a new virtual battlefield web.p… · radicalisation) in the western balkans, commissioned by the...
TRANSCRIPT
Summary of the Study on Cyber Security (andOnline Radicalisation) in the Western Balkans
How to prevent online radicalisation in the cyber
security realm of the Western Balkans?
A NEWVIRTUAL battlefield
funded by the EU
This publication is funded by the EU. It reflects only the views of the author(s). The Regional Cooperation Counciland the EU cannot be held responsible for any use which may be made of the information contained herein.
This brochure is based on the study on cyber security (and onlineradicalisation) in the Western Balkans, commissioned by the RegionalCooperation Council, within the IPA II 2016 Regional Action on P/CVE inthe Western Balkans. The main objective of the Study this brochure is based on is to provide acomprehensive overview and analysis of the situation regarding cybersecurity and online radicalisation in Albania, Bosnia and Herzegovina,Kosovo*, Montenegro, Serbia, and The Former Yugoslav Republic ofMacedonia (Western Balkans 6 or WB6), and to providerecommendations for enhancement of cyber security and preventionof online radicalisation.
*This designation is without prejudice to positions on status, and is in line with UNSCR 1244 and the ICJ Opinion on the Kosovo declaration of independence.
INTRO
2015 2 Billionnumber of
internet users in2015
2016
3.8 Billionnumber of internet
users globally in2017or
20226 Billion
expected number ofinternet users by 2022
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
51%of world population
Global online environment overview
20307.6 Billion
is expected growth ofinternet users by 2030
of the world’s 6+y/o populationwill be usinginternet
90%
2017
2.28 Billionnumber of social
media users in 2016worldwide
IMPORTANT POINT!Significant growth recorded
in internet use in theWestern Balkans between2000 and 2017, with the
number of internet usersranging from 66% to 81% of
the population.
n/a
80%
Kosovo * 81%
1.1%
Bosnia andHerzegovina
70%
18.4%
Montenegro
76%
72%
2.5%
12.3%
The Former YugoslavRepublic ofMacedonia
Serbia 66%
0.1%
Albania
YEAR2000
YEAR2017
YEAR2000
YEAR2017
YEAR2000
YEAR2017
YEAR2000
YEAR2017
YEAR2000
YEAR2017
YEAR2000
YEAR2017
70% 66%
rbr ibia
76%donia
1% ofation.
80%
vo *
81%
The F rmrr eepuac
of internet users in theregion:
Regional online environment overview
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Contemporary conceptions of cyber security,which largely focus on hard or kineticattacks, such as cyber-attacks andcybercrime, and omit online informationoperations, such as online radicalisation, hatespeech and ‘fake news’, no longer fit thepurpose.
A New Virtual Battlefield - How to preventonline radicalisation in the cyber securityrealm of the Western Balkans ambitiouslyexpands our understanding of cyber securityto encompass both, stemming from a growingawareness by the RCC that the role of theinternet in information operations cannot andshould not be viewed in isolation from otherareas of cyber security.
400Number of reported cybersecurity attacks in theWestern Balkans in 2017
How ready is theregion for thisapproach?
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Cyber Security
Eurobarometer survey on mostcommon concerns of internet users:
2015
concerned about themisuse of theirpersonal data
had no concernsabout online bankingor online payments
concerned aboutsecurity of online
payments
43%
42%
18%
2007 - 2013 2014 -2020
334 million 450 million
Between 2007and 2013 the EUinvested €334million in cybersecurity
Planned furtherinvestmentsbetween 2014and 2020 are€450 million
CYBERSECURITY
Computer SecurityIncident ResponseTeams (CSIRTs)
The functions of all the ComputerSecurity Incident Response Teams(CSIRTs) in the WB6 are very similar;however, their levels of functionalityare not consistent across alleconomies. None of the national CSIRTs in theWB6 are standalone agencies, buttheir positioning within governmentsis different across the region.
CSIRT
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Cyber Security
BudapestConvention onCybercrime
National CIRT
Law on CyberSecurity
Cyber SecurityStrategy
3rd leveleducation onInformationSecurity
CVE/TerrorismStrategy includesreference tocyber/online
Key Challenges
Ratified200224/7 Point ofContact (POC)
2016
Adopted 2017
Policy acts in lieu,2015-2017
ALBANIA
Ratified200624/7 POC
Very limitedfunctionality2017
BOSNIA ANDHERZEGOVINA
24/7 POC
Strategy andaction plan2016
Technical, financial, expertise and accessing and retention staffing
KOSOVO*
Ratified200424/7 POC
Strategy Adoptedin July 2018
THE FORMERYUGOSLAVREPUBLIC OFMACEDONIA
Ratified201024/7 POC
multi-disciplinary
Strategy andaction plan2018-2021 (2ndstrat.)
MONTENEGRO
Ratified200924/7 POC
Yes, no actionplan2017
SERBIA
2016
2016
2016
2012
Adopted 2010
Adopted 2010
Adopted 2016
Cyber Security
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Synopsis ofrelevant information and findings
in respect to each of the WB6CSIRTs: lack of financial investmentcommensurate with the required activity; lack ofsufficient staffing; insufficient technologicalcapacity
Incident reporting: companies in particular fearreputational damage in case of media leaks; lackof confidence in law enforcement; lack ofcapacity to identify attacks when they happen
Investigations and procedures: suffer frominsufficient skills and capabilities
Public private partnerships (PPP): lack oftradition of PPPs in the region; lack of demandfor such initiatives; lack of recognition bygovernments of ICT experts within WB6economies (preference for international experts)
Education: apparent lack of educational policiesfocusing on ICT and related security in the WB6
Media: noted lack of informed reporting on cybersecurity in the majority of the WB6
Brain drain: high rates of migration ofexperienced ICT professionals from the region
Lack of awareness of cyber security risks in theregion
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Regional challenges to implementation of Cyber Security Strategy
Online Radicalisation
Violent extremists andterrorists...
...have, for some time, beenutilising the internet tocommunicate, collaborate andconvince which is exactly what theStudy on Cyber Security (andOnline Radicalisation) in theWestern Balkans focuses on. The role of the internet inradicalisation processes is evidentacross the WB6, but personalinteractions remain important.
...claim that ‘radicalisation’ ismostly associated with violentjihadi terrorism and is much lessprevalent in discussions aroundother types of violent extremismand terrorism, such as the extremeright.
All but two WB6 havenational-level strategies...
Critics of contemporaryradicalisation discourse...
...for countering radicalisationand/or violent extremism – but lagbehind in their implementation.
mme
Ana
...anbe
Most significant deficits associated with implementationof strategies for countering radicalisation:
limited appropriatecivil societyparticipation
limited resourcing ofbodies, such as police,and prosecutors inrespect of staffing,technology, andtraining
need for morecareful mediareporting
lack of significantpublic privatepartnerships
lack of educationalpolicies andprogrammes onidentifying risky onlinecontent
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
At the height of their onlineprowess in 2015, Islamic State (IS)
was producing approximately1,200 items of official content
monthly, including photo arrays,infographics, PDF magazines,and videos. IS are not the only
terrorists active online, of course.
There are a variety of violentextremists and terrorist groups
and their supporters currentlyengaged in a diversity of online
activity.
2015
Infographics
1,200 per month
PDFmagazines
Photoarrays
andvideos
In period 2012-2017 around 1,000individuals (men, women,children, elderly) from theWestern Balkans travelled toSyria and Iraq, out of whomaround 300 returned, more than200 were killed, some 400remained, while some areconsidered missing.
2012-2017
Killed
200
Returned
300
Remained
400
False info is 70% more likely to be retweeted than a true one
False story on average reaches 1,500 people 6 times quicker than atrue story
1500 6x
70%
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Online Radicalisation
ONLINEradicalisation
CYBERsecurity
EU Assessment 2018 for Chapters 10 and 24 says Albania ismoderately prepared for information security, and some progresshad been made in relation to the digital agenda action plan and e-government services
Dedicated cybercrime units exist in State Police and GeneralProsecutor’s Office
Majority of cybercrime cases relate to fraud, hacking, onlinestalking, and data interference
Does not have Cyber Security Strategy per se, but the Paper onCyber Security 2015 – 2017 suffices in its absence
Dissemination of extremist messaging has taken place throughdirect communication in about 70% of cases and about 30% via theInternet
Social media are not the most important channel of disseminationof ’extremists’ content in Albania
ALBANIAINTERNET USERS IN DEC 2017
1,932,024
ing, online
roughdirect communication in aboInternet
Social media are not the moof ’extremists’ content in Al
ing taken% o and
mp rtant chanania
g has takof cases a
portant annel of dissof d
Overview per each of the WB6 - Cyber Security and Online radicalisation
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
There is no culture of information security in BiH yet – lack ofawareness and understanding of potential impacts
EU Assessment 2018 for Chapters 10 and 24 says Bosnia andHerzegovina lacks a strategic [state level] framework to address theissue of cybercrime and cyber security threats. Investigations incybercrime reportedly remain very rare.
In 2017, BIRN located more than 60 websites based in the WesternBalkans promoting the idea of ethnically pure nation states, neo-Nazism,violent homophobia and other radical right-wing policies
Main types of cybercrime include DoS[1] and DDos[2] attacks, internetfraud, unauthorised access to computer systems, credit card scams,wireless network abuse, online child sex abuse-related activity, onlineintellectual property rights violations, social network abuse,distribution of malware, inciting hatred, discord or intolerance, andpublic incitement to terrorism and terrorist propaganda
The Internet widely recognised as having facilitated the establishmentand spread of a wide variety of transnational networks, including Salafiand jihadi networks. Large BiH diaspora, with notable Salafi contingentsin Austria, Germany, the Netherlands, Slovenia, and Sweden, isconnected via the Internet
However, community ties and face-to-face contacts were moreconsequential
A role for the internet in the increased nationalist rhetoric apparent inBiH has also been mooted
[1] In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or networkresource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet[2] A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt normal traffic of a targeted server, service or networkby overwhelming the target or its surrounding infrastructure with a flood of Internet traffic
ONLINEradicalisationCYBERsecurity
BOSNIA ANDHERZEGOVINA
INTERNET USERS IN DEC 2017 2,828,846
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Overview per each of the WB6 - Cyber Security and Online radicalisation
Does not have an overarching law on cyber security, but cyber securitystrategy has been adopted in July 2018
EU Assessment 2018 for Chapters 10 and 24 says Criminal Code of TheFormer Yugoslav Republic of Macedonia is broadly in line with EUstandards, criminalising online child sex abuse and computer crime,amongst other crimes. Digitalisation of the economy is progressing fast
Easy access to extremist and terrorist contentvia the Internet, especially social media
ONLINEradicalisation
CYBERsecurity
Established their national CSIRT in 2016
The majority of cyber-attacks were of DoS and phishing types, butmalware distribution is increasing albeit there is a lack of awareness bymany users of this threat
y
eU,
recorded
cyber-attacksin 2017
75
THE FORMERYUGOSLAVREPUBLIC OFMACEDONIA
INTERNET USERS IN DEC 2017 1,583,315
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Overview per each of the WB6 - Cyber Security and Online radicalisation
The most common type of cybercrimes include credit card fraud,fake news (e.g. through forged e-mails to the media), computerintrusion, DDoS attacks, phishing, etc.
EU Assessment 2018 for Chapters 10 and 24 says Kosovo* hasmade some very positive progress in cyber security domain and ithas very good legislation. However, the biggest issue relates toimplementation, which has not yet been done to the levelrequired
The government appointed a 24/7 contact point within thepolice’s cybercrime unit
In addition to significant role of social media, a number of reports onIS-related activity in Kosovo* mention the importance of traditionalmass media in radicalisation and recruitment processes
ONLINEradicalisationCYBERsecurity
Relations between the public and private sectors are good,especially in respect to internet service providers. However,cooperation is still not where it could be
Internet played a significant part in Kosovo* foreign fighters’radicalisation processes
IS-produced Albanian-language online content targeted Albanianspeakers in Albania, Kosovo*, and The Former Yugoslav Republic ofMacedonia, but with a particular focus on the Kosovo* context
KOSOVO *INTERNET USERS IN DEC 2017
1,523,373
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Overview per each of the WB6 - Cyber Security and Online radicalisation
recorded
cyber-attacksin 2017
ONLINEradicalisationCYBERsecurity
2013
2014
2015
2016
2017 (until 1Sept)
TOTAL
ATTACKS ONWEBSITESand IS
ONLINEFRAUD
ABUSE OFSOCIALPROFILES
INAPPROPIRATE CONTENTONLINE
MALWARE OTHER
5
5
6
18
90
124
3
6
17
20
13
59
10
20
37
36
25
128
-
5
19
14
4
42
1
-
17
50
245
313
3
6
36
25
8
78
385
Montenegro is progressing quickly in the area of cyber security from alegislative and policy perspective
EU Assessment 2018 for Chapters 10 and 24 says Montenegro did notinclude a substantive evaluation in relation to cyber and cyber security
In 2017, the Government formed the Information Security Council
Private sector in Montenegro is very progressive in the cyber securityfield, with some IT service providers pioneering in this area for at least15 years
non-violent Salafismviolent takfirism (termed in this report ‘violent jihadism’)
and pan-Slavism and Orthodox extremism
There are three maintypes of extremism inMontenegro:
#3 In terms of the
latter type, some
Montenegrins have
joined the foreign
fighter contingent
in eastern Ukraine.
MONTENEGROINTERNET USERS IN DEC 2017
439,624
dddd
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Overview per each of the WB6 - Cyber Security and Online radicalisation
CSIRT is of limited functionality due to the staffing issues
In 2017, BIRN located 30-plus Serbian-language extreme rightwebsites
EU Assessment 2018 for Chapters 10 and 24 says Serbia hadyet to adopt a strategy on cybercrime
The findings of a public opinion survey conducted among youngpeople from Sandžak showed that more than half of respondents(52.6%) viewed online platforms as crucial for dissemination ofextremist views and content
Almost half of respondents (46.7%) in the same survey thought that,in terms of online dissemination, social media platforms were themost important tool for extremist propaganda
Considerably lower numbers of respondents felt that important forthe spread of extremist messaging were “religious objects” (7.1%) orthat such messaging was widespread “in the community” (8.3%)
ON
LINE
radicalisation
The area of information security is seen as a relativelynew field of awareness for the Government, but one thatis seen as a new security challenge
The national CSIRT is located in the Republic Agency forElectronic Communications and Postal Services but anumber of other CSIRTs are also present in Serbia
It has a Special Prosecution Office for the fight againstcybercrime
Good cooperation exists between the private sector andgovernment, for the most part, and it is improving
recorded
cyber-attacksin 2017
20
On
SERBIAINTERNET USERS IN DEC 2017
6,325,816
CYB
ERsecurity
C
Overview per each of the WB6 - Cyber Security and Online radicalisation
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Develop cost efficiency strategies and actions plans duringthe planning phase and reinforce such plans with dedicatedfunds
Create and/or improve cyber incident reporting structures
Raise awareness
Leverage existing expertise by creating networks ofinterested parties
Identify and develop Public Private Partnerships (PPP) andbuild synergies
Review educational approach to ICT and Cyber Security
Develop a more strategic approach to regional cooperation,within existing frameworks
Realign support of the international community to thestrategy of the region
Establish a regional centre of excellence
NATIONALLEVEL
REGIONALLEVEL
l approach to ICT and Cyb
rategic approach to reegiomeworks
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Recommendations for improvement of Cyber Security
Implement critical thinking into cybersecurity education
Review and develop responses toaddress societal issues that groups orindividuals may try to capitalise on togain support
Review current relationships withprivate sector companies, civil societyorganisations and the media to developspecific actions to improve same
Review strategies and legislation in thearea of CT to ensure attacks oninformation systems are included
Review CT and CVE Strategies to ensureconsistency and complementarity withCyber Security Strategies
Review CVE strategies to ensure greateralignment with the EU Strategy forCombating Radicalisation andRecruitment to Terrorism
Develop a Western Balkan version of theRadicalisation Awareness Network
Develop and adopt a Western BalkansAgenda on Security
Establish a Western Balkans ReferralUnit
Develop better relationships with majortech companies and CT forums
Take an intelligence and evidencedapproach to make access to terroristcontent as difficult and costly aspossible
Ensure a consistent approach toextremism and extremist online content
REGIONALLEVEL
NATIONALLEVEL
A NEW VIRTUAL BATTLEFIELDHow to prevent online radicalisation in the cyber security realm of the Western Balkans?
Recommendations for improvement of Cyber Security
rcc.int RegionalCooperationCouncil @rccint RCCSec
Regional Cooperation Council Secretariat
Trg Bosne i Hercegovine 1/V
71000 Sarajevo, Bosnia and Herzegovina
+387 33 561 700 +387 33 561 701 [email protected]
Regional Cooperation Council