MS Risk Blog

Possible Consequences of the Recently Enacted Russian Internet Law

Posted on in Uncategorized title_rule

The Russian “sovereign internet” law that took effect on November 1 gives the Russian government the possibility to switch off internet connections within Russia from external traffic “in an emergency”. What constitutes one is up to its government. There are two important aspects of this law: cyber security and surveillance.

Let us first deal with the cyber aspect. Russia claims that the law is only meant to be a protective measure in response to the US’ introduction of more aggressive cyber security policies. It aims to reduce reliance on foreign services by requiring internet service providers to install network equipment using deep packet inspection (DPI) which is capable of identifying the source of traffic and filter content. A back-up domain name system (DNS) will come into operation in order for Russia’s own domestic internet to continue functioning. Internet service providers will have to disconnect from foreign servers and rely on this DNS instead. In this way, it will have a back-up internet when it shuts itself off from the global web.

The parallel web run solely on Russian internet servers is meant to enable Russia to combat incoming cyber-attacks and to preserve their own domestic network if the West decide to cut the country off from the world wide web. These are certainly some of the secondary benefits of the law. However, a security expert said that this law signifies that Russia is preparing to protect itself from the consequences of launching cyber-attacks. Russia knows that if it undertakes a cyber-attack there is no guarantee that it won’t damage their own economy and systems. By pre-emptively cutting itself from the internet, it can avoid the blowback effect its attacks would have on its own internet.

The second aspect of this law is that it is part of a global trend to try to take control over the internet. These measures, including website blocking and mass surveillance, are in practice much better at monitoring and controlling the country’s own population than they are at fighting foreign interference. This suggests that the law will have greatest effect on freedom of expression rights. In addition, Russia cannot completely cut itself off from the internet if it wants to maintain contact with foreign entities for purposes such as trading. It therefore seems unlikely that Russia would go so far as cutting itself off as long as it wants to maintain business relations. Again, that suggests that the law might be used for the purposes of monitoring Russia’s citizens rather than for cyber protection as the country claims.

That said, it is also true that as a state becomes more dependent on the internet for its infrastructure, it becomes more vulnerable to attacks. Russia knows this well as it has become involved in two of the most direct examples of what we generally describe as cyberwarfare, involving Estonia and Georgia. According to a security expert, in the event that a war breaks out between Russia and NATO it is likely that Russia would be quick to cut its internet off from external traffic. Russia’s internet traffic, like many other countries’, is routed through US exchange points. The fear was that Russia relied too heavily on the US for their internet access. The law intends to solve this by requiring implementation of technical measures that will re-route it through national exchange points instead.

Tech analysists have questioned whether this will actually work in practice. The law does seem to have a feature that is common in laws relating to the internet – that it will be very hard to implement in practice. Russia also has a “pretty poor track record” of technical implementation when trying to impose its national security ideas on the internet. Increasing their cyber defence has been on the Russian government’s agenda for years. This process only accelerated after the 2008 war with Georgia where Russia’s armed forces’ performance in the information domain was criticised. However, back in 2012 internet platforms and service providers said they couldn’t do what the current law requires. It simply wouldn’t work with the internet because it relies on free flow of information across the borders.

But on the other hand, Russia has come a long way since then. It has been practicing and trying to get the technical measures in place for a sufficient number of years now. One thing Russia has been working on is technical measures that can clamp down sources and means of communication that it dislikes. The other thing the country has been doing is to conduct trial runs of the so-called internet kill switch. These were overseen by the country’s telecom watchdog Roskomnadzor, which regulates the internet. Roskomnadzor also began installing the equipment required by the law in September 2019.

The enactment of this law tells the rest of the world that Russia can survive, and even thrive, in complete isolation.  This may be particularly concerning for NATO after Colonel Jaak Tarien’s, the chief of NATO Cooperative Cyber Defence Centre, commented on December 4 that it has been slow in its response to the threat of cyber-attacks. “Unless it is a real war, NATO moves at NATO’s pace”, he said ahead of the NATO leaders gathering in London to discuss issues related to cyber security. Still, the law will most likely not have any immediate dramatic effect. The country does not yet have a switch it can simply flick when it suddenly wants to do something.

As such the actual effects this law will have is difficult to predict. However, instead of deterring other countries from launching cyber-attacks against Russia, the enactment of this law may actually encourage them to increase their own cyber abilities. Meanwhile its effects in relation to increased censorship and surveillance could encourage more protests like the ones that took place when the law was first signed.

Swedish Gang War: Problem and Solution

Posted on in Uncategorized title_rule

Denmark has implemented temporary strict border control in Sweden after a series of bombings and shootings throughout this year. The Danish government has put the border control within Øresund bridge which will remain in place until May 2020. The bridge is separates Denmark’s capital, Copenhagen, and Swedish third’s largest city, Malmo. These two cities have been the major location of the shootings and bombings that have happened this year. Authorities believed that all the shootings and bombings were orchestrated by organized crime based in Sweden, which currently is in the middle of gang war. Since the beginning of this year, 13 bombings have happened in Copenhagen. The gang war has also heavily occurred in Sweden. Sweden’s national police has been called out to more than 100 blasts this year, with 30 of them happening in the past 2 months. In Malmo alone, 29 explosions and 5 fatal shootings have happened this year. The most recent incident happened on 10 November, when a 15 year-old teenager was killed during a shootout near a pizza place in Malmo. The rise of gang-related violence in Denmark is caused by no other than the increase of participation within organized crime among Swedish nationals.

Authorities has successfully pinpointeds several specific demographis for gang members who are involved in the gang war. It is known that most of the perpetrators are young males under the age of 30, unemployed, with immigrant and poor backgrounds, and also do not possess high school diplomas. These particular demographics have contributed to the rise of organized crime participation in Sweden, which have also been caused by the feelings of non-belonging in the country. These people are not even fluent in Swedish and grew up in a neighbourhood which sees drug dealing as being the most successful occupation within the area. Authorities has been addressing this particular neighbourhood as a “vulnerable area”. In this neighbourhood, several social issues such as high unemployment, segregation faced by immigrants, school drop-outs, and drug trafficking have occurred. According to these facts, it is believed that Swedish government should try to implement preventive action to tackle these social issues from becoming factors of organized crime involvement among Swedish people. Decreasing the growth of these particular social issues will need an implementation of long-term policies. For example, a long-term Swedish language education and counselling for immigrants will eventually eliminate language barriers, which are believed to be one of the factors of segregation faced by foreign-born inhabitants. However, so far the Swedish government only considers action which directly targets the gang-related violence.

The Swedish government has granted the authorities new powers to tackle gang-related violence through a new policy called the 34-point plan. With this policy, the Swedish police will be able to deploy spyware which will intercept encrypted communication within a particular device in order of conduct espionage towards suspects. Other than bypassing encryption, this spyware will also enable authorities to turn on microphones and cameras within the devices of the suspects. This new power received by the authorities will hopefully create a safer society since the violent gangs often use encrypted services for communication. Unfortunately, this policy is not enough to produce a long-term solution. To create a long-term outcome, the need to eliminate the factors of gang-related violence must also be addressed, not only the violence itself. The Swedish government should focus on creating policies which will improve the quality of life and decrease the social issues within the so called “vulnerable area”. By doing this, it will eventually lead to the decrease of gang-related violence, though it is likely not impossible to eliminate it totally.

Social Media and Foreign Influence: Implications for the December 2019 UK General Election

Posted on in Brexit, Britian, Cyber, United Kingdom title_rule

With less than a week until polling day, the 2019 UK general election campaign has been marred with accusations of fake news, misleading political propaganda and ‘dystopian’ electioneering tactics. The key issue is a lack of clear legal regulation regarding the use of social media for campaigning, leaving platforms open to abuse and misinformation. 

 

Attempts had been made before the departure of Theresa May to implement changes that would clearly define the legal role of social media platforms operating in the UK in regard to political advertising. However, according to senior civil servants and government officials, the current dominance of Brexit in the policy making schedule and uncomfortable questions about the legality of the Brexit referendum campaign make the implementation of sufficient safeguards difficult. Additionally, there is an inherent issue in tasking politicians who may benefit from lax social media regulation to legislate against their own interests. 

 

For individuals, there are two clear issues. First is the micro targeting of social media users. The information Commissioners Office and the Electoral Commission have warned against misusing individuals data, such as their address, age and interests to target potentially misleading ads directly at certain demographics. Secondly, and with specific regard to Facebook, adverts containing false information or misleading claims are allowed to go unverified, and against Facebook’s policies against fake news, due to the platform’s categorisation of political ads as ‘opinion pieces/satire’. This is problematic; over 5000 ads on Facebook alone have been purchased by the three major political parties. 

 

The responsibility for upholding advertising standards has fallen largely on social media platforms themselves. Twitter and Tiktok have banned political advertising across their platforms, however, fake accounts still have the potential to spread misleading political information disguised as ‘fact’. This issue was highlighted by the November 19th rebranding of the official Conservative Party Press Office account into ‘@factcheckUK’. Google has banned 8 separate Conservative advertisements for ‘violating advertising policies’, one of which saw the fake website ‘labourmanifesto.co.uk’, designed to mislead voters about Labour policies, removed for buying advertising in order to manipulate search traffic and shift interest from the real Labour manifesto. The Brexit Party too, has seen five of its adverts removed. Labour and the Liberal Democrats are yet to have advertisements removed by Google. 

 

It should be noted that due to long standing calls for reform, critique of the current regulatory system and examination of existing loopholes for the spread of disinformation, some researchers have voiced concerns that the government has created an ‘election interference playbook’, without sufficiently addressing any of these avenues of exploitation in law. This is where the discussion shifts from the underhanded tactics of party politics, and instead has implications for national security. 

 

There is concern that actors other than British political parties may seek to benefit from the spread of disinformation in the UK general election, specifically, the Russian government. Draft documents from the UK-US Trade and Investment Working Group were leaked online and later picked up by the Labour party in order to undermine Boris Johnson’s position on the National Health Service. The account, which published the documents on Reddit a month before they gained widespread media coverage, was determined to be of Russian origin, along with 60 other Reddit accounts linked to a ‘coordinated effort’ from Russia to spread misinformation. Despite claims from both Johnson and Corbyn that Russian interference is ‘nonsense’, given previous Russian involvement in the 2016 US presidential election, and the recently uncovered ‘Secondary Infektion’ disinformation scheme, also coordinated from Russia, concerns about attempted Russian interference in the upcoming election should be further investigated. 

 

Ideally, these issues would be addressed in the yet-to-be-published Intelligence and Security Committee report, which is expected to contain an examination of Russian interference in UK politics, the Brexit referendum and the Conservative Party. Until this report is published, the full scale of Russian attempts to undermine UK democracy is unknowable. Whatever the outcome of Thursday’s election, questions regarding the legitimacy, independence and democracy of the UK political system will remain. 

New Military Operations Launched in Mali and in Burkina Faso’s Border Regions

Posted on in Uncategorized title_rule

The Malian army is currently carrying out a massive offensive in the centre of the country, which has helped to put a number of terrorists out of action.  On Monday 11 November, the Malian government released a statement saying that security forces of Mali have been engaged for a few days in a large-scale offensive against terrorist bases in some localities in the central Mopti region of the country. The statement went on to say that several extremists had been killed, without specifying the number, adding that a number of vehicles and motorcycles were burned, identity cards of several nationalities were found and military effects were recovered.    The government indicated that the operation is being carried out with the support of the Malian Air Force.  The operation comes in the wake of two recent deadly attacks that have claimed the lives of a hundred Malian soldiers in one month in what is one of the army’s heaviest losses since the 2013 French-led military intervention to oust extremists in northern Mali.  According to a statement released by Malian officials, faced with mounting pressure to contain the jihadist insurgency, President Ibrahim Boubacar Keita had ordered the development of a “new operational concept that gives an important part to the offensive.”  The Malian government also formally denied the capture, and subsequent depiction on social media networks, of armoured vehicles by jihadists during recent attacks targeting positions of the Malian army.

While limited information has been released regarding the offensive in Mopti region, it coincides with another operation, known as “Bourgou 4,” which is being led by the French force Barkhane alongside local armies in the tri-border region of Burkina Faso, Mali and Niger.  This operation was launched at the request of Burkinabe authorities, who are struggling to contain the growing jihadist threat within the country. French Armed Forces Minister Florence Parly announced the launch of the offensive during a visit to the region on 6 November, though sources in Burkina Faso have suggested that the operation has already started.  The operation represents an expansion of France’s operation in the Sahel region, and while the country has given air support to Burkinabe troops and small numbers of French troops are known to have operated in Burkina Faso for some time, this current operation represents France’s first major commitment of ground troops in the West African country.

Two Pirate attacks Reported in W. Africa in Recent Days

Posted on in Uncategorized title_rule

On Monday 4 November, pirates attacked a Greek oil tanker off the coast of Togo and fled after taking four crewmembers hostage, just two days after a similar attack was carried out in the waters of neighbouring Benin.

Officials have reported that those kidnapped in Monday’s attack include two Filipino nationals, one Greek and one Georgian. One security guard was also shot and wounded in the attack.  A statement released by the Togolese Navy disclosed that “Monday, 4thof November 2019, around 0300, the tanker boat Elka Aristotle (…) was attacked around 18 kilometres (11 miles) from the port of Lomé by armed individuals.”  The vessel’s manager, European Product Carriers Ltd. confirmed the early morning attack, though provided no further details. Greece’s shipping ministry has meanwhile disclosed that it is “closely monitoring the issue.”  The Togolese Navy has also reported that armed guards were present on the Greek vessel and tried to fight off the attackers, noting that one was wounded in the incident.  An investigation into the attack has been opened.

Monday’s attack follows the abduction by pirates of nine Filipino crewmembers from a Norwegian-flagged boat off the coast of Benin on Saturday 2 November.  A vessel owned by Norwegian shipping firm J.J. Ugland was boarded by pirates while at anchor off the coast of Benin on Saturday, with nine crewmembers kidnapped, the company confirmed on Sunday. A statement released by the company indicated that the remaining crew of the Norwegian-flagged MV Bonita notified local authorities and the vessel docked at the port city of Cotonou later on Saturday, adding that the vessel was destined for Benin.  Citing safety reasons, the company did not reveal the crew’s nationalities or how many had avoided capture.

Third quarter figures this year released by the International Chamber of Commerce International Maritime Bureau (IMB) indicate that there were fewer incidents of piracy and armed robbery against vessels than the first nine months of 2018.  So far this year, a total of 119 incidents of piracy and armed robbery against vessels have been reported, compared to 156 incidents for the same period in 2018.  Overall, the 2019 incidents comprised of 95 vessels boarded, 10 vessels fired upon, 10 attempted attacks, and four vessels hijacked. The number of crewmembers taken hostage through the first nine months of this year has declined from 112 in 2018 to 49 in 2019.  While the overall number of incidents has declined, the IMB notes that incidents involving guns and knives remain consistent, stating that there have been 24 knife-related and 35 gun-related incidents reported this year, compared to 25 and 37 for the first nine months of 2018.  The statistics confirm the IMB’s concerns over continued threats to the safety and security of seafarers.

While piracy has decreased worldwide, West Africa’s Gulf of Guinea remains a high-risk area for abductions and armed robbery.  The region accounts for 86% of crewmembers taken hostage and nearly 82% of crewmember kidnappings globally.  So far this year, Lagos, Nigeria has reported 11 incidents – the highest number of any port in the world.  Despite reporting more attacks than any other country, Nigeria saw its attacks reduced in the third quarter of this year from 41 during the same period in 2018 to 29 in 2019.  Nevertheless, the greater Gulf of Guinea region remains the piracy hotspot.  Recent attacks in the region include the July incident of a general cargo vessel that was hijacked approximate 120 nautical miles southwest of Brass.  Ten crewmembers were kidnapped from the vessel and were released four weeks later. In August, a bulk carrier and a general cargo vessel were boarded within ours of each other at Douala anchorage, Cameroon.  A total of seventeen crewmembers were kidnapped from the vessels.  Within six weeks, all kidnapped crewmembers were released. This incidents demonstrates the range of piracy activity in the Gulf of Guinea and that all types of vessels are vulnerable to attack.  ICC IMB Director Pottengal Mukundan notes that “although incidents are down, the Gulf of Guinea continues to be a concern for piracy and armed robbery-related activities with kidnappings of crewmembers increasing in both scale and frequency,” adding that “it is important that shipmasters and owners continue to report all actual, attempted and suspected incidents to ensure that an accurate picture of these attacks emerge and action is taken against these criminals before the incidents further escalate.”