This article was originally published by Pacific Forum CSIS on 16 May 2017.
The Wannacry virus that attacked computers around the world last week is one more reminder of the growing threat posed by vulnerabilities in cyberspace. Over 100,000 networks in over 150 countries were infected by the malware; the actual ransoms paid appear to have been limited, but the total cost of the attack – including, for example, the work hours lost – is not yet known. Experts believe that this is only the most recent in what will be a cascading series of attacks as information technologies burrow deeper into the fabric of daily life; security specialists already warn that the next malware attack is already insinuated into networks and is awaiting the signal to begin.
Cyber threats are climbing steadily up the list of Asia-Pacific security concerns. Experts reckon that cyber crime inflicted $81 billion in damage to the Asia Pacific region in 2015 and the number of such incidents is growing. Online radicalization and other content-related issues pose expanding threats to the region, challenging national narratives and in some cases undermining government legitimacy and credibility. The networks and technologies that are increasingly critical to the very functioning of societies are vulnerable and those vulnerabilities are being distributed as regional governments are more intimately connected and more deeply integrated in economic communities. One recent study concludes that an ASEAN digital revolution could propel the region into the top five digital economies in the world by 2025, adding as much as $1 trillion in regional GDP over a decade. This growth and prosperity are threatened by proliferating cyber threats.
This article was originally published by the S. Rajaratnam School of International Studies (RSIS) in December 2016.
Many cities around the world are exploring the use of Smart CCTVs as advances in Artificial Intelligence (AI) offer operational value for homeland security. However, cybersecurity and overreliance could impede the technology’s potential.
Following recent terrorist incidents, Germany’s Interior Minister announced in August 2016 that CCTV cameras at airports and train stations will be enhanced with facial recognition technology. Likewise, the New York Police Department has developed the Domain Awareness System that uses similar technology to track and monitor potential suspects.
Globalisation increases the exposure of cities to myriad transnational threats even as growing urbanisation is putting the strain on law enforcement by increasing the densities of population, property and critical infrastructure to be safeguarded in each precinct. These inherent challenges in protecting cities – population and economic centres that make attractive soft targets – necessitate the early warning and identification of threats. Smart CCTVs support this function as the third eye of cities by complementing the vigilance of police officers and the community.
This article was originally published by the Finnish Institute of International Affairs (FIIA) on 20 December 2016.
Russia´s new Information Security Doctrine follows the line adopted in previous strategic documents whereby Russia is perceived as a besieged fortress. The doctrine identifies a number of external threats to Russia’s information space and calls for intensified monitoring of the Russian segment of the internet, Runet.
On 5 December 2016, President Vladimir Putin signed a new Information Security Doctrine of the Russian Federation, replacing the Information Security Doctrine published in 2000. The Doctrine is one of the strategic planning documents and, as such, it expresses the official view about the management of national security in the information sphere. Rhetorically, the text resembles the National Security Strategy, adopted in December 2015, which signalled a heightened sense of threat towards Russia, and underlined the importance of maintaining strategic stability. Consequently, the spirit of the new Doctrine is sharper, almost bellicose in tone, and the threats are described in more concrete terms.
The information sphere is defined in a broader sense than in the previous doctrine. The key term in this regard is “informatization”, which refers to social, economic and technical processes for adopting and expanding information technology in society and the country as a whole, and for securing access to information resources. This change indicates recognition of the role of the information sphere in technological development but, most importantly, regards it as a tool to change the fabric of society. The Doctrine describes how this tool is used in the interests of Russia’s national security, and calls for an increased role for internet and information security management and the domestic production of information technology.
This article was originally published by the S. Rajaratnam School of International Studies (RSIS) on 7 November 2016.
The so-called Islamic State (IS) is the most innovative terrorist group the world has seen. In the backdrop of its loss on the ground, IS is expanding its cyber capabilities to conduct more cyber-attacks and hacking. This and its migration into the ‘darknet’ will make IS more dangerous than before.
TERRORIST AND non-state actors have used different modes and mediums to spread their message and communicate with their comrades. The dawn of the Internet has also provided such groups with unparalleled opportunities to establish communications and operational links that were not possible before. Starting from websites, terrorist groups moved to more interactive mediums like chatrooms and forums. It was social media platforms, such as Facebook and Twitter that truly revolutionised how militants, terrorists and non-state actors communicated with each other, recruited sympathisers and supporters and disseminated their propaganda.
Courtesy of Yusuke Umezawa / Flickr
This article was originally published by War on the Rocks on 19 October 2016.
Late in May 2014, a group calling itself CyberBerkut leaked a map of the Ukrainian Dnipropetrovsk Oblast administration’s IT resources, information on the Central Election Commission of Ukraine’s servers, and the correspondence of its staff. In the following days, which included the country’s presidential election, CyberBerkut claimed they had again compromised the election commission’s servers, leaked more confidential information, conducted a distributed denial of service (DDoS) attack the commission’s website (which instructed potential voters how and where to vote), and blocked the phones of election organizers. The group also released documents implying that the recently appointed governor of the Dnipropetrovsk Oblast, Igor Kolomoisky, was complicit in pro-European Ukrainian plans to promote the “correct” candidate for president of Ukraine.
Despite the best effort of the Russian group behind CyberBerkut, the center-right, pro-European Petro Poroshenko won the Ukrainian presidency. But CyberBerkut wasn’t finished. Almost exactly five months later, the group used similar tactics in the days preceding the Ukrainian parliamentary elections. The results were largely the same: Pro-European candidates won the majority of seats. An uninitiated observer might be keen to discard these events as failed electioneering. After all, Moscow did not succeed in getting its men elected. But to label the operation a failure is to assume that the primary goal was to get pro-Russia officials elected. Over the course of the past four months, we have seen similar operations unfold in the United States, and — as was the case in Ukraine — there are reasons to believe that swaying the election is not the primary objective. Just as in the case of the CyberBerkut incidents, among the key observers of these operations in the United States have been cyber-security firms like FireEye. The manager of their information operations analysis team recently shared some of their findings with me, which informs the analysis below.