Connect with us

Intelligence

Ukrainian Cyber-defense and lessons for Pakistan

Published

on

The ongoing conflict between Russia and Ukraine has a significant cyber dimension. The two countries have engaged in various cyber operations and attacks against each other in an attempt to gain strategic advantage. Russia has been accused of being behind several cyber attacks against Ukraine, including the 2014 cyber attack on the Ukrainian power grid, which caused a widespread power outage. Russia has also been linked to the use of ransomware attacks against Ukrainian organizations, the theft of sensitive information, and the spread of disinformation.

Russian cyber warfare against Ukraine has been an ongoing issue for several years. Russian hackers and state-sponsored groups have been engaged in a range of cyber attacks against Ukrainian targets, including government agencies, critical infrastructure, and private companies. Some of the notable cyber attacks that Russia has launched against Ukraine include. BlackEnergy malware attacks: In December 2015, a coordinated cyber attack using the BlackEnergy malware caused power outages in several regions of Ukraine, affecting more than 230,000 people. The attack was attributed to Russian hackers. NotPetya ransomware attack: In June 2017, a massive ransomware attack known as NotPetya infected systems worldwide, causing significant damage to Ukrainian infrastructure and companies. The attack was attributed to Russian hackers and caused an estimated $10 billion in damages. Cyber espionage: Russian state-sponsored groups have been implicated in a range of cyber espionage activities against Ukraine, including stealing sensitive government and military data, intellectual property, and other confidential information.

The Russian cyber warfare against Ukraine highlights the potential dangers of cyber attacks and the need for strong cyber defense capabilities. It also demonstrates the growing trend of state-sponsored cyber attacks as a means of exerting political influence and gaining strategic advantages in conflicts. As such, it is important for countries to invest in their cyber defense capabilities, share information and best practices, and work together to establish international norms and standards for responsible behavior in cyberspace.

Pakistan a developing country also had a long history of facing cyber-attacks mostly from India and private hackers. The Ukrainian experience with cyber defense against Russia can provide several lessons for Pakistan. Here are a few key takeaways:

Invest in cyber defense: Ukraine’s experience shows that cyber warfare can be just as devastating as physical warfare. Pakistan should invest in its cyber defense capabilities to protect its critical infrastructure and sensitive information. This includes not only technology but also training and education for cyber defense personnel.

Establish partnerships: Ukraine has developed partnerships with NATO and other countries to enhance its cyber defense capabilities. Pakistan can similarly benefit from working with international partners to share information, intelligence, and best practices.

Prepare for hybrid warfare: Russia’s use of hybrid warfare in Ukraine demonstrates the need for Pakistan to prepare for non-traditional forms of warfare, including cyber-attacks and disinformation campaigns. This requires not only technical preparations but also a comprehensive understanding of the political, economic, and social dimensions of hybrid warfare.

Prioritize information security: Information security is a critical component of cyber defense. Pakistan should prioritize securing its own information, as well as ensuring that its citizens have access to accurate and reliable information. This includes countering disinformation and propaganda campaigns.

Foster a culture of cyber awareness: Cyber defense is not just the responsibility of government agencies and security personnel. It is also important to foster a culture of cyber awareness among the general public. This includes educating citizens about cyber threats, promoting good cyber hygiene practices, and encouraging reporting of suspicious activity.

By learning from Ukraine’s experience, Pakistan can take proactive steps to protect itself against cyber threats and hybrid warfare.

In the same way, Pakistan can also develop its cyber defense capabilities to improve its cybersecurity infrastructure to better protect against cyber threats. Ukraine has also taken steps to establish international partnerships to share information and collaborate on cybersecurity initiatives.

The cyber dimension of the conflict between Russia and Ukraine highlights the growing importance of cybersecurity in modern warfare. Cyber attacks can cause significant damage to critical infrastructure and can be used to steal sensitive information or disrupt economic and political systems. Countries need to prioritize their cyber defense capabilities and work together to establish international norms and standards for responsible behavior in cyberspace. Diplomacy and conflict resolution methods should also be prioritized to prevent the escalation of conflicts into full-scale cyber warfare.

Muhammad Shahzad Akram is a Research Officer at the Center for International Strategic Studies (CISS) AJK. He holds an MPhil degree in International Relations from Quaid I Azam University, Islamabad.

Continue Reading
Comments

Intelligence

Time for an International Cyber Court?

Avatar photo

Published

on

In the current international environment, the significance of the Information and Communications Technology (ICT) is steadily rising. In this context, international cooperation is gradually moving towards a legal architecture for ICT governance and international information security (IIS) as an integral part of the overall international security framework. One of the key global challenges on this path is cybercrime. In a broader sense, cybercrime can be defined as criminal activity related to the ICT environment. Such are, for instance, crimes that target a PC or a network as well as crimes that rely on a PC or a network as a means for the attack.

According to statistics, global damages from cybercrime in 2022 alone were estimated at around USD 8.4 trillion. However, the cost of cybercrime incidents will expectedly exceed USD 11 trillion this year, while annual global spending on countering cyber offenses could exceed USD 20 trillion by 2026, an increase of almost 150% since 2022.

International cooperation in countering cybercrime is actively developing. Thus, its various forms in criminal prosecution includes mutual legal assistance, cooperation in the field of arrest warrants, law enforcement collaboration, mutual recognition of foreign verdicts, etc. There are four identifiable sources of such cooperation: <

  1. these are multilateral treaties on international cooperation in combating crime;
  2. multilateral treaties on criminal prosecution for certain offences;
  3. similar bilateral treaties;
  4. national legislation whose provisions may regulate international cooperation mechanisms for combating cybercrime.

Nevertheless, it can be pointed out that “the existing possibilities of legal assistance and international cooperation in fighting cybercrime are woefully insufficient in most cases.”

As for international litigation of ICT security violations, there is a need for a specific international mechanism to address the most grievous cyber offences that pose a threat to international security. Chapter VI of the United Nations Charter establishes the principle of peaceful settlement of disputes. One of the peaceful methods is judicial settlement. As for the application of this principle to ICT, the widespread desire to establish a global court with jurisdiction over transnational crimes in ICT has led to a variety of approaches in domestic and foreign international law doctrine [1]. This issue is particularly relevant nowadays, given a steep rise in the number of cyber offences.

In 2010, the UN General Assembly adopted Resolution 65/230 to address the issue of consolidating the existing judicial mechanisms and/or to propose new national and international judicial or other measures against cybercrime. It instituted the open-ended intergovernmental lexpert group to conduct a comprehensive study of the problem of cybercrime and responses to it at the UN Commission on Crime Prevention and Criminal Justice. Notably, the creation of an international cybercrime court was not on the agenda of the Group’s first meeting in Vienna of January 2011.

The judicial mechanisms existing within the UN system have proven that effective and transparent international justice is possible. This sets the stage for the successful resolutions to issues pertaining to this area. Particularly, it is noted that the establishment of a judicial mechanism “…would guarantee that offenses are not treated differently in different jurisdictions” and “…would provide an opportunity for prosecution in those cases where states are often reluctant to prosecute such misdeeds.”

There are several concepts prevalent in domestic and foreign doctrines, regarding the implementation of judicial proceedings against the misuse of ICTs.

Expanding the Jurisdiction of the International Criminal Court and Creating a Cyberspace Branch

First, the jurisdiction of the International Criminal Court (ICC) could be extended. For example, the idea of delegating cases involving cyberspace to the ICC was voiced at the UN Congress on Crime Prevention and Criminal Justice, organized by the UN Office on Drugs and Crime in Bangkok in 2005: “…it is recommended that the crimes of cyber terrorism and cybercrime be considered with a view to developing an acceptable definition and listing them as crimes within the jurisdiction of the International Criminal Court.”

This option should be pursued by adopting additional provisions to the Rome Statute that would cover ICT and expand the list of crimes under its jurisdiction. In doing so, it is important to reach a global agreement that all nations should ratify the amendments to the Rome Statute. However, this further complicates the process, given that a number of states have not ratified the document yet. One reason is that they view “many of its provisions as contrary to national interests and state sovereignty.” As part of the implementation of this option, it is proposed to create an International Criminal Tribunal for cyberspace, which would be a division of the ICC.

International Criminal Court or Tribunal for Cyberspace

The second option being considered is instituting a special international criminal court or tribunal for cyberspace, which would operate under the Statute of the International Criminal Tribunal for Cyberspace (ICTC).

There is a position that “cyberattacks of the greatest global concern, which intentionally cause significant and comprehensive disruption of critical communications and information infrastructure, should fall under the jurisdiction of the ICTC.” The idea of its creation was proposed by Norwegian judge, international expert in cybercrime, and co-author of the concept of harmonizing computer crime legislation, Stein Schjolberg. In his work, Mr. Schjolberg puts forward the idea of establishing the ICTC. Its mandate would include prosecuting those who commit or order the most serious violations of the international cybercrime laws established under the provisions of the proposed statute, as well as pronouncing sentences on global cyberattack perpetrators. His list includes the following offences:

  • acts committed intentionally against computer systems, information systems, data, information or other property protected under relevant international criminal law;
  • wrongful acts of destroying, damaging or disabling critical communications and information infrastructure that result in damages to national security, civil defense, public administration and services, public health and safety, banking and financial services.

Creating ad-hoc courts or tribunals

Another option on the table is the creation of ad-hoc courts or tribunals as special temporary judicial mechanisms, established in accordance with the UN Security Council’s decision taken under Chapter VII of the UN Charter, which governs actions against threats to peace, breaches of peace and acts of aggression. The jurisdiction of these tribunals, as proposed, would extend to “the prosecution and punishment of cybercrime and should cover violations of the global treaty or package of treaties on cybercrime, as well as massive and coordinated global cyberattacks on critical information infrastructure.” Regarding the ratio of the jurisdiction of such ad-hoc courts or tribunals to national courts, parallel jurisdiction would be exercised, whereas priority would be given to the ad-hoc court or tribunal.

International Court of Justice on Cyberspace

Finally, there are ideas of establishing an independent International Court of Justice for cyberspace, which would deal with the most serious cybercrimes that pose a threat to the international community in general, and also particular international information security. While the former three options have jurisdiction over personal criminal responsibility for certain acts in the ICT environment, [2] the fourth option makes a state become a subject of international law.

Today, we can also hear statements from some countries about the need to establish a cyber-UN – a structure whose activities would focus on investigating crimes in ICT. However, this initiative has a certain idiosyncrasy: it has been declared that this institution won’t be inclusive, but rather selective and exclusive. Particularly, the Ukrainian side has stated that “Russia should have no place there.” In other words, the proposed organization will be leveraged to promote the interests of specific states and to discriminate against unwanted nations. Meanwhile, it’s not the political interests of individual states, but the formation of an international legal framework of cooperation to prevent conflicts in ICT that should be the key mission of such an institution.

It is crucial for any initiatives aimed at establishing a global judicial authority for regulating ICT to be equitable and open. In this regard, the UN seems to be the most effective forum, given that such a decision could be made binding on all member states by means of a respective action taken by the UNSC.

Regular Institutional Dialogue

However, there still remains another option. As part of the regular institutional dialogue on information security that is being discussed in the UN Open-ended Working Group (OEWG) on information and communication technology (ICT) security, as well as ICT security 2021-2025, a judicial body could be created. Nevertheless, this issue is not on the agenda yet and is unlikely to emerge in the near future. This is due to the fact that the parties already have disagreements on many issues within the mandate of the OEWG, so any attempts to establish a judicial body may further stall the negotiation process.

Maintaining the status quo

As was mentioned earlier, diverse positions on the issue at hand are pushed due to lack of agreement on basic theoretical foundations. The opposite view that there is no need for the emergence of additional forms of jurisdiction over cyberspace, since successful international cooperation is possible within the already existing framework, also makes some sense.

Is It Time to Form an International Cyber Court?

In view of apparent contradictions and no clear system of ICT regulation or information security stipulations in the international law, working out a new framework is perceived as a bit premature right now.

Today, debate is under way in the international law doctrine about the need for a tribunal whose mandate would include adjudicating cases related to ICT. However, the very nature of cyberspace brings with it certain intricacies. For example, the difficulty of attributing cyberattacks as well as collecting evidence from a technical point of view makes it difficult to establish the involvement of a particular state in any particular cyberattack.

Besides, there is a problem which boils down to the fact that there is a lack of consensus on the fundamental issues of international information security (IIS). For example, we see no uniform understanding of key terms. Moreover, states not only interpret them differently, but also use different terms. There are serious ideological differences on various aspects of ICT use and regulation. No tradeoff has been worked out on whether the existing norms of international law are applicable to ICT or whether new norms need to be developed, and whether there is a requirement for legally binding norms of international law that would be applicable to ICT, or if “soft law” would sufficient enough. In the meantime, a common vision or at least a compromise vision of the legal foundations of ICT, as well as harmonization of legislation, not to mention a global convention, is first and foremost necessary for the implementation of judicial proceedings on the global scale. Despite the fact that many states and regional organizations have developed and adopted a legal framework to combat cybercrime in recent years, there is no harmonization of national legal systems and no international convention to regulate activities in ICT in general and to handle cybercrime in particular. Thus, A.A. Danelyan points out that “there is no comprehensive universal international legal framework for cooperation” in ICT. The politization of ICT problems only makes the above-mentioned challenges even more daunting.

All of these factors threaten to result in a yet another politicized or ineffective institution. Due to the lack of comprehensive international legal regulation of international information security, creating such a body at the current stage of international law evolution and amid a serious crisis crippling international relations, would be an untimely move.

[1] The doctrine of international law refers to the system of views and theories held by scholars, the national academic community. Source: www.ilarb.ru/html/news/2013/14062013.html

[2]  Here, it is important to accommodate the divergent positions of states on the implementation of personal criminal responsibility for cybercrime as well as their political priorities.

From our partner RIAC

Continue Reading

Intelligence

Maritime Security & Geopolitics in Indian Ocean Region

Avatar photo

Published

on

By linking the Middle East, Asia, Europe, and Africa, the Indian Ocean Region (IOR) serves as an important global trade and commercial hub. The Strait of Hormuz, the Bab el-Mandeb, and the Malacca Strait are just a few of the strategic choke points that are located there. The region faces a number of security risks, including piracy, terrorism, territorial disputes, and geopolitical tensions. In particular, off the coast of Somalia, where pirates have seized commercial ships and held crews hostage for ransom, piracy has been a significant problem in the area for a number of years. But in recent years, the number of piracy incidents has significantly decreased as a result of the efforts of international naval forces and increased security measures by shipping companies.

Similarly, another major issue in the area is maritime terrorism, with several terrorist organizations active in the Indian Ocean’s littoral states. Shipping lanes, ports, and other maritime infrastructure are at risk from these groups. The most notorious terrorist organization present in the area is Al-Shabaab, which has ties to Al-Qaeda and is based in Somalia. Al-Shabaab has carried out numerous assaults on commercial ships and port facilities. Whereas, the Doklam plateau and the South China Sea are the subjects of the biggest territorial dispute in the area between China and India. The dispute has led to higher tensions between the two nations, and both sides have increased their military presence in the area.

However, China has been stepping up its presence in the Indian Ocean region, and the Belt and Road Initiative (BRI) has significantly contributed to the infrastructure growth of the area. The Hambantota port in Sri Lanka and the Gwadar port in Pakistan are just two of the port development initiatives included in the BRI. India and the United States are concerned about these ports because they believe China is attempting to increase its influence in the region. Whereas, the United States is another significant player in the IOR, particularly in terms of preserving regional security and stability. Due to the fact that Bahrain is home to the US 5th Fleet, the US has a sizable naval presence in the area. The US has also been actively collaborating with other regional players, like India and Japan, to counter China’s expanding influence.

Simultaneously, the area, which makes up about one-fifth of the world’s oceans, is home to important shipping lanes. Due to these sea lanes, which link the Middle East, Africa, Europe, and Asia, the Indian Ocean region is an important trade route. The Indian Ocean is the conduit for almost 80% of the world’s oil trade and 40% of its merchandise trade. Therefore, ensuring safe and secure navigation through the area is crucial for expanding economic activity and global trade. The Indian Ocean region has a complex and varied geopolitical landscape. There are many states in the region, all of varying economic and military strength.

Along with these major players, the IOR is also home to a large number of other stakeholders, including smaller nations like Sri Lanka, Bangladesh, and the Maldives, as well as regional alliances like the Indian Ocean Rim Association (IORA) and the Bay of Bengal Initiative for Multi-Sectoral Technical and Economic Cooperation (BIMSTEC). These stakeholders have a significant impact on how the region will develop and will probably gain significance as the IOR continues to gain prominence.

Another significant risk to the IOR’s maritime security is the spread of weapons of mass destruction (WMD). There are worries that non-state actors could obtain WMDs due to the presence of several nuclear-armed states in the region, including Pakistan and India. Governments and law enforcement organizations face a serious challenge when it comes to the smuggling of nuclear materials and components through the maritime domain. For regional stability and global security, the potential use of WMDs in the IOR by terrorists or state actors could be disastrous.

Similarly, a less well-known but no less important threat to maritime security in the IOR is marine environmental degradation. In addition to being a significant fishing ground, the area is home to some of the busiest shipping lanes on earth. However, unrestricted fishing methods, shipping pollution, and the disposal of waste at sea have resulted in the deterioration of marine ecosystems and the depletion of fisheries. The state of the marine environment not only jeopardizes fishermen’s means of subsistence but also has wider ramifications for global ocean sustainability and food security.

Last but not least, the creation of innovative techniques and plans for maritime security represents another chance. For example, improvements in satellite and unmanned aerial vehicle (UAV) technology could aid in enhancing the monitoring and surveillance of the region’s waters, making it simpler to identify and address security threats. Likely contributing to an increase in maritime security in the IOR is the development of new maritime policing techniques like the use of floating police stations and closer collaboration with coastal communities.

Continue Reading

Intelligence

It’s high time to step up the protection of Europe’s critical maritime infrastructure

Published

on

Image source: techspot.com

After the truth about the Nord Stream pipeline explosion came to light, the whole world knows that the United States was behind the destruction of critical infrastructure. In fact, the destruction of infrastructure is not a new method to achieve America’s purpose. Since the last century U.S. has recognized the important strategic value of critical infrastructure and has accumulated relevant experience in combating it. The Nord Stream pipeline is not the first target of attack by the United States, nor will it be the last. We should be wary of the U.S. using various means to gather information on critical infrastructure, strengthen protection of underwater infrastructure in order to prevent recurrences of similar incidents.

The U.S. has “extensive experience” in destroying critical infrastructure

In Nicaragua, the Sandinista National Liberation Front (FSLN) overthrew the dictatorship of the close U.S. ally Anastasio Somoza in 1979. Since then, the United States has tried to destabilize the political situation in Nicaragua by various means. The U.S. intelligence agency formed a special detachment, directed it several times to destroy oil storage facilities and pipelines of Nicaragua and deployed mines in many ports to blow up oil tankers. The two most destructive attacks were on the fuel reserves in Corinto and Benjamin Zeledon ports. Approximately 4 million gallons of gasoline, diesel oil and other fuels were destroyed, equivalent to about a week’s worth of the country’s consumption. The means of sabotage by the United States in Nicaragua was exactly the same as that of the Nord Stream pipeline explosion. In addition, in the 1970s the U.S. directed terrorists to destroy Chile’s infrastructure including power plants and electrical substations, violently overthrew the democratically elected President Salvador Allende’s regime, and plunged Chile into a long-term military dictatorship.

In recent years, the United States has turned its attention to the oil-producing country, Venezuela. In 2020, the United States ordered agents to launch terrorist attacks on Venezuela’s Amuay refinery (one of the world’s largest and is capable of processing up to 630,000 barrels per day of crude oil) and the 146,000-bpd El Palito refinery, in an attempt to cut off economic lifeline and eliminate the anti-American regime.

Past events have shown that the United States is accustomed to eliminating anti-American forces by destroying infrastructure. U.S. sabotage has caused irreparable damage to the target country, regardless of whether the ultimate goal can be achieved. And the United States usually “does not have to” pay for its actions.

The undersea warfare launched by the United States is still going on

Behind the US’s wanton destruction of critical infrastructure is the support of high-level combat capabilities. In fact, the U.S. has a long history of research on undersea warfare, focusing on training professional military personnel, developing sophisticated underwater weapons and continuously upgrading combat systems. In 2016, the Washington Post reported that the U.S. Office of Naval Research (ONR) is seeking to “build the Eisenhower highway network on the seabeds in the seven oceans”. Mathias Winter, head of the office, said the ultimate goal is to “have large-scale deployments of Unmanned underwater vehicles (UUVs) and build service stations underwater”. The U.S. military is gradually implementing this vision. The UUV mentioned above is the “highlight” of the arms competition between the major powers in recent years. It can perform multiple tasks such as anti-submarine, seabed mapping, and frontier reconnaissance. It should be pointed out that few countries in the world have the ability to develop UUV, while the U.S. started earlier in this field and its technology is relatively mature. In January 2023 the U.S. Navy announced that it will soon begin the underwater testing of the first Orca XLUUV. The Orca is just one of several unmanned underwater vehicle projects underway by the Navy, other projects in development include the large submarine-launched UUV Snakehead, medium submarine-launched UUVs Razorback and Viperfish. The realization of the United States’ vision will boost its penetration into the marine environment of various countries. In January 2023, Namibia announced that it had discovered in its waters a US saildrone used to gather data underwater. At the same time, the U.S. military places a high priority on the training of combat divers. In addition to the famous Navy SEALs, there is a very small Army community, mostly made up of special operators, that goes through the Combat Diver Qualification Course to become combat divers. Business Insider reported in detail on the training process in February 2022.

International oil economist and author John Foster said the pipeline sabotage has opened a Pandora’s box of troubles and has endangered pipelines worldwide. It is clear who benefits. In the face of a complex and volatile international situation, critical infrastructure protection is more vital than ever. Underwater infrastructure is particularly attractive to attackers due to the difficulty of regulation and protection. The seabed internet cable between Henningsvær and Svolvær in Lofoten, Norway was broken on October 4, 2022, and the cause of the damage is still unknown. In this regard, the Spanish “Abésai” published an article saying that the recent sabotage of the Nord Stream gas pipelines seemed a powerful symbolic action that exposed the vulnerabilities of the West, while the 475 undersea cables currently in existence that are carrying more than 95% of the world’s internet traffic are the overlooked Achilles’ heel. Among them, the Euro-Atlantic area is the oldest undersea cable route and carries traffic between Europe and America with dozens of cables. Since a majority of the data is stored in data centers located in the United States, it can be said that the US is the main “owner” of transatlantic communications and has the ability to control submarine cables.

The connecting undersea cables [submarinecablemap.com]

The Nord Stream pipeline explosion was a “wake-up call” for Europe, which led many countries to scramble to improve security of highly vulnerable undersea pipelines and communications cables. NATO Secretary General Jens Stoltenberg announced on 15 February 2023 the creation of a Critical Undersea Infrastructure Coordination Cell at NATO Headquarters to protect critical underwater infrastructure, noting that further measures will be finalized at the next scheduled summit in Vilnius on 11-12 July 2023. The purpose of the United States to promote the collection of information on the underwater infrastructure of other countries in the name of infrastructure protection in multilateral frameworks such as NATO is extremely obvious.

Former U.S. Secretary of State Henry Kissinger famously stated: ”To be an enemy of America can be dangerous, but to be a friend is fatal.” After the war was dragged into endless combat mode by the U.S., no place or asset in the world is safe anymore. Chaos will ensue.

Continue Reading

Publications

Latest

Trending