Category: Full Text Articles – Audio Posts

Italian police arrested four and are investigating dozens, including Leonardo Maria Del Vecchio, for alleged unauthorized access to state databases.

Italian authorities have arrested four individuals as part of an investigation into alleged illegal access to state databases. The police are also investigating dozens of other individuals, including the son of Luxottica founder Leonardo Maria Del Vecchio.

The charges being pursued by investigators include criminal conspiracy for unauthorized access to computer systems, illegal interception, falsification of electronic communications, disclosure of confidential information, aiding and abetting, and extortion.

“[Leonardo Maria del Vecchio] eagerly awaiting the completion of preliminary investigations to be able to prove he has nothing to do with the events in question and that charges laid against him have no basis.” reads a statement from a lawyer for Del Vecchio. “He seems to be rather a victim given initial allegations and the negative outcome of the search conducted”

The criminal activity was allegedly carried out by prominent Italian individuals, including a former high-profile policeman. The organization amassed a huge trove of sensitive data that was offered to its customers who used it for different purposes.

The data may have been used to spy and blackmail politicians and businesses, however, we cannot exclude that foreign intelligence agencies had access to this data.

“Milan prosecutors allege the business intelligence agency tapped into three key databases: one gathering alerts over suspicious financial activities; one used by the national tax agency with citizens’ bank transactions, utility bills, income statements; and the police investigations’ database, the person said.” reported Reuters citing a source with the knowledge on the matter.

A cache of 800,000 records was obtained by illegally accessing a range of state databases, in some cases third parties specifically commissioned the accesses. Italy’s national anti-mafia prosecutor Giovanni Melillo has shed light on a complex network of digital espionage professionals, investigating 60 individuals, including hackers, IT consultants, private intelligence agencies, and law enforcement members. Melillo, who spoke alongside Milan’s chief prosecutor Marcello Viola, said that authorities have uncovered “a massive market of confidential information.”

The investigation follows another clamorous case in Italy, the bank Intesa Sanpaolo is under investigation by prosecutors after a former employee illegally spied on account data of thousands of its customers

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, state databases)

Editor’s note: This article is part of a series from leading experts with practical solutions to democratic backsliding, polarization, and political violence.

Since Jan. 6, 2021, election denialists have continued to spread lies and misinformation about voting in America. False claims about voting machines, panic over the (disproven) prevalence of ineligible voters on state voter rolls, and a general disbelief in the outcome of the 2020 presidential election are still widespread. Election denialists do not merely believe these falsehoods – they seek to weaponize them. They have pushed for restrictive voting laws, harassed election officials, and sought other ways to undermine America’s democracy. As the 2024 presidential election approaches, one tactic already gaining traction is especially noteworthy: local officials could seek to block the certification of election results. 

Election certification is the process through which the counting of votes is concluded. Most people are now familiar with the Vice President’s role in presiding over Congress’s counting of the electoral college’s votes every January 6th, a duty often referred to as “certifying” the electoral college results. But the Vice President is just one of many officials charged with a duty in the presidential election process. On the local level, thousands of officials who sit on municipal and county boards of election conduct the canvass — the process of counting and aggregating ballots — which is finalized through a process called certification. When local election officials “certify” the canvass, they attest with their signatures that the results are a complete and accurate record of all votes cast in the election as reported by precincts.

In late 2020 and early 2021, then President Donald Trump and his advisors demanded that Vice President Mike Pence refuse to certify the states’ election results. As Pence correctly concluded, the 12th Amendment of the U.S. Constitution and the Electoral Count Act of 1887 granted him no such power. Thanks to the Electoral Count Reform Act of 2022, it is clear that the Vice President’s role is, and always was, purely ministerial.

In 2024, the election denial movement’s focus has shifted to the local certification process, with some claiming that local officials have the power to refuse to certify precinct and county election results. Fortunately, this effort has already suffered a series of defeats. Recently, for example, a Fulton County judge told local election officials in Georgia that even though new regulations seemingly allow them to conduct freewheeling investigations into undefined election irregularities, they still cannot refuse or delay certification under any circumstances. Courts and local officials alike have recognized that these election officers have no power to hold up, let alone overturn, the result of a state’s popular vote. Like the Vice President, their role is ceremonial.

Still, this effort could create widespread confusion in the United States’s upcoming presidential election. 

Consider the following scenario. A few days after election day, reporting shows the presidential vote margin in a swing state county is razor-thin. The county’s election board needs to sign paperwork certifying the county’s final vote tally so that state officials can determine whether Vice President Kamala Harris or Trump has won the state. But as the statutory deadline for the county to certify the results approaches, a few members of the county board say they can’t certify the final tally, citing unfounded concerns about voter fraud. If the county refuses to certify, what happens to the state’s presidential electors?

Since 2020, a handful of local officials have already tried to operationalize this strategy for election subversion. Earlier this summer, three of the five members of the Washoe County Commission in Nevada refused to certify the results of two primary election recounts. Following the June 9th primary, the losing candidates in two local races requested recounts, as any losing candidate is entitled to do in Nevada. The recounts found only one additional vote for one of the candidates who requested the process, which simply confirmed that the original winners won by a significant vote margin.

Despite this thoroughly routine recount result, three county commissioners still voted against certifying the results, gesturing generally toward voter fraud as their justification. One commissioner explained her “no” vote by claiming: “[W]e’ve heard a lot of concerns of procedures, a lot of concerns of alleged mishaps, I think have been a term that’s been used a lot or hiccups … I am not going to certify the vote[.]” The other two “no” votes came from county commissioners who have a history of pushing for unnecessary and even counterproductive election procedures that are favored by election skeptics, like requiring jurisdictions to count every single ballot by hand. In fact, the evidence demonstrates that those hand-counting systems are less accurate and no more secure than electronic tabulation machines.

Similar instances have played out in at least 21 counties around the country, including notable counties in swing states, like Wayne County, Michigan and Cochise County, Arizona. The frequency of these incidents suggests we should expect to see at least some local officials try to delay or refuse certification in November.

Fortunately, local refusals to certify election results are destined to fail because it is simply not legal. Certification is not part of the process that ensures the votes have been accurately counted. Certification is a ministerial and mandatory duty to sign off on the canvass. By contrast, multiple steps during the canvass ensure that the votes have been accurately counted. And there are several opportunities under state recount and election contest statutes to identify and rectify any irregularities — typically after certification is complete.

Some officials who might be tempted to refuse to certify an election are recognizing that to do so would be futile, and they are backing down before they face legal consequences. In Washoe County, for instance, two of the three commissioners who refused to certify the July primary reversed course after receiving guidance from the Washoe County District Attorney’s Office that their certification duties were non-discretionary. 

To address those who might nonetheless attempt refusals or delays, candidates, voter advocates, and state election officials have legal mechanisms, such as mandamus actions, to force local officials to comply with their duty to certify results. State and local prosecutors can also enforce criminal provisions that prohibit dereliction of official duties and other misconduct in public office. In Cochise County, for example, both the Arizona Secretary of State and Arizona voters filed mandamus petitions to compel Cochise’s election certification. The two county officials who refused to certify the 2022 midterm election results were indicted on state charges for conspiracy and interference with an election officer—one recently pled guilty to a lesser charge and the other will stand trial early next year.

Even so, certification refusals might be attractive to the small number of election officials who may choose to put party loyalty above their lawful duties. The false narrative that only widespread fraud can explain Trump’s electoral losses in 2020 is already sowing doubts about the legitimacy of the 2024 election, even though the vast majority of votes have yet to be cast. In service of the “Big Lie,” election denialists are throwing everything at the wall to see what will stick in order to create mass doubt about the integrity of American elections. In the last several weeks alone, there have been eleventh hour changes to Georgia’s canvass and certification rules, lawsuits to force mass purges of voter rolls in swing states, and a moral panic over the non-existent problem of noncitizens voting in federal elections. A lawyer for United Sovereign Americans, a new organization pushing for mass voter roll purges, recently said the quiet part out loud: that the purpose of the unprecedented number of lawsuits already being mounted against voting rules is not to change the rules before Election Day, but to create a record of “anomalies” that can be used to challenge the results after voters have already cast their ballots.

Against this backdrop, it is alarming that at least one county official — a member of the Kalamazoo County, Michigan Board of Canvassers — already openly flirted with the idea of refusing to certify the results in November. After being brought to court to clarify his duties, that board member capitulated and stated in an affidavit that he understood he had no basis to refuse to certify the upcoming election.

Even so, attempts like these could create problems throughout the country. A local official refusing to certify their county’s results, and thereby delaying the final election results, helps fuel the disinformation loop about the integrity of our elections, contributing to voter confusion and skepticism of whether the system is working.

In the end, a local official refusing to certify election results does not pose a real risk that election results will not be finalized — but what comes next could be dangerous. Consider, again, the original hypothetical. When a county official refuses to certify in the name of unsubstantiated but “widespread” voter fraud, rumors start spreading online that noncitizens and ballot harvesters have tainted the county’s election. Sham lawsuits are filed promising explosive evidence of fraudulent voting. Those zombie lawsuits filed before election day are then touted as further proof that the results were tainted from the start. Seizing on this disinformation, a major candidate then calls into question the county’s results, then the state’s vote tally and, finally, the outcome of the electoral college – and thus, the winner of the presidency.

Amid such a disinformation maelstrom, it is imperative that voters see certification refusal for what it is — an illegal gambit that will not succeed. When it comes to election certification, the law is clear. There is simply no basis to block an election by refusing to certify it. As the post-election period unfolds, however, some local officials may still try to use this tactic to call valid election results into doubt. Voters should know that these same elections officials do not get to pick the winners — the voters do. 

IMAGE: Election workers open mail in ballots at the Maricopa County Tabulation and Election Center on November 11, 2022 in Phoenix, Arizona. (Photo by Justin Sullivan/Getty Images)

The post Local Officials Cannot Block Election Certification. But They Can Fuel Disinformation. appeared first on Just Security.

Signup to receive the Early Edition in your inbox here.

A curated weekday guide to major news and developments over the weekend. Here’s today’s news:

ISRAEL-IRAN CONFLICT

Israel fired a barrage of “precise strikes on military targets” in Iran on Saturday local time, in retaliation for Iran’s Oct. 1 missile attack on Israel. The attacks, launched from Iraqi airspace, hit air-defense systems around Iranian energy sites, killing four Iranian troops, according to Iranian and Israeli officials. Israel also hit weapons production sites, crippling a critical component in Iran’s ballistic missile program, Israeli sources said. Barak Ravid reports for Axios; Farnaz Fassihi and Ronen Bergman report for the New York Times. 

Israel notified Iran of the general targets of its retaliatory airstrikes in advance and warned Iran not to respond, in an attempt to prevent a wider escalation, sources say. Barak Ravid reports for Axios.

Israeli and Iranian authorities seemed to adopt a measured tone in response to Saturday’s strikes, with Israeli Prime Minister Benjamin Netanyahu stating the attack “achieved all its objectives,” and Iranian President Masoud Pezeshkian saying that Tehran will respond “appropriately” but does not “seek war.” Isabel Kershner, Farnaz Fassihim, Hiba Yazbek, and Michael Levenson report for the New York Times. 

ISRAEL-IRAN CONFLICT — U.S. RESPONSE

President Biden on Saturday said he hopes Israel’s attack on Iran will mark “the end” of the countries’ cycle of escalation. The White House previously expressed support for the attack, calling the strikes “targeted and proportionate.” Emma Graham-Harrison reports for the Guardian; Peter Baker reports for the New York Times.

ISRAEL-IRAN CONFLICT — REGIONAL AND INTERNATIONAL RESPONSE

Iraq complained to the U.N. Security Council about Israel’s use of its airspace to attack Iran ahead of the body’s planned meeting later today to discuss Israel’s attack. The Guardian reports; Michelle Nichols reports for Reuters.

U.N. Secretary-General António Guterres said he was “deeply alarmed” by Israel’s attack on Iran, calling for “all acts of escalation” to stop. Farnaz Fassihi reports for the New York Times.

ISRAEL-HAMAS WAR — INTERNATIONAL RESPONSE

The Israeli government’s “policies and practices in northern Gaza” could amount to “atrocity crimes, including potentially extending to crimes against humanity,” the U.N. High Commissioner for Human Rights said on Friday. The U.N. Office for the Coordination of Humanitarian Affairs also warned on Saturday that the “entire population of north Gaza is at risk of dying.” Michael Crowley and Nick Cumming-Bruce report for the New York Times; Karem Khadder and Vasco Cotovio report for CNN. 

The U.K. will consider providing intelligence gathered from surveillance flights over Gaza to the International Criminal Court if requested, the U.K. ministry of defense ministry said. Jonathan Beale and Thomas Mackintosh report for BBC News.

ISRAEL-HAMAS WAR

Israeli strikes on Gaza yesterday killed approximately 70 people, with Israel’s offensive in the north showing no signs of abating despite renewed ceasefire talks. Bethan McKernan reports for the Guardian.

The Israeli military today said it captured around 100 suspected Hamas militants during a Friday raid on one of the last functioning hospitals in northern Gaza. Gaza health officials and Hamas previously denied any militant presence there. Nidal Al-Mughrabil reports for Reuters.

Egypt yesterday proposed a two-day ceasefire between Israel and Hamas to facilitate the release of four hostages and delivery of aid to Gaza, President Abdel Fattah el-Sissi said. Ami Bentov, Samy Magdy, Tia Goldenberg, and Joseph Krauss report for AP News.

ISRAEL-HAMAS WAR — U.S. RESPONSE

Treasury Secretary Janet Yellen and seven foreign counterparts warned Netanyahu the actions of his far-right finance minister may cause an implosion of the Palestinian economy and risk further destabilizing the region. Barak Ravid reports for Axios.

ISRAEL-HEZBOLLAH WAR 

An Israeli strike in southern Lebanon killed eight people and wounded 25, the country’s health ministry said yesterday. Israel did not immediately comment, but yesterday said it was carrying out “targeted ground raids.” Matthew Mpoke Bigg reports for the New York Times.

U.S. PRESIDENTIAL ELECTION

China-affiliated hackers sought to access the phones of campaign staffers for former President Trump and Vice President Kamala Harris and collected audio from the phone calls of U.S. political figures. Joseph Menn, Josh Dawsey, Ellen Nakashima, Perry Stein, and Yasmeen Abutaleb report for the Washington Post.

Elon Musk’s super-PAC awarded two more $1 million prizes in its lottery for registered swing voters on Thursday night, despite warnings from the Justice Department that the giveaway could violate election laws. Perry Stein, Trisha Thadani, and Amy B Wang report for the Washington Post.

The U.S. federal intelligence authorities are seeing a rise in online discussions among extremists preparing for an imminent “civil war,” a Department of Homeland Security report shows. Betsy Woodruff Swan reports for POLITICO.

An appeals court ruled on Friday that a Mississippi law requiring election officials to count mail-in absentee ballots received after Election Day violates federal law. Isabelle Taft reports for the New York Times.

A Georgia appeals court refused to expedite the review of a Republican challenge to result certification deadlines, with the lower court’s order mandating county officials to certify the results set to remain in force during the election period. Kate Brumback reports for AP News. 

In a Sunday decision, an appeals court refused to reinstate Virginia’s voter purge program which would automatically cancel voter registrations of suspected noncitizens. Rebecca Falconer reports for Axios.

OTHER U.S. DOMESTIC DEVELOPMENTS 

The U.S. Navy apologized for its bombardment of a native Alaskan community 142 years ago. Johnny Diaz reports for the New York Times.

RUSSIA-UKRAINE WAR

Several thousand North Korean soldiers have arrived in Russia’s western Kursk region, where they are expected to participate in an upcoming counteroffensive aimed at expelling Ukrainian forces, sources say. Michael Schwirtz, Julian E. Barnes, and Eric Schmitt report for the New York Times.

Ukrainian President Volodymr Zelenskyy has declined a visit by Secretary-General Guterres after he attended a BRICS summit in Russia last week, according to a source. Jaroslav Lukiv reports for BBC News. 

GLOBAL DEVELOPMENTS 

Sudan’s paramilitary Rapid Support Forces’s (RSF) attacked a village on Friday, killing at least 124, activists say. It marks one of the deadliest incidents in the country’s ongoing civil war. Nafisa Eltahir and Khalid Abdelaziz report for Reuters.

International Criminal Court Chief Prosecutor Karim Khan allegedly tried to suppress a sexual misconduct complaint against him by urging the complainant to disavow her claims. Khan has denied the reports. Harry Davies and Robert Flummerfelt report for the Guardian.

A judge presiding over the prosecution request for a Netanyahu arrest warrant has been replaced on health grounds, the ICC said on Friday. The move could lead to further delays in the proceedings. Stephanie van den Berg reports for Reuters.

One person was killed and at least 30 injured after a truck hit a bus stop near an Israeli military base north of Tel Aviv. The authorities say they are investigating the incident as a suspected terror attack. Lucy Williamson reports for BBC News.

Japan faces political uncertainty after the Liberal Democratic Party yesterday lost its parliamentary majority in the lower house for the first time in 15 years. Helen Regan and Yumi Asada report for CNN.

Georgia’s president yesterday called for people to protest the results of Saturday’s disputed parliamentary election, in which the electoral commission said the ruling pro-Russia party won. Monitors observing the count reported significant irregularities. Felix Light and Lucy Papachristou report for Reuters.

Satellite images show major expansion at a Russian site used for bioweapons development during the Cold War. Joby Warrick and Jarrett Ley report for the Washington Post.

The post Early Edition: October 28, 2024 appeared first on Just Security.

If you ask the average citizen of any country whether their leaders should start wars, almost all would give a resounding “No.” The public, overall, opposes war, but tolerates leaders who prioritize power, legacy, and special interests over the wishes of their own people.

This is how we find ourselves recklessly stumbling toward a global conflict that could erupt out of the regional crises currently unfolding.

With its early Saturday morning attack, Israel is on the verge of dragging the U.S. into a regional war with Iran.

Let’s start with the Middle East. With its early Saturday morning attack, Israel is on the verge of dragging the U.S. into a regional war with Iran. The plans were drawn up weeks ago and, despite U.S. warnings, Israel went ahead with the bombing.

Though, for the moment, Iran seems to be exercising restraint, U.S. leadership seems to not be up for the challenge of averting this conflagration. The Biden administration has proven ineffective. Not only has it failed to secure a ceasefire in Gaza, the administration is also emboldening Israel by providing military assistance against retaliatory attacks from Iran.

For its part, Israel keeps pushing the envelope, ignoring U.S. pleas for restraint, confident that powerful Israel lobby groups will ensure American politicians will continue to supply them with money, weapons, and intelligence.

Enter Russia and Ukraine

A regional Middle East conflict could itself grow into larger war — by dragging in Russia. Given its presence in Syria, there is no predicting exactly how Russia might react to a regional war with U.S. involvement. What we do know is that Russia has issued ominous warnings to Israel about attacking Iranian nuclear sites — warning that will now be tested.

The Russian stance is not difficult to understand. For the U.S., a regional Middle East war would mean jumping into Israel’s fight. For Russia, the region holds the key to a web of interlocking interests. Russia buys drones and ballistic missiles from Iran for use against Ukraine, and Iran, for its part, is perpetually a potential customer for Russia’s sophisticated defense systems. 

Then there is the war in Ukraine itself, where the sides for a global conflict were drawn up. NATO members, bound by a mutual defense pact, are supporting Ukraine in its war against Russia. As a response, four countries are coming together as “the axis of resistance” — against, as how Senate Republican Leader Mitch McConnell refers to it, the new “axis of evil”: Russia, China, North Korea, and Iran.

As part of its alliance, the West continues to supply military equipment with more offensive capabilities. Ukrainian President Volodymyr Zelenskyy wants long-range missiles that can attack deeper into Russian territory. Russian President Vladimir Putin has repeatedly warned that if certain red lines get crossed, he will retain the right to use tactical nuclear weapons.

So far, the West has crossed a few of Putin’s red lines without consequence. The question we might ask is: How long do both sides want to play this Russian roulette? 

Both the Middle East and Ukraine conflicts create a growing risk that the U.S. and NATO and end up in direct confrontation with Russia and its allies — the new world war. 

Snowball in the Far East

If this world war breaks out along the lines of the Middle East war and Ukraine conflict, there is no reason to think the conflagration would be contained.

Any number of miscalculation or military accident in either the Taiwan Strait or South China Sea could trigger direct confrontation between China — unlike Russia, an ascendant world power — and the U.S.

A wider war in Easter Europe or the Middle East could, for instance, give China an opening to go to war over Taiwan. So far, China seems in no rush to invade, tacitly accepting the U.S. policy of “strategic ambiguity” — where the U.S. remains deliberately vague on whether it would defend Taiwan militarily.

A wider war in Easter Europe or the Middle East could give China an opening to go to war over Taiwan.

If the West becomes embroiled in a full-scale war with Russia or in the Middle East, that calculation could change.

Even short of an invasion of Taiwan, China is likely to leverage a distracted West into ever more aggressive actions in the South China Sea, where the potential for conflict is high.

The burgeoning Eastern power is already carrying out its own version of the Monroe Doctrine. Flouting international law, China is flexing its muscle by claiming control over navigation pathways that threaten the neighboring countries of Vietnam, Malaysia, and the Philippines — the latter of which bears the brunt of Chinese harassment and, ominously, has a mutual defense pact with the U.S.

History as Our Guide

There are two absolute truths about war. Once started, the outcome is unpredictable. Secondly, and more importantly, wars always escalate. We are witnessing conflicts on three fronts that are exhibiting both characteristics.

History is a powerful teacher, and it’s time we dust off a few history books. Much of what is occurring on today’s geopolitical chessboard has analogues to events that unfolded in the early 20th century. 

Due to arrogance and sheer folly, the relationships between the three cousins — King George V of Britain, Kaiser Wilhelm II of Germany, and Tsar Nicholas II of Russia — deteriorated due to a mix of personal, political, and national factors. This ultimately contributed to the outbreak of the colossal sibling squabble we know as World War I.

Much like today, several key factors set the stage for the First World War. Militarism and nationalism were on the rise, and an arms race between major powers raged. European empires were engaged in intense competition for global dominance and access to resources, particularly in Africa.

As it is today, the powers divvied up into alliances: The Triple Alliance between Germany, Austria–Hungary, and Italy (though Italy later withdrew) on one side, and the Triple Entente, with a surrounded Russia joining France and the United Kingdom. In a scenario with echos today today, these alliances were meant to provide mutual defense but also created a precarious situation where a conflict involving one member could quickly spiral into a wider war.

Many of today’s politicians cater to the donor class and special interests that favor conflict.

Those were empires. Their subjects could be excused for their inability to sway their leaders, whose sheer stupidity they would always be subject to. Today, some of the players fit this bill — but not all.

In the democratic West, we are supposed to have a voice. Yet, many of today’s politicians, with the help of the mainstream media, seem indifferent to the desires of their voters, catering instead to the donor class and special interests that favor conflict.

In this dizzying milieu of crisscrossed global interests and unaccountable leadership, our odds can look daunting. Yet those of us bestowed with the right to press our governments must continue to press policy makers to stop this madness before it’s too late.

The post How the Israeli Attack on Iran Could Seed a New World War appeared first on The Intercept.

Read the full article here

The post Tran and Graham cited by The Banker on the rising use of yuan in global trade appeared first on Atlantic Council.

Click on the banner above to explore the Tiger Project.

Almost on a weekly cadence now, a new headline spotlights the growing flow of artillery shells and ballistic missiles from North Korea to Russia and then to the battlefield in Ukraine. On October 23, Secretary of Defense Lloyd Austin confirmed the latest development: North Korea has not only sent materiel to Russia; it is now sending troops. Austin warned that if the North Korean troops become “co-belligerents” in Russia’s war in Ukraine, the impact will go beyond Europe to impact Indo-Pacific security. Given the stakes, how should the United States and its allies understand this deepening cooperation between Moscow and Pyongyang?

In June, Russian President Vladimir Putin traveled to Pyongyang—his first visit since 2000—to sign what was called a “mutual defense pact” with North Korean leader Kim Jong Un. At the time, Kim said the agreement amounted to an “alliance.” This likely overstates the character of Russia-North Korea relations. At the same time, it would be an underestimation to view recent weapons and supplies transfers as simply transactional or ad hoc deals. Instead, what is emerging between Russia and North Korea is something closer to a specialized “common market of autocracies.” It’s the marketplace extension of the Atlantic Council’s prior work conceptualizing the “arsenal of autocracy” as well as the “axis of evasion.” The implications of this growing common market are serious for the following reasons.

First, this market works through barter-like deals, which take place largely outside the reach of potent US economic statecraft tools. These bespoke deals operate without the need to settle payments in US dollars, ship through international waters, or transport over foreign territory. As the previous and current targets of some of the United States’ most powerful sanctions, Russian and North Korean entities have accumulated significant experience in evading them. The two partners can increasingly apply those lessons learned to their bilateral transactions and present them with the opportunity to create recurring barter deals. There are concerning gaps now between Putin-Kim bartered deals and the latticed structure of powerful US economic statecraft tools.

What is largely missed is that recurring business deals represent the culmination of partners structuring, testing, and refining business practices. Usually, this takes many years to develop. Moscow and Pyongyang appear to be moving much quicker. One of the unintended consequences of the United States’ application of powerful sanctions is that for some targets, these tools serve as an accelerator for learning how to adapt and evade. These targets develop sanctions resistance by innovating and developing new ways to do business. By pivoting, Russia and North Korea have been able to devise and develop new business practices and form new business networks.

Second, this common market structure presents a serious longer-term threat to the United States and its allies because it bolsters the ability of these autocracies to aid each other in sustaining themselves. Through a barter version of comparative advantage, Kim can provide Putin with an item that Putin urgently needs and that Kim uniquely produces or stockpiles (such as North Korean artillery shells and ballistic missiles). The same is true for what Putin can provide Kim (such as Russia helping to resolve technical setbacks with North Korea’s rocket and missile program, as well as potentially providing war-tested drones for Kim’s deployment on the Korean Peninsula).

The next stage of this common market dynamic would be the Russians directly assisting the North Koreans in modernizing and expanding their munitions industry to meet the ambitious plans for more North Korean-produced artillery shells for the Russian war effort. (As the Russia Sanctions Database highlights, Putin’s primary military vulnerability lies in Russia’s deficient ammunition manufacturing capability.) A scaled-up munitions industry could provide North Korea a considerable industrial base with expanded capabilities that it could apply to other sectors. It could also be a source of economic growth for the Kim regime. As an exclusive supplier to a massive European war zone, the recurring barter trade channels could bring in a widening range of other high-demand items into the country.

Third, Putin and Kim are now out of their respective boxes, which China carefully crafted to try to influence their behavior. China maintained the height and length of these bespoke boxes by becoming a large bulk purchaser of energy resources from Russia and a critical secure supplier of petroleum products to North Korea. With Putin and Kim building more direct channels between their personalistic regimes for recurring specialized barter, the two leaders are, in practice, reducing obstacles and friction as they advance their own urgent national goals. For Putin, the goal is to outlast the Ukrainians on the battlefield. For Kim, it is to further erode deterrence on the Korean Peninsula.

While recent reports of Russian shipments of petroleum products to North Korea garnered only a few sentences in international media, this development likely jolted Chinese leaders. In a relatively short period of time, the potency of Beijing’s main policy tool in managing the complex China-Russia relationship and the dysfunctional China-North Korea relationship has eroded. This dynamic appears to be largely underestimated because it resides outside the scope of an immediate and direct threat to US national security.

However, if this Russia-North Korea trend continues along with other bilateral transactions, crises in Europe and the Indo-Pacific will have a trans-Siberian logistical support dynamic reminiscent of World War II. From a logistical standpoint, the Soviets effectively drew on their resources in the Far East to tip the scales on their western front. A main difference this time is that this logistical support would be two-way, with North Korea now gaining resources that could enable it to tip the scales on the Korean Peninsula and beyond.

It is a critical time to fully map out and categorize the host of specialized barter deals between North Korea and Russia. Doing so will enable the United States and its allies and partners to better understand how the common market of autocracies is growing so that policy tools can adapt to this expanding threat. The window to do so is closing quickly at the speed of war.

---

John Park, PhD, is a nonresident Senior Fellow with the Scowcroft Center’s Indo-Pacific Security Initiative and the GeoEconomics Center’s Economic Statecraft Initiative at the Atlantic Council.

---

The Tiger Project, an Atlantic Council effort, develops new insights and actionable recommendations for the United States, as well as its allies and partners, to deter and counter aggression in the Indo-Pacific. Explore our collection of work, including expert commentary, multimedia content, and in-depth analysis, on strategic defense and deterrence issues in the region.

The post The North Korea-Russia relationship is blossoming into a common market of autocracies appeared first on Atlantic Council.

President Félix Tshisekedi announced that a commission would draft the DR Congo’s new Constitution next year as the current one is “not good” and “written in a foreign country”.

Tshisekedi was addressing the nation from Kisangani in the Tshopo Province, where he also spoke of social and security issues.

He is going to appoint a commission next year made up of people from different sections of society to draft a new constitution adapted to the realities of the DRC and which will no longer hamper the functioning of the country.

He said the current Constitution was poorly drafted as several articles of the fundamental law of 2006 need modification, including articles limiting the head of state’s mandates.

However, Tshisekedi, re-elected for a second and final term in December 2023, said that changing presidential term limits is “not the president’s task”. However we have doubts. 

Félix Tshisekedi, the president of the Democratic Republic of Congo (DRC), has been pushing for constitutional changes as he nears the end of his first term. This move is sparking debates about his motives and the implications for Congolese democracy.

There are several reasons why Tshisekedi might be considering a constitutional amendment:

1. Extended Power: Amending the constitution could potentially allow him to extend his presidency or even run for additional terms. Given that his presidency has faced numerous challenges—from political alliances to security issues—he may be seeking more time to solidify his position and pursue his agenda.
2. Political Influence and Stability: The current political structure in the DRC limits the power of the president relative to parliament and regional governments. Tshisekedi may be aiming to centralize authority to implement policies more efficiently, which, according to his supporters, could strengthen national stability.
3. Addressing Electoral Reform: The constitution could also be amended to address flaws in the electoral system and to establish more robust electoral reforms. Tshisekedi and his supporters have argued that these changes are necessary to ensure transparent elections.

Critics argue, however, that this push for reform could undermine democratic norms in the DRC, given that the country has a history of leaders using constitutional changes to cling to power. This is especially contentious because many Congolese are cautious about any moves that could further entrench a single leader, given the country’s turbulent political past.

Félix Tshisekedi’s push for constitutional change could find support from several key groups, each with their own motives for backing his agenda:

1. **His Political Coalition (Union Sacrée): Members of Tshisekedi’s coalition, the Union Sacrée de la Nation, might support him to protect their positions and maintain influence within the government. As they’ve allied with him since 2021, they likely see this move as an opportunity to secure political power for the long term.

2. Business and Economic Elites: Some business leaders and economic elites may view Tshisekedi’s proposed reforms as a pathway to stability and predictability in DRC’s political landscape. With a more centralized government, Tshisekedi could focus on economic reforms and infrastructure projects that could benefit these elites.

3. Regional and Local Leaders: Some regional leaders may back constitutional change if it promises to address local governance issues or if they gain assurances of influence. As the DRC faces security challenges, particularly in its eastern provinces, Tshisekedi could present these changes as necessary for improving security and public services.

4. International Partners and Investors: While foreign governments may approach this cautiously, certain international stakeholders—especially those invested in DRC’s mining sector or broader economic development—could support changes that lead to a more stable investment climate. Stability in governance could appeal to countries and companies with significant interests in DRC’s resources, like copper and cobalt.

5. The Military and Security Apparatus: The military and security forces could also be key supporters, particularly if Tshisekedi’s reforms include provisions that strengthen security infrastructure or provide greater funding. Support from the military is especially significant in the DRC, where security is a major challenge.

These groups would likely support Tshisekedi as long as his proposed changes appear to provide mutual benefits, such as stability, economic growth, or improved local governance. However, they may distance themselves if they perceive the changes as unduly extending Tshisekedi’s grip on power, given the DRC’s sensitivity to authoritarianism and instability.

Criticism of Félix Tshisekedi’s proposed constitutional changes comes from several groups, both within the Democratic Republic of Congo and internationally. Key critics include:

1. Opposition Political Parties: Opposition groups argue that Tshisekedi’s attempt to change the constitution could be a strategy to extend his presidency or consolidate power, which they view as a threat to democracy. Figures like Martin Fayulu and Moïse Katumbi, prominent opposition leaders, have voiced concerns that this move could replicate the authoritarian practices seen under former leaders.

2. Civil Society Organizations and Activist Groups: Many Congolese civil society organizations, youth groups, and human rights activists are wary of any attempts to amend the constitution. They fear this could lead to erosion of democratic rights and freedoms and are vocal about ensuring that power remains checked. Groups such as LUCHA (Lutte pour le Changement) have already mobilized in the past against political abuses of power.

3. The Catholic Church and Other Religious Institutions: The Catholic Church, a highly influential institution in the DRC, has often taken a stance against moves that could destabilize democracy or extend presidential terms. The Church has publicly criticized similar maneuvers in the past, including those by former president Joseph Kabila, and is likely to question Tshisekedi’s motives as well.

4. International Community: Foreign governments, especially those focused on promoting democratic governance in Africa (e.g., the United States, European Union, and some African nations), may see Tshisekedi’s move as concerning. They often view constitutional changes that extend terms or centralize power as detrimental to stability and democracy in the region. The UN and African Union might also weigh in if there’s significant backlash within the country.

5. Human Rights Organizations: Organizations like Human Rights Watch and Amnesty International are likely to raise red flags, fearing that constitutional changes could open the door for repression or human rights abuses. These organizations often monitor political shifts closely, especially in countries with histories of authoritarian rule, and could exert pressure on Tshisekedi’s administration to halt any reforms that undermine democratic principles.

These critics argue that rather than changing the constitution, Tshisekedi should focus on upholding electoral processes and implementing reforms to address the country’s security and economic challenges. They contend that constitutional amendments could weaken democratic institutions and set a dangerous precedent for future leaders.

Yes, Félix Tshisekedi’s proposed constitutional changes in the Democratic Republic of Congo (DRC) bear similarities to recent constitutional developments in Gabon, as both seem rooted in leaders seeking to extend or solidify their hold on power under the guise of national stability and governance reform. While these situations are distinct, some common themes include:

1. Power Consolidation: In Gabon, President Ali Bongo Ondimba, until his recent ouster in 2023, had made constitutional adjustments that allowed him to stay in power for over a decade. These adjustments increased executive power and limited democratic checks and balances, sparking concern among citizens and opposition groups. Similarly, in the DRC, Tshisekedi’s proposed reforms could be seen as an effort to concentrate authority, potentially extending his time in office or increasing executive control.

2. Weakening of Democratic Institutions: Both in Gabon and the DRC, constitutional changes are perceived by critics as moves that could weaken democratic safeguards. In Gabon, changes to the constitution diminished the judiciary’s independence and empowered the president, while in the DRC, Tshisekedi’s opponents argue that similar reforms could weaken parliament and strengthen the presidency. This raises concerns about the erosion of checks and balances in both countries.

3. Potential Popular Backlash: In both countries, citizens and opposition groups have raised concerns that constitutional amendments might be a tool for maintaining a single political family or leader’s control over the state. In Gabon, public dissatisfaction with Bongo’s rule and his constitutional adjustments eventually led to military intervention, as people called for new governance. In the DRC, civil society and opposition leaders are voicing concerns over Tshisekedi’s plans, fearing similar long-term impacts on democratic institutions and potential for unrest.

4. Regional and International Concern: International actors have historically been wary of leaders who amend constitutions to prolong their rule, as it often leads to political instability. In Gabon, the political situation eventually drew condemnation from international communities, especially after the coup that removed Bongo. Likewise, if Tshisekedi proceeds with his changes, the DRC may face scrutiny and caution from international partners wary of a potential repeat of Gabon’s pattern of democratic backsliding.While the contexts of Gabon and the DRC are unique, these parallel elements highlight concerns over stability, democracy, and power dynamics in both cases, and they underscore broader regional worries about leaders modifying constitutions to maintain influence and control.

Manufacturing has become increasingly reliant on modern technology, including industrial control systems (ICS), Internet of Things (IoT) devices and operational technology (OT). While these innovations boost productivity and streamline operations, they’ve vastly expanded the cyberattack surface.

According to the 2024 IBM Cost of a Data Breach report, the average total cost of a data breach in the industrial sector was $5.56 million. This reflects an 18% increase for the sector compared to 2023.

Apparently, the data being stored in industrial control systems is data worth stealing. Plus, the disruption due to even a single hour of downtime makes manufacturing a juicy target for cyber criminals.

What type of cyberattacks impact the industrial sector? And what can manufacturers do to protect themselves from these threats? Let’s find out.

The impact of cyberattacks on manufacturing

According to the 2024 IBM Cost of a Data Breach report, data breaches cost industrial organizations 13% more than the $4.88 million global average. Furthermore, the sector experienced the costliest increase of any industry, rising by an average of $830,000 per breach over last year. This cost spike could reflect the reality that manufacturers are highly sensitive to operational downtime. For example, the average car maker loses $22,000 per minute when the production line stops.

Unfortunately, the pain doesn’t end there. The time to identify and contain a data breach at industrial organizations was above the median industry, at 199 days to identify and 73 days to contain. These alarming trends underscore the vulnerability of the sector and the financial toll cyberattacks can take on manufacturers.

One of the most prevalent forms of cyberattacks in the manufacturing industry is ransomware. Ransomware attacks on industrial control systems doubled in 2022 alone. When manufacturing operations are disrupted, the financial and reputational damage can be severe. Supply chains can be thrown into chaos, leading to production delays and lost revenue.

Another major concern is intellectual property theft. Cyber criminals, including nation-state threat actors, often target proprietary designs and trade secrets to gain economic or strategic advantages. This type of cyber espionage can be difficult to detect, as attackers may infiltrate networks and exfiltrate data over long periods without being noticed.

Supply chain attacks are also a major concern. In these attacks, cyber criminals target vulnerable third-party suppliers or partners to gain access to a manufacturer’s systems. Since manufacturers often rely on a complex web of suppliers, a breach at one supplier can have a cascading effect across the entire production line. This interconnectedness makes the industry particularly susceptible to large-scale attacks.

The increasing interconnectedness of manufacturing systems due to digitalization has greatly expanded the attack surface. IoT devices and connected systems allow for real-time monitoring and control, but they also introduce vulnerabilities if not properly secured. This blurring of the lines between IT and OT makes it easier for attackers to infiltrate systems and cause widespread disruption.

Read the Cost of a Data Breach Report

What manufacturers can do to prevent cyberattacks

Given the scale and complexity of cyber threats facing the manufacturing sector, it’s imperative that manufacturers take proactive steps to protect their systems and data. Here are some key measures manufacturers should implement to bolster their cybersecurity posture:

1. Implement stringent security policies

Manufacturers must establish strong cybersecurity frameworks that govern all aspects of their operations. This includes enforcing strict access controls, conducting regular security audits and implementing robust incident response plans. One of the most critical components of any cybersecurity policy is employee training. Many breaches occur due to human error, such as falling for phishing schemes or mishandling sensitive data. Continuous training ensures that employees are aware of the latest threats and know how to recognize and prevent them​.

2. Regularly update IoT devices and firmware

IoT devices are often a weak point in manufacturing systems, as they may not come equipped with robust security features out of the box. Regularly updating the firmware of these devices and ensuring they are properly configured can mitigate the risk of exploitation. Manufacturers should also integrate IoT devices securely into their broader network infrastructure and ensure they are monitored continuously for any signs of compromise.

3. Segment and air-gap networks

One of the most effective ways to limit the spread of an attack is to segment IT and OT networks. By creating barriers between different systems, manufacturers can prevent attackers from moving laterally through their networks if one part is breached. In highly sensitive environments, air-gapping — isolating critical systems from external networks entirely — can provide an additional layer of protection. This ensures that even if an IT system is compromised, operational technology systems remain unaffected.

4. Invest in advanced threat detection

Real-time threat monitoring tools, such as Security Information and Event Management (SIEM) systems, are essential for detecting and responding to cyber threats. These tools provide real-time visibility into network activity and can automatically flag suspicious behavior for investigation. Manufacturers should also employ proactive threat hunting to identify potential vulnerabilities before they are exploited.

5. Backup and disaster recovery planning

Having secure backups is essential for mitigating the damage caused by ransomware attacks. By maintaining regular off-site backups and testing disaster recovery plans, manufacturers can recover quickly from an attack without paying a ransom. These backups should be encrypted and stored in a way that ensures they cannot be accessed or tampered with by attackers.

Industrial cybersecurity case study

In early 2020, ANDRITZ, a leading industrial plant provider, began seeing a rise in cybersecurity incidents. Its IT environment included many systems and security policies that complicated security efforts. The company’s massive attack surface area included over 280 sites worldwide and thousands of employees using the company’s network remotely. A host of third-party contractors and engineers also had access to key IT systems.

For security information and event management (SIEM), ANDRITZ chose IBM Security QRadar on Cloud technology deployed as SaaS. The platform helps ANDRITZ’s security operations center (SOC) focus on detecting and remediating threats while IBM Security professionals provide 24/7 infrastructure management. SIEM can ingest data and log events from multiple sources across the network. By applying advanced analytics and correlations across data types — network, endpoint, asset, vulnerability, threat data and more — the SOC gains a holistic view of security.

In less than six months after engaging with IBM Security and deploying an integrated set of Managed Security Services (MSS), ANDRITZ had a new, comprehensive security services solution.

Leverage new opportunities, mitigate new risks

The manufacturing industry’s increasing reliance on digital technologies has brought tremendous benefits, but it has also created new vulnerabilities that cyber criminals are eager to exploit. As cyberattacks in the sector become more frequent and sophisticated, manufacturers must adopt a comprehensive approach to cybersecurity.

The post Addressing growing concerns about cybersecurity in manufacturing appeared first on Security Intelligence.

President Brice Oligui Nguema of Gabon has expressed interest in changing the country’s constitution to address concerns about political stability and governance. After seizing power in a military coup in August 2023, which ousted President Ali Bongo Ondimba following disputed election results, Nguema and his administration cited the need for reforms that would prevent further political crises and ensure a other system of power that guarantees his authority.

The Bongo family had ruled Gabon for over 50 years, and Nguema’s military intervention highlighted issues with the long-term concentration of power. By proposing constitutional changes, Nguema aims to restructure the political framework, limit presidential terms, and prevent the type of political dominance that his predecessors held. The overall goal appears to be to modernize Gabon’s political system, ensuring better checks and balances, and possibly to legitimize his own position through a transition to civilian rule.

Brice Oligui Nguema’s political opponents include figures from both the former ruling party, the Gabonese Democratic Party (PDG), and opposition groups that have historically opposed the Bongo family’s long rule. After the coup in August 2023, opposition figures expressed mixed reactions—some welcomed the ousting of Ali Bongo, while others were wary of Nguema’s long-term intentions.

Some key political opponents and groups who may oppose Nguema are:

1.Jean Ping: A prominent opposition figure and former African Union chairman, Ping was a strong challenger to Ali Bongo in the 2016 presidential election. He claimed victory in that election, accusing Bongo of rigging the results, and many of his supporters see Nguema’s rise as a continuation of military control over Gabon, which could further delay true democratic change.

2. Alexandre Barro Chambrier: Leader of the “Rassemblement pour la Patrie et la Modernité” (RPM), Chambrier is a vocal opposition figure and critic of both Bongo and military interference in politics. He may push for a faster transition to civilian rule and free elections.

3. Guy Nzouba-Ndama: A former ally of the Bongo family, Nzouba-Ndama broke away from the ruling party and became a critic of Ali Bongo. He has also been a presidential candidate and is likely skeptical of any prolonged military rule.

4. The National Union (Union Nationale, UN): This political party, which has been one of the most significant opposition groups in Gabon, could also be critical of Nguema’s leadership. Its members have consistently fought for democratic reforms and would likely oppose any delays in returning to civilian rule.

5. Civil society and pro-democracy activists: Beyond political parties, various civil society groups and activists in Gabon advocate for deeper reforms, the protection of human rights, and democratic governance. They could become key opponents if they view Nguema’s constitutional changes as insufficient or a means to consolidate power.

While many opposition leaders might have welcomed the end of Bongo’s rule, their primary focus remains on pushing for transparent democratic elections and ensuring that Gabon’s transition doesn’t result in long-term military dominance.

However, critics argue that these changes could be a way for Nguema to consolidate power and extend his leadership under the guise of reform. The exact nature of the constitutional reforms and their long-term impact remain to be seen.

The proposed Constitution in Gabon will allow military leader General Brice Clotaire Oligui Nguema to run for president. This move has drawn criticism from the opposition. 

Gabon is set to hold a referendum on November 16 to vote on a new Constitution, sparking mixed reactions. 

The new charter would also abolish the position of prime minister and replace it with a vice president role, limiting the term of office for presidents to two seven-year terms. Thus, Nguema has not respected his promise to restore civilian rule by making it clear in the proposed Constitution that the military should not play a role in politics.

It also gives too much power to the president. State media in Gabon is telling citizens that everyone 18 years and older has a civic duty to vote in the referendum.

The country’s transitional military rulers said the new constitution would be a major step toward restoring civilian rule in Gabon and implementing recommendations of April’s national.

The new charter would also outlaw intimate relations between people of the same sex. The proposed text is notably believed to define marriage as a union between a man and a woman and would also make military service compulsory, while confirming French as the country’s official language.

The proposed constitution would not bar qualified civilians and Gabon’s defense staff members, including transitional president Nguema, from running for president because it would be undemocratic to restrain people who are capable from contributing to the welfare of Gabon.

If the constitution is approved, Gabon will not find itself in a situation in which a leader rules until he dies, as was the case with Ali Bongo’s father, Omar Bongo, who was in power for 42 years.

When Nguema seized power last year, he promised to restore civilian rule within two years. He has not said whether he will run for president at the end of the transitional period.

The proposed constitution makes it clear that Nguema wants to stay in power.

Officials are proposing a presidential system in which Nguema would have excessive powers.

A presidential system should have separation and sharing of powers among the legislative, executive and judicial arms of government, however, the proposed constitution would mean that in Gabon, the president would appoint members of the judiciary and could dissolve parliament.

The August 2023 coup put an end to 55 years of rule by the family of former president Ali Bongo Ondimba.

The desire to change Gabon’s constitution under Nguema is more related to addressing broader political and structural issues than directly to ethnic tensions. Key reasons include:

1. Breaking the Long-Term Hold on Power: The Bongo family held power for over 50 years, with accusations of corruption, cronyism, and mismanagement. Constitutional changes could focus on limiting presidential terms, which could prevent a future concentration of power in the hands of one family or political group, ensuring fairer political competition.
2. Reforming the Electoral System: The controversial 2023 election, which resulted in the military coup, highlighted flaws in Gabon’s electoral process. Constitutional reforms may aim to create a more transparent, inclusive, and fair system that reflects the will of the people, ensuring all regions and ethnic groups feel represented.
3. Stabilizing the Political System: By creating checks and balances, limiting presidential powers, and reforming institutions, Nguema may be attempting to reduce political instability. A new constitution could help build a system that avoids the dominance of any one ethnic group or political elite, aiming to strengthen national unity.
4. Consolidating Military Power: There is also the possibility that Nguema could use constitutional reforms to legitimize and consolidate his own power, though he has stated that he intends to return Gabon to civilian rule.Any reforms that entrench the military’s influence could fuel distrust between different ethnic groups, especially if they feel underrepresented in the new political order.

While ethnic tensions are not the primary driver behind constitutional changes, ensuring inclusivity and preventing marginalization of different groups—ethnic, regional, or political—will be crucial in maintaining peace and stability in Gabon moving forward.

Gabon has historically not experienced the same level of ethnic conflict as some other African countries, but ethnic and regional dynamics do play a role in its politics and governance. The potential changes to the constitution under Brice Oligui Nguema’s leadership, however, are not explicitly driven by ethnic conflict but more by issues of political power, governance, and the need for reform after decades of the Bongo family’s rule.

Gabon is home to over 40 ethnic groups, with the largest being the Fang, followed by other groups such as the Mpongwe, Myene, Obamba, and Punu. The Fang, primarily in the north, make up around 30% of the population, and historically, they have had a strong influence on Gabon’s politics. Ali Bongo’s late father, Omar Bongo, belonged to the Tekeethnic group from the southeastern part of Gabon, and the Bongo family’s dominance over five decades has created some regional tensions, particularly with Fang leaders who felt marginalized under their rule. However, while ethnic identity plays a role in local politics and regional allegiances, Gabon has avoided major violent ethnic conflicts. Instead, political grievances have largely been about economic inequality, corruption, and political exclusion, rather than being framed solely in ethnic terms.On 30 August 2023, an hour after the official announcement of Bongo’s election to a third term since 2009, a military junta proclaimed his rule was over, denouncing what they said was a rigged poll. The military dissolved the country’s institutions and appointed 98 deputies and 70 senators to a transitional parliament.

IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million.

Enterprises have been using AI for years in detection, investigation and response. However, as attack surfaces expand, security leaders must adopt a more proactive stance.

Here are three ways how AI is helping to make that possible:

1. Attack surface management: Proactive defense with AI

Increased complexity and interconnectedness are a growing headache for security teams, and attack surfaces are expanding far beyond what they can monitor using manual means alone. As organizations level up their multi-cloud strategies and onboard new SaaS tools and third-party code in software development and deployment, the challenge only intensifies.

With these larger attack surfaces come increased complexity of network interactions and many new potential entry points for adversaries to exploit. Attack surface management (ASM) brings AI-powered, real-time protection to digital infrastructures, regardless of underlying complexity.

Automated ASM greatly augments manual auditing by providing comprehensive visibility into attack surfaces. Furthermore, AI learns from the data it monitors to Improve future detection outcomes, albeit at a speed and scale that humans alone can’t match.

However, while ASM tools are often presented as turnkey solutions and are usually relatively easy to deploy, the ability of security teams to interpret the huge influx of data they generate is essential for maximizing their impact.

Read the 2024 Cost of a Data Breach report

2. Red teaming: AI goes on the offensive

AI red teaming is the process of having people stress-test AI models for potential vulnerabilities and other issues, such as bias and misinformation. While most models are designed with guardrails in place to mitigate these risks, attackers routinely try to “jailbreak” them through the use of clever prompting. For red teams, the goal is to get there before their adversaries, thereby giving them a chance to take corrective action.

Red teams can themselves use AI to help identify potential issues in the data used to train AI models. For instance, according to IBM’s report, over a third of data breaches involve shadow data. If that data, unvetted and unmonitored for quality and integrity, ends up being used in model training, the ripple effects can be significant. AI can help red teams detect shadow data by identifying anomalies and overlooked data sources that could pose security risks. Red teams can also test AI models against one another using adversarial machine learning methods to identify vulnerabilities.

Unlike ASM, red teaming involves tailored simulations specific to the organization’s data and threat landscape. To fully realize its benefits, organizations must work with skilled teams that can correctly interpret and analyze the results and implement the required changes.

3. Posture management: Continuous security at scale

Posture management is where the scalable, real-time monitoring capabilities of AI really shine. Where ASM reveals potential vulnerabilities in attack surfaces, posture management takes a much broader approach by monitoring configurations, compliance with security policies and connections between both internal and external systems in a manner that’s continuous, agile and adaptable.

By automating posture management with AI, security teams can mitigate risks in far less time and scale their efforts across complex multi-cloud infrastructures to ensure consistency across the board. Also, given the reduced reliance on manual processes, the chances of human error are greatly reduced.

Even when breaches do occur, organizations that extensively incorporate AI and automation into their posture management strategies can identify and mitigate them nearly 100 days faster than those that don’t use AI at all. Naturally, the time saved in both prevention and remediation results in substantial direct and indirect cost savings, too.

AI is a game changer, but the human element is as important as ever

The AI opportunity in cybersecurity is undeniable. Not only can it help scale strategies across increasingly complex environments, but it can also help democratize security by allowing less experienced analysts to interact with security systems using natural language queries.

However, that’s not to suggest that AI is a replacement for human expertise. Rather, it must complement it.

AI and automation in security have helped organizations save millions in potential damages and remediation efforts, but they still need people to understand the data and insights that AI provides to maximize its potential.

That’s why managed security services have an increasingly important role to play in ensuring that AI adoption is strategically aligned with business needs and goals — instead of being deployed solely for reducing costs and labor.

The post 3 proven use cases for AI in preventative cybersecurity appeared first on Security Intelligence.