venerdì 23 febbraio 2018

Cyber Security

Start with:
https://www.difesa.it/InformazioniDellaDifesa/periodico/Periodico_2017/Documents/Numero3/ID-3_2017_ridotto.pdf The article begins on page 8
NATO
EU
ITALY
Cyber Attacks
Cyber Security and the Intelligence Services
Cyber Security and National Security
Cyber Diplomacy

domenica 18 febbraio 2018

The role of the new media and communications technologies in international relations – some notes


New media and communications technologies’ are broad terms which refer to a wide range of things and ideas – new communications technology infrastructure, such as Internet /what is found on it, search engines like Google, the World Wide Web (an information space) and websites of all kinds, the social media, such as Facebook, Youtube and Twitter, the kind of interactive web-sites that use new technologies to generate and pass on information and comment on a massive scale / cell phones,PCs and tablets and other devices for connecting to Internet and operating on it / even satellite TV and traditional media like the press as they go online and become more interactive (#). The new media, in turn, make possible the creation of open web communities within a country and across borders. Many experts argue that this has led, and will continue to lead, to a greater democratization of politics, i.e. the general IT computer-literate public will be able to share and receive information, discuss and debate issues, exchange and evolve opinions, and plan and coordinate political action via the Web independently of governments. Thus political dissidents, for example, may be able to communicate with each other and with the outside world. In such a scenario politics and our knowledge of world events will no longer be exclusively in the hands of a political élite (democratically elected or not) and a media élite (democratically controlled or not). Cell phones, for instance, usually make it possible to provide some visual and text material relating to real time events even when an authoritarian regime attempts to block the information flows on Internet. This was demonstrated during the anti-government demonstrations in Iran and Myanmar in 2009.
Only time will tell whether this vision of the changed nature of politics is real or simply idealistic wishful-thinking. After all, neither the government in Iran nor that in Myanmar actually fell at that time, and temporarily blocking the internet or a clamp-down on internet freedom has not always proved impossible, as the situation in China has demonstrated. However, a real shift in power away from central governments may be taking place, given the role of the new media in the Arab Spring (not only Internet and social media alone but also in combination with satellite TV, like Al Jazeera in Arabic #), starting in Tunisia in December 2010 and spreading across the Arab world in 2011-13, and helping to bring down the regimes in Tunisia, Egypt (at least temporarily), and Libya and threatening those in Bahrain, Yemen and sparking the Syrian civil war. It seems clear that the new media can be used very successfully by broad-based movements calling for political change. One should bear in mind, however, that without widespread discontent and active physical commitment to opposition to a regime (a willingness by people to protest on the streets), it seems unlikely that these new technologies in themselves will lead to real democratic change where an authoritarian regime holds power, except perhaps in the very long term (as they gradually alter the political environment and expectations regarded as normal by a particular generation).
In an old interview Bill Gates pointed out that we are still in the early stages of the information revolution, so the future is difficult to predict (the equivalent of being present at the industrial revolution in 1790 and trying to predict its future course). What is already clear, however, is that governments, democratic and non-democratic, are being forced to respond to the challenge of the new media, whether they see it as a positive factor or a threat to their authority and independence. Governments, political parties, government offices and public agencies at all levels, lobby groups, NGOs and individual politicians (as well as companies and the private sector) have all gone online in order to respond and interact with ordinary citizens. Meanwhile social-networking sites provide space for discussion of and response to all the information provided by these and other sources such as the traditional media (newspapers, radios, TV channels and their related web sites) and blogs.
For diplomats the new media offer rapid access to events as they unfold and sometimes more accurate and detailed information about those events than that immediately available from traditional channels and sources, as well as easy communications within the diplomatic corps and the diplomatic community. They also offer a platform from which to explain the country’s foreign policy and a forum in which diplomats can monitor public reaction to policies proposed or implemented, dialogue with citizens and groups and respond to criticism or misunderstandings. At the same time the growth of the new media often means growing pressure on diplomats to respond in real time to events as they occur, and diminishing space for secret or quiet diplomacy (e.g. the release by Al Jazeera of the Palestine Papers in 2011). It may also mean less secure channels of communication if whistle-blowers, for whatever reasons, decide to reveal internal communications. This was always a danger in traditional diplomacy. Compared with whistle-blowers in thr past, the difference today in the Manning and Snowden cases is the amount and sensitivity of the information that they had access to, and the ease with which this information can be disclosed and disseminated. The same is true for the Palestine Papers case.
Chelsea Elizabeth Manning (born Bradley Edward Manning) is a United States Army soldier who was convicted in July 2013 of violations of the Espionage Act and other offenses, after releasing to WikiLeaks the largest quantity of classified documents ever leaked to the public. Much of the material was published by WikiLeaks or its media partners between April and November 2010. The material included videos of the July 12, 2007 Baghdad airstrike, and the 2009 Granai airstrike in Afghanistan, 250,000 U.S. diplomatic cables and 500,000 army reports that came to be known as the Iraq War logs and Afghan War logs. The case of the Palestine Papers and Al Jazeera, is emblematic of the new difficulties that diplomats face in this new environment. A Palestinian diplomatic team, in good faith, had exploratory talks with the Israelis, discussing hypothetically which of their goals they would be prepared to give up or compromise in order to obtain a comprehensive treaty with Israel. Documents relating to these meetings were leaked from the office of the main PLO negotiator, Sa’eb Ereka to Al Jazeera which posted and broadcast them in January 2011, causing enormous embarrassment to those involved. Edward Snowden, a former contractor for the CIA, left the US in May 2013 after leaking to the media details of extensive Internet and phone surveillance by American intelligence. The NSA had been secretly collecting US telephone records. Mr Snowden was granted temporary asylum in Russia but faces espionage charges in the US concerning his actions.http://en.wikipedia.org/wiki/Palestine_Papers
http://en.wikipedia.org/wiki/Chelsea_Manning
http://en.wikipedia.org/wiki/Edward_Snowden
Another concern is the overall security of this interconnected system of communications. For example, could Internet be taken down by a massive cyber-attack or a physical assault of some kind? The web is run by over 504 ‘root name servers’ (Jan 2016) in over 76 countries. One of them in California runs 80 million company addresses.
https://en.wikipedia.org/wiki/Root_name_server
https://www.weforum.org/agenda/2016/08/who-owns-the-internet-and-who-should-control-it
They are usually housed in a secure location with various back-up power systems. Should any of these root servers fail or be taken down there is a back-up network where systems management information is copied, which would thus be able to take over in the event of an attack and keep the system going. So, according to Bill Gates, it is difficult to see how a cyber-attack or even a physical attack by a terrorist group on the site of a root server could really endanger the system. Again, however, he stresses that we are in the early days of computer technology and all predictions are doubtful.
Another worrying factor is the disruption to electronic systems that could be caused by some kind of atmospheric disaster, natural or man-made, which disables the global satellite system that relays much of our communications. Are we becoming too dependent on a fragile system? For example, rather alarmingly, some experts argue that the system as a whole may be at risk from extreme solar storms which pose a threat to all forms of high-technology. They begin with an explosion, a solar flare in the magnetic canopy of a sunspot.  X-rays and extreme UV radiation reach Earth at light speed, ionizing the upper layers of our atmosphere The side-effects include radio blackouts and GPS navigation errors. Minutes to hours later, the energy particles arrive.  Moving only slightly slower than light itself, electrons and protons accelerated by the blast can electrify satellites and damage their electronics. Then comes the coronal mass ejection, a CME, billion-ton clouds of magnetized plasma that take a day or more to cross the Sun-Earth divide.  Analysts believe that a direct hit by an extreme CME such as the one that missed Earth in July 2012 could cause widespread and long-term power blackouts, disabling everything that plugs into a wall socket. Electronic communications systems would be hit, and perhaps nuclear facilities too. 
http://science.nasa.gov/science-news/science-at-nasa/2014/23jul_superstorm/
As regards who controls Internet, the Internet Corporation for Assigned Names and Numbers (ICANN) is a nonprofit private organization headquartered in Los Angeles, California, that was created in September 1998 to oversee a number of Internet-related tasks previously performed directly on behalf of the US government by other organizations, notably the Internet Assigned Numbers Authority (IANA), which ICANN now operates. ICANN is responsible for the coordination of the global Internet's systems. ICANN was given a mandate by the US government requiring that it operate "in a bottom up, consensus driven, democratic manner."
From the start of this century there were various proposals to transfer authority to a UN body and ‘give the global South greater control over how the Internet is run’. However, liberal opponents claimed that the existing set-up was more likely to prevent or minimize censorship, surveillance and interference with internet freedom by governments. In October 2013, Fadi Chehadé, then President and CEO of ICANN, met with Brazilian President Dilma Rousseff in Brasilia. The two announced that Brazil would host an international summit on Internet governance in April 2014. The announcement came after the
2013 disclosures of mass surveillance by the U.S. government, and President Rousseff's speech at the opening session of the 2013 United Nations General Assembly, where she strongly criticized the American surveillance program as a "breach of international law". The "Global Multi-stakeholder Meeting on the Future of Internet Governance (NET mundial)” included representatives of government, industry, civil society, and academia. The meeting produced a non-binding statement in favor of consensus-based decision-making. It reflected a compromise and did not harshly condemn mass surveillance but the final resolution said ICANN should be under international control by September 2015. A minority of governments, including Russia, China, Iran and India, were unhappy with the final resolution and wanted multi-lateral management (mainly by governments) for the Internet, rather than broader multi-stakeholder management. Critics said that would give governments too much decision-making power, for example via the United Nations, and be more likely to encourage individual nations to control their national fire-walled domains which could be more easily monitored and filtered, as with telephone systems influenced by the International Telecommunication Union. The 2015 date passed and the US government extended the target date for another year. In October 2016 the U.S. government’s Commerce Department gave control of Internet (via IANA) to ICANN in order to respond to criticisms of US interference and ensure broader multi-stakeholder management by technical experts, as well as representatives of governments and businesses.
The Internet Governance Coalition, a group of companies that includes Facebook, Google, Microsoft and Verizon, also expressed approval of the move but offered a measured assessment.
"A plan has been implemented that includes strong accountability measures and upholds the bottom-up approach that embodies the very nature of the open internet we experience today," the group said in a statement prepared Friday. "Although this is an important step in the transition process, there is still much work that needs to be done to ensure the accountability and transparency of ICANN. We look forward to working with the multistakeholder community on these ongoing efforts."

However, growing concern about privacy issues, disinformation and false news campaigns for the purposes of political manipulation have raised huge and complex questions about the governance of the Internet and social media.
In the context of the terrorist attacks in Europe in recent years in 2016 the Eu moved to counter the spread of extremism online:
and in 2017 began to move on fake news:

As regards cyber-attacks by states, individuals or groups on an individual state or particular institutions, one of the earliest examples occurred in Estonia in 2007 when coordinated cyber-attacks on web sites belonging to the government, banks and telecommunications companies were launched, apparently, from within Russia.
https://en.wikipedia.org/wiki/2007_cyberattacks_on_Estonia
http://www.washingtonpost.com/wp-dyn/content/article/2007/05/18/AR2007051802122.html
 
http://en.wikipedia.org/wiki/Cyberwarfare
Such an attack can be highly effective and temporarily completely disrupt a society. It might be an end in itself, or the first step towards a military attack . Similarly effective are attacks designed to hack into supposedly secure systems for espionage purposes. Amid claims that there have been cyber-attacks from China on the US, the US and its NATO allies have become increasingly aware of the dangers and say they are working to improve defense systems against such attacks.
http://en.wikipedia.org/wiki/Cyberwarfare_in_China

Governments can also use the web, and not merely to provide citizens with information, but also for propaganda purposes in order to control and manipulate public opinion (domestic disinformation, a criticism often made of China, Russia and Iran). However, the permanent elimination of sites that a government disapproves of, whether those of terrorists or dissidents, is much more difficult. It involves constant vigil and control, and is at best only partially effective, since a site which is blocked can be reactivated with a new address or hidden within a link from another innocuous site, and firewalls and other barriers to block access to information can often be skirted (circumvented). On the other hand, China has had considerable success in putting pressure on foreign servers operating in English and Chinese in China to block certain key-word searches and access to some sites. Many experts argue, however, that the Chinese one-party government is less worried about the influence of information coming into China from abroad than about dissent and unsupervised discussion within China between Chinese citizens. A recent report claims that the government pays around 50,000 people to write and post pro-government articles on social network sites and to infiltrate, spy on and denounce dissident groups and individuals. So it is not clear how much security and anonymity on-line critics of the Chinese government within China really have.
The US has a sophisticated system (ECHELON) for monitoring
a large proportion of the world's civilian email, telephone, fax and data traffic, which it has used to combat terrorism, to the annoyance of many civil rights groups. This works in two ways. First, all the communications of a known suspect can be closely monitored. This is often very effective. Second, general communications can be monitored on the basis of the use of  key words or expressions. This is obviously much less effective. It requires significant man-power and extensive use of translation. As traffic on the internet expands so will the costs, so that this kind of monitoring will always involve a large amount of luck.http://www.youtube.com/watch?v=WGSYktqmlJY
http://www.globalresearch.ca/echelon-today-the-evolution-of-an-nsa-black-program
The PRISM (electronic surveillance program) is a further development within this context. Edward Snowden’s revelations about the alleged misuse of such systems to target ordinary citizens, both foreigners and Americans, at the very least raise serious concerns about government security agencies and privacy issues. The American Civil Liberties Union (ACLU) argued that the phone surveillance program violates both the US First Amendment rights of free speech and association, and the Fourth Amendment's protections against unreasonable searches and seizures. It filed a lawsuit in the U.S. District Court in New York (June 2013). The US government argued its use of the system is legitimate (the government has an obligation to ensure the safety of its citizens). In June 2015, Congress passed a law that ended collection of data in this way, instead allowing the NSA to search the phone companies’ records only if it gets court approval first. http://www.wsj.com/articles/u-s-appeals-court-backs-government-in-nsa-phone-surveillance-case-1446128749
https://www.nytimes.com/2017/05/02/us/politics/nsa-phone-records.html
While the Web provides a democratic space for communications between dissidents struggling for greater freedom in authoritarian states, and a space for like-minded people in a democratic country to exchange information, learn and form pressure groups to increase government transparency and accountability, ‘open web communities’ – it also, unfortunately provides a space for ‘closed web communities’ e.g. terrorists can recruit and indoctrinate in a space that tends to cut off and isolate the individual and can become more real than the outside world and the daily life of the subject. This can lead to a radical psychological reprogramming of the individual. Criminal organizations can also use the Internet to recruit, monitor and to threaten people.
The Bradley Manning and WikiLeaks case, the Palestine Papers case and the Edward Snowden case, have illustrated many of the key points relating to the evolving uses that can made of the new media. Large quantities of confidential information can, with the help of someone inside an organization with access to that information, be copied and transferred out of the system and posted for public consumption very rapidly. It is unclear how we should view such a phenomenon. Is this a further step towards government accountability, transparency and real democracy - something which will affect diplomacy and may have significant consequences (some of them legal) for politicians who lie and agencies that infringe existing privacy laws? Does this mean there is a need for new law to cover new types of surveillance? And how should jurisdiction for acts committed in cyberspace work? Whistleblowers themselves claim they are driven to an act of conscience by a desire to expose wrong-doing by their own government and seem ready to accept the risks and legal consequences. Governments usually argue that such behavior is a danger to the real concerns of national and international security, and one for which both the supplier and receiver of such information should be prosecuted. Can we believe Mr Julian Assange when he claims that WikiLeaks would never post information that might endanger somebody’s life (a soldier’s at the front, for example)? More important, can we be sure that other people will act with the same level of responsibility? Is this becoming a phenomenon that is beyond a government’s ability to control? If not, what new levels of security and restriction on information need to be introduced, and do these damage our right to freedom of expression and a free press (freedom of information)? If so, what are the implications for government activity in general and diplomatic activity in particular? Will there remain any space for secret negotiation, quiet diplomacy, where perhaps this might be necessary or beneficial, or for diplomats to express candid opinions to other diplomats on what they assume is a secure channel? The response of WikiLeaks sympathizers to the initial arrest of Mr Assange was to protest by blocking access to certain banks and credit institutions by bombarding their web sites with requests for access is also significant. Assange was granted political asylum by Ecuador and currently resides at the Ecuadorian embassy
in London. He was granted Ecuadorian citizenship in January 2018. http://en.wikipedia.org/wiki/Edward_Snowden
http://en.wikipedia.org/wiki/Chelsea_Manning
http://en.wikipedia.org/wiki/WikiLeaks
http://en.wikipedia.org/wiki/Julian_Assange
http://www.telegraph.co.uk/news/worldnews/wikileaks/11681502/Why-is-Julian-Assange-still-inside-the-embassy-of-Ecuador.html
http://www.independent.co.uk/news/uk/home-news/julian-assange-ecuador-citizenship-citizen-naturalised-london-embassy-wikileaks-asylum-uk-sweden-a8153986.html
Privacy is thus a growing issue of concern in many countries. Civil rights groups claim that the largely unmonitored collection, exchange and use of data on people (whether legally or illegally obtained) by government agencies and private companies is a clear infringement of privacy rights, e.g. the US Bill of Rights, Fourth Amendment, see:
http://en.wikipedia.org/wiki/United_States_Bill_of_Rights#Fourth_Amendment
The
News International phone-hacking scandal in Britain 2011 demonstrated how exposed individuals, both famous ones and ordinary citizens, are to targeted phone-hacking by unscrupulous journalists and newspapers. Individuals operating online are similarly exposed to increased risks of invasions of privacy and government surveillance. The role of the Government Communications Headquarters (GCHQ) in the UK in 2013 received considerable media attention when the former National Security Agency contractor Edward Snowden revealed that the agency was attempting to collect all online and telephone data in the UK via the Tempora program. Snowden's revelations began a spate of ongoing disclosures of global surveillance.
http://en.wikipedia.org/wiki/News_International_phone_hacking_scandal
http://en.wikipedia.org/wiki/Internet_privacy
http://en.wikipedia.org/wiki/Computer_and_network_surveillance
Finally, the ongoing investigation into Russia's alleged interference in the US presidential election of 2016, its apparently unsupervised use of Facebook and Twitter accounts to lauch fake news and conduct a campaign of disinformation and the Trump campaign's alleged collusion with it, have raised widespread concerns about the security of Western democratic systems in general. Any effective response will presumably require more oversight of online activities. This may, in turn, conflict with issues regarding both online privacy and free speech. For civil rights groups the Internet, once seen as a way for citizens to obtain better access to information, as a space for greater democracy and freedom of speech and a way to make the state more accountable, now risks becoming a means to invade citzens' privacy, limit their freedom of speech and manipulate public opinion. Moreover, for the Western state itself, for its political institutions and for its IT experts, at a practical level these issues raise the question of just how the supervision required to protect democracy and ensure security can be achieved technichcally.

Conclusion – The new media have significantly changed the space in which political discussion and action take place. This affects directly security, privacy, freedom of speech and the way the state (democratic or otherwise) functions. This is simply a reality and not something that can be undone. For example, diplomats will have to accept that secret diplomacy and quiet diplomacy, for better or worse, will now be much more difficult. They need to embrace the positive features the new environment offers in terms of being better able to communicate and dialogue with the public, within their own service and with the government and public in other countries. All this means that international relations will have to adapt to this new and rapidly evolving reality. At the same time, since the IT revolution is probably still in its early stages, it is difficult to predict the course it will take and the effect it will have on international affairs. It is, after all, an ongoing process.


# Despite the fact that social media played a significant role in sparking the Arab Spring, it was satellite broadcasting that was able to provide the Arab masses with minute-by-minute coverage of developments. This medium broadcast to Tunisia, Egypt, Bahrain, Libya, and Syria and followed stories about the leaders and other officials involved in regime changes. It was satellite television that gave voice to the opposition. AlJazeera, AlArabiya, BBC’s Arabic news channel, AlHurra, and France 24 were the main news networks that played a significant role in informing the Arab world about Arab Spring events. The paper cited in the link below not only describes the role these networks played in covering the Arab Spring, but also analyzes the important role the networks played in preparing the region for the aftermath by giving a voice to the voiceless, covering opposition groups, exposing corruption, reporting demonstrations, and discussing issues of freedom, democracy, and social justice in the Arab states.
The debate over the legitimacy of the 2003 invasion of Iraq, the claims made by the US and British governments that Iraq had WMDs and the use made of the media in this context is also very interesting.