International Security Course–Fall 2020

On November 24, Russian and American maritime ships came very close. Russian navy chased U.S destroyer in the Sea of Japan also known as the East sea. The U.S. claimed it was conducting a “freedom of navigation” operation in the largest bay in the sea, Peter the Great Bay. An area both countries long disputed about, U.S long denying the claim of Moscow over the territory.

 

Russian officials declared that the U.S. has sailed beyond its maritime boarders by 2km before being warned by the Russian vessel “the Admiral Vinogradov”[1]. And warned the U.S. through communication channels that such actions could lead to a possibility of maneuvering.

 

The U.S. destroyer “USS John McCain” had then changed routes after the Vinogradov turned towards McCain according to the Russian Defense. However, the U.S fleet declared that MacCain has operated within international law boundaries and that Russia claimed the area to be internal waters in 1984 illegally.

 

Is this an indicator for deviating relations between the two countries? Does this have any implications towards the new administration coming in January? I guess we will have to wait and see.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

[1]https://www.nbcnews.com/news/world/russia-chases-u-s-warship-spat-over-territorial-waters-sea-n1248759

Latin America remains vulnerable to hostile cyber activity, especially as the region’s economies become more technically adept. Cyber security practices are currently failing to keep up with advancements in digitization as Cyber crime, cyber espionage, and hacktivism have targeted Mexico, in particular. On pace to be among the top ten economies in the world by 2050, Mexico has achieved economic heights as a result of increased Internet access and implementation of e- commerce. As such, Mexico has been attracting the attention of enterprising hostile cyber actors seeking to exploit commercial organizations for financial reward. While promising government initiatives like the establishment of a national cyber security strategy and legal frameworks demonstrate Mexico’s awareness of the importance of cyber security, they are at a nascent stage. Though Mexico houses several command centers for cybersecurity crises,  enforcement of such laws against cyber attacks has been universally weak.

To further complicate things, several international state actors have been accused of usurping the country’s finances. Suspected North Korean hackers attempted to steal money from Mexican banks in 2016. The hackers ended up deploying destructive malware after they had unsuccessfully exploited the SWIFT payment system to steal money via fraudulent transfer requests. In 2017, more than 500 companies in Mexico were infected with the WannaCry ransomware, believed to have been orchestrated by North Korea. Even Mexico’s own government has been suspected of complicit behavior in which surveillance spyware was deployed on journalists’ and activists’ smartphones back in 2017. Russia has also been actively seeking to expand its influence in Latin America in order to offset U.S. influence in the region. Russian operatives are believed to have conducted cyber espionage against Government of Mexico targets, although no specifics were provided to determine the cause. 

However, while legislation exists that addresses technology-related crime, Mexico’s failure to incentivize or compel organizations to report breaches, makes it difficult to understand the full impact of hostile cyber activity in the country. This needs to change in order to develop proper cyber security initiatives to adequately address these criminal activities. Such changes require budget reallocation towards enhanced firewall technology to protect government and corporate encrypted virtual private networks and proxy servers.

 

Sources:

Guenther, Rita, et al., eds. Science and technology to counter terrorism: Proceedings of an Indo-US workshop. National Academies Press, 2007.

https://www.lookingglasscyber.com/wp-content/uploads/2019/03/STRATISS-Cyber_Landscape_Mexico.pdf

 

The definition of Cyberterrorism is not limited to the use of the internet to commit violent acts of terrorism. It also includes the use of the internet to communicate with other terrorist elements and recruit new members. The Islamic State of Iraq and Syria created the modern-day template of how to augment a terrorist apparatus using social media. ISIS was not the first terrorist organization to use social media to recruit; Al-Qaeda in the Arabian Peninsula (AQAP) had used social media in this vein for over a decade. However, the proof of ISIS’ effectiveness is shown in the estimated 40,000 volunteers which joined their ranks since 2014.

Another way in which ISIS saw success in its online recruitment was its concerted effort to target groups most susceptible to radicalization. As a result, ISIS specifically targeted male Muslim twenty-somethings. Aside from media showing combat and executions, ISIS Twitter accounts as well as its digital magazines included content suggesting that potential recruits would also find comradeship and a place where they would fit in. The terrorist organization distributed this content in multiple versions in languages to reach out to a truly global audience In addition, ISIS was able to embark on these marketing and recruitment initiatives for little to no cost.

With the new technologies and the rising uncertainty and challenges that the world is facing recently, there is more urgency to reduce nuclear risks. this Agenda recommends that the next U.S administration can lead the way in further reducing the risk of nuclear use though diplomacy and by demonstrating leadership. they recommend also that the new president should narrow the range of scenarios in which the U.S. would consider using Nuclear weapons and urges other states with similar weapons to adopt similar positions. In addition, this agenda recommends that the U.S should work with Russia and china to reduce nuclear risks. Also to strengthen the Nuclear Non-Proliferation Treaty (NPT) regime and roll back and prevent proliferation- Agree on a P5 (China, France, Russia, the United Kingdom, and the United States) declaration that a “nuclear war cannot be won and must never be fought.”

 

https://media.nti.org/documents/Reducing_Nuclear_Risks_An_Urgent_Agenda_for_2021_and_Beyond.pdf

 

Trump’s inability to concede is greatly affecting the transition team and putting our country at a national security risk. Trump had fired Christopher Krebs, who served as the first director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.  Mr. Krebs, had overseen election cybersecurity efforts, and had joined other officials in declaring the 2020 election “the most secure in American history.” This statement is obviously in direct contradiction to Trump’s unbacked claims that the election was based in fraud. Trump and his legal team has frequently claimed that the 2020 election has been “stolen from him through fraudulent ballots and software glitches that changed millions of votes.” Trump had turned to his appointee, Krebs, in hopes that he’d help confirm his allegations that there had been Russian interference and Trump votes had been changed to Biden votes and Krebs did the exact opposite, leading to his immediate firing. 

Senator Angus King of Maine has stated, “Of all the things this president has done, this is the worst…To strike at the heart of the democratic system is beyond anything we have seen from any politician.” Senator King believed that Christopher Krebs was one of the most independent and competent people working in the Trump administration, putting partisanship behind and solely focusing on the importance of protecting American democracy. Krebs was not surprised though because it is reported that as early as June he had started to tell his colleagues he expected to be fired as the president started talking about a potential “rigged” election.

As someone who happened to be following Krebs on Twitter, I was struck with a profound sense of patriotism when after his firing he tweeted “Honored to serve. We did it right. Defend Today, Secure Tomorrow. #Protect2020.” As we move forward as public servants and political leaders that’s the message we should all get behind. Do it right, Fight for today, Secure a future for future generations. 

 

Sanger, D., & Perlroth, N. (2020, November 18). Trump Fires Christopher Krebs, Official Who Disputed Election Fraud Claims. Retrieved November 23, 2020, from https://www.nytimes.com/2020/11/17/us/politics/trump-fires-christopher-krebs.html

In the chapter “Who Could Be Planning A Nuclear Terrorist Attack? from her book “Nuclear Terrorism: The Ultimate Preventable Catastrophe”, author Allison Graham describes efforts by Al Qaeda and other terrorist organizations to obtain nuclear, chemical and biological weapons to use on the United States, American Allies, and Russia. One of the themes that I feel the author is really trying to convey is how easily non-state entities like Al Qaeda and Aum Shinrykyo have demonstrated the ability to get their hands on the material necessary to create WMD’s and in the case of Aum Shinryko, deploy these weapons in devastating attacks on civilians.

Based on this information, I would say that although they are still dangerous, the threat of North Korea and Iran having WMD’s pales in comparison to the threat of non-state actors possessing these kinds of weapons. While the regimes running those countries can be described as erratic, they can at least be negotiated with. For example, despite their bellicose rhetoric, the Obama administration was able to successfully negotiate the Joint Comprehensive Plan of Action (JCPOA) with Iran. However, when it comes to non-state actors there is really no one to negotiate and if and when they come into the possession of a WMD that they are able to use against the United States and its allies, there is not much we can do to prevent them.

As we rapidly approach the holiday season, we simultaneously advance upon the second wave of COVID. Although cases continue to increase in many parts of the world (like in Japan, India, and South Korea) in other countries, the worst of the Second Wave has passed. France, though initially filled with a lot of anger and violence over what many French considered an inadequate lockdown by Macron, may have already passed its peak of cases in this second wave. Despite continuous efforts by some Americans to practice precautions, many others continue to book flights despite discouragement, are making shopping plans for Black Friday, and somehow continue to disregard the severity of the virus. Apparently, Fox News (before being blacklisted by Trump and the Trumpsters of course) had a researcher from Hong Kong, Li-Meng Yan, come on the show to tell “the truth” alleging China’s malicious plans to spread the virus throughout the globe. The video from July shows the virologist speak out against China as a whistleblower, saying her life was in danger for speaking out about the origins and intentions of the virus. She also mentioned just “how dangerous” it really is. Despite many people on social media hailing her a hero and calling for asylum to allow her to remain protected in the U.S., many other scientists spoke out against the allegations.

After having watched the video, and seeing how both Fox and the virologist speak out against China and the danger the country presents, I can see how it is SO easy to fall in agreement with the virologist. After all, the initial whistleblower of COVID died trying to spread the news about the novel virus. And with China being very secretive about their findings, it is easy to see how people may be swayed into believing this. However, a NYTimes article recently came out highlighting the agenda behind the claims of a lab-created Coronavirus.

The article explains that though a lab-leak has technically not been ruled out by U.S. intelligence, there is an enormous amount of research proven to support that the virus originated in an animal before moving its way to humans. The article explains that Dr. Yan and American conservatives worked united to speak on this based on their shared anti-Chinese sentiments. Whereas Dr. Yan worked with other anti-Beijing spokespeople while in Hong Kong to denounce the government’s alleged practices, conservative America appeared to follow Trump’s anti-China rhetoric. They fell so uniformly into this baseless idea, that it allowed some of the responsibility of the handling of the outbreak off of Trump and instead onto China. Apparently, Stephen Bannon and fugitive Chinese billionaire Guo Wengui coached Dr. Yan and told her to not mention either one of them, with Bannon pushing the theory of a leak, though he claimed not believing the leak to not be intentional. Dr. Yan eventually met with experts from Georgetown to explain her beliefs, but they could not seem to come to an explanation as to the weaponization of the virus. Trump tweeted a clip of her claiming China intentionally spread the virus, with Tucker later on announcing on his show that he could not endorse Dr. Yan’s theories despite inviting her once more on the show.

This entire whirlwind of events is as fascinating as it is terrifying. At this time, Dr. Yan’s mother says she is worried for her daughter’s safety as they have not spoken in months. Despite much controversy regarding the origins or “agenda” of the novel virus, the greatest threat remains the same for now: people disregarding its gravity.

Fear? Spanish born philosopher Seneca[1] formulated it, more than 2000 years ago. Banks, de Nevers, and Wallerstein[2] put it somewhat more cautiously

It is not known to what extent the policy choices in combating terrorism are driven by the fear of a terrorist threat rather than by terrorism itself.

Perhaps the greatest of all motivations are love and fear. I wrote about love in a previous blog. As far as cyberthreats are concerned, not only this but the complexity of the question is terrifying too. Mandel describes en detail seven attributes of each of the cyber attackers and the cyber targets. One might think that just as much caution is required in traditional warfare. However, the conflict takes place in and around the virtual space and thus motives and consequences can only be assessed with conventional methods to a limited extent. And if you don’t know where the danger comes from and what it aims at, you should heed the advice from Mandel’s book[3]:

As a result, public and private cybersecurity decision-makers must strive to resist the temptation of giving in to calls for immediate drastic retaliation in response to any cyber intrusion and instead prudently and dispassionately assess what should be done to promote global restraint.

Is cyberterrorism perhaps less bloody or costly than the RAF or ETA, which is at least well known to Europeans? Hope is deceptive. As to details released by Downing Street on Wednesday[4], the defense budget will receive £ 16.5 billion in additional funding over the next four years, in addition to the plans in last year’s ruling Conservative Party election program. The British Ministry of Defense currently has an annual budget of £ 40 billion, so defense spending will increase by around 10 percent a year over the four-year program. A substantial part goes into the fight against cyber terrorism. Some European states have also pushed through massive increases in their defense budget, not entirely independent of the perceived American threat of troop withdrawal.

Fear… The proliferation of the use of artificial intelligence in the military (and other armed services) is less about competition between the great powers, but rather a lucrative global project for the corporate and government elites to maintain control over the restless population at home and abroad. And there he comes again: Big Brother.  On the other hand, cyber and robotic systems can also have the advantage of being able to subtract human cruelty from the calculation: say, subtracting people from targeting decisions and programming ethical constraints on robots, for example, to prevent unnecessary attacks on hospitals and schools. Unfortunately, there have been plenty of cold-headed massacres throughout history, and there can be no doubt that there will be people who can override robots. W. Singer[5], a political scientist at the New America Foundation who specializes in 21st-century warfare, believes that only machines operating with non-lethal weapons should be automated.

With a bit of an outlook on world politics, it’s also interesting if Mr. Biden insists on a policy of “democracy exports” in the post-Soviet region, the confrontation between Washington and Moscow could deepen, or Mr. Putin could commit himself to desperate steps until a new president is inaugurated. And we have already seen what Russian trolls can do.

Fear! A horrifying example is the 2017 short film Slaughterbots, made by civilians worried about the future of human life: in this, terrorists massacre a school with small smart drones controlled by a remote control next to a van.

[1] “Peior est bello timor ipse belli”

[2] William C. Banks, Renée de Nevers, and Mitchel B. Wallerstein, Combating Terrorism: Strategies and Approaches, Washington, DC: CQ Press, 2008, Chps. 1&2 (pp. 1-62)

[3] Robert Mandel, Optimizing Cyberdeterrence: A Comprehensive Strategy for Preventing Foreign Cyberattacks, Washington, DC: Georgetown University Press, 2017, Chapter 8

[4] Beale, Jonathan. 2020. “Defence Funding Boost ‘Extends British Influence’, Says PM”. BBC News. https://www.bbc.com/news/uk-54988870.

[5] Singer, Peter Warren. 2010. Wired For War. New York: Penguin Books.

While a lot of focus in cybersecurity is rightfully on securing federal systems, a vulnerability that is becoming even more obvious are a nation’s cities. In 2018, the city of Atlanta was the victim of the SamSam ransomware attack. It brought critical services to a halt and erased important city data, like videos from police officers’ dashboard cameras. Atlanta was the largest city affected, but nearly 200 other cities and companies were victims of the SamSam attack, including Newark, NJ.

An inspector’s report before the attack took place revealed incredible vulnerabilities in Atlanta’s systems including 2,000 vulnerabilities marked as “severe” and 100 servers running an old version of Windows Microsoft had stopped supporting 3 years earlier. The SamSam virus relied on “brute force” rather than more common phishing attacks. This meant it was looking for weak or default passwords to gain access.

A few days ago, the city of Saint John in Canada revealed it was the victim of a ransomware attack and had yet to determine whether to pay the ransom. While it did not believe personal information had been compromised in the attack, it encouraged residents to monitor their bank accounts and acknowledged some city services would be unavailable or running on analog processes until they could regain access and secure the systems.

Atlanta was able to keep critical infrastructure like water and emergency services running in part because it was prepared to go to manual backup processes. It is essential that cities be prepared for cyber attacks crippling key systems, but it is also evident that city and state governments need to take cyber security more seriously. A city government, especially of a major city like Atlanta with one of the world’s busiest airports, is a tempting target. Gaining access to city records could also make it easier to target persons of interest who happen to reside in those cities.

I’m often surprised at how many people lack awareness of basic cyber security measures, like keeping software up to date and using strong passwords and two-factor authentication. While everyone could benefit from learning foundational concepts, city employees should receive advanced training and city infrastructure should be held to higher standards. Working for a major tech company has certainly taught me a lot about cyber security, but the key thing I learned is that while it’s certainly important to have secure code and strong firewalls, the primary way systems are breached is through front-line employees. Leaving devices unlocked and unattended, weak passwords, or offering potentially sensitive information to someone posing as a fellow employee without verifying their identity, and of course, clicking links in suspicious emails are all common ways employees can compromise security, and much easier for bad actors than hacking a system’s code.

Two Iranian citizens were indicted in US court over the SamSam attacks, but are almost certain to never appear. Protecting the federal government is critical to our national defense, but we shouldn’t forget to protect our cities and the critical services they provide.

I find it horrifying and laughable that QA Khan circulated hundreds of catalog brochures for nuclear weapon components at one point in our recent history. It seems the stuff of a Hollywood action flick starring Charles Bronson and Lee Van Cleef.

On a more sobering and equally alarming note, the readings this week mention a scenario from the late 1990s when members of Congress held a private meeting where U.S. General Alexandar Lebed revealed that eighty-four 1 kiloton Soviet suitcase nuclear devices were missing and unaccounted for.

The Alison readings from this week further describe the reality that approximately  200 unique sources of fissile material exist, from where terrorists might acquire support for developing a nuclear bomb. It appears that if a group of actors has the technical knowledge and earnest motivation, they can likely carry out the most destructive and heinous acts: the detonation of a nuclear device.

In this context, global security and the propensity for cataclysmic destruction hinges on a delicate balance. This merits the following questions: What mechanisms and policy initiatives deter nonstate actors sourcing nuclear weapon components from the web of illicit supply networks encompassing Lybia, North Korea, Pakistan, China, and others? And what role will the United States and Europe play in this effort under President Biden’s administration?

The readings this week also point to the rapid evolution of Cyberwarfare. Ten years ago, the threat of cyberattacks was contained to the destruction of data and digital networks. After Stuxnet, the barrier between the physical world and cyber domains has been significantly eroded. Today, cyber offensives have the potential to destroy critical infrastructure and supply chains.

Unlike nuclear weapon development programs, which the U.S. and others can suppress in countries like Iran, cyberwarfare capabilities are difficult if not impossible to suppress. Counterattack measures might be the best and only deterrent to cyber engagements. However, when the U.S. launches a cyber offensive against an advisory it runs the high-risk that those same capabilities can be quickly duplicated and directed back towards the U.S. at a later date.

When cyber offensives are directed towards IP theft, it causes major concerns for U.S. national security. For example, Chinese cybercriminals stole Pentagon secrets describing details behind strategic weapons systems like the Patriot missile and F-35 fighter jet programs, as mentioned in the readings this week. I am left wondering how the U.S. stops cyber offensives designed to steal our strategic IP.