Page 99 - Cyber Terrorism and Extremism as Threat to Critical Infrastructure Protection
P. 99
METODI HADJI-JANEV: HYPER THREATS TO CRITICAL INFRASTRUCTURES IN THE REGION OF SOUTH-EASTERN EUROPE:
A WAKE-UP CALL FOR SOUTH-EASTERN EUROPEAN LEADERSHIP
States’ (or their proxies’) use of AI systems to expand intelligence, surveillance and recon-
naissance capacities supersedes the gain of the asymmetric strategies, cyber espionage, and
hybridity. AI systems and applications are able not only to collect but also to process massive
amounts of data in a short time; something which requires significant skilled manpower. In a
world of mega data, the internet of things and multi-vector and multi-domain based threats,
fast decision-making is a priority. AI systems can overcome the “cognitive burden” and avoid
instinctive, emotional and rapid decision errors (Barton, 2019).
Furthermore, collecting important data and adequately processing it could allow the opponent
(state or non-state actors) to exploit vulnerabilities beyond predictable capacities. Amir Hu-
sain, founder and CEO of SparkCognition Inc., observed that “the advent of hyperwar opens
up the reinterpretation of our geostrategic future” (Ackerman, 2018). Most CIP and CIIP plans
and procedures are based on the underlying assumption of the limitations of human capacities.
These limitations could, for example, be in the context of:
- Manoeuvrability (to be in a different place in a short period of time);
- Mass (to overwhelm defenders’ capacities in a short period of time);
- Economy (to act with surgical precision and cause collateral damage that could have nega-
tive consequences or additional logistical requirements in terms of replacement of forces
after long engagement and stress etc.);
- Competency ( “nerds” rarely have skills that require intensive and long physical training);
- Coordination – unity of efforts (to swarm the target or to cause the effect of an advanced
persistent threat and overcome any redundancies with an ability to simultaneously disable
cyber and physical defences in a coordinated manner);
- Above all AI can perform in an exclusive cognitive complexity (making a decision under
stress, after a long engagement with higher precision and without instant errors) (Walch,
2019).
AI thus affects two key important variables for CIP and CIIP: time and space. AI can trans-
fer data, performance, and even behaviour with greater velocity and with a higher volume.
“Reinforcement learning” (an area of machine learning concerned with how software agents
ought to take action in an environment in order to maximize the notion of cumulative reward)
is already practised in the gaming industry and is giving significant results in the autonomous
automobile industry (Marr, 2018). Skills and knowledge (developed tactics, techniques and
procedures) can be replicated in almost no time even remotely. The instant transfer learning
capability cannot be compared with recruiting terrorists or developing a hackers’ army. This
requires time, and there are specific conditions that must be satisfied. The ability to overcome
the essential pre-requirements for CIP and CIIP by employing AI systems and at the same
time to cause asymmetric and hybrid threats via cyberspace is raising the threat to a whole
new “hyper” level.
Debates about the development of AI and its impact on society are rare in the region of SEE.
Up to a point, this is understandable given the fact that the effects of AI have only been
acknowledged on the margins of security and innovation debates. The consideration of the
impact of AI to SEE societies as a whole and in the context of CIP and CIIP is urgent.
99
