Critical infrastructure and soft targets in the Maghreb states
In November 2018, Advisory Panel Member Lina Kolesnikova took part, as an international expert, in the regional workshop on ‘The challenges posed by terrorist acts on critical infrastructure (CI) and soft targets in the Maghreb States’. The event was jointly organised by the Counter-Terrorism Committee Executive Directorate (CTED) and the United Nations Office on Drugs and Crime (UNODC).
The workshop was held in Casablanca as a part of a four-year, EU-supported initiative with six previous workshops already having taken place between 2014 and 2018.
This time the pool of international experts included representatives from the ICAO, OECD, the Belgian Crisis Centre, the French General Secretariat of Defence and National Security, the Spanish State Secretariat for Security and insurance company, Hiscox.
The aim was to help states in the Maghreb to develop national strategies to address acts of terrorism against CI and soft targets and to explore ways of integrating lessons learned in criminal investigations into national strategies.
CI is often identified as that infrastructure whose incorrect functioning, even for a limited time period, may negatively affect the economy of individual subjects or groups, involving economic losses and/or even exposing people and objects to a safety and security risk.
Invited experts and participants agreed that, despite the numerous attempts made so far, there is still no universally recognised definition, or at least a definition that provides a classification that suits the characteristics of each particular nation. If we look at the countries of Maghreb, we may see that for Tunisia, for example, the tourist industry is clearly one of the most important CI; but for Libya and Algeria it is oil and gas industries.
All participants stressed that CI has a systemic nature and we need to use a systemic approach, which has the capability of identifying and evaluating the possible consequences of damage or elimination of individual system components with respect to the functioning of the whole. A complicating factor is the increased interdependencies between many of these critical infrastructures. The threat of a disturbance in one element of the wider ‘system’ often suffices to paralyse other elements.
The attacks on financial, food and water CI are particularly dangerous, as they can lead to a loss of trust in the authorities; by undermining or compromising such trust, terrorists can attack the whole construct of the economy and modern society (see articles on hybrid threats in CRJ 13:4 and 14:1).
Several presentations and many remarks during the debate were dedicated to cyberattacks and risks of such attacks on CI. The virus attacks on Iranian nuclear facilities’ SCADA systems in 2010, those targeting Estonia’s telecommunication and power grid infrastructures in 2007 (see Cyber attack resilience, Mati Raidma, CRJ 5:1, 2008), and in Ukraine in 2015, all show how cyberattacks against CI are becoming increasingly prevalent and disruptive.
The problem of fake alarms and false alerts was discussed during these three days (see False Alarms and Mass Alerts, Lina Kolesnikova, CRJ 13:4). The case of telephone terrorism in Russia in 2017 was brought to the attention of participants.
Experts and participants showed a clear interest to public-private partnerships (PPPs), discussing the situation in Maghreb countries and EU. Today, most of CI is owned and operated by the private sector and, in many cases, in foreign private hands. More and more states increasingly depend on infrastructure and assets that are partially or completely located outside their jurisdiction and over which they have little or no control.
Communicating CI terrorist threat information to owners and/or operators of CI, and sharing information and intelligence are still a big challenge. A further challenge also lies in receiving proper information from CI elements, without them attempting to hide sensitive situations. In many countries, the responsibility for managing risk to physical facilities, supply chains, information technologies and communication networks primarily rests with owners and operators, which creates a high risk for security and safety of the whole of society.