News & Commentary for the Digital UK

Welcome

Thatch Editorial

Feb 14, 20225 min read

With tensions over Ukraine high, could Russian cyberattacks on NATO escalate into armed conflict?

Updated: Feb 16, 2022

BOSTON (AP) — President Joe Biden couldn’t have been more blunt about the risks of cyberattacks spinning out of control. “If we end up in a war, a real shooting war with a major power, it’s going to be as a consequence of a cyber breach of great consequence,” he told his intelligence brain trust in July.

Now tensions are soaring over Ukraine with Western officials warning about the danger of Russia launching damaging cyberattacks against Ukraine’s NATO allies. While no one is suggesting that could lead to a full-blown war between nuclear-armed rivals, the risk of escalation is serious.

The danger is in the uncertainty about what crosses a digital red line. Cyberattacks, including those that cripple critical infrastructure with ransomware, have been on the rise for years and often go unpunished. It’s unclear how grave a malicious cyber operation by a state actor would have to be to cross the threshold to an act of war.

“The rules are fuzzy,” said Max Smeets, director of the European Cyber Conflict Research Initiative. “It’s not clear what is allowed, what isn’t allowed.”

The United States and other NATO members have threatened crippling sanctions against Russia if it sends troops into Ukraine. Less clear is whether such sanctions, whose secondary effects could also hurt Europe, would be imposed if Russia were to seriously damage Ukrainian critical infrastructure — power, telecommunications, finance, railways — with cyberattacks in lieu of invading.

And if the West were to respond harshly to Russian aggression, Moscow could retaliate against NATO nations in cyberspace with an intensity and on a scale previously unseen. A major cyberattack on U.S. targets would almost certainly unleash a muscular response. But what of lesser cyberattacks? Or if Russian President Vladimir Putin restricted them to a NATO member in Europe?

Under Article 5 of the organization’s treaty, an attack on any of its 30 members is considered an attack on all. But unclear is what it would take to unleash full-scale cyber retaliation. Or how bad an attack would have to be to trigger retaliation from NATO’s most potent cyber military forces, led by the U.S. and Britain.

Cyberspace is exceptionally unruly. No arms control treaties exist to put guard rails on state-backed hacking, which is often shielded by plausible deniability as it’s often difficult to quickly attribute cyberattacks and intelligence-gathering intrusions. The technology is cheap and criminals can act as proxies, further muddying attribution. Freelancers and hacktivists compound the problem.

In 2015, the major powers and others agreed on a set of 11 voluntary norms of international cyber behaviour at the United Nations. But they are routinely ignored. Russia helped craft them only to knock Ukraine’s power grid offline that winter and set in motion its hack-and-leak operation to interfere in the 2016 U.S. presidential election.

Hacking is now a core component of great power conflict. In 2016, NATO formally designated cyberspace a “domain” of conflict, alongside land, sea and air.

Nowhere has the militarization of cyberspace been more clear than in Putin’s bid to return Ukraine to Moscow’s orbit.

To Serhii Demediuk, the No. 2 official on Ukraine’s National Security and Defence Council, a noisy cyberattack last month was “part of a full-scale Russian operation directed at destabilizing the situation in Ukraine, aimed at exploding our Euro-Atlantic integration and seizing power.”

The attack damaged servers at the State Emergency Service and at the Motor Transport Insurance Bureau with a malicious “wiper” cloaked as ransomware. The damage proved minimal, but a message posted simultaneously on dozens of defaced government websites said: “Be afraid and expect the worst.”

Such attacks are apt to continue as Putin tries to “degrade” and “delegitimize” trust in Ukrainian institutions, the cybersecurity firm CrowdStrike said in a blog on Russian military cyber wreckage in the former Soviet republic: Winter attacks on the power grid in 2015 and 2016 were followed by NotPetya, which exacted more than $10 billion in damage globally.

Michele Markoff, the U.S. State Department’s deputy coordinator for cyber issues, thinks “muscular diplomacy” is the only way to end such “immoral, unethical and destabilizing behaviour.”

But how? Unlike nuclear arms, cyberweapons can’t easily be quantified, verified and limited in treaties. Nor are violators apt to be held accountable in the United Nations, not with Russia and China wielding veto power on its Security Council.

“We’ve wallowed kind of in a quagmire for years now on making transgressors accountable,” said Duncan Hollis, a Temple Law professor and former State Department legal adviser.

Members endorsed in May an update to the 2015 U.N. norm s that further delineates what should be out of bounds: including hospitals, energy, water and sanitation, education and financial services. That has hardly deterred Russian-speaking ransomware crooks, who are at the very least tolerated by the Kremlin. Nor have U.S. indictments of Russian and Chinese state hackers and the blacklisting of tech companies accused of aiding them helped much.

Under a new policy NATO adopted last year after U.S lobbying, an accumulation of lower-level cyberattacks — far below, say, blacking out the U.S. East Coast — could be enough to trigger Article 5. But NATO is vague on what a tipping point might be.

NATO’s doctrinal shift followed a pair of seismic cyberespionage shocks — the highly targeted 2020 SolarWinds supply chain hack by Russia that badly rattled Washington and the reckless March 2021 Microsoft Exchange hack attributed to Chinese state security that set off a criminal hacking free-for-all.

A cluster of wholesale data pilfering in the mid-2010s attributed to China — from the U.S. Office of Personnel Management, United Airlines, Marriott hotels and the health insurer Anthem — inflicted a deep national security wound. And U.S. officials have worried for more than a decade about rivals — Russia especially — quietly “pre-positioning” enough malware in U.S. critical infrastructure including the energy sector to cause considerable chaos in an armed conflict.

In response, U.S. Cyber Command developed a strategy in 2018 it calls “persistent engagement” to counter rivals who “operate continuously below the threshold of armed conflict to weaken institutions and gain strategic advantages.”

The aim: deny foes the chance to breach U.S. systems by operating “across the interconnected battlespace, globally, as close as possible to adversaries,” Cybercom commander Gen. Paul Nakasone wrote.

That has sometimes meant penetrating not just adversaries’ networks but also those of allies — without asking permission, said Smeets, the European cyber conflict analyst.

Disinformation campaigns have also muddied the definition of a “cyber threat.” No longer do they merely encompass malware like NotPetya or the the Stuxnet virus that wrecked Iranian nuclear centrifuges, an operation widely attributed to the U.S. and Israel and discovered in 2010.

During the 2018 U.S. midterm elections, Cybercom temporarily knocked offline a key Russian disinformation mill.

Most major powers have the equivalent of a U.S. Cyber Command for both offense and defence.

Also active are terrorists, criminals working as state proxies, begrudged freelancers and hacktivists like the Cyber Partisans of Belarus.

Hollis compares the current messy cyber moment to the early 19th century when U.S. and European navies were so small they often relied on privateers — we know them now as pirates— for high-seas dirty work.

The U.S. and other NATO partners are, meantime, helping Ukraine stand up a separate cyber military unit, said Demediuk, the Ukrainian security official. Since Russia seized Crimea in 2014, NATO has closely and systematically coordinating cyber actions with Ukraine, including joint missions, he said.

In November, Ukraine exposed an eight-year espionage operation by agents of Russia’s FSB in Crimea involving more than 5,000 attempted hacks. The main goal: to gain control over critical infrastructure, including power plants, heating and water supply systems, Ukraine’s state news agency said.

This month, Microsoft said the operation, dubbed Armageddon, persists with attempts to penetrate Ukraine’s military, judiciary and law enforcement. Microsoft detected no damage, but that doesn’t mean Russian cyber operators haven’t gained undetected footholds.

That’s where hackers hide until they are ready to pounce.

___

Source: AP - Associated Press writer Yuras Karmanau in Kyiv, Ukraine, contributed to this report.

The Thatch

Feb 9, 20222 min read

Japan offers gas to Europe over Ukraine fears

Japan is offering Europe part of its liquified natural gas imports over fears supplies will be disrupted by tensions surrounding a possible Russian invasion of Ukraine, Tokyo's trade minister said Wednesday. Multiple gas shipments are already being diverted to Europe by private Japanese firms, Koichi Hagiuda said, declining to give details of how many boats or how much LNG is involved. More ships will head to Europe in March, but the supplies will be strictly contingent on ensuring domestic demand is met, he told reporters.

Japan was the world's top LNG importer until last year, and is heavily dependent on the fuel (AFP/TOSHIFUMI KITAMURA) (TOSHIFUMI KITAMURA)

Fears are mounting that a conflict in Ukraine could cause an energy crisis in Europe, which depends heavily on Russian gas. Hagiuda said he had received requests from the US and EU ambassadors "to accommodate the need" for the fuel in Europe. "We have communicated to both the US and EU that this co-operation is to be carried out only to the extent that it does not affect Japan's electricity and gas supplies," he said. Japan was the world's top LNG importer until last year, and is heavily dependent on the fuel. Reports suggest it may not have much to give, with stockpiles low even as record snow hits parts of the country, according to Bloomberg. A trade ministry official said the Japanese gas companies will receive market price for the fuel. Analysts judge it unlikely Russia would completely halt supplies to Europe in the case of conflict, and Japan's reserves are likely to be insufficient to make up the difference if Moscow did so. But Tokyo's offer is seen as symbolic, and comes with frenetic diplomatic manoeuvring under way in an attempt to ease tensions with Russia over Ukraine. French President Emmanuel Macron said Tuesday he saw a path forward after two days of talks in Kyiv and Moscow. There have been discussions about a possible summit bringing together the leaders of Ukraine, Russia, France and Germany. Russian leader Vladimir Putin is seeking sweeping security guarantees from NATO and the United States, including barring Ukraine from the military alliance. On Tuesday, German Chancellor Olaf Scholz backed a threat by US President Joe Biden that the controversial Nord Stream 2 gas pipeline would not proceed if Russia invades Ukraine. The pipeline, set to double natural gas supplies from Russia to Germany, has become a key bargaining chip for the West in its bid to stop Moscow from invading Ukraine.

Source: yahoo

Polly Bevan-Bowhay

Feb 3, 20223 min read

World's first malaria vaccine making inroads in western Kenya

A pilot programme has been rolling out the groundbreaking vaccine -- which was 30 years in the making -- in Kenya, Ghana and Malawi since 2019 (AFP/Brian ONGORO)

Lucy Akinyi's three children were infected with malaria so often she would be at their local health clinic in western Kenya every other week getting them treated.

When offered the chance to protect her children with the world's first vaccine against the deadly parasitic disease, Akinyi jumped at the chance.

More than 100,000 children in malaria-endemic western Kenya have received the new vaccine against the disease, which kills 260,000 children under five every year in sub-Saharan Africa.

A pilot programme has been rolling out the groundbreaking drug -- which was 30 years in the making -- in Kenya, Ghana and Malawi since 2019.

It was approved for broad use for children in sub-Saharan Africa and other at-risk regions by the World Health Organization (WHO) in October last year.

For Akinyi and her extended family, the vaccine has worked wonders.

She would always place mosquito nets over her children while they slept, but despite her best efforts they would still get bitten outside while playing.

"We used to have a lot of malaria in our home. We could be at the hospital three times in a month," Akinyi said.

But none of her children have tested positive for malaria since being vaccinated, she said, bringing her great comfort living in a region where the disease is a major killer.

"We are very happy because none of our children are sick," Akinyi said.

Her sister-in-law, Millicent Akoth Oyoya, decided to get her own children jabbed after seeing the benefit it brought her nieces and nephews.

"When she (Akinyi) had her youngest vaccinated, that baby never got malaria," Oyoya said at a clinic as she waited to get her nine-month-old boy vaccinated in the Lake Victoria region.

"So I decided to bring mine too so that he would be malaria free."

- Game changer -

Health clinics in western Kenya -- where paediatric wards full of children sickened by malaria are not uncommon -- are starting to see results.

Admissions for malaria are falling, as is the severity of symptoms. "Since we started administering the malaria vaccine in September 2019, we have seen a reduction of the cases of malaria," said Elsa Swerua, head nurse for malaria at Akala Health Center in Siaya County. "Even the children who get malaria, it is not severe, and the number of deaths out of malaria has also gone down." Less malaria -- the same person can suffer many episodes of the disease every year -- means fewer trips to the hospital, a boon for families who struggle to pay for treatment again and again. "Before the vaccine... we would spend a lot of money on treatment and buying and going to the hospital. The cost was high," Akinyi said. Now, there is more money to go around for food and other essentials, she said. Dr Simon Kariuki, chief research officer at the Kenya Medical Research Institute, and a leading expert on malaria, said the vaccine was a game changer. "We showed that this vaccine is safe, and can be given to young African children who bare the higher burden of malaria," he said. The pilot trial had shown the vaccine could "reduce malaria incidents in young children in these areas by almost 40 percent", he said. The WHO has recommended that the vaccine be administered in a four-dose regimen for children from five months of age in areas with moderate to high transmission of malaria.

Source: Yahoo

3 4

6 7

Blog