(This post was written together with Pierguido Iezzi)
“The polarization of conflicts has shifted the axis of threats from the more security aspects in the strict sense towards a broader dimension through combined attack strategies (cyber espionage, penetration into national economic realities, disinformation on social media) aimed at influencing our processes Democrats. This is also thanks to the exponential development of the technological component. Hence we are increasingly talking about a “hybrid threat” to characterize the scenario with which intelligence apparatuses must grapple today, i.e. hostile activities conducted by combining the use of conventional and non-conventional tools”.
Doctor Alessandra Guidi, deputy director general of the Department of Information for Security, the structure of the Presidency of the Council which coordinates intelligence activity, could not have been more explicit in a recent interview in reporting the scenario in which for some time now we are forced to operate.
Precisely in recent days the speeches of the President of the Republic at the United Nations Headquarters in New York and of the Interior Minister Piantadosi, at the meeting of the heads of the security services, have reiterated that we are in a real emergency of stability both in the sphere of communication and the defense of our sensitive data.
A scenario that we must constantly update and integrate, especially in a phase, such as the current one, in which European countries are called to accentuate their capacity for defense and garrison of the field, filling the void that is announced with a withdrawal, or at least a easing depending on which hypothesis will prevail in the next US presidential elections of our transatlantic ally. Today it becomes a priority to understand how the defense strategy and fight against military threats is being rearticulated, and identifying the new range of pitfalls that are becoming military logistics such as the tampering of information, the guided circulation of distortions of the truth, as well as a massive attack to the integrity of digital infrastructures.
We are on the one hand a further twisting of the concept of security which from the protection of one’s own deposits of sensitive contents is inexorably extending to the increasingly looming threat to the autonomy and sovereignty of states or individual communities in the selection and diffusion of their own common sense .
The irruption of artificial intelligence in this “hybrid war”, as the Russian Chief of Staff Gerasimov defined it more than ten years ago, visibly changes both the traditional framework of cybersecurity, with continuous updates of the structures and models of protection, and the ideological framework, i.e. that set of contents and conceptions that are altered by a targeted and massive diffusion of information manipulation.
But the same terrible form of combat is being redesigned, as the recent exchange of attacks between Israel and Iran has shown us, where the technological powers in the field seem to have neutralized each other, pushing the belligerents, we could say, to return to more material and tragic forms. of the war waged.
Indeed, it is clear that digital malware incursions, although they caused significant damage to Iran’s nuclear research system about a decade ago (the Stuxnet case), are now slowing down. This slowdown can be attributed to the fact that, in a context of more balanced technological evolution between the contenders, the speed of adaptation and change of defense systems makes the processing times of viruses less effective in causing damage. This change in scenario is paradoxical: the same spiral of technological innovation that seemed to lead towards greater symmetry between countries and companies is instead reducing the impact of the most devastating war dynamics.
It is therefore unlikely that we will see a devastating action similar to that unleashed by the Stuxnet malware in the short term. There are several reasons for this prediction. First, the strategic nature of Stuxnet has maintained attribution uncertainty to this day. In an open conflict context, revealing such a capability could trade off medium- and long-term strategic advantages for short-term tactical advantage.
Furthermore, Stuxnet required an intensive three-year effort to build. In the current context of rapid technological evolution, designing effective malware is made difficult by the speed with which computer system and equipment architectures change. Immediately exploiting any vulnerabilities or zerodays is essential in order not to miss the opportunity and the available technological window.
Last but not least, from an operational point of view, the development of Stuxnet was expensive, estimated at around $1 billion. By comparison, launching missiles and drones, costing around $30 million, could be more effective and efficient in terms of success.
The Artificial Intelligence paradox
Meanwhile, we must consider that in the military sector the same artificial intelligence is used to continuously test the vulnerability of strategic war infrastructures and remedy any flaws, modifying and updating defensive systems in a very short time.
A race against time which, as we have seen, is often not even worth undertaking, and, for example, has pushed Iran and Israel to instead resort to traditional attack systems to cause equivalent damage: drones, ballistic missiles or cruise missiles.
They certainly cost more, but their effectiveness is certain or at least more reliable in terms of their ability to attack the adversary in proportion to the war effort made.
Especially if, as is now happening in the Middle East, cyber, integrated with artificial intelligence resources that perfect the devices for controlling and countering automatic attack strategies, intervenes particularly to support the action conducted in the air domain.
Artificial intelligence, as we saw in what was superficially called a “telephone” battle over the reduced effects of the Iranian attack, has in fact been used by Israel to increase the accuracy, efficiency and effectiveness of the system of Iron Dome air defense, which, together with the inter-allied shield, the combination of different systems and the collaboration of Saudi and Emirati intelligence, made it possible to shoot down 99% of the carriers launched on the night of Saturday 13 April from Iranian territory. Artificial intelligence is then also used by Tsahal to always precisely finalize actions aimed at land domination: in the ongoing offensive in Gaza, two systems supported by artificial intelligence, Gospel and Lavender, have been widely used.
The first identifies the physical targets on which to direct artillery and aviation attacks – possible Hamas bases or hideouts, weapons depots, listening stations – while the second profiles the physical features of possible militants, directing remotely controlled weapons against human targets identified at their most vulnerable moments – often returning home after a day of fighting. In this field, also due to the reactions of public opinion to the more invasive effects of these intervention techniques, the question of the level of human control of these decision-making processes that plan military actions is being forcefully posed.
In the air conflict between Iran and Israel, the cyber component is also used from an intelligence perspective, in supporting the preparatory phase of attacks, in blinding anti-aircraft guns and hitting energy transmission infrastructures. Finally, it also plays a role in amplifying the results of an attack once it has concluded, through a series of disinformation actions to undermine the morale of the population of the opposing state and propaganda to support the home front.
In any case, at this stage the conflict in cyberspace seems destined to be confined to a regional context, with all the resources of the two contenders concentrated on prevailing in the Middle Eastern theater. Suddenly, the war has transformed the most global of weapons into a proximity warfare instrument, thus triggering a sort of technological reciprocity deterrence that limits the spiral of “hybrid threat” to cyber systems.
This is a dynamic that will have to be carefully analyzed and measured by European experts to understand how to hypothesize a defense model that combines an effective barrier on the front of intrusion into information and cultural circuits, with an ability to face these actions of “increased war” we could say , in which artificial intelligence, rather than guiding malware, once again becomes a deadly form of combat logistics.
