-19 pandemic constitutes a “real” black swan event, Taleb himself stated in an interview that the eventual outbreak of a global pandemic with all its consequences was, in fact, a predictable “white swan” event, arguing that companies, corporations and especially governments, had no excuse, not to be prepared.
Regardless of swan color, however, in connection with the aforementioned ability to prepare for cyber attacks, it can be argued that a particularly relevant consequence of the C-19 pandemic, in terms of Cyber Security and subsequently, security in Europe, has been the acceleration of digitalization throughout the world, affecting the public and private sector, as well as the private sphere of people’s homes. Exit restrictions and other social-distancing measures imposed by governments worldwide, in an effort to curb the spread of the virus, have caused the global demand for remote working technologies to skyrocket within a remarkably short period of time. For example, the video conferencing solution provider Zoom experienced, within just a few weeks, a surge from around 10 million daily active users at the end of December 2019, to over 200 million daily active users in March 2020. It was not long before data privacy and data security related problems with Zoom became apparent: “Zoom bombing” or video hijacking, which refers to the unwanted and disruptive intrusion of a person into a Zoom video meeting, a lack of end-to-end encryption and, in this regard, misleading information advertised on part of the provider, along with various IT security related vulnerabilities that allowed hackers, among other things, unauthorized remote access to end user’s Mac computers – including webcam and microphone access, Zoom’s deployment of in-app surveillance features, as well as questionable handling and alleged trade with the obtained user data were, already by April 2020, seen as a considerable cause for concern, leading security experts to describe Zoom as “a privacy disaster”, and “fundamentally corrupt”. Moreover, Arvind Narayanan, associate computer science professor at Princeton University, was quoted as saying: “Zoom is malware”. The most memorable piece of news concerning Zoom was, however, arguably about the British prime minister Boris Johnson accidentally posting sensitive information, including the Zoom meeting ID and the login names of several participants, when sharing a screenshot of his first-ever digital cabinet meeting via Twitter.
The example of Zoom illustrates how companies, organizations, governments and private individuals benefit to an unprecedented extent from the advantages of digitalization, especially in the context of the ongoing C-19 pandemic, but also beyond such global crisis situations, while at the same time being faced with the considerable challenges and security risks brought about by the new technologies of what is known as the Fourth Industrial Revolution. This Fourth Industrial Revolution, being “characterized by a fusion of technologies that is blurring the lines between the physical, digital, and biological spheres”, is changing the ways we live, work and interact, resulting in significant risks to the privacy of natural persons, as well as to security and stability in general.
Several recently occurring or publicly emerging Cyber Security incidents underpin the scope of these risks: A cyber-attack on the British airline EasyJet, in the course of which personal data including email addresses and travel plans of 9 million EasyJet customers and additionally, credit card details of over 2,000 customers, were stolen, became known in May 2020. This once again demonstrates that companies of all kinds can at all times become targets and victims of cyber-attacks. Costly penalties for violations of the General Data Protection Regulation (EU) 2016/679 (GDPR), as well as claims for damages and lawsuits by those affected and, last but not least, the loss of reputation often caused by such security incidents, pose significant challenges for companies under any circumstances. These challenges can, however, easily become existence-threatening, especially in view of the C-19 induced crisis situation, in which particularly the aviation industry currently finds itself in, as recently highlighted, when Austrian Airlines received EUR 450 million in financial aid from the Austrian government.
On the one hand, the EasyJet security incident illustrates that Cyber Resilience has, in recent years, developed from a formerly predominantly technical matter into a business-critical strategic topic and, in today’s world, competitive advantage for companies, whereas on the other hand, the case of Austrian Airlines requiring millions of Euros of state aid to continue their operations, illustrates how crisis situations faced by private companies can and do affect States.
As a matter of fact, we live in a time where the vulnerability of critical infrastructure is a real concern among security specialists and States, as illustrated by the following example: A joint memo, sent out in May 2020 by German intelligence and security agencies, warned German operators of critical infrastructure against hacker attacks. The memo included a description of the hackers’ approach as well as information indicating long-standing compromises in corporate networks of companies operating in the energy, water and telecommunications sector, in other words, critical sectors covered by the EU Network and Information Security Directive 2016/1148 (NIS).
It is in light of security incidents like these, that the results of and contradictions arising from this year’s “Cyber Security isn Austria” study (KPMG, 2020), may be perceived as especially worrying: According to the study, 27% of 652 companies surveyed place great trust in their Cyber Security measures, while 58% “rather” trust their Cyber Security measures. At the same time, 57% of participating companies became victims of cyber attacks in the past 12 months, of which 74% where phishing attacks. It is important to note here, that, when it comes to the prevention of phishing attacks, security experts consider regularly training employees on security awareness, essential. In the context of such Cyber Security awareness measures, it seems especially interesting that the study highlighted the significance of employees in the detection of cyber attacks, as opposed to merely focusing on employees as a potential weakness: 79% of companies stated that they had become aware of a cyber attack through their own employees, while internal security systems ranked second (72%) as a means of detection. Awareness building measures must, therefore, remain a high priority for companies.
Furthermore, the study established that one third of companies believe it would take them 1 to 4 weeks to safely remove attackers from their systems, while a fourth of companies even believe it would merely take them between 2 and 6 days. These findings are in direct contradiction with the considerably longer and demonstrably increasing average “dwell time” (100 to 170 days) of attackers in corporate networks. Regarding Cyber Resilience, it is worth noting here, that although 69% of companies surveyed invest in awareness and security monitoring to protect themselves against cyber attacks, only 25% prepare for possible damage through cyber insurance coverage. Also, the study found that 82% of companies would like to see established a government agency dedicated exclusively to Cyber Security issues and 77% would like to be supported more by the State, while at the same time, 57% state that they do not trust the authorities when it comes to Cyber Security. Additionally, it was found that the primary expectation (64% of companies) companies have toward the State is the provision of information and EU-wide support as well as exchange between experts from the State and private sector, in order to learn from each other. Considering the companies’ expectations regarding the exchange of information between experts, it seems particularly striking that about 90% declined to comment on the effects that past Cyber Security incidents had in terms of damage caused to their reputation. Based on this finding, it was concluded that a trustful exchange of information must be encouraged and observed, that changes to the existing legal framework would help facilitate open communication on cybercrime.
All in all, it was concluded that Austrian companies mistrust others, but do not protect themselves sufficiently, that they demand cooperation, however, shy away from open communication and that they feel more secure than they are. In other words, “a false sense of security” in the Austrian private sector, emerged as a key finding.
It was already established earlier that “a false sense of security” means feeling safe in an unsafe environment. Therefore, it seems only logical to look in more detail at the threat environment, also known as risk environment, in which businesses in today’s world operate in. For the sake of coherence and comparability, the following section will, first of all, examine Austria’s situation before briefly considering the global risk environment:
The “Risks of Doing Business 2019” report (World Economic Forum) rates cyber-attacks as the most critical business risk in Austria (46.7%) and data fraud or theft as second critical (34.1%). Taking into account the previously discussed findings regarding levels of trust companies place in their security measures (27% trust “greatly”, 58% “rather” trust) and unrealistic company estimates of attacker “dwell time” in corporate networks, “a false sense of security” clearly reemerges. The top Risks of Doing Business 2019 on a global scale are fiscal crises (28.9%), closely followed by cyber attacks (28.2%) as the second critical risk and unemployment or underemployment (28.2%) as the third critical risk, while data fraud or theft ranks seventh (22.4%), firmly establishing technological risks among the most critical risks globally.
Overall, and especially against the background of the global risk environment and increasing interconnectedness of the public and private sector, “a false sense of security”, or to be more precise, “a false sense of Cyber Security” in the private sector must, therefore, be considered a significant threat for the security of private companies and, consequently, the security in Europe, a warning sign regarding the status quo of Europe’s Cyber Resilience and, one may argue, valuable instrument in assessing the effectiveness of Cyber Security awareness measures.
While the scope and purpose of this essay did not allow for an in-depth analysis of how “a false sense of security” may practically be translated into a quantifiable, clearly defined key performance or risk indicator, it may serve as a starting point in doing so. Also, it may rightfully be argued that any indicator of performance or risk must be evaluated in the context of already established key performance and risk indicators, as well as existing efforts, procedures and best practices in the field, in order to fully assess its value and usefulness. Again, the scope of this essay did not allow for an in-depth analysis in this regard. Nevertheless, it may prove useful as a starting point in doing so. Other limitations and challenges arising from the scope, purpose and choice of approach as well as ideas advanced in this essay, include the risk of bias when generalizing from Austria to Europe and the risk of response bias (demand bias) when utilizing survey questions to identify “a false sense of security” with the same participants.
Nevertheless, despite these limitations, it seems possible to derive the following conclusions from the analysis conducted in this essay: a) the security and stability in Europe depend on the ability of States to continuously improve and maintain their Cyber Resilience, b) Europe’s Cyber Resilience is closely tied to the Cyber Resilience of each States’ private sector and, as a result, the actors operating within them, c) improving cooperation and trust between the public and the private sector as well as between States is necessary to improve Europe’s Cyber Resilience and, d) an organization with the appropriate authority, financial and professional capacity as well as reach, such as, one may argue, the OSCE, must act as the initiator and governing body of projects aiming to utilize “a false sense of security” to assess Europe’s Cyber Resilience and existing security awareness measures.
All in all, one may conclude that in order to ensure and enhance security and stability in Europe in our increasingly interconnected world, especially in the face of rapid technological progress, new technologies and the recent acceleration of digitalization, an urgent need to continuously improve and monitor Europe’s Cyber Resilience exists. This will call for more and more cooperation between the public and private sector, as well as between States and will, consequently, likely even heighten the significance of international organizations, such as the OSCE, in initiating, financing, overseeing and supporting Cyber Resilience initiatives in Europe.
 ENISA. NIS Directive. n.d. https://www.enisa.europa.eu/topics/nis-directive (accessed June 25, 2020).
 European Commission. EU Cybersecurity plan to protect open internet and online freedom and opportunity. February 7, 2013. https://ec.europa.eu/commission/presscorner/detail/en/IP_13_94 (accessed June 25, 2020).
Bajrektarevic, Anis. Twinning Europe and Asia in Cyberspace: the EU GDPR Legislation and its Transformative Power.January 2019. Diplomat Magazine (Hague-Brussels)
 RSI Security. What is cyber resilience and why is it important? August 14, 2019. https://blog.rsisecurity.com/what-is-cyber-resilience-and-why-is-it-important/ (accessed June 25, 2020).
 De Groot, Juliana. What is Cyber Resilience. February 4, 2019. https://digitalguardian.com/blog/what-cyber-resilience (accessed June 25, 2020).
 IT Governance Ltd. What is cyber resilience? n.d. https://www.itgovernance.co.uk/cyber-resilience (accessed June 25, 2020).
 Hughes, Mark. Beyond awareness: Create a cyber resilient culture. September 2019. https://thrive.dxc.technology/2019/09/10/beyond-awareness-create-a-cyber-resilient-culture/ (accessed June 6, 2020).
 Hughes. Beyond awareness: Create a cyber resilient culture. September 2019.
 KPMG. Cyber Security in Österreich. Study, Vienna: KPMG Security Services GmbH, 2020.
 World Economic Forum. Risks of Doing Business 2019. 2019. https://reports.weforum.org/global-risks-report-2020/survey-results/global-risks-of-highest-concern-for-doing-business-2020/ (accessed June 25, 2020).
 Chappelow, Jim. Black Swan. March 11, 2020. https://www.investopedia.com/terms/b/blackswan.asp (accessed June 25, 2020).
Taleb, Nassim Nicholas, interview by Bloomberg TV. Taleb Says “White Swan” Coronavirus Was Preventable (March 31, 2020).
Fuscaldo, Donna. Zoom’s Daily Active Users Surged to 200 Million in March… and That’s Part of the Problem. April 2, 2020. https://www.nasdaq.com/articles/zooms-daily-active-users-surged-to-200-million-in-march…-and-thats-part-of-the-problem (accessed June 25, 2020).
 Paul, Kari. ‘Zoom is malware’: why experts worry about the video conferencing platform. April 2, 2020. https://www.theguardian.com/technology/2020/apr/02/zoom-technology-security-coronavirus-video-conferencing (accessed June 25, 2020).
 futurezone. Netzpolitik: Boris Johnson postet aus Versehen sensible Infos.April 1, 2020. https://futurezone.at/netzpolitik/corona-boris-johnson-postet-aus-versehen-sensible-infos/400800110 (accessed June 25, 2020).
 Schwab, Klaus. The Fourth Industrial Revolution: what it means, how to respond. January 14, 2016. https://www.weforum.org/agenda/2016/01/the-fourth-industrial-revolution-what-it-means-and-how-to-respond/ (accessed June 25, 2020).
 Hauser, Christine. EasyJet Says Cyberattack Stole Data of 9 Million Customers. May 19, 2020. https://www.nytimes.com/2020/05/19/business/easyjet-hacked.html (accessed June 25, 2020).
 Hodoschek, Andrea. Wirtschaft: AUA-Rettungspaket steht: 450 Millionen Euro Staatshilfe.June 8, 2020. https://kurier.at/wirtschaft/aua-rettungspaket-steht-450-millionen-euro-staatshilfe/400934555 (accessed June 25, 2020).
 Allianz. Cyber attacks on critical infrastructure. n.d. https://www.agcs.allianz.com/news-and-insights/expert-risk-articles/cyber-attacks-on-critical-infrastructure.html (accessed June 25, 2020).
 Tanriverdi, Hakan. Kritische Infrastruktur: Behörden warnen vor Hackerangriffen.May 27, 2020. https://www.br.de/nachrichten/deutschland-welt/kritische-infrastruktur-behoerden-warnen-vor-hackerangriffen,S0CJ1JP (accessed June 25, 2020).
 KPMG. Cyber Security in Österreich. 2020.
 KPMG. Cyber Security in Österreich. 2020: 6.
 Lord, Nate. Phishing Attack Prevention: How to Identify & Avoid Phishing Scams in 2019. July 12, 2019. https://digitalguardian.com/blog/phishing-attack-prevention-how-identify-avoid-phishing-scams (accessed June 25, 2020).
 KPMG. Cyber Security in Österreich. 2020: 13.
 KPMG. Cyber Security in Österreich. 2020: 4.
 KPMG. Cyber Security in Österreich. 2020: 6.
 KPMG. Cyber Security in Österreich. 2020: 23.
 KPMG. Cyber Security in Österreich. 2020: 14.
 KPMG. Cyber Security in Österreich. 2020: 4.
 World Economic Forum. Risks of Doing Business 2019. 2019.
 KPMG. Cyber Security in Österreich. 2020: 6.
 World Economic Forum. Risks of Doing Business 2019. 2019.
Security of nuclear materials in India
The author is of the view that nuclear security is lax in India. More so, because of the 123 Agreement and sprawling nuclear installations in several states. The thieves and scrap dealers even dare to advertise online sale of radioactive uranium. India itself has reported several incidents of nuclear thefts to the international bodies. The author wonders why India’s security lapses remain out of international focus. Views expressed are personal.
Amid raging pandemic in the southern Indian state of Maharashtra, the anti-terrorism squad arrested (May 6, 20210) two persons (Jagar Jayesh Pandya and Abu Tahir Afzal hussain Choudhry) for attempting to sell seven kilograms of highly-radioactive muranium for offered price of about Rs. 21 crore. The “gentlemen” had uncannily advertised the proposed sale online.. As such, the authorities initially dismissed the advertisement as just another hoax. They routinely detained the “sellers-to-be” and forwarded a sample of their ware to the Bhabha Atomic Research Centre. They were shocked when the centre reported that “the material was natural uranium”. As such the squad was compelled to book the duo under India’s Atomic Energy Act, 1962 at Nagpur police station (Explained: ATS seizes 7 kg uranium worth Rs. 21 crore from a scrap dealer…Indian Express May 7, 2021).
Not a unique incident
The event, though shocking, is is not one of its kind. Earlier, in 2016 also, two persons were arrested by Thane (Maharashtra) police while they were trying to sell eight to nine kilograms of depleted uranium for Rs. 24 crore. It is surmised that sale of uranium by scrap dealers in India is common. But, such events rarely come in limelight. According to Anil Kakodar, former chairman of the Atomic Energy Commission, `Factories using uranium as a counterweight in their machines are mandated to contact the Atomic Energy agencies and return uranium to them. They however resort to short cuts and sell the entire machine with uranium in scrap’.
India media scarcely report such incidents. However, Indian government sometimes reports such incidents to the International Atomic Energy Agency (IAEA) to meet disclosure requirements. According to international media reports (February 25, 2004), India reported 25 cases of “missing” or “stolen” radio-active material from its labs to the IAEA. Fifty-two per cent of the cases were attributed to “theft” and 48% to the “missing mystery”. India claimed to have recovered lost material in twelve of total 25 cases. It however admitted that 13 remaining cases remained mysterious.
India’s reports such incidents to the IAEA to portray itself as a “responsible state”. It is hard to believe that radio-active material could be stolen from nuclear labs without operators’ connivance.
Nine computers, belonging to India’s Defence Research and Development Organisation establishment at Metcalfe House, New Delhi, were stolen. India communicated 25 cases of ‘stolen or missing’ uranium to the IAEA. In different incidents, uranium in varying forms and quantities continue to be recovered from scrap dealers and others by Indian authorities. The recoveries include fifty-seven pounds of uranium in rod form, eight kilograms in granular form, two hundred grams in semi-processed form, besides twenty-five kilograms in radioactive form, stolen from the Bibi Cancer Hospital.
Too, the ‘thieves’ stole three cobalt switches, worth Rs. 1.5 million, from Tata Steel Company laboratory at Jamshedpur (Jharkhand). A shipment of beryllium (worth $24 million), was caught in Vilnius, on its way to North Korea. Taiwanese authorities had intercepted a ship carrying dual-use aluminum oxide from India to North Korea. A New Jersey-based Indian engineer Sitaram Ravi Mahidevan was indicted for having bypassed US export procedures to send blue-prints of solenoid-operated valves to North Korea.
We know that the Taiwanese authorities had intercepted a ship, carrying dual-use aluminum oxide from India to North Korea. The oxide is an essential ingredient of rocket casings and is, as such, prohibited for export to “rogue” countries.
Despite recurrent incidents of theft of uranium or other sensitive material from indiandian nuclear labs, the IAEA never initiated a thorough probe into lax security environment in government and private nuclear labs in india. However, the international media has a penchant for creating furore over uncorroborated nuclear lapses in Pakistan. The Time magazine article ‘Merchant of Menace’, had reported that some uranium hexafluoride cylinders were missing from the Kahuta Research Laboratories. Pakistan’ then information minister and foreign-office spokesman had both refuted the allegation. Masood Khan (foreign office) told reporters, `The story is a rehash of several past stories’.
Similarly, Professor Shaun Gregory in his report ‘The Security of Nuclear Weapons’ contends that those guarding about 120 nuclear-weapon sites, mostly in northern and western parts of Pakistan, have fragmented loyalties. As such, they are an easy prey to religious extremists.
Frederick W. Kagan and Michael O’Hanlon, also draw a gloomy portrait of the situation in Pakistan. In their article, published in The New York Times, dated November 18, 2007, they predicted that extremists would take over, if rule of law collapses in Pakistan. Those sympathetic with the Taliban and al-Qaeda may convert Pakistan into a state sponsor of terrorism. They pointed to Osama bin Laden’s meeting with Sultan Bashiruddin Mahmood and Chaudhry Abdul Majeed, former engineers of Pakistan’s Atomic Energy Commission (having no bomb-making acumen).
They claimed that U.S. military experts and intelligence officials had explored strategies for securing Pakistan’s nuclear assets. One option was to isolate the country’s nuclear bunkers. Doing so would require saturating the area, surrounding the bunkers, with tens of thousands of high-powered mines, dropped from air, packed with anti-tank and anti-personnel munitions. The panacea, suggested by them, was that Pakistan’s nuclear material should be seized and stashed in some “safe” place like New Mexico.
The fact is that the pilloried Pakistani engineers had no knowledge of weaponisation (“When the safest is not safe enough,” The Defence Journal -Pakistan), pages 61-63). The critics mysteriously failed to mention that Pakistan is a party to the UN Convention on the Physical Protection of Nuclear Materials. The steps taken by Pakistan to protect its nuclear materials and installations conform to international standards. The National Command Authority, created on February 2, 2000, has made fail-safe arrangements to control development and deployment of strategic nuclear forces. Pakistan’s nuclear regulatory authority had taken necessary steps for safety, security, and accountability of Pakistan’s nuclear weapons, facilities, and materials even before 9/11 incident. These controls include functional equivalent of the two-man rule and permissive action links (PALs). The indigenously-developed PALs are bulwarks against inadvertent loss of control, or accidental use of weapons. So far, there has been no security lapse in any of Pakistan’s nuclear establishments.
Abdul Mannan, in his paper titled “Preventing Nuclear Terrorism in Pakistan: Sabotage of a Spent Fuel Cask or a Commercial Irradiation Source in Transport”, has analysed various ways in which acts of nuclear terrorism could occur in Pakistan (quoted in “Pakistan’s Nuclear Future: Worries beyond War”). He has fairly reviewed Pakistan’s vulnerability to nuclear terrorism through hypothetical case studies. He concludes that the threat of nuclear terrorism in Pakistan is a figment of imagination, rather than a real possibility.
There are millions of radioactive sources used worldwide in various applications. Only a few thousand sources, including Co-60, Cs-137, Ir-192, Sr-90, Am-241, Cf-252, Pu-238, and RA-226 are considered a security risk. The Pakistan Nuclear Regulatory Authority (PNRA) has enforced a mechanism of strict measures for administrative and engineering control over radioactive sources from cradle to grave. It conducts periodic inspections and physical verifications to ensure security of the sources. The Authority has initiated a Five-Year National Nuclear-Safety-and-Security-Action Plan to establish a more robust nuclear-security regime. It has established a training centre and an emergency-coordination centre, besides deploying radiation-detection-equipment at each point of nuclear-material entry in Pakistan, supplemented by vehicle/pedestrian portal monitoring equipment where needed.
Fixed detectors have been installed at airports, besides carrying out random inspection of personnel luggage. All nuclear materials are under strict regulatory control right from import until their disposal.
Nuclear controls in India and the USA are not more stringent than Pakistan’s. It is not understood why the media does not deflect their attention to the fragile nuclear-security environment in India. It is unfortunate that the purblind critics fail to see the gnawing voids in India’s nuclear security.
The ‘research work’ by well-known scholars reflects visceral hatred against Pakistan. The findings in fresh ‘magnum opuses’ are a re-hash or amalgam of the presumptions and pretensions in earlier-published ‘studies’. It is time that the West deflected its attention to India where movements of nuclear materials, under the 123 expansion plan, are taking place between nuclear-power plants sprawling across different states.
Above all, will the international media and the IAEA look into open market uranium sales in India.
Biological warfare: A global security threat
Biological warfare is not a new concept in arena of international politics as it has been used as a tool to sabotage enemy in previous centuries. Biological weapons are a sub-category of Weapons of Mass destruction (WMDs) in which there is a deliberate use of micro-organisms like pathogens and toxins to cause disease or death in humans, livestock and yields.Form its usage in 14th century by Mongols to its usage by imperial Japan during 1930s-40s against Chinese, it has always been a threat to global security. The evolution of bio-weapons can be broadly categorized into four phases; first phase includes the post WWII developments with the evident use of chlorine and phosgene in Ypres.The second phase was marked by the use of nerve agents like tabun, cholinesterase inhibitor and anthrax and plague bombs. The initiation of third phase was marked by the use of biological weapons in Vietnam war during 1970s where deadly agents like Agent orange were used. 4th and last phase include the time of biological and technological revolution where genetic engineering techniques were at their peak. Traditionally they have been used in wartime in order to defeat enemy but with the emergence of violent non-state actors, bioterrorism is another potential threat to the security of states. There are certain goals that are associated with the use of biological weapons. Firstly, it is purposed to hit to economy of the targeted country, breaking down government authority and have a psychological effect on masses of the targeted population. It is also a kind of psychological warfare as it may hit a smaller number of people but leaves impact on wider audience through intimidation and spreading fear. It also creates natural circumstances under which a population is induced with disease without revealing the actual perpetrator.
With the advancement in genetic engineering techniques more lethal biological weapons are being produced everyday around the world. Countries which are economically deprived are more likely to pursue such goals as it is difficult for them to go for heavy military sophistication keeping into consideration their poor economic conditions. Biological weapons serve as inexpensive tool for developing countries to address their issues in prevailing international security environment. During the initial decades of cold war, united states of America (USA) and Soviet Union went for acquiring tons of biological weapons alongside nuclear proliferation.
The quest for these weapons reduced during 1970s with the formation of Biological and Toxin Weapons Convention (BWC). This convention was presented in 1972 before countries and finally came into force in 1975 with 150 countries who signed this convention and 140 countries who fully joined this treaty. This convention prohibits any biological weaponization in order to promote peace and stability around the world. But this convention has obvious defects as it is unable to address many issues like it doesn’t prevents itself the use of biological weapons but just reinforces 1925 Geneva Protocol which forbids the use of bio-weapons. Convention allows ‘defensive research’ to which there are many objections that what is incorporated into this defensive research. It is non-binding to the signatory states and in case if countries are proliferating it lacks the effective oversight techniques to look after them either they are pursuing these biological weapons capabilities or not. Since the inception of this convention till now it has clearly failed in stopping the countries from acquisition as well as usage of these weapons. This is evident as there were many cases after 1975 where these weapons were used as in 1980s when Iraq used mustard gas, sarin and tabun against Iran and many other ethnic groups inside Iran. Another incident which was highlighted was Sarine nerve gas attack in Tokyo subway system leaving thousands injured and many got killed. In post-cold war era, however, the number of these attacks reduced as much attention was shifted to terrorism after 9/11 attacks with the change in global security architecture.
“Anthrax letters” in post 9/11 attacks revealed yet another dimension of bio-weapons which was the threat of bioterrorism from non-state actors. US became a victim of bio-terrorism when in 2001 a powder was transported through letters containing bacterium called anthrax infecting many people. One purpose which terrorists have is to make general masses feel as if they are unsafe in the hands of their government which can be best achieved through the use of these weapons. The fact that biological weapons are cheaper and more devastating than conventional weapons make it more likely for biological weapons to be used by terrorists. Also, the fact that they are easy to hide and transport and a smaller quantity can leave long-lasting impacts on larger population makes these weapons more appealing. Now that we are facing a global pandemic in the form of COVID-19 which according to some conspiracy theories is a biological weapon pose even more serious challenge to the international security in coming decades. There is no such scientific research which proves Corona Virus as a biological weapon but the realization here is that whether or not it is a biological weapon but world was least prepared for it. Not only the developing countries but also developed states suffered more despite having enormous medical infrastructure. The fact that there has been decline in the incidents related to bioterrorism should never let us think that there is no possibility of such attacks. The fact that world failed to handle Covid-19 puts a question mark on the credibility of measures if we are faced with bio-terrorism. The medical community as well as general population needs to develop an understanding of how to respond if there is such attack. At the international level there is a dire need to develop some strong norms which discourage the development and use of such weapons in any capacity.
The ‘Post-Covid-19 World’ Will Never Come
On May 3rd, the New York Times bannered “Reaching ‘Herd Immunity’ Is Unlikely in the U.S., Experts Now Believe” and reported that “there is widespread consensus among scientists and public health experts that the herd immunity threshold is not attainable — at least not in the foreseeable future, and perhaps not ever.”
In other words: the ‘news’-sources that were opposing the governments’ taking action against Covid-19 — libertarian ’news’-sites that oppose governmental laws and regulations, regardless of the predominant view by the vast majority of the scientists who specialize in studying the given subject — are looking wronger all the time, as this “novel coronavirus” (which is what it was originally called) becomes less and less “novel,” and more and more understood scientifically.
The “herd immunity” advocates for anti-Covid-19 policies have been saying that governments should just let the virus spread until nature takes its course and such a large proportion of the population have survived the infection as to then greatly reduce the likelihood that an uninfected person will become infected. An uninfected person will increasingly be surrounded by people who have developed a natural immunity to the disease, and by people who don’t and never did become infected by it. The vulnerable people will have become eliminated (died) or else cured, and so they won’t be spreading the disease to others. That’s the libertarian ’solution’, the final solution to the Covid-19 problem, according to libertarians.
For example, on 9 April 2020, Forbes magazine headlined “After Rejecting A Coronavirus Lockdown, Sweden Sees Rise In Deaths” and reported that, “Sweden’s chief epidemiologist Anders Tegnell has continuously advocated for laid back measures, saying on Swedish TV Sunday that the pandemic could be defeated by herd immunity, or the indirect protection from a large portion of a population being immune to an infection, or a combination of immunity and vaccination. However, critics have argued that with a coronavirus vaccine could be more than a year away, and insufficient evidence that coronavirus patients that recover are immune from becoming infected again, the strategy of relying on herd immunity and vaccinations [is] ineffective.”
The libertarian proposal of relying upon “herd immunity” for producing policies against this disease has continued, nonetheless.
CNN headlined on 28 April 2020, “Sweden says its coronavirus approach has worked. The numbers suggest a different story”, and reported that
On March 28, a petition signed by 2,000 Swedish researchers, including Carl-Henrik Heldin, chairman of the Nobel Foundation, called for the nation’s government to “immediately take steps to comply with the World Health Organization’s (WHO) recommendations.”
The scientists added: “The measures should aim to severely limit contact between people in society and to greatly increase the capacity to test people for Covid-19 infection.”
“These measures must be in place as soon as possible, as is currently the case in our European neighboring countries,” they wrote. “Our country should not be an exception to the work to curb the pandemic.”
The petition said that trying to “create a herd immunity, in the same way that occurs during an influenza epidemic, has low scientific support.”
Swedish authorities have denied having a strategy to create herd immunity, one the UK government was rumored to be working towards earlier on in the pandemic — leading to widespread criticism — before it enforced a strict lockdown.
FORTUNE magazine headlined on 30 July 2020, “How parts of India inadvertently achieved herd immunity”, and reported that, “Around 57% of people across parts of India’s financial hub of Mumbai have coronavirus antibodies, a July study found, indicating that the population may have inadvertently achieved the controversial ‘herd immunity’ protection from the coronavirus.” Furthermore:
Herd immunity is an approach to the coronavirus pandemic where, instead of instituting lockdowns and other restrictions to slow infections, authorities allow daily life to go on as normal, letting the disease spread. In theory, enough people will become infected, recover, and gain immunity that the spread will slow on its own and people who are not immune will be protected by the immunity of those who are. University of Chicago researchers estimated in a paper published in May that achieving herd immunity from COVID-19 would require 67% of people to be immune to the disease. Mayo Clinic estimates 70% of the U.S. population will need to be immune for the U.S. to achieve herd immunity, which can also be achieved by vaccinating that proportion of a population.
On 27 September 2020, Reuters bannered “In Brazil’s Amazon a COVID-19 resurgence dashes herd immunity hopes”, and reported that, “The largest city in Brazil’s Amazon has closed bars and river beaches to contain a fresh surge of coronavirus cases, a trend that may dash theories that Manaus was one of the world’s first places to reach collective, or herd, immunity.”
Right now, the global average of Covid-19 intensity (total cases of the disease thus far) is 19,693 persons per million population. For examples: Botswana is barely below that intensity, at 19,629, and Norway is barely above that intensity, at 20,795. Sweden is at 95,905, which is nearly five times the global average. Brazil is 69,006, which is around 3.5 times worse than average. India is 14,321, which is slightly better than average. USA is 99,754.
However, the day prior, on May 2nd, America had 30,701 new cases. Brazil had 28,935. Norway had 210. India had 370,059. Sweden’s latest daily count (as-of May 3rd) was 5,937 on April 29th, 15 times Norway’s 385 on that date. Sweden’s population is 1.9 times that of Norway. India’s daily count is soaring. Their population is four times America’s, but the number of new daily cases in India is twelve times America’s. Whereas India has had only one-seventh as much Covid-19 intensity till now, India is soaring upwards to become ultimately, perhaps, even worse than America is on Covid-19 performance. And Brazil is already almost as bad as America, on Covid-19 performance, and will soon surpass America in Covid-19 failure.
There is no “herd immunity” against Covid-19, yet, anywhere. It’s just another libertarian myth. But libertarians still continue to believe it — they refuse to accept the data.
Afghan peace options
President Biden’s decision to withdraw unconditionally all foreign forces from Afghanistan by September 11, 2021 will leave behind an uncertain...
Pakistani Fanatics and their Foreign Policy Overtures
A prudent leader ought to have regard not only for present troubles but also for future ones. They must prepare...
Tips on How to Get the Most from a Sunroom
If you have decided to add a sunroom to your patio, you want to get the most from it, right?...
UN chief express deep concern over East Jerusalem violence
The UN Secretary-General, António Guterres, and senior UN officials have expressed their deep concern over confrontations between Palestinians and Israeli...
MoU was signed between “China-Eurasia” Council and Institute of Oriental Studies
On May 10, 2021, Memorandum of understanding was signed between “China-Eurasia” Council for Political and Strategic Research and the Institute...
Steering Russia-US Relations Away from Diplomatic Expulsion Rocks
As the recent expulsions of Russian diplomats from the US, Poland, Bulgaria and the Czech Republic demonstrate, this measure is...
Russia-Ukraine War Alert: What’s Behind It and What Lies Ahead?
Perhaps the most important thing for the Russian leadership in this episode was to prevent the need to actually go...
Defense3 days ago
China’s quad in the making: A non-conventional approach
Africa3 days ago
The challenge of COVID-19 in Africa
Economy3 days ago
Biden should abolish corporate tax for small business, and make Big Tech pay what they owe instead
Southeast Asia3 days ago
Vietnam’s Role in ASEAN 2021 meetings
South Asia2 days ago
India’s Decision to Deport Rohingyas- How Fair?
South Asia1 day ago
Has Modi Conceded ‘South Asia’ to the United States?
Africa3 days ago
Peacebuilding in Northern Mozambique’s Insurgency: Ways Forward
New Social Compact3 days ago
Women Rights in China and Challenges