1. No category

assessment of threats to national security

SECOND INVESTIGATION DEPARTMENT
UNDER THE MINISTRY OF NATIONAL DEFENCE
ASSESSMENT OF THREATS
TO NATIONAL SECURITY
Vilnius
2013
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
CONTENTS
INTRODUCTION.........................................................................................................................3
REGIONAL SECURITY
Russia ............................................................................................................................3
Belarus……..................................................................................................................... 9
Other CIS states and Georgia ......................................................................................10
GLOBAL SECURITY. CRISIS REGIONS
Afghanistan …..............................................................................................................11
Horn of Africa and Sahel ………………...........................................................................12
Middle East and North Africa…. ...............................................................................13
Syria …..........................................................................................................................14
Terrorism…..................................................................................................................14
THREATS IN CYBERSPACE………………......................................................................................15
COUNTERINTELLIGENCE ACTIVITY.........................................................................................17
INFORMATIONAL THREATS ...................................................................................................18
ANNEX 1 ………………………….....................................................................................................21
2
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
The assessment of threats to national security is provided to the public in accordance with
the provisions laid down in Articles 8 and 26 of the revised version of the Law of the Republic of
Lithuania on Intelligence (as of 17 October 2012, No. XI-2289, “Zinios”, 2000, No. 64-1931; 2002, No.
72-3019). Thereby, the document provides unclassified assessment of military, military-political,
military-economic, military-technological and military-informational external threats and risk factors
to Lithuanian national security.
INTRODUCTION
Currently, there are no major preconditions for a large scale conventional
military conflict in the regional geopolitical environment of Lithuania (the Baltic Sea region).
A probability of a direct military confrontation between regional states is very low. However,
certain tendencies and external players’ actions negatively affect the Lithuanian security
situation. Lithuania’s borders are also external boarders of the European Union (EU) and
NATO with Russia, which greatly influences Belarus, along with the members of the
Commonwealth of Independent States (CIS) and the Collective Security Treaty Organization
(CSTO). Additionally, the situation becomes more complex as NATO members often have
diverse aims in the relations with Russia, whereas Russia continues to consider the Republic
of Lithuania as part of its “zone of privileged interests”. Consequently, any major
disagreement between Russia and NATO influences negatively the geopolitical environment
of Lithuania and the pursuance of an effective foreign and security policy.
Lithuania perceives its national security as an integral part of NATO and EU
security policy by assigning troops to international military operations and missions. For this
reason, the Second Investigation Department under the Ministry of National Defence of the
Republic of Lithuania (AOTD) devotes significant attention to the close monitoring and
analysis of the worrying tendencies in more distant regions, such as Afghanistan, the Middle
East and North Africa, the Horn of Africa and the Sahel region.
Recently, national security interests of the states are being increasingly
affected by non-traditional transnational developments and phenomena, such as terrorism,
cyber attacks, piracy, etc. Some of those global tendencies have a direct negative impact on
national security of Lithuania, whereas the others influence Lithuania’s security interests
only indirectly as an integral part of the larger Euro-Atlantic community.
REGIONAL SECURITY
Russia
Over the last decade authoritarian tendencies in Russia’s internal policy were
significantly strengthened. As a response to increased Russian society’s activity and
discontent at the end of 2011 and the first half of 2012, Russia’s authorities were tightening
the control of domestic political processes, whereas opposition remained disunited.
3
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
Presently, none of the opposition movements are able to attract broader society’s support
and pose a threat to the ruling elite.
Aggressive Russian rhetoric and actions in relations with neighbouring states
used throughout the past years are often intended to achieve certain domestic policy goals.
The demonstration of military strength is an important measure in Russia’s internal policy
seeking to exploit the society’s ‘Great Russia’ and anti-western moods, and simultaneously
redirect its attention from domestic economic and social concerns. The aggressive
statements and actions in foreign policy receive almost unanimous support from Russian
society. It is likely that the growing nationalistic tendencies will have a negative impact and
will foster even more aggressive Russian foreign policy. An image of strong authority,
capable to defend national interests by strict means, is one of the core elements of the
contemporary Kremlin ideology. It should be noted that in case of aggressive (even military)
actions the domestic political situation in Russia enables authorities to avoid criticism and
enforce civil control.
The Russian foreign policy priorities have not changed in 2012. A long term
foreign policy goal - multipolar international relations, where Russia is perceived to be one
of the most important power pillars – remains unchanged. Accordingly, trying to pursue this
goal, anti-western rhetoric as well as confrontational behaviour in relations with NATO/ the
West was again intensifying in the second half of 2011 and 2012. As Russia strives to
entrench the status of a revived great power, the demonstration of military strength stands
as inseparable part of this endeavour.
The Russian leadership considers NATO as the main obstacle in consolidating its
strength not only in the post Soviet space, but also on the global scale. Thus, despite the
declared objective to continue cooperation with NATO, the Alliance is still perceived as a
threat to Russia’s national security. The concrete Russian actions are directed to diminish
coherence of the Alliance, perceiving it as a potential opponent. Russia attempts to increase
tensions between the US and EU, discredit NATO and induce the Alliance’s internal
disintegration. Russia’s military doctrine, approved in 2010, indicates NATO as a source of
military danger.
Another main Russian foreign policy goal is to strengthen and consolidate its
influence in the post Soviet space. The entire post Soviet space (incl. Lithuania) is perceived
as the “zone of privileged interests”, where exceptional Russian interests must be respected
not only by the states falling into this zone, but also by other global international players.
Seeking to increase its influence in the entire post Soviet space, Russia has devoted extreme
attention for the integration processes within the CIS: the Customs Union of Russia, Belarus
and Kazakhstan, (since 2011); and the Single Economic Space, established in 2012.
Russia perceives other states’ energy independence as a threat to its security. At
the end of 2011, the former chief of the Russian Armed Forces (AF) General Staff, Army Gen.
Nikolai Makarov presented the assessment of threats to military security (see page 5). An
4
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
intention of the Western states to ensure energy independence in defiance of Russian
economic and political interests has been indicated as the main threat to Russian military
security 1. The Russian leadership envisages such a threat because of the critical dependency
of the state budget on the revenues from energy resource exports, whereas high revenues
for oil and gas are the main prerequisites enabling to sustain domestic political stability.
Moreover, the AF weapon modernisation, which is the main element of the implementation
of Russia’s AF reform, depends on sufficient budget revenues from oil and gas. Thus,
Western actions that negatively affect Russia’s interests and its overall energy policy are
considered as a threat to Russia’s security. On the other hand, policies of individual
European states (incl. Lithuania) towards energy independence are considered as making a
limited negative impact on Russian interests and contributing to the rise of a threat to
security2. The situation becomes more complicated, since Russian political leadership
assesses energy as one of the major political influence leverage in Central and Eastern
Europe. For this reason, Russia is particularly sensitive towards any attempt by the states of
this region to enhance their energy independence.
Makarov’s presentation slide defining threats to RF military security
1
Major threats indicated by Makarov: 1. The aim of the West to ensure energy independence in defiance of the
Russian economic and political interests (first of all – the EU energy policy); 2. Contravention of strategic power
balance (first of all, global missile defence system elements’ deployment); 3. Continuation of the US lead;
expansion of the US and NATO military and responsibility zones (firstly – NATO expansion to the East); 4. The
Western countries’ military-technical and technological domination; 5. Territorial claims for Russia and its allies
(among those – Lithuania’s territorial claims); 6. Employment of military force measures bypassing
international law principals and norms (military operations in Yugoslavia and Iraq).
2
For example, the third EU energy package.
5
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
Energy is a keystone of Russian AF financing. Before economic crisis in 20082009 the Russian GDP annually grew approximately by 7%. Currently, the state economy has
recovered from the crisis, yet the growing pace remains rather restrained (in 2011 – 4.3%; in
2012 – 3.4%). The economy persists structurally weak and largely dependent on the energy
resources. In 2012, 50.2% of the Russian federal budget revenues were received from oil and
gas sectors.
The ever growing
100
revenues from natural resource
90
exports until the end of 2008
98
80
provided Russia with possibility to
70
79
substantially increase its AF
60
financing annually. Throughout
68
50
59
the last decade the nominal
@
40
defence
expenditure
has
30
increased
approximately
6.5
20
times. Considering inflation during
3
3,2
10
3,4
3,7
this period, the actual financing of
0
AF grew approximately 3 times. In
2012
2013
2014
2015
economic crisis conditions the AF
Per cent of GDP
US dollars (bn)
financial allocations grew slower,
but with the start of 2011 the
Nominal expenditure for defence in 2012 and planned defence
tendency of ever growing
budget for 2013–2015
expenditures for AF arouse once
again. In 2013, Russia will increase
AF financing by almost 15%, whereas defence spending for the first time will exceed
3% of GDP (will comprise 3.2%).
Russian AF development.
The large scale Russian AF reform
that started in 2008 had further
continued in 2012. The main goal
of the reform is to largely increase
the AF combat potential by
creating smaller yet much more
effective forces. Russia has
indicated that the formation of
modern
and high combat
readiness forces is one of its
strategic
goals.
The
AF
“professionalism”
programme,
which is oriented to an increase in
numbers of professional soldiers,
is being implemented. This will
The missile system “Iskander” and its range (400-480
km)
6
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
increase the readiness and effectiveness of combat units.
In State Armament Programme 2011-2020 (SAP) it is forecasted to allocate up
to 20 trillion Russian Rubles (about €450 bn) for the AF modernization and rearmament. The
major share of the budget expenditure, which constitutes the envisaged increase to national
defence financing in 2013-2015 should be allocated namely for implementation of the SAP.
The AF rearmament with modern military equipment is one of the keystone elements of this
reform. Moscow endeavours that the modern armament share in all military equipment
should constitute more than 30% by 2017, and more than 70% by 2020. It is very unlikely
that the SAP will be fully implemented. However, the Russian political leadership perceives
the national defence as a priority. The AF financing could experience a decrease only in case
of extremely deep economic crisis.
In 2012, Russia
continued to strengthen its
military capabilities in the
Western
direction
and
Kaliningrad. The most modern
Missile Defence (MD) radar
“Voronezh” has been installed in
Kaliningrad region. The most
modern Air Defence (AD)
systems S-400 capable to
destroy air targets over the
territory of Lithuania have been
deployed.
It
has
been
announced that there are also
plans to deploy the most
Russia’s offer to divide Europe into MD responsibility sectors.
Lithuania would be under “protection” of Russian MD
modern offensive weaponry –
the surface to surface (SS)
missile systems “Iskander-M”. The Baltic Fleet has been supplied with new combat ships.
Region based military infrastructure modernization efforts are also underway.
Despite publicly declared Russian intention to cooperate with the US and
NATO, including Missile Defence (MD), the major Russian objective remains unaltered – to
avoid deployment of NATO’s AD and MD components in the territory of countries bordering
Russia. Moscow offers NATO to divide Europe into MD responsibility sectors. According to
the Russian proposal, the Baltic States and part of Poland’s territory would fall into “Russian
responsibility sector”, i.e. NATO would have to transfer part of its members’ security
ensuring liabilities to Russia. Consequently, the Alliance’s defence capabilities in the region
would be restricted. Meanwhile, Russia has been intensively developing its AD and MD
systems near the border with NATO member states. This system is already capable to track
7
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
and destroy air targets several hundred kilometres over the territory of some NATO
member-states.
Moreover, it has become a custom that Russian Navy conducts naval patrols in
strategically important areas of Blue Waters, especially the Mediterranean region. In 2012,
Russia demonstrated the growing military power by conducting strategic aviation flights over
international waters (incl. the Baltic Sea). Such flights were resumed after a long period and
have become regular. Since 2008, Russia has been annually organizing large-scale military
exercises, with participation of more than 10,000 troops. In 2012, the large-scale exercise
“KAVKAZ” was hosted by Russia’s Southern Military District.
The consistent strengthening of Russian and Belarusian integration in the
military field is also noteworthy. For Russia, Belarus is the front defence echelon in the
Western direction. The countries have established a joint Regional Military Grouping (RMG),
which is intended to ensure defence of both states. Interoperability of the Russian and
Belarusian units that are subordinated to this grouping is being constantly improved during
various military exercises. For instance, in 2013 it is planned to organize large-scale “ZAPAD
2013” exercise in Belarus territory and Kaliningrad region. It must be pointed out that the
ZAPAD exercise scenario embraces defensive and also offensive operations. Some of the
naval and ground military ranges used for these exercises are situated near the Lithuanian
border. During such intensive military activities, intentional or unintentional violations of
Lithuanian state border, airspace or various other incidents are likely to occur. Russia’s
military activity in the Western direction is assessed as a demonstration of its military power.
In 2013, Russia announced its intentions to establish an Air Force base in
Belarus. Such developments would undoubtedly consolidate mutual military integration and
enhance Belarus’ role in Russia’s defence plans and policy, which in turn would increase
Belarus’ overall dependence on Russia.
The fact that by developing military capabilities and conducting military
exercises the priority is given to the Western and Southern strategic directions indicates
that the Russian military doctrine is being implemented in practice. To be more precise,
NATO is not only perceived as a source of danger, but real military planning and concrete
preparations for neutralization of this threat are being employed.
Utilization of ammunition stocks in Kaliningrad region. There are cumulated large
amounts of ammunition in Kaliningrad region. A substantial part of this ammunition is
outdated and must be utilized. A complex utilization process of unserviceable ammunition
was started throughout 2010-2012. The ammunition utilization was carried out in
Kaliningrad military ranges, including Dobrovolsk which is situated close to the Lithuanian
border. As in other Russian regions, where utilization of unserviceable ammunition is carried
out, various incidents in Kaliningrad region were recorded. The detonation activities caused
damage to the habitants and their properties in close vicinity of the ranges.
8
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
Belarus
The domestic political situation of Belarus has been determined by the
president’s administration endeavour to preserve authoritarian regime. Incomplete
constitutional mechanisms as well as centralized Belarus’ authority system based on the
security apparatus (KGB, Ministry of Interior, AF) guarantee President Alexander Lukashenka
almost unlimited freedom of action and a possibility to remain in power.
Despite the fact that political opposition parties operate legally, their influence
on the state’s political life is minimal. As a result of constant persecution and repressions,
Belarus’ opposition is divided and weak. Notwithstanding that recent social-economic
situation in Belarus is complicated, there is no apparent antigovernment disposition within
the major part of society. The social policy pursued by authorities ensures low
unemployment and small but steady income, which in turn creates an illusion that the
regime guarantees the protection of citizens’ basic needs.
Due to authoritarian ruling system, Belarus experiences certain international
isolation. Economic and financial crisis has accelerated Belarus’ involvement into Russia-led
integration processes in post Soviet CIS space, namely the establishment of the common
Customs Union, and the Single Economic Space of Russia, Belarus and Kazakhstan.
Moreover, the aforementioned states signed an agreement regarding the establishment of
the Eurasian Economic Union. This formed the background for further increase of Belarus’
political, economic and military dependence on Russia. However, relations between Russia
and Belarus are not only unilateral, there were temporary tensions between the two states,
when Russia exerted political, economic and informational pressure in the past.
Belarus’ National Security Concept and other doctrine-based documents imply that a major
source of external threats is the establishment and development of military-political blocks
in Europe as well as military infrastructure development near Belarus’ borders, i.e. NATO.
Belarus relates the assurance of its military security to Russia. Thus, the establishment and
development of a single defence space with Russia is considered to be a priority.
Currently, Belarusian AF are capable of ensuring state defence and mobilization
readiness. They are also capable of performing limited scale, short term offensive operations
because of their significant number of tanks, armoured vehicles and large Special Operation
Forces. The main best manned and equipped Belarusian AF units and training areas are
deployed in the western part of the country. So far, the Belarusian financial situation
restricts the procurement of new and upgraded armament as well as military equipment.
However, it is likely that the potential of AF will be augmented by Russia’s delivered modern
armament and military equipment and the Russian-Belarusian regional military grouping
(RMG) will be strengthened in the future.
9
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
Other CIS states and Georgia
Apart from internal causes, such as political instability, lack of public
governance and an ineffective economy, the major sources of instability in this area are
separatist regions and ‘frozen conflicts’ along with everlasting Russian ambition to increase
its influence. In 2012, most of the states of this region were urged to be closely involved in
the Russian controlled integration processes. Meanwhile, the political elite of these
countries was forced to choose between Russian led Eurasian or European integration
perspectives.
Throughout 2012, Russia has continued its efforts to increase influence in the
post Soviet space. The most extensive pressure was exerted against Ukraine, seeking to
involve it in the Russian controlled integration projects and promote Russian capital
(incursion to energy sector), first of all, taking over the control of the Ukrainian gas
infrastructure. Since Russian objectives and actions do not always correspond to the
interests of Ukraine’s political and business elite, a basis for growing tension between these
states still persists.
In 2012, the Transnistrian issue settlement process has not, in fact, progressed.
Apparently, Moldova is not capable to solve Transnistrian conflict independently, while
Russia is more concerned to preserve ‘the frozen conflict’ status quo rather than to
recognize independence of this separatist region: this is one of the major Russian political
levers in the region.
So far, there are no obvious indications that the settlement of Nagorno
Karabakh conflict by political means may break the deadlock. Armenia and Azerbaijan retain
a very harsh rhetoric and pursue their own AF strengthening programmes. Russia remains
Armenia’s major security guarantor. Russia has continued its effort to strengthen influence
in Armenia and to entail it to the Customs Union.
Russian military contingent based in Georgian separatist regions clearly
increases its influence in the South Caucasus region. Russia’s entrenchment in Abkhazia and
Tskhinvali region (South Ossetia) keeps a constant military tension on the Georgian border
and greatly reduces the possibility to solve the Georgian territorial integrity issue in the short
term. After the 2012 autumn parliamentary elections state political balance has shifted
immensely. Although Georgia seeks to normalize bilateral relations with Russia, it also states
that the Euroatlantic integration remains a top priority. Despite slightly decreased tension
between Russia and Georgia, a possibility of diplomatic relations revival in the short term is
low.
The plans to strengthen CSTO military component by establishing the joint CSTO
forces were announced in 2012. Nevertheless, the CSTO still remains a cover for Russian
bilateral military cooperation with individual members of the organization, rather than a
functional alliance united by common interests. In 2012, Russia further sought to establish
10
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
cooperation between NATO and CSTO. However, the main objective is to strengthen the
status of CSTO and segregate the responsibility zones of the CSTO and NATO by limiting
NATO involvement possibilities in the post Soviet space.
GLOBAL SECURITY. CRISIS REGIONS
In some regions that are geographically distant from the Republic of Lithuania
there are conditions which inflame tension and instability, as a result, ethnic, religious or
interstate conflicts tend to occur. Being a member of international community, NATO and
the EU, Lithuania contributes to international efforts to settle these conflicts. Considering
this, the processes and events in unstable regions become important factors for Lithuanian
national security.
Afghanistan
The year 2012 in Afghanistan was distinguished by unstable security situation,
economic stagnation and tension in the state domestic policy. The armed opposition’s – the
Taliban’s – combat activity remained a major factor making a negative impact on security.
Incompetence of central authority institutions, widely spread corruption and nepotism
negatively affected the growth of economy and the implementation of measures intended
for its revival. Disagreements between executive and legislative powers, the continuing local
warlords’ influence and some neighbouring states’ interests in Afghanistan were the main
reasons for political tension. The security situation in Afghanistan, especially in the regions
where ISAF transfers responsibility to local security forces, will remain vulnerable in the
short term. Afghanistan National Army (ANA) and Police (ANP) are quite effective while
ensuring security in major towns and surrounding areas, but they are not sufficient in more
remote regions of Afghanistan.
A possibility of security situation improvement in 2013 is low, because the armed
opposition shows no will to start a dialogue with central authority and stop the fighting. The
forthcoming elections in 2014 will become the main reason for conflicts and growing tension
among political parties, warlords and influential persons. The central authority’s plans to
fight against corruption, most likely, will not be implemented in the short term.
Consequently, Afghanistan will remain less attractive to foreign investors. This in turn will
impede the state’s economic growth and social-economic situation improvement. As a
result, Afghanistan will further remain dependent on international community and foreign
donors’ support. Stable, yet delicate security situation will also pose various threats to
security of Afghanistan-based Lithuanian troops and civilian personnel amid the period of
forces’ withdrawal.
11
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
Horn of Africa and Sahel
Horn of Africa and Sahel
After Lithuania’s decision to dispatch an autonomous vessel protection group to
the EU naval force counter-piracy operation and take part in the EU-led training mission of
troops in Mali, AOTD observes the ongoing regional processes in the Horn of Africa and
assesses risk factors for the security of Lithuanian troops.
Piracy-related incidents which pose a threat to international shipping security off
the coasts of Somalia in 2012 significantly decreased in number and the tendency will likely
remain similar throughout 2013. This tendency was partially conditioned by the joined
efforts of the international community: patrolling of EU and NATO military ships, preventive
measures reinforced on the ships, particularly, deployment of armed protection groups, and
compliance of security guidelines of the International Maritime Organization.
Somali central government still remains dependent on support provided by the
international community in all spheres. The security situation in the country remains
unstable. In 2012, the military campaign by the forces of the African Union against a radical
Islamist militant group “Al Shabaab” enabled the government to regain control of most of
the main towns in the central and south Somalia, including the strategically important ports.
However, the current Somali army is not yet disciplined and capable to ensure security in the
controlled territories independently. The EU continues the training mission of Somali
soldiers that started in 2010.
Political and security crisis has arisen in Mali after the military coup in March 2012.
After the armed Islamist and terrorist groups established themselves in the north of Mali, in
the middle of 2012, a threat of terrorism has significantly increased to the neighbouring
countries and the Westerners in the Sahel region. Responding to Mali’s government request
for help, France started a combat operation in 2013 and forced the armed groups to
abandon the main towns of northern Mali. The EU started a military training mission seeking
to instruct and train Mali army which later could be capable of taking over the responsibility
for security.
12
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
A threat of asymmetric attacks, kidnapping of foreigners and terrorist attacks posed
by radical Islamist militant groups in the Sahel region will remain, since military measures
alone are not sufficient to address the causes of extremism and radicalization. A possibility
that militancy will spill to neighbouring countries or humanitarian situation will worsen and
instability will spread over the region still remains. Attacks against foreign forces in Mali and
participating countries are also likely. A threat of terrorism acts in France and European
countries is likely to increase also.
Middle East and North Africa
Middle East and North Africa
With a wave of massive demonstrations and protests in the Middle East and North
Africa at the threshold of 2011, popularly called the Arab Spring, the political and security
situation in the region remains unstable. Fragile transitional governments and weakened
autocratic regimes, hard-to-resolve socio-economic problems give background for ethnoconfessional tensions to resume and change the balance of power. General tendency in the
Middle East and North Africa in 2012 is the strengthening of the Islamist movement with a
help of society’s support and mechanisms of institutional democracy. The destabilization of
security situation in the Middle East and North Africa mainly depends on the following two
factors:
Growing ethno-confessional tension in the conflict regions. The civil war in Syria
has escalated inter-confessional divisions inside the country and in the
neighbouring countries (Iraq, Lebanon). The uprising of the Bahraini Shiites
against the Sunni regime ignited unrest of Saudi Arabian Shiite minority in the
eastern province of the country. Tension has increased between the central
13
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
government and the Kurdish autonomous region in Iraq, and between Muslims
and the Copts in Egypt.
Terrorist groups that support “Al Qaeda” ideology are exploiting the situation
and take part in the conflicts on the Sunni side, thus contributing to the
confessional strife or take advantage of the power vacuum after regimes had
weakened/collapsed. The socio-economic problems that induced a massive
unrest are not solved easily and promptly; therefore, the Arab societies, who
had changed regimes in their countries, are likely to feel discontent due to
absence of positive outcome. As a result, extremist groups are seeking to take
advantage of the situation by spreading propaganda and radicalisation efforts.
Therefore, a threat of terrorism is increasing.
Syria
The ongoing conflict in Syria is the major destabilizing factor in the Middle East. A
growing activity of terrorist groups and their capabilities to take over the reserve of weapons
of mass destruction in Syria increases the threat to the region. The ethno-confessional strife
in Syria has a spillover effect in Lebanon, Iraq, Jordan, and risks sparking off a serious
humanitarian crisis in the region. It is most likely that the violence in Syria will persist,
sectarian conflict will deepen and the activity of terrorist groups will continue to grow.
Therefore, the security situation in Syria and the whole region will remain unstable.
Terrorism
Activity of al Qaeda inspired or influenced terrorist groups in politically,
economically and socially unstable Muslim countries in the Middle East ( Iraq, Yemen), Africa
(Algeria, Somalia, Nigeria, the Sahel region) and Asia (Afghanistan, Pakistan) poses a threat
of global terrorism to the international community, despite the fact that the al Qaeda
spiritual leader Osama bin Laden was killed in 2011.
Unrests that emerged at the threshold of 2011 in the Middle East and North
Africa made geographically favourable conditions for the development of radical Islamist
ideology. New political systems in the overthrown regime countries (Tunisia, Libya, Egypt)
are not capable of finding prompt and effective solutions for economic and social problems.
As a result, extremist groups have a good opportunity to strive and increase their influence
in these countries and engage in radicalization efforts.
The citizens of the EU states who return from terrorist training camps in Muslim countries
are free to travel throughout the Schengen Area and can promulgate in propagating radical
extremist ideas. Persons living in Lithuania may also be involved in dissemination process of
radical extremist ideas.
14
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
There have been no direct threats by terrorist groups to Lithuania observed; however, a
possibility of such threats or attacks still persists.
THREATS IN CYBERSPACE
Rapid development of information technologies and communications (IT&C) creates
not only new possibilities but also increases vulnerability of information systems, electronic
services and processing of data. The following factors increase a threat of cyber intrusion:
absence of security control requirements or its inadequate application; insufficient
monitoring of already implemented security measures; insufficient investment in IT security;
negligent attitude of IT users to security requirements and procedures; lack of competence;
etc. AOTD has recently observed an increasing number of incidents in cyberspace:
interference to information systems and computer networks functioning, efforts to gain
unauthorized control, creation of the so-called “BotNet3” networks, and illegal information
collection. Consequently, the institutional damage is rapidly growing due to cyber incidents.
Such tendency emerges from the growing dependence on IT: data application in electronic
space, popularity of electronic services and widely observed business practices using
information systems and computer networks.
The actors challenging and threatening the cyberspace can be grouped according to
their endeavours, genuine interests and the damage caused: state or states sponsored cyber
aggressors and the cyber aggressors without any state affiliation. The major cyber threat to
national defence and security of the Republic of Lithuania is posed by particular state or
state sponsored cyber aggressors.
Cyber attacks
The objective of direct and targeted cyber attacks is to infect or disturb a computer
and or a computer network (state institution, business company, non-governmental
organization or private person) or install a malicious code on a particular computer system’s
node (e.g., server). Even though the cyber attacks have been mostly directed against
information related to financial and particularly banking sector, recently cyber aggressors
have expanded their attacks by targeting business companies or state institutions possessing
potentially valuable information.
Cyber aggressors are interested in technical
documentation, information that comprises commercial secrets or other information used
for internal use of particular entity.
The spread of DDoS attack and “BotNet” networks
3
“BotNet” is a robot-program (stems from the two words robot and network) conducting remote
commands. A collection of internet connected programs communicating with other similar malicious
programs in order to perform tasks, usually to participate in DDoS attacks.
15
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
In 2012, the world observed the spread of “BotNet” networks in mobile
technologies. These networks had many common features and functional advantages with
traditional “BotNet” networks due to which the users could experience new type of DDos
attacks (malicious codes are acting in both, mobile devices or smart phones and on personal
computers at the same time). For example, an infected mobile phone and personal
computer have a remote access through the same C&C server; a mobile phone and personal
computer will be attacked at the same time or will be involved in a performed command.
It is assessed that in 2013 one quarter of all DDos attacks will be aimed at
application-based programs. The application-based DDoS attacks will be different for the fact
that the cyber aggressors will be sending commands, which will be overloading the
processor capacity and memory, and eventually the computer software will become
inefficient. DDoS attacks also pose threat to security since they will be used for diverting
attention. The cyber aggressors, by having temporarily blocked access to a service, will have
a possibility to extract sensitive or other type of information. Moreover, they could execute
other unauthorized activities by using stolen data, which was received while a service
provider and (or) receiver was trying to resume the services.
Threats to users of mobile phones and “the cloud” computing technology
Extremely fast developing new technologies impel on paying special attention
to threats posed to mobile and the so-called “cloud4” technology users. It is possible to
break into “the cloud” and transfer viruses or cyber spyware. This allows viruses to break
into the banking systems or other data files that store sensitive information such as
passwords. The methods accessing “the cloud” may also create an opportunity to illegally
acquire other types of sensitive user information.
In 2013, malicious codes will be further improved in order to send expensive
SMS messages from the users’ mobile (especially smart phones) devices without any
notification. Therefore, by using a malicious code it will be possible to acquire the contacts
from address books and transmit them by sending SMS messages to other addressees.
Malicious codes will be improved and actively spread by malware5. A malicious
code that will gain access to a mobile phone will enable cyber aggressors to have a remote
access to a device, activate separate functions and track the mobile phone user’s
4
Cloud computing technology – information network based services, which resources are used by a
subject. The subject’s IT infrastructure is established not at its presence place, or room or territory that
belongs to the subject; its technical support, IT infrastructure is carried out by a third party.
5
This software is used for advertisements in mobile phones: using this software, an Internet advertising
contractor will have a possibility to trace a user at any moment and by knowing his/her precise place,
browsing habits, etc., to send advertisement message (e.g., if a user is near a shopping center, he/she
would get an advertisement message related to this shopping center).
16
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
movements. Therefore, this software may be used for various purposes, including illegal
surveillance of a person.
Threats in social networks
The majority of Internet users are actively using social networks (e.g.,
Facebook, Twitter, etc.), enter personal information, purchase virtual monetary units or
presents, etc. It is assessed that the number of attacks intended to illegally acquire payment
data, personal information or identities will increase. The main method of fraudulent activity
will be related with the use of fake social network identities. The social networks will further
remain an effective mean for cyber aggressors to collect information on persons or
companies without any restrictions.
By assessing the cyber security of Lithuanian State institutions, it could be stated
that there is a need for a unified and comprehensive guide of cyber security standards,
which would encompass technical security measures and procedures, the use of external
storage devices. Such a guide of security standards should be applied to the IT
infrastructure in all state institutions, strategically important state infrastructure and
companies, and in some circumstances incorporating public and private sectors.
COUNTERINTELLIGENCE ACTIVITY
In 2012, the main attempts of hostile foreign intelligence and security services were
directed at information collection on Lithuanian defence capabilities, NATO infrastructure,
state economy and energy projects. Information was collected by using traditional collection
methods – HUMINT, OSINT and SIGINT (e.g., intelligence collection flights and intelligence
ship raids along the state border of Lithuania). Besides traditional methods, foreign
intelligence services tend to take advantage of collection opportunities in cyberspace more
often.
Cyber spyware
Through employing active counterintelligence measures a foreign developed
cyber spyware, operating and spreading in Lithuanian computers was detected. After a
thorough investigation it was identified that computers of state institutions, private
companies and persons were infected.
The spyware detected on computers in Lithuania was intended for data
collection, their remote control, network monitoring, identification of accounts and
passwords. It can switch on a video camera or a microphone and conduct a real time
eavesdropping. The spyware is usually spread through USB flash memory devices, optical
disks (CD and DVD), HDD and e-mails.
17
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
Another identified function of
spyware detected in Lithuania
is a “BotNet” network
creation. Malicious software
enables a computer for
remote control; therefore,
every computer infected by
this software becomes a part
of “BotNet” network. Usually,
the main purpose of such
network is to facilitate cyber
attacks.
spyware
spyware
Process of infecting computers with spyware
Information of an
infected Internet-connected computer is collected through the Internet and transferred to
spyware’s administrator. If a computer is not connected to the Internet, the data is collected
and stored on every connected external storage device, thus, consequently these devices
also become infected with malicious software. When such devices are connected to an
Internet-connected computer, the computer becomes infected and again, information
initially collected by spyware and stored on those devices is transmitted to spyware
administrator. Likewise, spyware receives instructions for further information collection in a
specific computer. This method of distributing malware enables private computers or
computer networks without Internet access to be infected with spyware.
Software intended for spying is regularly modified and updated with new functions.
Some versions of the software have a function of self-destruction of malware after collected
information is transmitted. None off-the-shelf anti-virus software is capable of detecting
this spyware, therefore, malicious software can only be identified by observing some
specific operating features of a computer (main indications of spyware are listed in Annex
1). One of the most effective methods to destroy malicious software is to re-install a
computer; however, if the user’s safety skills in working with IT are not well developed, the
technical solutions (re-install of a computer, etc.) can not be efficient enough.
INFORMATIONAL THREATS
During recent years, Lithuania has constantly encountered intensive, systematic and
long term perspective oriented informational attacks from external actors. The scale of
attacks particularly intensifies when Lithuania undertakes active actions in implementing its
foreign and defence policy priorities and energy projects. The content of informational
attacks at a specific moment is often determined by the most current actual events. On the
18
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
other hand, the targets of informational attacks are usually of the same concern: first and
foremost, foreign policy, national defence and energy policy.
The major goals of informational attacks are to retain Lithuanian society in the
foreign information space, increase the vulnerability of the state and society, and affect
mentality and emotional attitude of the society, its individual groups or individuals. The main
aim in reaching these goals is to retain Lithuania in a “zone of privileged interests” with a
help of information means.
Alongside economic and social issues, the historical topic is also intensively used by
accusing Lithuania of
“rewriting history”, “rehabilitation of Nazism” and “disregard of
common human, European values”. The attention directed to the status of ethnic minorities
and their educational situation in Lithuania is growing. In 2012, special attention was paid to
“irrational”, “inconsistent” and “illegal” activities made by the Republic of Lithuania in the
energy sector. In addition, there are attempts to shape a positive image of the Russia-led
integration projects (the Customs Union, the Eurasian Economic Union).
In respect to foreign policy pursued by the Republic of Lithuania it is often
attempted to devalue all efforts made by the country to foster democratization processes in
Eastern Europe. Moreover, the competence of the Republic of Lithuania to be constructively
involved in the activity of international organizations (NATO, EU) is openly questioned.
Above all, more and more often the issues that raise tension in relations with the
neighbouring countries are highlighted and widely escalated.
In respect to national defence sector doubts are raised in regional and national level
over national defence potential of the Republic of Lithuania, the capability to act as an equal
partner with other NATO and the EU member states, and social attitudes concerning
involvement in international missions. Additionally, the uncertainty within the society is
instigated over NATO’s determination to ensure security for the Republic of Lithuania.
Different methods are employed to form a critical public opinion in respect to
national security interests. Some messages are often presented avoiding aggressiveness, but
gradually introducing them on television, in the press, Internet sites, social networks, during
conferences, through different funds, non-governmental organizations, international
meetings, official statements, protest demonstrations, etc. Clearly, not only the whole
society’s, but also separate groups’ or individuals’ opinion on one or another relevant issue
becomes a target for informational attacks.
At least in a short term, the intensity of informational attacks against the Republic
of Lithuania will not decrease and informational provocations will continue to occur
periodically.
19
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
FINAL COMMENTS
The indirect damage to national security interests of Lithuania is caused or might be
caused by other global, regional or transnational developments, events and tendencies not
discussed or assessed in this review. It is likely that some of them in the future may become
the risk factors or even threats to national security of Lithuania. Thus, the institutions
ensuring national security of Lithuania will have to monitor and assess the following
developments, events and tendencies that cause or may cause indirect damage to national
security:
Disagreements between international community members over wasting global
energy resources and strategically important transportation routes/ measures
(e.g, Arctic region and exploitation of its natural resources);
Uneven economic development and unbalanced increase of global population,
migration, climate change, and food security indirectly instigate social unrests
leading to crisis situations (especially Africa);
Development of weapons of mass destruction (WMD) in certain countries and
its proliferation, particularly paying attention to limited efficiency of
international non-proliferation regulations and control.
20
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
ANNEX 1
Spyware files detected in Windows XP operating system:
C:\Documents and Settings\All Users\Application Data\Help\System32
C:\Documents and Settings\any user\Application Data\Help\System32
C:\Windows\System32
Spyware files detected in Windows 7 32 and 64 bit operational systems:
C:\Users\any user\AppData\Roaming\Help\system32\
C:\Programs\system32
C:\Programs\spuninst
Files that belong to spyware:
21
ASSESSMENT OF THREATS TO NATIONAL SECURITY/AOTD UNDER MOD 2012
Attention should be drawn to the fact that the dates of creation and modification of files are not
authentic, but they are indicated according to the needs of spyware creator.
Spyware files responsible for transmitting information msidfn32.dll, commodule.dll are found
in C:\Windows\System32 catalogue.
Information collected by spyware is encoded by XOR with a key:
1dM3uu4j7Fw4sjnbcwlDqet4F7JyuUi4m5Imnxl1pzxI6as80cbLnmz54cs5Ldn4ri3do5L6gs923
HL34x2f5cvd0fk6c1a0s
Some of the executable spyware files are packed with AsPack.
Spyware detects and copies to USB flash memory stick the following files : autorun.inf,
thumb.dd, thumb.db.
Spyware also creates files that are saved in temporary Windows catalogues:
4D666334326C30302E706462FF.tmp,
6D73696E65743332782E6F6378FF.tmp,
6D73776D706461742E746C62FA.tmp,
6D737379736D67722E6F6378FF.tmp,
6D73646174736E642E6F6378FF.tmp,
776D63616368652E6E6C64FF.tmp,
4953556E696E73742E62696EFF.tmp.
Subject to the exact modification of spyware, indications of spyware may be of
different type and be hidden in other storage places. The above example presents the
most typical and common fragments of spyware.
22

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz