On January 15, the French newspaper Le Monde published an article in which it highlighted the French perplexities about the “Hunt Forward Operation” (HFO), i.e. the active search for (and therefore in the “hunt” for) subjects or software that have infiltrated in a network to commit illegal actions or “do damage”. Initially launched in Ukraine in early 2022 to counter hostile actions attributed to Russia, the HFOs have, in fact, also been conducted in EU countries such as Lithuania and Croatia.
The alarm
The dark side of ChatGPT: how artificial intelligence is used for cybercrime
by Emanuele Capone
As such, such activities do not cause particular concern because they are part of the complex offer of security that private companies offer to the market. However, when the technicians in charge are not employees of a commercial company but soldiers of another country with a history of espionage even against allies as in the Crypto AG case and in the Merkel case – not to mention the revelations of Edward Snowden – they better understand the perplexities of Paris.
Already on 9 December 2022, in a hearing at the Assemblée Nationale, the commander of transalpine cyberdefense had declared*: “I will not dwell on the American hunting forward policy, if not to say that it is relatively aggressive because it opens the networks of Countries requesting their intervention. … By allowing a form of access to the networks involved, the HFOs protect them, but with a marked presence at the service of diplomacy, something that General Nakasone does not hide”. A few months earlier, with a statement reported by the BBC that sounds a lot like one excuse not claimed, General Hartman, commander of the Cyber National Mission Force – United States Cyber Command, regarding the way in which the HFOs are conducted, declared*: “if you are the host country, this is a rather worrying situation. Some doubt immediately arises as to whether we might be doing something bad or whether this is a super covert operation to install backdoors.”
Cybersecurity: a new approach, in line with Europe, which helps ensure greater security for businesses and consumers, and digital sovereignty in Italy
Are we, therefore, facing a new front in the complex chess game between the US and the EU, allies in opposing Russia, but historically adversaries on the economic and political fronts of technological sovereignty (including Italy)?
Safety
Apple has eliminated a dangerous iPhone vulnerability. Why update iOS
by Antonio Dini
A pragmatic and sensible approach advises against venturing into analyzes based on mainstream narratives or conspiracies of various nature and color, also because in issues such as national security the only ones who can talk about it with full knowledge of the facts – and they don’t do it publicly – are those who are directly involved. Therefore, until there is evidence of inappropriate or blatantly aggressive behavior by the US towards the countries that have requested its intervention, we must assume that the reality corresponds to the appearance. Consequently, we cannot know whether the French alarm is rather the result of their traditional anti-Americanism, of the need to expand the powers of some internal military structure or of other quarrel housekeepers.
Instead, it is worth looking at home and wondering if, in similar cases, our national security policies make it abstractly necessary to resort to foreign aid or if the Italian Defense is self-sufficient from a technological point of view. The ubiquitous ubiquitous presence of foreign technologies (not just the US) in the critical infrastructures and essential services that make up the “national cyber security perimeter” and in the future PA cloud poses a structural problem that goes far beyond the issue of HFOs.
Military operations have their own rules, and within the context of cooperation pacts it is unthinkable that games can be played at multiple levels, risking undermining the indispensable total trust that one must have in those who could be called to fight on the same side of the fence . On the contrary, the information activity takes place in areas with much less defined contours and it is enough to read the documents made public through Wikileaks to realize that when playing with intelligence the rule of the game is, essentially, “no holds barred” – everything is permitted. For example, it is still largely unknown whether and how the American Clarifying Lawful Overseas Use of Data Act has been applied in Italy, which allows US authorities to obtain access to data held by US companies on European territory. On 4 August 2022, the Italian Internet Provider Association had asked the Authority for the protection of personal data to investigate the issue further, however today an investigation has not even been opened.
The inertia of the Authority on such an important issue is, archetypically, the weak point of the scaffolding of the new national security conditioned by the elevation of the (foreign) private sector to direct and equal interlocutor of the State. Before even worrying about military matters, it is public control over the private sector that constitutes a preventive remedy against “bad thoughts”, “trust but control”, the Russian proverb that President Reagan adopted as a mantra is the approach that could allow a balance between the obvious need for interaction, including commercial ones, with allied countries and the protection of national interests. An effective and timely system of controls, in fact, dissuades us from taking advantage of opportunities which, on the other hand, arise when draconian regulations remain only a little ink printed in the Official Gazette.
* NdA: The translations from French and English are not official.