METODI HADJI-JANEV:  HYPER THREATS TO CRITICAL INFRASTRUCTURES IN THE REGION OF SOUTH-EASTERN EUROPE:
                        A WAKE-UP CALL FOR SOUTH-EASTERN EUROPEAN LEADERSHIP

            launch an armed attack, in terms of the means to launch such an attack, and in terms of the
            priority to protect the potential target. This “hack” did not just challenge operational wisdom,
            but also created shockwaves inside the legal community.

            The threat from terrorists is already here and is evolving from external threats to an internal
            threat. It is well-established among the academic, pundit and intelligence community that
            SEE has emerged as a battleground for radical militant Islamism. Both anecdotal and em-
            pirical evidence confirm this thesis (Bodansky, 2001). The bomb attack on a police station
            in the central Bosnian town of Bugojno in June 2010 (BBC, 2010), the 2011 attack on the
            US Embassy in Bosnia (Alic, 2011), the 2012 attack and murder of 5 civilians in Macedonia
            (Dimitrioska, 2012), and the 2012 attack on Israeli tourists in Bulgaria (BBC, 2012), along
            with numerous reports of prevented attacks or arrests (e.g. in Bosnia, Serbia, Croatia, Kosovo,
            or Cyprus) (Hadji-Janev, 2012), confirm that the threat from these adversaries is real. Recent
            trends in the active support of radical Islamic groups in the Syrian resistance, however, have
            shown that the threat has changed from imported to home-grown. Furthermore, the growing
            amount of internet-based recruitment for these supports, along with the alleged on-line radi-
            calization prior to the aforementioned attacks and attacks around the globe connected with the
            region, raise serious concerns over terrorist use of cyberspace in the region of SEE.

            The threat vectors are evolving. The means to launch an attack and endanger CI and CII are
            rapidly changing. As an example, the history of using unmanned aerial vehicles (UAV) is
            astonishing. According to O’Donnell, the earliest recorded use of a UAV dates back to 1849,
            when the Austrians attacked the Italian city of Venice using unmanned balloons which were
            loaded with explosives (O’Donnell, 2019). Fast-forward to the aftermath of 9/11, and the CIA
            began flying armed drones over Afghanistan as part of the war against the Taliban. The first
            CIA drone-based kill operation took place in February 2002, when an unmanned Predator
            drone was used to target a suspect thought to be Osama bin Laden (Dormehl, 2018). Soon,
            however, these exclusive “gadgets” were commercially available and began to pose security
            implications. The region of SEE is not unfamiliar with the potential security implications of
            UAVs. The advancement and proliferation of public-use UAVs are much more complicated
            than that which SEE countries witnessed during the football incident between Serbia and Al-
            bania (Ames, 2014). Today UAV has become more readily available and more sophisticated,
            supporting new capabilities such as increased data collection and autonomous behaviour. Ac-
            cording to a RAND think-tank study, UAVs are reshaping the cybersecurity world in two key
            ways: “Firstly, UAS [referring to UAV as systems so using UAS instead of UAV – author]
            present a new kind of critical cybersecurity target. Critical law enforcement or data collection
            missions using UAS could be undermined by cyber attacks on these platforms. Secondly,
            UAS in the hands of adversaries could present novel avenues for cyber attacks, with the UAS
            themselves serving as “cyber weapons” intended to deliver malicious content or enable ki-
            netic impacts” (Best et al., 2020).

            The point of this analysis is to emphasize that the threat from UAVs is only one example of
            how threat vectors can vary and endanger CI and CII. Threats to CII do not exclusively come
            from cyberspace. The Stuxnet computer worm attack on an Iranian nuclear power plant will
            definitely rewrite the cyber terrorism playbook (Chery, 2010). In this context, David Geer
            offered statistical arguments clearly speaking of the increased physical danger risks of cyber
            terrorism (Geer, 2014). If the story about “Operation Orchard” by Erich Follath and Holger
            Stark, published in Spiegel, in 2009 is true, then it is clear why denying the terrorist threat



                                                                                    101