Is counter-attack justified against a state-sponsored cyber attack? It’s a legal grey area



File 20180327 188616 1ccmbhv.jpg?ixlib=rb 1.1
The US has charged and sanctioned nine Iranians and an Iranian company for cyber attacks.
Parmida Rahimi/Flickr, CC BY-SA

Sandeep Gopalan, Deakin University

On March 23, the US Department of Justice commenced perhaps the largest prosecution of a state-sponsored cyber attack. It indicted nine Iranians for carrying out:

a coordinated campaign of cyber intrusions into computer systems belonging to 144 US universities, 176 universities across 21 foreign countries, 47 domestic and foreign private sector companies … [and] the United Nations…

At least 31.5 terabytes of data was allegedly stolen and Australian universities were targeted, although specific institutions are not named.

History suggests that this response is unlikely to deter future attacks, and that counter-attacks are a more effective strategy. But would it be justified? Current international law focuses on armed attack, not cyber attack as a justification for state action taken in self-defence.

As cyber attacks become more common, international law needs to clear up this grey area.

How they did it and what was taken

The indictment alleges that defendants Gholamreza Rafatnejad and Ehsan Mohammadi are founders of Mabna Institute – an organisation established for the purpose of scientific espionage. Mabna is alleged to have contracted with Iranian governmental agencies (including the Islamic Revolutionary guard) to conduct hacking on their behalf.




Read more:
Following the developing Iranian cyberthreat


The defendants allegedly engaged in a conspiracy to compromise computer accounts of thousands of professors to steal research data and intellectual property, costing the US approximately US$3.4 billion. They allegedly conducted surveillance and sent professors targeted “spearphishing” emails to lure them into providing access to their computer systems.

Valuable data was transferred from the compromised IT systems to the hackers, according the the indictment. Over 100,000 professors were apparently targeted and approximately 8,000 email accounts compromised.

Private companies were also targeted – none Australian – via “password spraying”, said the US Department of Justice. This is a technique whereby the attacker identifies the email accounts of a target via public search and gains access to the account using common or default passwords.

Prosecution is an insufficient response

The defendants are charged with committing fraud and related activity in connection with computers, conspiracy, wire fraud, unauthorised access of a computer, and identity theft. Each charge carries a prison sentence ranging from two years to 20 years.

The prosecution is a necessary, but insufficient response to these cyber attacks.

The defendants are based in Iran and are unlikely to be brought to justice. Previously, US prosecutors have charged Iranian hackers with attacks against financial institutions and a dam in New York to no avail.

And hacking has escalated – the US accused Russia of compromising the US electricity grid and attacks against other countries are also alleged.

Counter-attack a better deterrent

Rogue states such as Iran, Russia, and North Korea are only likely to be deterred against conducting cyber attacks if their targets have robust self-defense and counter-attack capabilities. However, the legal status of cyber attacks and the appropriate responses are not clear in international law.

Under the UN Charter, states have an obligation to refrain “from the threat or use of force against the territorial integrity or political independence of any state”. Crucially, states possess an “inherent right of individual or collective self-defence if an armed attack occurs”.




Read more:
Cybersecurity of the power grid: A growing challenge


The key questions then are whether a cyber attack amounts to a “use of force”, whether hacking attributable to a state amounts to an “armed attack”, and if a cyber attack violates “territorial integrity”. Traditionally, international law has answered these questions with reference to acts of physical violence – conventional military strikes.

It’s likely that a large scale cyber attack against a state that has physical consequences within its territory may be characterised as a “use of force”, and may violate “territorial integrity” under the charter. For instance, attacks that turn self-driving cars into weapons, knock out nuclear stations or paralyse the power grid might reach this threshold.

But what if the attack is designed to sow confusion or generate internal discord, such as in the case of Russian hacking of the US election? Or attacks directed beyond a particular country? This is a harder question and not settled currently. Similarly, it’s not certain that even large scale hacking would rise to the level of an “armed attack”.

Precedent in international law

In 1984, Nicaragua brought proceedings against the US in response to American support for the Contras (rebels fighting the government). In that case, the International Court of Justice (ICJ) opined that armed attack might also include:

the sending by a State of armed bands on to the territory of another State, if such an operation, because of its scale and effects, would have been classified as an armed attack had it been carried out by regular armed forces.

Crucially, the ICJ underlined the principle of non-intervention:

Intervention is wrongful … [using] methods of coercion, particularly force, either in the direct form of military action or in the indirect form of support for subversive activities in another State.

Based on the Nicaragua case, if a cyber attack has sufficient “scale and effects” it may amount to an armed attack. More importantly, if the attacks are attributable to a state (in this case the Islamic Revolutionary Guard) – or are within its overall or effective control or direction – it would appear that the armed attack would give rise to the right to self-defence.




Read more:
Cyber peacekeeping is integral in an era of cyberwar – here’s why


However, this may be difficult to establish in practice – there may not be sufficient evidence connecting the hacker to the state to show control, and hence attribution.

So, what are the permissible self-defence responses under international law? Could the US launch military strikes against Iran or Russia for these incidents if they are found to be behind these attacks? The legality of such strikes is not clear even though the US might claim such status.

The ConversationThe international community should set bright line rules on this matter before an expansive reading of self-defence triggers war. The NATO Cooperative Cyber Defence Centre of Excellence’s Tallinn Manual 2.0 is a start, but a binding instrument is needed. John Bolton’s appointment as US President Donald Trump’s National Security Advisor makes this an urgent priority because a military strike in response to the next major cyber attack is a realistic prospect.

Sandeep Gopalan, Pro Vice-Chancellor (Academic Innovation) & Professor of Law, Deakin University

This article was originally published on The Conversation. Read the original article.

Advertisements

US approach to security is deeply troubling – and it’s not just about Trump



File 20180208 74512 1ctlotn.jpg?ixlib=rb 1.1
Is Donald Trump really the one setting the direction of US security policy?
Reuters/Jonathan Ernst

Joseph Camilleri, La Trobe University

Media coverage of Donald Trump’s presidency has fixated on his outlandish, off-the-cuff tweets, his ill-conceived and inflammatory positions on immigration, race relations and climate change, his “America First” mantra, and his unrelenting attacks on the various inquiries into collusion with Russia.

The image created has been of a man who, though ignorant, vulgar and deeply polarising, struts the political stage. But is Trump really setting the direction of US security policy?

Mounting evidence suggests the theatre around Trump is so mesmerising that we have lost sight of how the US security establishment wields power – and to what end.

The picture is becoming clear

The security establishment is no monolith, nor does it function as a conspiratorial cabal. Personalities and institutional interests compete for attention and resources.

Yet it has a reasonably coherent mindset, which has its origins in the early days of the Cold War. It is a sense of belonging to a club that connects first and foremost the Department of Defence, various arms of the intelligence community and law enforcement agencies, but also significant voices in other key government departments, areas of the judiciary and Congress, and some of America’s most influential think-tanks and corporations – in particular the leading arms manufacturers.

How this security establishment is handling the Trump phenomenon is an intriguing story, highly complex, and still unfolding. However, several pieces of the jigsaw are beginning to fall into place. Three merit special attention:

  • the competition for influence within the Trump administration

  • the Russia investigation

  • the unmistakable shift in US strategic planning.

Taken together these form a picture of a political and military elite intent on maintaining control of US security policy. They feel the need to immunise it from Trump’s erratic behaviour and his supposedly pro-Russian inclinations, and revive a Cold War mindset that views Russia and China as major adversaries.

The battle for influence

Though Trump and the security establishment may be suspicious of one another, there is also common ground. They disagree not about placing “America first”, but about how this should be done.

The security establishment prefers a carefully devised, longer-term strategy and a less confrontational approach toward friends and allies. It sees value in continuing to extol the virtues of free trade and democracy, though it does not necessarily practise what it preaches.

And it is generally suspicious of personal deal-making – especially where this involves Russia – to which Trump is drawn by instinct, and commercial interest and experience.

The security establishment has therefore made it a priority to gain influence within the administration. It took no more than six months for reliable establishment figures to be firmly in the saddle: Jim Mattis as defence secretary, John Kelly as White House chief-of-staff and H.R. McMaster as national security adviser.

Key Trump campaign advisers thought to have cultivated links with Russia or be otherwise unreliable – including Michael Flynn (whom Trump initially appointed as national security adviser), George Papadopoulos, Paul Manafort, Rick Gates, Stephen Bannon and even Trump’s daughter Ivanka and son-in-law Jared Kushner – have been gently or not-so-gently eased out of their previously influential roles.

Trump himself is seen at best as an unknown quantity, and at worst prone to dangerous illusions about the prospects of cultivating a fruitful personal relationship with Russian President Vladimir Putin.

Behind the lurid accusations of Russian meddling in the US presidential election and alleged collusion between the Trump campaign and the Kremlin, and more recently behind the claims and counterclaims of obstruction of justice by the Trump administration, we can now discern a far more significant jostling for control of US policy.

The ‘new’ Russian threat

The Russia investigations being conducted by congressional committees and by special counsel Robert Mueller are clearly designed to put Trump on the defensive. Congressional Democrats are doing all they can to prolong these inquiries – in some cases with the support of senior Republican senators close to the intelligence community.

Hundreds of witnesses have already given evidence to these inquiries. Many more are expected to appear. And in public comments and her recently published memoir, Hillary Clinton, well known for her antipathy to Putin and his reassertion of Russian influence, has been at pains to identify Russia’s meddling in the election as a key factor in her defeat.

Yet the hard evidence so far produced to support the charges of Russian interference has been scant to say the least.

Putin and his underlings are no angels. But as journalist Aaron Mate has argued:

In Russiagate, unverified claims are reported with little to no scepticism … developments are cherry-picked and overhyped, while countervailing ones are minimised or ignored. Front-page headlines advertise explosive and incriminating developments, only to often be undermined by the article’s content, or retracted entirely.

Whatever the outcome of these various inquiries, one thing is clear. The security establishment has concluded that a resurgent Russia needs to be contained and that any advocacy of dialogue with it must be nipped in the bud.

Allegations of Russian interference in the politics of the US and other Western countries are part of a larger strategy that aims to magnify the threat Russia poses and to thwart any intention on Trump’s part to reset the relationship.

Donald Trump has been keen to offer a hand of friendship to Vladimir Putin’s Russia.
Reuters/Carlos Barria

Back to the Cold War

The national defence strategy Mattis recently unveiled delivers a stark message. Countering China’s rise and Russia’s resurgence are now at the heart of US policy. The Cold War outlook is back with a vengeance.

To this end, the US military will confront its adversaries across the spectrum of conflicts – mainly in Europe and the Indo-Pacific region, but without neglecting the Middle East.

American armed forces will modernise and build its readiness for future conflicts and consolidate military ties with allies and partners around the world. But conspicuously absent is any notion of neo-isolationism or renewed dialogue with Russia – both of which featured prominently during Trump’s presidential campaign.

The national defence strategy should, in any case, be read in conjunction with the national security strategy released in December 2017 and the more recent nuclear posture review released last week.

The shift in US strategic priorities, which is well under way, will affect all aspects of defence budgeting, weapons development and force management. Training is already focused on high-intensity conflict with major adversaries. Heavily armed deployments are stationed continuously in Europe and across East and Central Asia.

The plan is to modernise all three arms of the US nuclear arsenal – land-based intercontinental ballistic missiles, strategic bombers and submarine-launched ballistic missiles – and design low-yield nuclear weapons that make them more readily usable. In other words, the US is boosting its capacity to escalate non-nuclear conflicts into nuclear war, thereby lowering the nuclear threshold.

Trump’s rhetoric of “fire and fury” is at first sight in accord with these developments. Whether he fully understands them is another matter.

The ConversationWe may not much like what Trump says or wants to do. But even more troubling is the US security establishment’s vision of the future. For US allies, not least Australia, it spells danger and much heartache.

Joseph Camilleri, Emeritus Professor of International Relations, La Trobe University

This article was originally published on The Conversation. Read the original article.

The US election hack, fake news, data theft: the cyber security lessons from 2017



File 20171219 4995 17al34.jpg?ixlib=rb 1.1
Cyber attacks have the potential to cause economic disruption, coerce changes in political behaviour and subvert systems of governance.
from http://www.shutterstock.com, CC BY-ND

Joe Burton, University of Waikato

Cyber security played a prominent role in international affairs in 2017, with impacts on peace and security.

Increased international collaboration and new laws that capture the complexity of communications technology could be among solutions to cyber security issues in 2018.


Read more: Artificial intelligence cyber attacks are coming – but what does that mean?


The US election hack and the end of cyber scepticism

The big story of the past year has been the subversion of the US election process and the ongoing controversies surrounding the Trump administration. The investigations into the scandal are unresolved, but it is important to recognise that the US election hack has dispelled any lingering scepticism about the impact of cyber attacks on national and international security.

From the self-confessed “mistake” Secretary Clinton made in setting up a private email server, to the hacking of the Democratic National Committee’s servers and the leaking of Democratic campaign chair John Podesta’s emails to WikiLeaks, the 2016 presidential election was in many ways defined by cyber security issues.

Many analysts had been debating the likelihood of a “digital Pearl Harbour”, an attack producing devastating economic disruption or physical effects. But they missed the more subtle and covert political scope of cyber attacks to coerce changes in political behaviour and subvert systems of governance. Enhancing the security and integrity of democratic systems and electoral processes will surely be on the agenda in 2018 in the Asia Pacific and elsewhere.

Anti-social media

The growing impact of social media and the connection with cyber security has been another big story in 2017. Social media was meant to be a great liberator, to democratise, and to bring new transparency to politics and societies. In 2017, it has become a platform for fake news, misinformation and propaganda.

Social media sites clearly played a role in displacing authoritarian governments during the Arab Spring uprisings. Few expected they would be used by authoritarian governments in an incredibly effective way to sow and exploit divisions in democratic countries. The debate we need to have in 2018 is how we can deter the manipulation of social media, prevent the spread of fake news and encourage the likes of Facebook and Twitter to monitor and police their own networks.

If we don’t trust what we see on these sites, they won’t be commercially successful, and they won’t serve as platforms to enhance international peace and security. Social media sites must not become co-opted or corrupted. Facebook should not be allowed to become Fakebook.

Holding data to ransom

The spread of the Wannacry virus was the third big cyber security story of 2017. Wannacry locked down computers and demanded a ransom (in bitcoin) for the electronic key that would release the data. The virus spread in a truly global attack to an estimated 300,000 computers in 150 countries. It led to losses in the region of four billion dollars – a small fraction of the global cyber crime market, which is projected to grow to $6 trillion by 2021. In the Asia Pacific region, cyber crime is growing by 45% each year.


Read more: Cyberspace aggression adds to North Korea’s threat to global security


Wannacry was an important event because it pointed not only to the growth in cyber crime but also the dangers inherent in the development and proliferation of offensive cyber security capabilities. The exploit to windows XP systems that was used to spread the virus had been stockpiled by the US National Security Agency (NSA). It ended up being released on the internet and then used to generate revenue.

A fundamental challenge in 2018 is to constrain the use of offensive cyber capabilities and to reign in the growth of the cyber-crime market through enhanced cooperation. This will be no small task, but there have been some positive developments.

According to US network security firm FireEye, the recent US-China agreement on commercial cyber espionage has led to an estimated 90% reduction in data breaches in the US emanating from China. Cyber cooperation is possible and can lead to bilateral and global goods.

Death of cyber norms?

The final big development, or rather lack of development, has been at the UN. The Government Group of Experts (GGE) process, established in 2004 to strengthen the security of global information and telecommunications systems, failed to reach a consensus on its latest report on the status of international laws and norms in cyberspace. The main problem has been that there is no definite agreement on the applicability of existing international law to cyber security. This includes issues such as when states might be held responsible for cyber attacks emanating from their territory, or their right to the use of countermeasures in cyber self-defence.

Some analysts have proclaimed this to be “the end of cyber norms”. This betrays a pessimism about UN level governance of the internet that is deeply steeped in overly state-centric views of security and a reluctance to cede any sovereignty to international organisations.

It is true that norms won’t be built from the top down. But the UN does and should have an important role to play in cyber security as we move into 2018, not least because of its universality and global reach.

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia recently launched the Tallinn Manual 2.0, which examines the applicability of international law to cyber attacks that fall below the use of force and occur outside of armed conflict.

These commendable efforts could move forward hand in hand with efforts to build consensus on new laws that more accurately capture the complexity of new information and communications technology. In February 2017, Brad Smith, the head of Microsoft, proposed a digital Geneva Convention that would outlaw cyber attacks on civilian infrastructure.

The ConversationIn all this we must recognise that cyber security is not a binary process. It is not about “ones and zeros”, but rather about a complex spectrum of activity that needs multi-level, multi-stakeholder responses that include international organisations. This is a cyber reality that we should all bear in mind when we try to find solutions to cyber security issues in 2018.

Joe Burton, Senior Lecturer, Institute for Security and Crime Science, University of Waikato

This article was originally published on The Conversation. Read the original article.

Turnbull proposes tougher security measures


Michelle Grattan, University of Canberra

Malcolm Turnbull this week is pushing for a further toughening of national security laws, including to allow police to hold suspects for longer without charges.

Turnbull and state and territory leaders on Thursday will hold a special Council of Australian Governments (COAG) meeting on measures to counter terrorism.

The Commonwealth is proposing action on three fronts: ensuring nationally consistent pre-charge detention laws; new Commonwealth offences for people who possess “instructional” terrorist material; and strengthening laws against terrorism hoaxes.

On pre-charge detention, in New South Wales people can be held for 14 days but other states have a maximum of seven days or less.

South Australia only allows eight hours without charge. Western Australia allows six hours, before extensions of eight hours can be sought from a magistrate. Queensland allows eight hours and then magistrate approval for every eight hours after that.

The Australian Federal Police and state counterparts want longer questioning and detention time between a person being arrested and either charged or released.

The federal government is proposing to develop Commonwealth laws that can apply nationwide.

Previously, legal and constitutional issues have been a problem but the federal government believes legal concerns can be overcome, with additional safeguards.

The proposal would:

  • increase the initial investigation period from four to eight hours before a person had to be released or an extension of the detention period sought;

  • increase the maximum investigative detention time for Commonwealth terrorism offences to 14 days; and

  • remove some legal complexities, making the law less onerous for police as well as clearer.

The Commonwealth uses the example of the recent plot to blow up a plane in Sydney to show why pre-charge detention laws need to be consistent. Under NSW law, suspects could have been held for up to 14 days but elsewhere the maximum would have been seven.

The proposed new federal offence to criminalise the possession of instructional material of practical use for a terrorist act is designed to enable authorities to intervene “at the lower end of the risk spectrum”.

The government argues this would be a strong deterrent – and uses the comparison of the possession of child pornography, an offence even if a possessor doesn’t intend themselves to abuse a child.

Law enforcement agencies are concerned at the amount of extremist material available online which doesn’t just radicalise people but sometimes gives specific instructions about how to commit a terrorist act.

The government also wants a nationally consistent regime against hoaxes, replacing the present various state and territory offences. It says a new federal offence would keep pace with the “evolving methodology of terrorists”, including false claims about knife and vehicle attacks, as well as traditional hoaxes about explosives and the like.

It would also make for consistent jail terms across the country.

Turnbull said Thursday’s COAG meeting was about staying ahead of the terrorist threat.

The Coalition government has enacted nine tranches of national security legislation; 74 people have been charged as a result of 31 counter-terrorism operations in the last three years.

Since the threat level was raised in September 2014, there have been five attacks and 13 major counter-terrorism disruption operations.

About 110 Australians are presently fighting or engaged with terrorist groups in Syria and Iraq.

Since 2012, about 220 Australians have travelled to Syria or Iraq to fight or support the fighting. At least 65 Australians, and possibly up to 83, have been killed. More than 30 people have come back to Australia after travelling to Syria/Iraq – most before the caliphate was declared.

About 220 people in Australia are being investigated for providing support to the Syrian/Iraq conflict, including through money and other help, or are wanting to travel.

The ConversationSome 220 passports have been cancelled or refused in relation to the conflict.

Michelle Grattan, Professorial Fellow, University of Canberra

This article was originally published on The Conversation. Read the original article.

Cyberspace aggression adds to North Korea’s threat to global security



File 20170814 28455 8xekpo
People participate in a Pyongyang mass rally held at Kim Il-sung Square.
KCNA/Reuters, CC BY-ND

Joe Burton, University of Waikato

Claims that North Korea could fire nuclear weapons at the continental US present a serious threat to global security. But its hostile activities don’t end there. North Korea has also become an aggressive cyber power, regularly using cyber attacks to advance its interests.

Last month, a threat intelligence firm, Recorded Future, reported that North Korea may have been using New Zealand’s internet networks as proxies to launch cyber attacks worldwide. The New Zealand government’s Communications Security Bureau is assessing the veracity of these claims.

The report suggests that North Korea may have both a physical and a virtual presence in New Zealand. It raised the possibility of a network of “patriot hackers” using New Zealand cyber networks to pursue the aims of the North Korean regime.

North Korea’s history of cyber attacks

Cyber attacks have become a wide-ranging tool in the arsenal of authoritarian governments to coerce and intimidate foreign governments, to subvert democratic processes, and to impose costs on their adversaries.

In North Korea’s case, this pattern of activity stretches back many years. North Korea is estimated to have an army of 6,000 hackers, engaging in malicious cyber activity regularly.

In March 2013, hackers linked to North Korea attacked South Korean banks and media agencies, causing widespread disruption. In November 2014, cyber attacks against Sony Pictures followed the release of the film The Interview, which caricatured and mocked the North Korean leader.

The attack led to the release of personal information on thousands of Sony employees and the cancellation of the film’s launch. The incident quickly escalated into a serious diplomatic dispute between the US and North Korea.

In 2016, a Bangladeshi bank became the victim of North Korean hackers. Reports said that US$81 million were lost through compromised financial transactions.

Most recently, the WannaCry ransomware attack, which affected computers in more than 150 countries, has been linked to the Lazarus group of hackers, which has links to the North Korean regime. This suggests North Korea is now using state-sponsored hackers to help raise revenue for a country starved of access to international markets and funding.

Cyber attacks further threat to nuclear security

Analysis of North Korea’s activities often misses the connections between cyber and nuclear security. North Korea’s nuclear program has itself become a victim of cyber attacks.

A report in the New York Times in March this year revealed that the Obama administration ordered a campaign of cyber subversion aimed at North Korea’s nuclear and missile programs. It mirrors the now infamous Stuxnet attacks directed against Iran in 2010.

In the absence of progress on North Korean disarmament, delaying its ability to pursue nuclear weapon programs through cyber attacks has become a feature of US strategy. It’s a strategy that may yield short-term results, but presents significant escalatory dangers.

Proliferation risks

Cyber attacks pose increasingly serious risks to classified nuclear information, the security of nuclear facilities, and the integrity of the components that nuclear arms and missile technologies rely on.

Last year, the UK government was warned that its trident nuclear submarine program was vulnerable to cyber intrusions. The think-tank report Hacking UK Trident: A Growing Threat argued that a cyber attack directed against the submarines could:

… neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads (directly or indirectly).

In June this year, the US government reported multiple cyber breaches of its own nuclear installations. This followed similar revelations about attacks directed against South Korea’s nuclear reactor operators Korea Hydro and Nuclear Power Co Ltd in 2015.

Another concerning aspect of the cyber-nuclear nexus is that hacking could facilitate the proliferation of nuclear materials and technology to other aggressive states and non-state actors.

Reining in North Korea

The growing connections between nuclear and cyber security are changing the strategic balance between nuclear powers in subtle and undetermined ways. Approaches to dealing with the North Korean regime must treat these issues as related.

So what can be done about North Korea’s aggressive use of the internet? Unfortunately, just as with its nuclear program, there few good options. Sanctions imposed on the regime for its cyber activity, such as those following the Sony hack, have proved ineffective at changing the regime’s behaviour.

China and Russia may have a role to play in persuading Kim Jong-un to “play nicely” in cyberspace, but both countries also have a long history of malicious cyber operations.

There are examples where states have given up destructive weapons programs. These include Colonel Gaddafi’s regime in Libya and the more recent Iran deal. However, the difficulty of verifying whether offensive cyber programs have been dismantled presents a major obstacle.

Cyber armies operating from a virtual realm can easily be hidden. Given that punishing the North Korean regime for its behaviour has not yielded results, it may be time to start thinking about a range of positive inducements to bring the country back into the international community, including offering diplomatic talks without precondition.

The ConversationRewarding North Korea for its errant behaviour may be unpalatable, but the combined danger of its nuclear and cyber capabilities would appear to warrant a significant shift in strategy.

Joe Burton, Senior Lecturer, Institute for Security and Crime Science, University of Waikato

This article was originally published on The Conversation. Read the original article.

Security gets $1.2b, community programs to counter violent extremism $40m – that’s a foolish imbalance



File 20170801 766 wd8iw
Police raided several Sydney properties over the weekend in relation to possible terror plots.
AAP/Dean Lewins

Clarke Jones, Australian National University

The arrests and raids in Sydney over the weekend, as well as the 12 so-called “terrorist plots” disrupted by police since September 2014, ought to raise questions over whether Australia’s efforts to counter violent extremism are actually working.

A spending and policy imbalance

Australia has spent more than A$1.2 billion since 2015 on strengthening sharp-end counter-terrorism arrangements such as increasing intelligence and security capabilities. Millions more will be spent when the government’s proposed Department of Home Affairs opens.

Over roughly the same period, only about $40 million has been spent on countering violent extremism and community cohesion programs.

Of this $40 million, only around $2 million was given out in 2015 to 42 of the 97 applicants. This money was to support grassroots organisations to develop new, innovative services to move people away from violent extremism. This funding round was developed to improve Australia’s capability to deliver localised and tailored intervention services.

So, there is a significant imbalance between sharp-end funding and piecemeal, short-term, community-level grants. The money is clearly not being invested wisely or even reaching the right places, such as those at-risk communities willing to engage and desperately seeking funding. Many more terror-related arrests will follow in the foreseeable future as a result.

All the while, it’s been full steam ahead in relation to security, legislation, corrections, police and intelligence. This has come at the expense of community resilience and building up protective mechanisms within vulnerable youth and communities.

From my research with Muslim communities over the past two years, the government’s approach is verging on being counter-productive. It now risks trampling on the basic rights and freedoms of young Muslims, their families and their communities more broadly.

This approach will actually worsen the many underlying issues – such as discrimination, alienation, marginalisation and rejection – that seem to contribute to offending in the first place.

The safety of all Australians should remain a key government priority. And getting the balance right between security and youth and community welfare is difficult. But the government seems hell-bent on pre-crime arrest, prosecution and punishment, while falling short on providing the necessary long-term support for the young vulnerable people it really needs to protect and prevent from engaging in serious anti-social behaviour.

For those from minority communities in particular, the criminal justice system is a very slippery slope. Once in it, the prospects of positive and meaningful futures are slim.

Where Australia’s approach is lacking

As with the UK’s Prevent program, Australia’s approach suffers from multiple, mutually reinforcing structural flaws. Its foreseeable consequence is a serious risk to the wellbeing of young Muslims and Australian multiculturalism more broadly.

Much of the centrepiece of the government’s countering violent extremism strategy rests on the theory of radicalisation and the social engineering of radical views and cultures to become more conservative and “Australian”.

However, for the concept of radicalisation alone, there seems to be very little clarity about the term and the tools that measure it. If such tools are used to help determine the destiny of a young Muslim person, whether it be in a school or criminal justice situation, then these must be made more available for wider peer review – rather than held in secrecy within the government.

For those deemed “radicalised” or on the pathway to radicalisation, there are very few community-based secondary-level intervention programs designed to support them. Nor are there programs they are willing to participate in voluntarily. This is largely because most current programs are led by government and police, which seem to lack a crucial understanding about the many cultural, religious and ethnic nuances required for effective intervention.

Without close community partnerships and community-led approaches, programs will never be able to fully understand the highly complex nature of families and communities.

Getting access to vulnerable youth and their families, and then encouraging them to participate in interventions, requires close and trusted community partnerships. To date, partnerships between government and the more conservative community groups have not been fully developed. This is particularly the case with the more hard-to-reach groups, which have many of the young people requiring support or intervention.

Put together, this has limited the government’s capacity to support and fund communities working with the most at-risk or vulnerable youth.

The government’s position on these communities is that they are too risky to work with. In reality, it is too risky not to work with them.

To make us truly safe – not just from terrorism, but from other serious crimes too – the government needs to go back to basics. Australia should invest a lot more in longer-term community partnerships and develop more preventive measures, such as community-led interventions. These interventions must be developed by those outside the government’s national security apparatus.

The ConversationA major government rethink is required if it is truly going to keep us safe.

Clarke Jones, Research Fellow, Research School of Psychology, Australian National University

This article was originally published on The Conversation. Read the original article.

How many people can Australia feed?



File 20170630 8242 orj89c
Australia might have been ‘built on the sheep’s back’ but we can’t eat off it.
Stanley Zimny/Flickr, CC BY-NC

Bill Bellotti, The University of Queensland

Population growth has profound impacts on Australian life, and sorting myths from facts can be difficult. This article is part of our series, Is Australia Full?, which aims to help inform a wide-ranging and often emotive debate.


Australia feeds a lot of people. As a big country with a relatively small population, we have just over two arable hectares per person, one of the highest ratios in the world. Our diverse soils and climate provide a wide variety of fresh food all year round.

Historically we produce far more than we consume domestically. We sell around 65% of farm production overseas, making Australia a leading food-exporting nation. We therefore contribute to the food security not just of Australia, but of many other nations.

However, despite being a net food exporter, Australia also imports foods such as coffee, chocolate, processed fruit and vegetables, and key ingredients used in baking our daily bread. We are part of a global food system.

How will a swelling population, projected to reach between 36.8 million and 48.3 million by 2061, affect our food security? Are we set up to weather the storm of climate change, the degradation of our natural resources, and competition for land and water use from mining and urban expansion?

By the numbers

Current Australian government policy is to increase agricultural production and food exports, with a specific focus on developing Australia’s north.

In addition to providing food and nutrition security, the Australian food sector is a key driver of public health, environment, the economy and employment. The gross value of production from Australia’s 135,000 farmers varies between A$55 billion and A$64 billion a year, with exports accounting for between A$45 billion and A$48 billion.

https://datawrapper.dwcdn.net/7gm0F/5/

Horticultural production (fruit, nuts and vegetables) will swell as Australian growers move to satisfy growing Asian demand.

Australian food processing companies add a further A$32 billion of value from 150 large food processors. We exported $A26 billion worth of processed food and beverages in 2015-16 and imported A$16.8 billion, resulting in a trade surplus of A$9.1 billion (rounded to one decimal place).

The food retail sector has an annual turnover around A$126 billion, with about 70% of Australians shopping at Woolworths or Coles. It’s also worth noting that considerable land and water resources are devoted to non-food commodities such as forestry, cotton and wool, and to environmental outcomes such as carbon sequestration or biodiversity plantings.

One in seven Australian jobs (1.6 million) are in the farm-dependent economy, and food and beverage processing employs around one-third of all Australian manufacturing workers, with promising growth prospects. Many jobs are seasonal and based in the regions. Farm and food enterprises rely on foreign workers for many key tasks, resulting in the food sector being particularly sensitive to changes in temporary work visas.

How to feed more people

If Australia reaches its projected population of between 36.8 million and 48.3 million by 2061, could we feed everyone?

For the sake of this exercise, let’s leave aside food we import, and assume that Australia will continue to export 65% of the food we produce.

Currently, our exports feed (at least in part) 36.6 million people outside Australia. If we add that to our domestic population, 61 million people will eat Australian food in 2017.

If we apply the same assumptions to projected high and low Australian populations for 2061, we arrive at a total (domestic plus export) population fed by Australian production of 92 million to 121 million, or an increase of 51-98%.

Could Australia double the number of people we feed by 2061? The answer is yes, but not simply by doubling the amount of food we produce. Three broad strategies will need to be integrated to reach this target:

  1. Increase food productivity. We need to aim for 2% growth in annual food production by increasing investment research and development for food and agriculture. For comparison, between 1949 and 2012 we have averaged 2.1% annual growth, although from 2000-12 that slumped to 0.6%. Achieving this productivity target will be difficult, given the challenge of climate change and other constraining factors.

  2. Reduce food waste. We currently waste around 30% of the food we produce. Reducing food waste benefits the environment and the economy. This strategy requires ongoing improvements in supply chain efficiency, changes in marketing, and consumer education.

  3. Change our eating patterns. Moving towards sustainable diets will improve public health and environment outcomes. Reducing overconsumption (a contributor to obesity), eating more vegetables and less discretionary “junk” foods represent initial steps in this direction.

The next few decades will present unprecedented challenges and opportunities for the Australian food sector. Placing the consumer at the centre of healthy, sustainable and ethical food systems will be increasingly important, whether that consumer lives in Brisbane or Beijing. New ways of connecting consumers to producers will become commonplace, creating more informed and empowered consumers, and rewarding innovation.

Research highlighting the interconnections between food, health and environment will be required to support Australia’s claims to being a clean, green provider of food.

It’s easy to conclude that Australia can feed many more people than we currently do, but the real issue is to do this while ensuring our food system is healthy, sustainable and fair. Ultimately, exporting the research, technology and education that underpin our future food system will benefit far more people than those directly consuming food produced in Australia.


The ConversationYou can read other articles in the Is Australia Full? series here.

Bill Bellotti, Professor and Director Food Systems Program, Global Change Institute, The University of Queensland

This article was originally published on The Conversation. Read the original article.

Explainer: how internet routers work and why you should keep them secure



File 20170619 5793 2hvvqf
Think of your router as the post office for the internet.
www.shutterstock.com

Nicholas Patterson, Deakin University

Most of us would be bereft without Wi-Fi but give a little thought to the technology that beams us the internet.

The device we pay so little attention to is called a router. Its main role is to connect networks and send and receive data from an internet provider.

But many routers aren’t particularly secure.

The importance of understanding how routers work and how to protect them from malicious attacks was highlighted by WikiLeaks’s recent revelations about the existence of an alleged CIA hacking tool, code named “CherryBlossom”. This tool can apparently hack routers, allowing the perpetrator to monitor traffic and perform software exploits on victims.

The average person is unlikely to be targeted by this level of attack. But if you’re going to have a router at home, it’s important to understand exactly how it works.

How does a router work?

A router is like a post office for the internet: it acts as a dispatcher, choosing the fastest and most effective delivery paths.

Let’s assume you have a smartphone at home that’s connected to your router and through that, the internet. You’re keen to find a song to listen to. Here’s how it works:

  1. Your smartphone takes your song request, and converts it into a radio signal using the specification (it’s called a 802.11 Protocol) that controls how your Wi-Fi works
  2. This information is sent to the router, including your smartphone’s Internet Protocol address (essentially, its internet street address) and the track you requested
  3. This is where the Domain Name Server (DNS) comes into play. The main purpose of this platform is to take a text based address (let’s say, http://www.spotify.com) and convert it into a numeric Internet Protocol address
  4. The router will then send off the request information to your internet provider, through their proxy and then on to Spotify.com
  5. Along this journey from your home to your internet provider to Spotify.com, your request information will “hop” along different routers. Each router will look at where the the requested information has to reach and determine the fastest pathway
  6. After going through a range of routers, an agreed connection between your home internet, your iPhone and Spotify will be established. As you can see in the image below, I have used a trace route service from Australian-based company Telstra to Spotify showing 16 routers along the journey
  7. Then data will begin to travel between the two devices and you’ll hear the requested song playing through your smartphone.
Trace route from Telstra.net to Spotify.com.
Telstra Internet Direct, Author provided

Explaining the back of your router

Even if you now understand how your router works, the machine itself is covered in mysterious ports and jargon. Here are some to look out for:

Ethernet ports: these exist to enable hard wired networking to the router itself in cases where a Wi-Fi connection is not possible.

SSID: this refers to “Service Set Identifier”, and is an alphanumeric set of characters that act as your Wi-Fi network’s identifier.

Telephone/internet port: this port allows your router to gain a hard wired (RJ-45) connection to the internet, usually through telephone lines.

Routers handle interconnectivity and delivery.
Wikimedia Commons

WPS: this stands for “Wi-Fi Protected Setup”. It allows users faster and easier access to Wi-Fi, because they will not have to enter in the passkey once pushed.

LAN: a “Local Area Network” refers to a grouping of computers and devices being networked together, typically with cables and routers in a singular space – often a university, small company or even just at home.

WAN: when we take a series of geographically distributed LANs and connect them together with routers, this is what we call a “Wide Area Network”. This is useful for larger companies that want to connect all their office locations together.

WLAN: closely related to a LAN, “Wireless Local Area Networks” are LANs whereby users who are on mobile devices can connect through a Wi-Fi connection, allowing complete mobility and thus reducing the need for any cables.

The back of a router.
Timo Schmitt/Flickr, CC BY-NC

Cyber safety with routers

It’s important to protect your router and Wi-Fi network from being compromised.

You should:

  • Change your router’s administrator password and make it strong
  • change the identifying SSID name so it doesn’t give away any details about the model of your router or who owns it
  • ensure encryption is turned on in the router settings: this will ensure the traffic travelling over your network is unreadable
  • change the passkey you enter in when connecting to Wi-Fi
  • ensure your router’s firmware – the software that’s hard coded into your router – is up to date.

The ConversationRouters ensure your home and internet service provider can stay connected. Look after your router, and it will (hopefully) look after you.

Nicholas Patterson, Teaching Scholar, Deakin University

This article was originally published on The Conversation. Read the original article.

COAG agrees to new push on security after Melbourne attack



File 20170609 20824 ntejdq
Federal and state leaders will convene as soon as practicable for a special COAG meeting on counter-terrorism.
AAP/Rob Blakers

Michelle Grattan, University of Canberra

Federal and state leaders have ramped up anti-terrorism provisions and plan to meet again soon for a broad review of the nation’s legal and practical security preparedness.

Malcolm Turnbull won support from the Council of Australian Governments for a tougher approach to parole and bail, where people have had terrorist connections.

States and territories agreed to strengthen their laws to ensure a presumption against granting bail or parole when people had “demonstrated support for, or have links to, terrorist activity”.

In the wake of this week’s Melbourne attack by Somali-born Yacqub Khayre, Turnbull demanded that state attorneys-general should sign off on parole applications when there was a terrorism link, rather than parole authorities.

Khayre, who killed the receptionist at a serviced apartment block before he was shot by police, had been out on parole, despite having a violent history and known past links to terrorism.

Turnbull said what COAG had agreed to was consistent with recent changes made by New South Wales.

He said if the change had been in place, it was inconceivable Khayre would have been given parole. The challenge of overcoming the presumption against release would be “very high indeed”.

The leaders also decided to hold a special COAG meeting as soon as practicable “to fully and more comprehensively review the nation’s laws and practices directed at protecting Australians from violent extremism”.

Victorian Premier Daniel Andrews, speaking at the joint news conference after the meeting, delivered a blunt warning that people had to expect curbs on civil liberties.

“I think we are at a point in our nation’s history where we have to give very serious consideration to giving law enforcement some tools and powers that they don’t enjoy today,” he said.

That might be unpopular with the civil liberties community, and involve curtailing the rights and freedoms of a small number of people, he said. But “that is what will be needed in order to preserve and protect a great many more”.

COAG had reports from ASIO, the Australian Federal Police, Turnbull’s cyber-security adviser, Alastair MacGibbon, and the counter terrorism co-ordinator, Tony Sheehan. The meeting had originally been expected to be dominated by a briefing from Chief Scientist Alan Finkel, who presented his report on energy security. But the recent events in Britain and Melbourne meant that terrorism was an equal focus.

Also on security, the leaders:

  • agreed to having security-cleared corrections staff as part of the counter-terrorism team in each jurisdiction. This is designed for better sharing of information;

  • agreed on the importance of close co-operation between all levels of government and with the private sector in protecting crowded public places;

  • discussed strengthening the security of public and private IT systems in the context of the WanaCry ransomware campaign, which locks computer files and demands payments to unlock them;

  • committed to governments continuing to work together and with industry to manage the security risks coming from foreign involvement in the nation’s critical infrastructure; and

  • ordered further work on a nationally consistent approach to organised crime legislation.

The ConversationTurnbull stressed that when it came to overcoming the terrorist threat, “governments cannot simply set and forget”.

Michelle Grattan, Professorial Fellow, University of Canberra

This article was originally published on The Conversation. Read the original article.

Four ways social media companies and security agencies can tackle terrorism


Robyn Torok, Edith Cowan University

Prime Minister Malcolm Turnbull has joined Britain’s Prime Minister Theresa May in calling on social media companies to crack down on extremist material being published by users.

It comes in the wake of the recent terror attacks in Australia and Britain.

Facebook is considered a hotbed for terrorist recruitment, incitement, propaganda and the spreading of radical thinking. Twitter, YouTube and encrypted services such WhatsApp and Telegram are also implicated.

Addressing the extent of such content on social media requires international cooperation from large social media platforms themselves and encrypted services.

Some of that work is already underway by many social media operators, with Facebook’s rules on this leaked only last month. Twitter says that in one six-month period it has suspended 376,890 accounts related to the promotion of terrorism.

While these measures are a good start, more can be done. A focus on disruption, encryption, recruitment and creating counter-narratives is recommended.

Disruption: remove content, break flow-on

Disruption of terrorists on social media involves reporting and taking down of radical elements and acts of violence, whether that be radical accounts or posted content that breaches community safety and standards.

This is critical both in timing and eradication.

Disruption is vital for removing extreme content and breaking the flow-on effect while someone is in the process of being recruited by extremists.

Taking down accounts and content is difficult as there is often a large volume of content to remove. Sometimes it is not removed as quickly as needed. In addition, extremists typically have multiple accounts and can operate under various aliases at the same time.

Encryption: security authorities need access

When Islamic extremists use encrypted channels, it makes the fight against terrorism much harder. Extremists readily shift from public forums to encrypted areas, and often work in both simultaneously.

Encrypted networks are fast becoming a problem because of the “burn time” (destruction of messages) and the fact that extremists can communicate mostly undetected.

Operations to attack and kill members of the public in the West have been propagated on these encrypted networks.

The extremists set up a unique way of communicating within encrypted channels to offer advice. That way a terrorist can directly communicate with the Islamic State group and receive directives to undertake an attack in a specific country, including operational methods and procedures.

This is extremely concerning, and authorities – including intelligence agencies and federal police – require access to encrypted networks to do their work more effectively. They need the ability to access servers to obtain vital information to help thwart possible attacks on home soil.

This access will need to be granted in consultation with the companies that offer these services. But such access could be challenging and there could also be a backlash from privacy groups.

Recruitment: find and follow key words

It was once thought that the process of recruitment occurred over extended periods of time. This is true in some instances, and it depends on a multitude of individual experiences, personality types, one’s perception of identity, and the types of strategies and techniques used in the recruitment process.

There is no one path toward violent extremism, but what makes the process of recruitment quicker is the neurolinguistic programming (NLP) method used by terrorists.

Extremists use NLP across multiple platforms and are quick to usher their recruits into encrypted chats.

Key terms are always used alongside NLP, such as “in the heart of green birds” (which is used in reference to martyrdom), “Istishhad” (operational heroism of loving death more than the West love life), “martyrdom” and “Shaheed” (becoming a martyr).

If social media companies know and understand these key terms, they can help by removing any reference to them on their platforms. This is being done by some platforms to a degree, but in many cases social media operaters still rely heavily on users reporting inappropriate material.

Create counter-narratives: banning alone won’t work

Since there are so many social media applications, each with a high volume of material that is both very dynamic and fluid, any attempts to deal with extremism must accept the limitations and challenges involved.

Attempts to shut down sites, channels, and web pages are just one approach. It is imperative that efforts are not limited to such strategies.

Counter-narratives are essential, as these deconstruct radical ideologies and expose their flaws in reasoning.

But these counter-narratives need to be more sophisticated given the ability of extremists to manipulate arguments and appeal to emotions, especially by using horrific images.

This is particularly important for those on the social fringe, who may feel a sense of alienation.

It is important for these individuals to realise that such feelings can be addressed within the context of mainstream Islam without resorting to radical ideologies that leave them open to exploitation by experienced recruiters. Such recruiters are well practised and know how to identify individuals who are struggling, and how to usher them along radical pathways.

Ultimately, there are ways around all procedures that attempt to tackle the problem of terrorist extremism on social media. But steps are slowly being taken to reduce the risk and spread of radical ideologies.

The ConversationThis must include counter-narratives as well as the timely eradication of extremist material based on keywords as well as any material from key radical preachers.

Robyn Torok, PhD, PhD – researcher and analyst, Edith Cowan University

This article was originally published on The Conversation. Read the original article.