Open Password – Wednesday March 30, 2022
#1048
War of aggression against Ukraine – Information industry – Information science – Information professionals – Social resilience – Fake news – Communication with the enemy – JRR Tolkien – Lord of the Rings – Willi Bredemeier – Mariupol – Terrorization of the civilian population – Welcoming culture – Refugees – Inadequate vaccination protection – Karl Lauterbach – General Compulsory vaccination – Opening policy – Getting used to the virus – Bundestag – FDP – SPD – Greens – Olaf Scholz – Moral condemnation – Mordor – Helpfulness – Poland – Economic war – Rearmament and deterrence policy – Security policy turnaround – Donald Trump – New realism – Social policy – Information and Cyberwar – Vladimir Putin – Marine le Pen – George Orwell – Fake News – Freedom of Information – MetaGer – European Union – Russia Today – Sputnik – North Stream II – Break in civilization – Coal, oil and gas embargo – Deprivation – Russia as a world nuclear power – NATO – Tactical nuclear weapons – Russia’s spheres of influence – EU accession – Russian errors – Ukrainian resilience – Riskier course against Russia – Joachim Krause – Neue Zürcher Zeitung – Robert Habeck – Geopolitics – Willingness to take risks – Game theory – Carl von Clausewitz
Sanctions against research – information companies – cyber war – Social Market Economy Initiative – Software Security – Four Top Trends – Julian Totzek-Hallhuber – Veracode – Hyper-Automation – Microservice Architecture – Application Programming Interfaces – Vulnerabilities – State of Software Security Report – Open Source -Libraries – Security Incidents – Solar Winds – Software Supply Chain – Executive Order (USA) – National Cyber Strategy 2022 – 2030 (UK) – Germany
I
The war of aggression against Ukraine (1):
Sanctions hit Russian research hard – information companies are preparing
for cyber war
II.
The war of aggression against Ukraine (2):
What the info industry, information science and InfoPros should do – Making society more resilient to fake news – How do we communicate with the enemy and how do we position ourselves relative to him? – By Willi Bredemeier
III.
INSM Authority Digimeter: At this rate, government digitalization will take over 30 years
IV.
Software security
The four top trends – By Julian Totzek-Hallhuber, Veracode
The war of aggression against Ukraine (1)
Sanctions hit Russian research hard
Information companies are preparing
for cyber war
(Outsell) As the war in Ukraine enters its second month, tensions remain high, and the effects of the conflict continue to percolate around the globe.
Our analysts have started hearing about some of the effects of sanctions. On the scientific and technical side, for example, we recently learned of how Russian labs are being heavily impacted by shortages of equipment and supplies.
Concerns about cyberwarfare are also mounting due to the overall rise of geopolitical instability. A variety of information companies are exploring ways to improve security measures and looking at how best to leverage cybersecurity ratings agencies to assess security vulnerabilities among their suppliers, customers, and partners.
The war of aggression against Ukraine (2):
What the info industry, information science and InfoPros should do
society more resilient
to fake news
How do we communicate with the enemy
and how do we position ourselves relative to him?
(A ring) to the Dark Lord on a dark throne
In the land of Mordor, where the shadows threaten. A ring to enslave them, to find them all, to drive them into darkness and to bind them forever in the land of Mordor, where the shadows threaten.
JRR Tolkien, Lord of the Rings
By Willi Bredemeier
For more than two years, we inevitably came up with the topic of Corona in our phone calls and meetings. We accompanied our conversations with a sigh and occasionally said it: How we long for the time when we no longer have to talk about this! This has now happened, but the expected relief has not materialized. Russia’s war of aggression against Ukraine is partly pushing the pandemic out of our awareness and we are reacting to developments in Ukraine with shock and horror. Day after day, we are overwhelmed by the flood of images from Mariupol and other Ukrainian cities that the Russian army is indiscriminately shelling and bombing to terrorize the civilian population. We feel helpless because, despite all the arms deliveries and moral support from Ukraine, there is so little we can do. I exclude the welcome for the millions of refugees from Ukraine and see this as a testament to Western civil society.
_____________________________________________________
What would be necessary now in the pandemic has been sacrificed on the altar of coalition peace.
_____________________________________________________
Not that the pandemic hasn’t remained with us as a personal danger and a mega-social problem. We do not have to keep track of the astronomical incidences, the rising hospitalization rates, the overload of our health system, the low vaccination rates, the millions of unvaccinated people and the millions more with inadequate vaccination protection in our country. It’s enough to listen to our Minister of Health, who will be one of the best at describing the coming crisis by autumn at the latest and practically begging you to get vaccinated as the “only way out of the pandemic”. The only question is why Karl Lauterbach doesn’t do his job and ensure the introduction of a general vaccination requirement, but instead talks to himself like an opposition figure.
I consider the lifting of almost all measures to combat the pandemic, as is happening these days, to be a serious mistake. This is happening against the will of the federal states and probably also the Minister of Health and is taking place at a time when the public and citizens are primarily informing themselves about the events in Ukraine and their subsequent effects on us and a great deal of fatigue and habituation to the virus has set in . The next thing to fear is that the general vaccination requirement will soon not be so much decided as discussed in the Bundestag. Not to mention the unresolved problems with the implementation of a general vaccination requirement and the associated time expenditure in the federal confusion if it were to come.
Here the FDP can be accused of using a concept of freedom that developed as a defense of citizens against an overreaching state, but is not suitable for combating a deadly virus. The SPD and the Greens are to be accused of sacrificing what would have been necessary in Corona policy on the altar of coalition peace. Olaf Scholz must be told that political leadership should look different than publicly deeming a general vaccination requirement necessary and then leaving the problem to the tacticians in the Bundestag. Here the traffic light coalition has scored an own goal that will have serious consequences for many of us.
_____________________________________________________
United with all German citizens and the West: The shock, the horror and the helplessness – The moral condemnation of Russia – The security policy turnaround.
_____________________________________________________
Does the information industry and information science, do the information professionals have anything to say about Russia’s war of aggression against Ukraine? We are united with the entire West in morally condemning the Russian invasion and at the same time shocked because we believe we have done so much for peace. Not only in Germany, but especially here, we have largely suppressed the fact that clearly evil also exists at the moment and will continue to exist and will come back. Mordor is not Tolkien’s invention. This does not mean that Mordor is not open to analysis and cannot be conquered. But this requires a security policy turnaround and a “new realism”, as the federal government has shown in the last five weeks.
According to my impressions from discussions and viewing of incoming reports, the information industry, information science and InfoPros are not left behind when it comes to initiatives and concrete help for colleagues in Ukraine and beyond. Many of us would do more if we knew how to get more involved (beyond the abstract act of sending donations). There is a huge willingness to help among German citizens and in other European countries, especially Poland (as long as it concerns the acceptance of Ukrainian and not Syrian refugees).
We largely agree that the federal government acted correctly when it quickly threw old certainties overboard, reinterpreted the security situation in the Federal Republic (“turning point”), closed ranks with the United States and other allies, and launched a war of aggression Russia, united with the USA and the EU, responded with an economic war and now wants to pursue a policy of rearmament and deterrence. Olaf Scholz and the traffic light coalition have earned merit here and the opposition, to the extent that it can be taken seriously, is basically going along with it. In one sentence, however, it should be remembered that the austerity of the Bundeswehr, which was recently barely operational, was not put on the political agenda by any party represented in the Bundestag and that the change in security policy should have started at the latest when the nuclear protective shield of the United States crumbled under Donald Trump’s presidency.
So it remains to be hoped that the new realism in federal politics will endure and that the old illusions will not immediately return if the security situation improves slightly or if we get used to conditions that we now view as untenable too quickly. Politics should not be reduced to social policy again.
_____________________________________________________
Anyone who doesn’t think outside the box and doesn’t know what to say when it comes to mega-crises like Corona and the war of aggression against Ukraine is quickly forgotten. He and she may even deserve it.
_____________________________________________________
Does the information industry and information science, do the InfoPros also have something specific to contribute to the war against Ukraine? The following applies here: Anyone who doesn’t think outside the box and doesn’t know what to say when it comes to mega-crises like Corona and the war of aggression against Ukraine, which also affect us all personally, will quickly be forgotten. He and she may even deserve it.
Below I will give two examples of how we should engage constructively in the debate about the war against Ukraine.
_____________________________________________________
Making our society more resilient to fake news.
_____________________________________________________________________
Not only, but above all, Russia has been waging an information and cyber war against both the West and its own population for years. This war contributed to Donald Trump becoming President of the United States and, as a result, American democracy and the Western alliance fell into a state of weakness. A touch more fortune for their own subversion campaigns and Vladimir Putin would have made Marine Le Pen French President. Russia’s information war against its own population has reached a new peak with the invasion of Ukraine, with the lies of politicians and the state media about the war reaching Orwellian proportions, calling the truth and even calling the war a “war”. sometimes high penalties are imposed and the Russian state power eliminates the last opposition voices in its own country. Cyber attacks on the critical infrastructure of Ukraine and other countries have so far been limited, but that does not mean that we should not be prepared against them.
Here, in the documentation and analysis of state information warfare and the strategies behind it, the development of counter-strategies and measures to make societies more resilient to fake news, as well as in finding an appropriate balance between combating lies on the Internet and securing freedom of information I want a stronger commitment from those around me that is also related to current events and developments.
After all, the MetaGer search engine team has dealt with the Council of the European Union regulation of March 1, according to which content from the Russian state broadcaster Russia Today and Sputnik may no longer be distributed in EU countries. “How does MetaGer position itself?” is asked in their post, and the answer is:
“We regret that certain content is now blocked and can no longer be found by search engines. In the spirit of freedom of information, we do not block pages, but rather downrank pages that spread disinformation” (“Our statement on freedom of information in the Russia/Ukraine war”, in: Open Password, #1047, March 28, 2022).
Here I have a completely different opinion. Disinformation and institutions whose business model consists of spreading disinformation, weakening democracies and lying to their own population have no place on the internet or in print. But I am grateful to MetaGer for giving me the opportunity to file this objection.
_____________________________________________________
How do we communicate with the enemy and how do we position ourselves relative to him?
_____________________________________________________
While Russian troops were deployed on Ukraine’s northern, eastern and southern borders, there was particular controversy in Western countries as to whether North Stream II, which was supposed to pump Russian gas to Europe bypassing Ukraine, would be allowed to go into operation. I shared the Federal Government’s positive stance on this because, in my view, agreements once entered into should not be broken and I could not imagine the breach of civilization that the Russian army would attack Ukraine. After the invasion, it seems certain that North Stream II will not be operational in the foreseeable future.
After the imposition of strong economic sanctions, it is now controversial whether an additional coal, oil and gas embargo should be imposed against Russia. Once again, the federal government is hesitating because the country has become heavily dependent on Russian gas imports. These cannot simply be reduced to zero overnight. The ongoing process of political consideration includes the questions of what deprivations can be expected of the German population without being punished in elections and, above all, how Putin and the Russian state power would react to a further escalation of the economic war against them. Putin’s demand to be paid in rubles instead of dollars in the future brings us one step closer to the gas embargo.
In this situation, it must above all be borne in mind that Russia is a world nuclear power and that Putin, in the course of his war against Ukraine, made a barely veiled threat to use nuclear weapons if NATO intervened. Is Putin bluffing? That’s what we thought too, before Putin invaded Ukraine. The use of “tactical nuclear weapons” does not automatically lead to a world conflagration, but perhaps “only” to the devastation of East Central Europe and possibly Germany.
The West has always recognized the position of the Soviet Union and later Russia as a world nuclear power and implicitly assigned Ukraine to Russia’s sphere of influence. That is why Ukraine has been denied NATO and EU membership for all these years. This is currently becoming clear when the USA and NATO repeatedly emphasize that they are not a party to the war, Russia is offered Ukraine’s express renunciation of NATO membership and Ukraine’s distressed application for EU membership is being put on the back burner , without concrete encouragement being given.
After Vladimir Putin and the Russian state made a similar mistake as the West by overestimating the fighting strength of their own army and underestimating the will to resist and the resilience of the Ukrainian population, there are increasing voices who want to take a riskier course against Russia. Among other things, the establishment of no-fly zones in Ukraine, the delivery of combat aircraft and militarily secured “humanitarian expeditions” to Ukraine were discussed. This is justified, on the one hand, morally (“We have done far too little in the face of the daily images from Mariupol”) and, on the other hand, with the thesis that the risk we took with one of these measures was not that great (cf Example: Joachim Krause, “We are a long way from a world war – Russia is currently not prepared for a military conflict with the West,” in: Neue Zürcher Zeitung, March 17, 2022).
I do not agree with our Minister of Economy that Vladimir Putin is acting irrationally. His geopolitical belief system may seem delusional to us, but within that frame of reference he acts rationally. However, Putin also seems to be a “gambler” who can win and lose even more with his greater willingness to take risks compared to the West. It currently appears that Putin can secure territorial gains in Ukraine, but Russia is losing the ongoing economic war.
Here I would like to see contributions from the information industry, information science and information professionals on how to communicate with the enemy in an information-competent manner, how to position ourselves towards them while anticipating their reactions and what our most promising options are. We not only need a new realpolitik, but also a public debate about what options we have for action and what can make our politics more clear-sighted. It doesn’t matter whether we refer to game theory or to Clausewitz.
INSM government digitimeter
“At this rate, government digitalization will take over 30 years”
Software security
The four top trends
By Julian Totzek-Hallhuber, Veracode
Julian Totzek-Hallhuber
_____________________________________________________
- Hyper-automation is becoming established in software development.
_____________________________________________________
The speed at which software is developed and brought to market continues to increase. Companies – and development teams in particular – no longer just have to assert themselves against countless competitors. You also need to innovate quickly and accelerate the development process to meet user expectations.
Companies will therefore increasingly automate as many processes as possible. The security aspect moves into the early stages of the development cycle. At the same time, more and more tasks in software development are being taken over by AI and ML-based solutions, such as identifying vulnerabilities, eliminating errors and threat modeling.
_____________________________________________________
- Applications are broken down into their smallest components.
_____________________________________________________
Software developers are increasingly building their applications on a microservices architecture. In this way, they can reuse individual small “application blocks” that only have a single function for other applications. The use of application programming interfaces (APIs) to integrate these microservices is therefore becoming more important than ever.
But APIs can have vulnerabilities in the form of weak authentication, exploitable injections, or misconfigurations. Without the right security measures, cyber criminals can specifically exploit them. According to the current “State of Software Security Report” from Veracode, the misuse of APIs will become one of the greatest threats of attack in the future.
_____________________________________________________
- Developers are increasingly relying on open source code
_____________________________________________________
Development teams are increasingly turning to open source libraries to speed up their development process. In its 11th State of Software Security study, Veracode found that traditional Java applications consist of 97 percent open source code. But security incidents like SolarWinds have shown that open source libraries are not 100 percent error-free – all the more reason to subject every application component to a security scan.
According to the recent “ State of Software Security: Open-Source Edition ” report, development teams often forego testing open source code. In 79 percent of cases, they update the code themselves after using it in applications. As a result, critical vulnerabilities remain in the end product – around a third of applications have more defects in the open source code than in the self-written code portion. Therefore, developers need to prioritize regular scans and updates of open source libraries to minimize security risk.
_____________________________________________________
- New policies come into force to ensure greater cyber security
_____________________________________________________
In order to reduce the security risk within the software supply chain, politicians will increasingly focus on implementing guidelines and increasing security standards. The USA has taken a first major step in this direction with the publication of the Executive Order. This resolution establishes security requirements for software companies that provide their products to the U.S. government. It is likely that these requirements will be rolled out across the public sector. The UK aims to ensure higher levels of cybersecurity with the National Cyber Strategy 2022-2030. It can be assumed that Germany will follow these models and make similar decisions.
OpenPassword
Forum and news
for the information industry
in German-speaking countries
New editions of Open Password appear three times a week.
If you would like to subscribe to the email service free of charge, please register at www.password-online.de.
The current edition of Open Password can be accessed immediately after it appears on the web. www.password-online.de/archiv. This also applies to all previously published editions.
International Cooperation Partner:
Outsell (London)
Business Industry Information Association/BIIA (Hong Kong)
Open Password Archive – Publications
OPEN PASSWORD ARCHIVE
DATA JOURNALISM
Handelsblatt’s Digital Reach