22 May 2019

Is Sri Lanka Really a Victim of China’s ‘Debt Trap’?

By Umesh Moramudali

Sri Lanka is often portrayed as a country that fell into a debt trap as a result of public investment projects financed by China. One such investment project was Hambantota port, which was leased to China Merchant Port Holdings Limited (CM Port) for 99 years for $1.12 billion in 2017. This project is largely the reason as why Sri Lanka is widely cited as a clear example of getting trapped in Chinese debt and being forced to hand over assets with national and strategic importance to China. The general belief seems to be that Sri Lanka was unable to pay off the loans obtained from China to construct Hambantota port in the first place, and therefore had no choice but hand over the port to Chinese control to pay off the debt.

However, the real picture of Sri Lanka’s debt crisis, which is not often explained, is very different and far more destructive. Debt owed to China is in fact the tip of the iceberg, and that should make the debt crisis all the more alarming. The famous Hambantota port deal is not merely an issue of Chinese debt — Sri Lanka has much larger economic issues that go well beyond the debt owed to China.

China Has Been Running Global Influence Campaigns for Years

BETHANY ALLEN-EBRAHIMIAN, ZACH DORFMAN

In the run-up to the 2008 Beijing Summer Olympics, with the torch relay soon set to pass through San Francisco, an envoy from China met with the city’s then-mayor, Gavin Newsom.

Riots had broken out the month before in Lhasa, Tibet, leading to a crackdown by Chinese security forces. The torch’s journey through London and Paris had been marred by anti-China protests and arrests. Pro-Tibet and pro-Uighur activists, among others, were planning demonstrations in San Francisco, the torch’s only U.S. stop. Beijing was deeply concerned about damage to China’s image as its Olympic debut approached, and hoped to clamp down on dissent beyond the country’s borders. The envoy who met with Newsom demanded that he prohibit the demonstrations and, in effect, suspend the First Amendment, according to a former senior U.S. intelligence official, who requested anonymity to discuss sensitive information. Newsom, now California’s governor, refused, according to the former official. (Newsom did not respond to a request for comment.)

Can Tariffs Bankrupt Americans?


Since our last article on the U.S. China trade war, China officially retaliated against America’s 25% tariff on $200 billion in goods with its own tariff on $60 billion of American goods. Over 5,000 goods will be taxed at a 25% rate. Other goods will be taxed at a rate of 20% which is an increase from 5% and 10%.

On the possibility of taxing just about all Chinese imports at a 25% rate, President Trump stated:

“We have the right to do [tariffs on] another $325 billion at 25% in additional tariffs. I have not made that decision yet."

This is consistent with how Trump’s negotiation process has gone. When he takes action, he threatens more action, but doesn’t deliver until first trying to negotiate. He has been talking about this tranche of tariffs for a while. It’s less clear what could happen after that tranche of goods is tariffed. One of the most hotly discussed topics on trade has been if China would stop purchasing U.S. treasuries or worse sell them. At a certain point when economic wars become extremely fierce, there is risk of a real war. While that’s unlikely, even the increased threat of a war would send stocks crashing and could push up inflation.

Trump, the ‘Great Negotiator,’ Risks Losing Deals With China, Iran and North Korea

Kimberly Ann Elliott

While campaigning for U.S. president, Donald Trump sold himself as a great negotiator who would get tough and get things done. That image took a big hit after Trump’s capitulation to Congress over his needless government shutdown earlier this year, and his failure to get additional funding for his border wall. It took another hit last week when three of Trump’s foreign policy priorities suffered setbacks: Iran announced that it would stop adhering to some provisions of the international deal curbing its nuclear program; North Korea resumed ballistic missile launches; and Beijing reneged on commitments aimed at resolving the U.S.-China trade war. 

To underscore his apparent toughness, Trump took new punitive actions against each country. But a resolution of the underlying problems in all three foreign policy negotiations remains elusive. If anything, they could get much worse.

China: A Worsening Economy and Hardball U.S. Tactics Don't Budge Beijing


The Chinese economy has continued to slow down. With the collapse last week of a trade deal with the United States, the prospect of a protracted trade war looms large — something that could compel the Chinese government to ramp up its stimulus efforts and adjust its trade negotiating strategy.

What Happened

New Chinese economic data from April has laid bare the continuing fragility of the world's second-largest economy despite Beijing's stimulus efforts. Industrial output, retail sales and investments all slowed last month, with retail sales and manufacturing investment growing at a respective 7.2 and negative 1.2 percent, their slowest pace in nearly 15 years. The data comes on top of declines in exports and manufacturing, suggesting the deceleration is occurring across the board and dampening hopes of recovery despite positive economic indicators in March.

The AI Supply Chain Runs on Ignorance

By Sidney Fussell,

The users posting photos to Ever, a mobile and desktop app similar to Flickr and Photobucket, had a choice. If they opted into facial recognition, the app’s software could analyze photo subjects’ faces, which meant it could group photos, let users search photos by the people in them, suggest tags, and make it easier to find friends and family using the app.

For users, this is tidy and convenient. For Ever, it’s lucrative: NBC News reported last week that Ever licenses its facial-recognition system, trained on user photos, to law-enforcement agencies and the U.S. military. As more people opt into facial recognition, the system grows more advanced. Ever did not respond to requests for comment from The Atlantic, but privacy advocates are outraged.

Users are “effectively being conscripted to help build military and law-enforcement weapons and surveillance systems,” says Jake Laperruque, the senior counsel at the Project on Government Oversight. Had users been explicitly informed about the military connection, he says, they may have chosen not to enable facial recognition.

China’s ‘self-destructive nuclear option’ in trade war: Selling US Treasury bonds


Included in China’s Twitter response to U.S. tariffs being increased on products originating in China, the threat of China selling U.S. Treasury bonds was explicitly called out a viable response option. Other responses included introducing tariffs on U.S. exports to China. Long considered a risk to the U.S. economy, this CNBC article takes a detailed look at what would happen in China engaged in this “nuclear” option.

“Consider it China’s nuclear option in the trade war with the U.S. — the ability to start dumping its massive pile of Treasury bonds that could trigger a surge in interest rates and substantially damage the American economy.”

Huawei hit by US export controls, potential import ban

By: Frank Bajak and Tali Arbel

In a fateful swipe at telecommunications giant Huawei, the Trump administration issued an executive order Wednesday apparently aimed at banning its equipment from U.S. networks and said it was subjecting the Chinese company to strict export controls.

Huawei would be the largest business ever subjected to the controls, a law enforcement measure that requires it to obtain U.S. government approval on purchases of American technology, said Kevin Wolf, who had been the assistant secretary of commerce for export administration in the Obama administration.

"It's going to have ripple effects through the entire global telecommunications network because Huawei affiliates all over the planet depend on U.S. content to function and if they can't get the widget or the part or the software update to keep functioning then those systems go down," he said.

How Chinese Spies Got the N.S.A.’s Hacking Tools, and Used Them for Attack

By Nicole Perlroth, David E. Sanger and Scott Shane

Chinese intelligence agents acquired National Security Agency hacking tools and repurposed them in 2016 to attack American allies and private companies in Europe and Asia, a leading cybersecurity firm has discovered. The episode is the latest evidence that the United States has lost control of key parts of its cybersecurity arsenal.

Based on the timing of the attacks and clues in the computer code, researchers with the firm Symantec believe the Chinese did not steal the code but captured it from an N.S.A. attack on their own computers — like a gunslinger who grabs an enemy’s rifle and starts blasting away.

The Chinese action shows how proliferating cyberconflict is creating a digital wild West with few rules or certainties, and how difficult it is for the United States to keep track of the malware it uses to break into foreign networks and attack adversaries’ infrastructure.

Why Are the U.S.’s Cyber Secrets Getting Stolen? Because China’s Getting Better At Stealing Them.

By Ben Buchanan

The New York Times published a major story last week, drawing on research from the cybersecurity company Symantec. The story revealed how a group of elite Chinese hackers known as APT3 had apparently gained access to powerful American hacking tools and used them to penetrate governments and companies of American allies. The Times piece and much of the commentary it solicited linked this case to concerns about the National Security Agency’s (NSA’s) ability to protect its most closely guarded and powerful capabilities.

In particular, a lot of the critical analysis cited in the Times reporting focused on the Vulnerabilities Equities Process (VEP), the mechanism through which the U.S. government decides which software weaknesses to exploit for national security purposes and which to turn over to private companies for patching. Other analysts contextualized the Chinese success with the NSA’s repeated failures in operational security. These analysts noted that the very same exploit apparently repurposed by the Chinese was also included in a trove of files that a group known as the Shadow Brokers somehow took from the NSA and leaked online.

Japan Woos a Region Caught Between the U.S. and China


Japan is expected to take on greater responsibilities in U.S-led security, infrastructure and economic initiatives in the Indo-Pacific region, which will advance Tokyo's goal of helping counterbalance China and its regional ambitions. Japan's ample capital, expertise and benign image make Tokyo a favorable third force among countries in South Asia and Southeast Asia, many of which feel as if they have few options but to choose between one of the two great powers. Tokyo will leverage its strategic value to enhance U.S. security and economic initiatives in ways that avoid excessively provoking Beijing.

Years after the rise of China pushed it out of the spotlight in the Asia-Pacific region, Japan is making a comeback. Japanese foreign investment in Southeast Asia has increased dramatically since 2013, particularly in emerging economies such as Vietnam, Thailand, the Philippines and Indonesia. Japan's increasing financial outlay has gone hand-in-hand with its efforts to become more proactive on regional security and diplomatic cooperation with individual states. Tokyo has become more involved in the South China Sea by stepping up defense cooperation with littoral states like Vietnam, the Philippines, Malaysia and Indonesia, while it has also pursued closer bilateral defense ties with Australia and India.

Venezuela: The Rise and Fall of a Petrostate

by Rocio Cara Labrador

Venezuela, home to the world’s largest oil reserves, is a case study in the perils of petrostatehood. Since its discovery in the 1920s, oil has taken Venezuela on an exhilarating but dangerous boom-and-bust ride that offers lessons for other resource-rich states. Decades of poor governance have driven what was once one of Latin America’s most prosperous countries to economic and political ruin. If Venezuela is able to emerge from its tailspin, experts say that the government must establish mechanisms that will encourage a productive investment of the country’s vast oil revenues.

government income is deeply reliant on the export of oil and natural gas,
economic and political power are highly concentrated in an elite minority, and
political institutions are weak and unaccountable, and corruption is widespread.

Increasing U.S. Sanctions Pressure Raises the Risks of Iranian Retaliation


Iranian retaliation against sanctions pressure would most like consist of cyberattacks. While a direct military response by Iran is less likely, U.S. companies and civilians in the region must still take the possibility into account. Iran's embassies, intelligence networks and proxies give it a global reach, though retaliation is more likely in the Middle East.

Editor's Note: This security-focused assessment is one of many such analyses found at Stratfor Threat Lens, a unique protective intelligence product designed with corporate security leaders in mind. Threat Lens enables industry professionals and organizations to anticipate, identify, measure and mitigate emerging threats to people, assets and intellectual property the world over. Threat Lens is the only unified solution that analyzes and forecasts security risk from a holistic perspective, bringing all the most relevant global insights into a single, interactive threat dashboard.

How Turkey Defied the U.S. and Became a Killer Drone Power


Umar Farooq

FINDING ONESELF IN the crosshairs of a military drone is, for most people, not the most comforting situation. Yet at an air show last fall, tens of thousands of people had a different reaction.

A military drone took off from a runway, and moments later it began transmitting its view to a giant screen on stage. The video from the drone was clear enough to pick out your own face among the crowd. It was exactly what the drone’s pilot, seated in a trailer not far from the stage, was seeing. The crowd was in the crosshairs, and you could see the data about the aircraft’s pitch, roll, and altitude. In the bottom right corner of the screen, the words “Bore Invalid” indicated the drone was currently unarmed.

It’s the kind of video that, in a war zone, can end with a giant plume of smoke and the tattered remains of whatever the drone has just obliterated. Yet for this crowd, it was like catching a glimpse of themselves on the Jumbotron at a football game. When an announcer shouted out, “We see you, wave your hands!” they erupted in excitement.

A Saudi Pipeline Attack Amps Up Suspicions on the Arabian Peninsula


An attack against a Saudi pipeline following on the heels of alleged sabotage of four oil tankers in the Persian Gulf has raised both concerns and questions on the Arabian Peninsula. While other explanations for the timing and targets of the two incidents are possible, the attacks could herald the beginning of a broader campaign of disruption directed by Iran, whose oil exports are being squeezed off by U.S. sanctions, that would put nearly a quarter of the world's crude oil supply at risk of being attacked.

What Happened

For the second time in three days, attackers have targeted oil and natural gas operations on the Arabian Peninsula. On May 14, Khalid al-Falih, Saudi Arabia's energy minister, confirmed that two drones launched by the Yemen-based Houthis had targeted two pumping stations along Saudi Arabia's East-West pipeline, which carries oil from fields in Eastern province to the Red Sea. The resulting fire at one of the stations prompted the pipeline, which has a capacity of 5 million barrels per day of crude oil, to suspend operations as damage assessments are made.

US influence on Europe failing as France resists Huawei ban

by Jamie Davies

The White House might have felt banning Huawei was an appropriate measure for national security, but France does not agree with the drastic action.

Speaking at a conference in Paris, French President Emmanuel Macron has confirmed the country will not ban Huawei. This is not to say it won’t in the future, but it appears Europe is remaining resolute against the demands of the US. The burden of proof might be a concept easily ignored in the US, but Europe stands for more.

“Our perspective is not to block Huawei or any company,” Macron said. “France and Europe are pragmatic and realistic. We do believe in cooperation and multilateralism. At the same time, we are extremely careful about access to good technology and to preserve our national security and all the safety rules.”

President Donald Trump is most likely a man who is used to getting his own way, and upon assuming office as head of the most powerful government worldwide, he might have thought this position of privilege would continue. However, Europe is being anything but compliant.

Huawei poses security threat to UK, says former MI6 chief

Dan Sabbagh 

Huawei should be completely banned from supplying 5G mobile networks in the UK because its operations are “subject to influence by the Chinese state”, according to a report by a Conservative MP and two academics.

They argue that a decision announced by Theresa May last month, after a fraught meeting of the National Security Council (NSC), to allow Huawei to supply “non-core” equipment should be overturned because using the company’s technology presents “risks”.

In a report from the Henry Jackson Society (HJS), the authors claimed Huawei “has long been accused of espionage” – a claim denied repeatedly by the firm – and notes that “while there are no definitely proven cases”, a precautionary principle should be adopted.

Trump Vs. Huawei: The World Is Watching

By SYDNEY J. FREEDBERG JR.

WASHINGTON: President Trump’s new Executive Order on imported technology bares sharp teeth at Huawei and other Chinese companies, but it doesn’t have any teeth yet. The actual impact will depend on how the order is implemented over the next 150 days, giving the administration plenty of leverage. That timeline, combined with the wide discretion the order allows — it doesn’t actually mention Huawei or any company by name — gives Trump plenty of leeway. He can use the order as a launchpad for a strict crackdown on suspect tech, or he can use it as a bargaining chip in his larger trade war with China.

But the more cybersecurity gets entangled with protectionism, some experts warned, the less seriously US allies will take American exhortations to keep Chinese tech out of their networks. And what really matters is not how the order impacts the US market — where Huawei is already weak — but the signal it sends to the rest of the world — where the Chinese company has a shot at 5G dominance. This White House’s tendency to sudden reversals that catch its own senior officials by surprise (on nuclear weapons, aircraft carriers, defense spending, Syrian withdrawal, and so on) doesn’t exactly instill confidence abroad.

Populists Have Their Sights on the European Parliament, Despite Their Own Divisions

Andrew MacDowall 

Could next week’s European Parliament elections lead to a grand realignment of the continent’s politics, with the populist right wielding unprecedented influence? Hungary’s pugnacious and controversial prime minister, Viktor Orban, certainly hopes so. Poland’s de factor leader, Jaroslaw Kaczynski, the head of the ruling, arch-conservative Law and Justice party, PiS, is also eyeing the leadership of an invigorated right. So too Italy’s deputy prime minister, Matteo Salvini, the figurehead for a potential new bloc of hard-right populist parties and governments opposed to immigration and aiming to reconstitute European politics.

But even if they all do as well as predicted next week, with far-right, populist and other euroskeptic parties projected to win around a quarter to a third of the seats in the European Parliament, the question remains: Can the disparate forces of Europe’s populist right coalesce into a coherent whole and put their plans into action? .

Anatomy of a Taiwan Invasion, Part 3: Taiwan's Countermeasures

By Rick Joe

This is part 3 of a three-part series considering the methods that may be used in a PLA invasion of Taiwan. Part 1 and part 2 set the political and military parameters relevant for the situation, and examined the PLA assets that would be deployed in the air, naval, and missile domains. These pieces concluded that the success of the eventual amphibious landing phase would be dependent on how the preceding contest in the other domains play out.

Part 3 will review the handicaps that the Taiwan’s own military, the Republic of China Armed Forces (ROCArF), currently suffers, and how future defense postures and procurement can be adjusted to maximize Taiwan’s military lethality and survivability. This piece will also review the consequences of likely PLA advances that are expected on the horizon. (Editor’s note: a full list of the acronyms used in this piece is found at the end of Part 1.)

Strategic Depth

SECURITY NEWS THIS WEEK: OH GREAT, GOOGLE TRACKS WHAT YOU BUY ONLINE WITH GMAIL


THE WEEK STARTED out with a bang, or several of them really. Remember Meltdown and Spectre, the vulnerabilities that affected basically every Intel processor from the last decade? There’s a related attack called ZombieLoad—yes, ZombieLoad—with similarly broad and bad impact. Serious stuff! But honestly not even the worst disclosure of the week.

That distinction probably goes to Cisco. Researchers at security firm Red Balloon found that they could hack the company’s ubiquitous enterprise router, meaning they could listen in on whatever traffic goes to and from those networks. Cisco then acknowledged that dozens of its products were susceptible to the attack, likely comprising millions of devices, and that a fix would require an on-site visit.

Hacktivist attacks dropped by 95% since 2015


A new report by IBM X-Force sheds light on the dramatic decline of hacktivism over the last few years. Since 2015, the number of hacktivism-related security breaches has dropped by a whopping 95%. In 2017 there were only five such incidents, down from 35 in 2015. The number dropped further to two incidents in 2018 and so far this year, not a single breach has been attributed to hacktivists.

This doesn’t mean that hacktivists no longer carry out attacks. For instance, when the Ecuadorian government terminated Julian Assange’s political asylum last month, leading to the Wikileaks founder’s arrest by UK police, hacktivists launched 40 million cyberattacks against Ecuadorian government websites in a week.

Two complementary explanations for why hacktivism is becoming an increasingly insignificant phenomenon, are the decline of the notorious hacktivist group Anonymous and increased efforts by law enforcement to take down hacktivist networks.

HOW MACHINE LEARNING CAN HELP PREVENT CYBER ATTACKS

by Gordon Gottsegen

In May of 2017, a nasty cyber attack hit more than 200,000 computers in 150 countries over the course of just a few days. Dubbed “WannaCry,” it exploited a vulnerability that was first discovered by the National Security Agency (NSA) and later stolen and disseminated online.

It worked like this: After successfully breaching a computer, WannaCry encrypted that computer's files and rendered them unreadable. In order to recover their imprisoned material, targets of the attack were told they needed to purchase special decryption software. Guess who sold that software? That's right, the attackers. 

The so-called “ransomware” siege affected individuals as well as large organizations, including the U.K.'s National Health Service, Russian banks, Chinese schools, Spanish telecom giant Telefonica and the U.S.-based delivery service FedEx. By some estimates, total losses approached $4 billion.Jarretera / Shutterstock

Spies, Lies, and Algorithms Why U.S. Intelligence Agencies Must Adapt or Fail

By Amy Zegart and Michael Morell

For U.S. intelligence agencies, the twenty-first century began with a shock, when 19 al Qaeda operatives hijacked four planes and perpetrated the deadliest attack ever on U.S. soil. In the wake of the attack, the intelligence community mobilized with one overriding goal: preventing another 9/11. The CIA, the National Security Agency, and the 15 other components of the U.S. intelligence community restructured, reformed, and retooled. Congress appropriated billions of dollars to support the transformation.

That effort paid off. In the nearly two decades that U.S. intelligence agencies have been focused on fighting terrorists, they have foiled numerous plots to attack the U.S. homeland, tracked down Osama bin Laden, helped eliminate the Islamic State’s caliphate, and found terrorists hiding everywhere from Afghan caves to Brussels apartment complexes. This has arguably been one of the most successful periods in the history of American intelligence.

But today, confronted with new threats that go well beyond terrorism, U.S. intelligence agencies face another moment of reckoning. From biotechnology and nanotechnology to quantum computing and artificial intelligence (AI), rapid technological change is giving U.S. adversaries new capabilities and eroding traditional U.S. intelligence advantages. The U.S. intelligence community must adapt to these shifts or risk failure as the nation’s first line of defense.

Information Warfare Is Here To Stay

By Heidi Tworek

We often forget that the Internet is not as wireless as it seems. Most online data still flow through physical fiber-optic cables laid out across several hundred thousand miles of ocean floor. If a shark were to bite through a cable (which has happened before), some or all of the Internet could come to a standstill.

These days, however, observers spend less time worrying about underwater fauna than about Russia’s submarines, which have been taking a special interest in ocean-bed cables in recent years. Since 2017, Russian submarines in the North Atlantic have reportedly been unusually active in the vicinity of undersea fiber-optic cables that carry most European and U.S. Internet traffic. It remains unclear what exactly Russia is planning or doing. The Russian activity may indicate an attempt to surveil the Pentagon’s secret cable network or plans to tamper with certain connections. But the reports also fit in with Russia’s global push to shape political outcomes and public opinion through the Internet, whether through Russian-funded news websites or social media meddling.