North Korea tests not just a bomb but the global nuclear monitoring system



File 20170912 3785 9bg4qm
Lassina Zerbo, Executive Secretary of the CTBTO at a press briefing following the recent suspected nuclear test in North Korea.
CTBTO, CC BY-NC

Trevor Findlay, University of Melbourne

North Korea’s apparent nuclear detonation on September 3 has drawn our attention to a remarkable international organisation that helps detect and identify nuclear tests.

For the Vienna-based Comprehensive Test Ban Treaty Organization (CTBTO), the latest North Korean explosion was easy to detect and locate. With a seismic magnitude of 6.1 and a blast yield of 160 kilotons (Hiroshima was around 15), the purported hydrogen bomb test mimicked a major earthquake. It was quickly sourced to North Korea’s nuclear test site.

Confirming that the event was definitely a nuclear test, as opposed to another type of explosion or an earthquake, is trickier.


Read more: King Jong-Un’s nuclear ambition: what is North Korea’s endgame?


For that we rely on detection of short-lived radioactive isotopes that may leak from the test site, notably the noble gas xenon. The CTBTO has not yet announced such a finding, although South Korean monitors have reportedly detected xenon-133.

Other potential sources of the gas must be eliminated before a definitive conclusion can be reached.

Global network of seismic and radionuclide monitoring stations.
CTBTO / The Conversation, CC BY-ND

In the past, such fallout has usually been discerned after a North Korean test, but not always. Much depends on whether the cavity created by the test leaks or collapses.

Nuclear test ban treaty

The CTBTO’s International Monitoring System, which detected the North Korean test, is designed to verify compliance with the 1996 Comprehensive Nuclear Test Ban Treaty, which bans all nuclear tests in all environments for all time.

Network of infrasound monitoring stations.
CTBTO / The Conversation, CC BY-ND

The International Monitoring System comprises 321 monitoring systems worldwide, using four technologies:

  • seismic – to detect tests under ground
  • radionuclide detection – to detect breakdown products
  • hydroacoustic – to detect tests under water, and
  • infrasound – for atmospheric tests.

The CTBTO’s international monitoring system is sensitive enough to detect underground nuclear tests below one kiloton.

Construction of the system began in 1996 and is now 90% complete.

Network of hydroacoustic monitoring stations.
CTBTO / The Conversation, CC BY-ND

Australia hosts six seismic, two infrasound and one hydroacoustic station, including a large seismic array and infrasound station at Warramunga in the Northern Territory.


CTBTO / The Conversation, CC BY-ND

Data from the International Monitoring System is transmitted to Vienna via a global communications satellite network, mostly in real time, where it is compiled, analysed and distributed to member states. Sixteen laboratories are available for analysing radioactive fallout.

The treaty also provides for on-site inspections to confirm that a nuclear test has been conducted. The system is funded by member states according to the usual United Nations formula based on national GDP.

A difficult, important achievement

As a member of the Australian delegation, I observed the complex preparatory scientific talks on the system at the Committee on Disarmament in Geneva in the early 1980s. It is a miracle of statecraft and science that this collaborative international infrastructure has actually come into being.

The scientists did not get everything they wanted due to political and financial constraints. Some errors were made in the rush to complete the technical specifications. Installation of some of the stations in remote and inaccessible areas has proved daunting.

//platform.twitter.com/widgets.js

The hydroacoustic system, for instance, passed a significant milestone in June when the final station was completed, on France’s Crozet Islands in the southern Indian Ocean.

After 20 years of planning and construction and the investment of millions of dollars, not only is the International Monitoring System almost complete, but it is functioning far better than its designers anticipated.

It also has unexpected side benefits, such as providing early warning of tsunamis and detecting nuclear disasters. The network successfully detected the 2004 Indian Ocean tsunami and tracked radioactive plumes from the 2011 Fukushima nuclear disaster.

Nuclear test ban treaty

The test ban treaty itself is not in such good shape. More than two decades after it was opened for signature it is still not in force, rendering the CTBTO only “provisional”. This is due to the requirement that all 44 states with a significant nuclear capacity must ratify it.

Currently 183 states have signed, and 162 have ratified. But 8 of the 44 with a nuclear capacity have still not ratified: China, Egypt, India, Iran, Israel, Pakistan, North Korea and the United States. China, Egypt, Iran, Israel and the US have at least signed. China says it is awaiting US ratification before it moves.

After a flawed lobbying effort, President Bill Clinton’s administration failed to secure Senate approval for US ratification in 1999. The treaty has not been resubmitted since, despite President Barack Obama’s undertaking that he would try.

//platform.twitter.com/widgets.js

Given President Donald Trump’s apparent focus on emphasising American military prowess, it seems unlikely that he will favour ratification of the treaty.

More immediately threatening is the return of periodic Republican attempts to defund the CTBTO. These are usually beaten back on the grounds that the US benefits greatly from the worldwide monitoring that only a global system can provide, notwithstanding impressive US national capabilities.


Read more: What earthquake science can tell us about North Korea’s nuclear test


As it has in the past, the Australian government should make representations in Washington in support of CTBT ratification and preservation of funding for the system.

Paradoxically though, even if the other seven holdouts ratify, the one country that continues to conduct nuclear tests into the 21st century, North Korea, can stymie entry into force forever. Its accession to the CTBT should be part of any negotiation with North Korea on its nuclear program.

The good news is that the global monitoring system continues to go from strength to strength, providing reassurance that all nuclear tests, including those less brazen than North Korea’s, will be caught.

The ConversationThe CTBTO’s verification system provides hope that science can quietly triumph while political solutions elude us.

Trevor Findlay, Senior Research Fellow Department of Social and Political Sciences, University of Melbourne

This article was originally published on The Conversation. Read the original article.

Advertisements

Cyberspace aggression adds to North Korea’s threat to global security



File 20170814 28455 8xekpo
People participate in a Pyongyang mass rally held at Kim Il-sung Square.
KCNA/Reuters, CC BY-ND

Joe Burton, University of Waikato

Claims that North Korea could fire nuclear weapons at the continental US present a serious threat to global security. But its hostile activities don’t end there. North Korea has also become an aggressive cyber power, regularly using cyber attacks to advance its interests.

Last month, a threat intelligence firm, Recorded Future, reported that North Korea may have been using New Zealand’s internet networks as proxies to launch cyber attacks worldwide. The New Zealand government’s Communications Security Bureau is assessing the veracity of these claims.

The report suggests that North Korea may have both a physical and a virtual presence in New Zealand. It raised the possibility of a network of “patriot hackers” using New Zealand cyber networks to pursue the aims of the North Korean regime.

North Korea’s history of cyber attacks

Cyber attacks have become a wide-ranging tool in the arsenal of authoritarian governments to coerce and intimidate foreign governments, to subvert democratic processes, and to impose costs on their adversaries.

In North Korea’s case, this pattern of activity stretches back many years. North Korea is estimated to have an army of 6,000 hackers, engaging in malicious cyber activity regularly.

In March 2013, hackers linked to North Korea attacked South Korean banks and media agencies, causing widespread disruption. In November 2014, cyber attacks against Sony Pictures followed the release of the film The Interview, which caricatured and mocked the North Korean leader.

The attack led to the release of personal information on thousands of Sony employees and the cancellation of the film’s launch. The incident quickly escalated into a serious diplomatic dispute between the US and North Korea.

In 2016, a Bangladeshi bank became the victim of North Korean hackers. Reports said that US$81 million were lost through compromised financial transactions.

Most recently, the WannaCry ransomware attack, which affected computers in more than 150 countries, has been linked to the Lazarus group of hackers, which has links to the North Korean regime. This suggests North Korea is now using state-sponsored hackers to help raise revenue for a country starved of access to international markets and funding.

Cyber attacks further threat to nuclear security

Analysis of North Korea’s activities often misses the connections between cyber and nuclear security. North Korea’s nuclear program has itself become a victim of cyber attacks.

A report in the New York Times in March this year revealed that the Obama administration ordered a campaign of cyber subversion aimed at North Korea’s nuclear and missile programs. It mirrors the now infamous Stuxnet attacks directed against Iran in 2010.

In the absence of progress on North Korean disarmament, delaying its ability to pursue nuclear weapon programs through cyber attacks has become a feature of US strategy. It’s a strategy that may yield short-term results, but presents significant escalatory dangers.

Proliferation risks

Cyber attacks pose increasingly serious risks to classified nuclear information, the security of nuclear facilities, and the integrity of the components that nuclear arms and missile technologies rely on.

Last year, the UK government was warned that its trident nuclear submarine program was vulnerable to cyber intrusions. The think-tank report Hacking UK Trident: A Growing Threat argued that a cyber attack directed against the submarines could:

… neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads (directly or indirectly).

In June this year, the US government reported multiple cyber breaches of its own nuclear installations. This followed similar revelations about attacks directed against South Korea’s nuclear reactor operators Korea Hydro and Nuclear Power Co Ltd in 2015.

Another concerning aspect of the cyber-nuclear nexus is that hacking could facilitate the proliferation of nuclear materials and technology to other aggressive states and non-state actors.

Reining in North Korea

The growing connections between nuclear and cyber security are changing the strategic balance between nuclear powers in subtle and undetermined ways. Approaches to dealing with the North Korean regime must treat these issues as related.

So what can be done about North Korea’s aggressive use of the internet? Unfortunately, just as with its nuclear program, there few good options. Sanctions imposed on the regime for its cyber activity, such as those following the Sony hack, have proved ineffective at changing the regime’s behaviour.

China and Russia may have a role to play in persuading Kim Jong-un to “play nicely” in cyberspace, but both countries also have a long history of malicious cyber operations.

There are examples where states have given up destructive weapons programs. These include Colonel Gaddafi’s regime in Libya and the more recent Iran deal. However, the difficulty of verifying whether offensive cyber programs have been dismantled presents a major obstacle.

Cyber armies operating from a virtual realm can easily be hidden. Given that punishing the North Korean regime for its behaviour has not yielded results, it may be time to start thinking about a range of positive inducements to bring the country back into the international community, including offering diplomatic talks without precondition.

The ConversationRewarding North Korea for its errant behaviour may be unpalatable, but the combined danger of its nuclear and cyber capabilities would appear to warrant a significant shift in strategy.

Joe Burton, Senior Lecturer, Institute for Security and Crime Science, University of Waikato

This article was originally published on The Conversation. Read the original article.

Country rules: the ‘splinternet’ may be the future of the web



File 20170803 19918 iolv59
Our internet is becoming increasingly fragmented thanks to local laws.
c12/Shutterstock

Terry Flew, Queensland University of Technology

Both The Economist and WIRED are worried about the “splinternet”. The UK research organisation NESTA thinks it could “break up” the world wide web as we know it.

What is this awkwardly named idea? It’s the concept that someone’s experience of the internet in Turkey, for example, is increasingly different from their experience of the internet in Australia.

Travellers to China, in particular, will be familiar with this phenomenon. Thanks to the government’s tight control, they have to use Baidu rather than Google as their search engine, and are unable to access Facebook or news sites like The Economist and the New York Times.


Read More: Is America’s digital leadership on the wane?


We have a growing splinternet because of regional content blocking and the need for companies to comply with diverse, often conflicting national policies, regulations and court decisions.

This tension is particularly apparent when it comes to the likes of Google, Facebook and Twitter. These platform companies have users in almost every country, and governments are increasingly insisting that they comply with local laws and cultural norms when it comes to access and content.

The internet was never truly open

The idea of the internet as an independent, global and unregulated platform has always been something of a fiction. Even at the height of techno-futurist rhetoric about its potential to transcend national boundaries in the late 1990s, there were always exceptions.

The Chinese Communist Party understood from the start that the internet was simply a new form of media, and media control was central to national sovereignty and its authority.

But the splinternet refers to a broader tendency to use laws and regulatory powers within territorial jurisdictions to set limits on digital activities.

A threshold moment was Edward Snowden’s revelations in 2013. The documents he shared suggested that the US National Security Agency, through its PRISM program, had been collecting information from global users of Google, Facebook, Apple, Microsoft and Yahoo.

In countries such Brazil, whose leaders had had their communications intercepted, this accelerated moves towards developing national internet control.

Brazil’s Marco Civil da Internet law, for instance, now requires global companies to comply with Brazilian laws around data protection.

Is this a bad thing?

Until now, much of the appeal of the internet has been that it’s driven by user content and preferences, and not by governments.

But people are paying more attention to hate speech, targeted online abuse, extremism, fake news and other toxic aspects of online culture. Women, people of colour and members of certain religions are disproportionately targeted online.

Academics such as Tarleton Gillespie and public figures such as Stephen Fry are part of a growing rejection of the typical response of platform providers: that they are “just technology companies” – intermediaries – and cannot involve themselves in regulating speech.

A UK House of Commons report into “hate crime and its violent consequences” noted that:

…there is a great deal of evidence that these platforms are being used to spread hate, abuse and extremism. That trend continues to grow at an alarming rate but it remains unchecked and, even where it is illegal, largely unpoliced.

If we say online hate speech “should be policed”, two obvious questions arise: who would do it and on what grounds?

At present, content on the major platforms is largely managed by the companies themselves. The Guardian’s Facebook Files revealed both the extent and limitations of such moderation.

We may see governments become increasingly willing to step in, further fragmenting the user experience.

Fair play for all

There are other concerns at play in the splinternet. One is the question of equity between technology companies and traditional media.

Brands like Google, Apple, Facebook, Microsoft, Netflix and Amazon are eclipsing traditional media giants. Yet film, television, newspapers and magazines are still subject to considerably greater levels of country-specific regulation and public scrutiny.

For example, Australian commercial television networks must comply with locally produced material and children’s content regulations. These mostly do not apply to YouTube or Netflix despite audiences and advertisers migrating to these providers.


Read More: Discontents: identity, politics and institutions in a time of populism


It is increasingly apparent to media policy makers that existing regulations aren’t meaningful unless they extend into the online space.

In Australia, the 2012 Convergence Review sought to address this. It recommended that media regulations should apply to “Content Service Enterprises” that met a particular size threshold, rather than basing the rules on the platform that carries the content.

Do we want a splinternet?

We may be heading towards a splinternet unless new global rules can be set. They must combine the benefits of openness with the desire to ensure that online platforms operate in the public interest.

Yet if platform providers are forced to navigate a complex network of national laws and regulations, we risk losing the seamless interconnectedness of online communication.

The burden of finding a solution rests not only on governments and regulators, but on the platforms themselves.

Their legitimacy in the eyes of users is tied up with what Bank of England chair Mark Carney has termed for markets is a “social licence to operate”.

The ConversationAlthough Google, Facebook, Apple, Amazon, Netflix and others operate globally, they need to be aware that the public expects them to be a force for social good locally.

Terry Flew, Professor of Media and Communications, Queensland University of Technology

This article was originally published on The Conversation. Read the original article.

Three charts on: G20 countries’ stealth trade protectionism


Giovanni Di Lieto, Monash University and David Treisman, Monash University

It is clear that trade protectionism is alive and well in the G20, whose countries account for 78% of global trade. But this protectionism isn’t in the form of tariffs, which are duties placed on imports, making imported goods and services more expensive than they would be otherwise. Instead, trade protectionism is being pursued through “non-tariff barriers” such as import quotas, restrictive product standards, and subsidies for domestic goods and services.

This shows that while countries are reducing the obvious barriers to trade, like tariffs, they are still pursuing stealth forms of trade protectionism through non-tariff barriers.

Our research on trade protectionism in the services sector shows that the lower the barriers to trade, the greater company profits. Lower trade barriers create a larger market for Australian goods and services.

We also found that increased domestic regulation leads to higher profits as standards improve across the sector. For Australia this is very significant because the services sector employs four out of five Australians and accounts for 20% of Australia’s total exports.

Eliminating trade protectionism is also good for consumers, as it means a larger market for goods and services. This leads to lower prices and more choice of goods and services.

https://datawrapper.dwcdn.net/2wyoE/2/

The World Trade Organisation uses the term “trade restrictive activity” for measures like the imposition of a tariff. “Trade facilitation” refers to the simplification of export and import processes, making it easier to trade across countries. “Trade remedies” refers to actions taken by states against certain imports that are hurting domestic industries.

For example, in 2016 the Australian Anti-Dumping Commission slapped duties on Italian tomatoes that were being sold in Australia for less than they sold in Italy.

The data show that tariffs have been declining in the G20 over the past few years, while countries have been easing the processes of exporting and importing. However there have been a lot of trade remedies, as countries try to protect their domestic industries.

But looking at data on non-tariff barriers to trade tells a very different story.

https://datawrapper.dwcdn.net/6KdJA/1/

Until 2015 there was a huge increase in non-tariff measures, which then sharply declined. Since then not many measures have been removed. This shows that non-tariff barriers are currently the major mechanism for trade restrictions in the most developed economies.

As in the case of technical standards and regulations, non-tariff barriers can be used as a form of covert trade protectionism.

Technical standards and regulations can be quite legitimate and necessary for a range of reasons. They could take the form of a limit on what gases cars are allowed to emit, earthquake standards in regions prone to seismic activity, and even nutritional information on food and drinks.

But having too many different standards makes life difficult for companies that wish to access a market, as one product or service will need to comply with different standards in many countries.

https://datawrapper.dwcdn.net/SC3Wl/2/

What has occurred in Australia echoes what has happened throughout the G20. There has been little activity recently in tariffs, but a significant use of non-tariff and technical barriers to trade.

This is a huge shift in Australia’s economic policy, which had until recently emphasised trade liberalisation as a recipe for growth.

According to the Australian Productivity Commission, trade restrictions directly raise the cost of both foreign and domestic goods and services, negatively impacting both Australian consumers and businesses.

Where to from here?

President Donald Trump’s trade agenda aims to distance the United States from the World Trade Organisation, which was setup to remove barriers to international trade.

In response, companies in the United States are now filing a huge number of anti-dumping cases against foreign goods and services.

At first glance, Australia appears to be off the hook when it comes to Trump’s hardline approach. We already have a bilateral trade agreement with the United States, not to mention a US$28 billion trade deficit with the US.

The ConversationBut the dangers of Trump’s trade doctrine could affect other countries and this disruption to global supply chains and financial security would eventually flow on to Australia.

Giovanni Di Lieto, Lecturer, Bachelor of International Business, Monash Business School, Monash University and David Treisman, Lecturer in Economics, Bachelor of International Business, Monash Business School, Monash University

This article was originally published on The Conversation. Read the original article.

Massive global ransomware attack highlights faults and the need to be better prepared



File 20170513 3668 xajz7t
Wana Decrypt0r 2.0 Ransomware Screen.
Avast

David Glance, University of Western Australia

A massive malware attack was launched on Friday, affecting at least 75,000 computers in 99 countries. Computers running Microsoft Windows were infected with “WanaCrypt0r 2.0 or WannaCry” ransomware. Once infected, all of the files on the computer are encrypted by the malware, which then displays a ransom demand of between US $300 and $600 in bitcoin that needs to be paid before the files can be decrypted. The Conversation

The WannaCry ransomware is being spread through a weakness in Microsoft Windows that was originally exploited by the US National Security Agency (NSA) as part of their arsenal of cyberweapons in a tool called “Eternal Blue”. Unfortunately, this tool, along with many others, was stolen by hackers and leaked to the world in April 2017 by a hacker group calling themselves the “Shadow Brokers”.

Microsoft had already released a fix for the Eternal Blue vulnerability in March, but the extent of the WannaCrypt attack has highlighted how many organisations have failed to apply the fix, or are running copies of Windows that are so old that there wasn’t a fix for them.

Russia, Ukraine and Taiwan have been the countries most affected by the attack. In the UK however, the attack hit the National Health Service badly enough that services to patients were disrupted.

At the time or writing, one of the bitcoin addresses used by the malware showed that only a few people had paid the ransomware so far but the number has been slowly ticking up.

The spread of the first wave of WannaCry ransomware may have been halted by a cybersecurity researcher who, by registering a domain with a particular name, effectively activated a “kill switch” in the malware software that stops it from spreading further.

Ransomware has become the biggest threat to organisations and governments trying to protect critical infrastructure. According to a study by IBM ransomware attacks increased by 6,000% in 2016 and at least 40% of spam emails now carry ransomware. The study also found that 70% of businesses infected with ransomware would pay the ransom. In many cases, this is because they either did not have backups, or they believed it was a faster way of getting their business back up and running.

The NHS has come in for particular criticism about the consequences of the attack because they knew about the risks and had been warned repeatedly to take steps to protect their networks and computers.

Finding out who was behind the malware is going to be very difficult. The malware communicates using the anonymising Tor network and demands payments in the equally anonymous currency, bitcoin, making tracing those behind the attack more complicated.

The NSA has also been held partly to blame for the attack because it had not alerted Microsoft about the weakness in its system until the NSA’s software that exploited it had been stolen and leaked to the public. Had the NSA told Microsoft when it discovered the weakness, the patch to fix the vulnerability would have been available in enough time for even the slowest of organisations to have patched their computers.

Ironically, large scale attacks such as these do have the effect of highlighting the threat of malware attacks and cybersecurity in general. This is true at the national level as well as amongst businesses. The frequency and scale of attacks also gives us a measure of how effectively companies and countries are prepared for cybersecurity attacks of any kind. Governments can act to enforce cybersecurity protective measures on companies, especially those that provide critical services or infrastructure. They can also act to direct their security services to disclose weaknesses in software systems, rather than keeping them secret in order to exploit them themselves against some future enemy.

Companies and their employees can help protect themselves from future attacks of ransomware by taking the following steps:

  1. Back up computers. This doesn’t stop a computer from being attack but effectively renders it ineffective because it is easy to re-install the system from a backup should it become locked by ransomware.
  2. Don’t click on links in emails unless you are expecting the email to contain a link. If you don’t know, double check with the sender. Equally, if you open a document and it asks to run macros, just say no. Avoid putting people into this situation in the first place by not sending links unless you have agreed prior to sending the email.
  3. Always update systems and software with the latest security updates. Better still, set the system to automatically do this on your behalf.
  4. Use antivirus software to protect systems.
  5. If infected, disconnect the computer from the network so that other computers are not infected.

David Glance, Director of UWA Centre for Software Practice, University of Western Australia

This article was originally published on The Conversation. Read the original article.