The new world disorder
The most significant trends in global risk and security are revealed in the annual RiskMap from consultancy firm Control Risks. It provides a detailed view from the markets that will matter most in 2015, and forecasts the major challenges and opportunities of doing
business in the world’s most complex environments this year.
CEO Richard Fenning said: “The coming year will see the news dominated by turmoil, from Iraq to Ukraine to the South China Sea and beyond. RiskMap 2015 explores many of these issues, looking past the immediate political theatre to examine the forces that are reshaping international relations and the global economy.”
The report highlights a number of key risk trends for 2015. It describes how transnational terrorism continues to be a threat, spurred on by competition for leadership of the global jihadist movement between al‑Qaida and Islamic State (IS).
Maritime piracy remains a threat, but onshore threats of crime, corruption, labour unrest and conflict are more risky to shipping companies. Piracy in East Africa will continue to decline but West Africa will become a piracy hotspot.
The RiskMap report also highlights how technology is changing the face of kidnapping and extortion, through ‘virtual kidnapping’, social media reconnaissance and cyber extortion, and how cyber threats will continue to grow.
Global terrorism outlook
Competition for leadership of the global jihadist movement will drive further fragmentation and reward high‑profile attacks, Jonathan Wood explains in this section of the report: ‘On the strength of its military exploits and effective propaganda, IS in 2014 emerged as the first credible challenger to al-Qaida for leadership of the global jihadist movement. Its declaration of a caliphate and demands of allegiance directly peeled some groups away from al-Qaida. Others, including key al-Qaida franchises, were convinced to at least hedge their bets by making statements supportive of IS’s project. Even if al-Qaida and IS reach some kind of tactical armistice in Syria, they are likely to remain global strategic competitors. In the year ahead, this competition is likely to fragment the global jihadist movement and increase the likelihood of high-profile attacks.’
The report gives two reasons for this. Firstly is the likelihood for IS to use its influence abroad, stating that if it can consolidate territorial control in Iraq and Syria, it may seek to expand by funding and training foreign militant groups. Alternatively, local and international military pressure in the Middle East might force IS to diversify and pursue asymmetric retaliation abroad. ‘Either way, expansion would aggravate the schisms within the jihadist movement over leadership and legitimacy,’ the report states.
The second reason given is the fact that IS has damaged al-Qaida’s credibility and legitimacy: ‘Some jihadist groups and sympathisers still respect al-Qaida’s theological credentials and historic pedigree, but many prefer IS’s tangible accomplishments and want to replicate its successes. The jihadist movement has always been a fluid constellation of local groups; inspired by IS, more of these might strike out on their own as independents.’
Both of these factors could increase the threat of high-profile attacks, the report says, with local commanders and al-Qaida franchises possibly wanting to announce and assert themselves with demonstrative violence.
The report explains how increased incitement of homegrown attacks is likely in response to expanded global counter-terrorism efforts and jihadist propaganda.
Returning foreign fighters are a concern, the report says, and equally, counter-terrorism activities in Iraq and Syria could
provoke attempts at retaliation in Western countries.
The report says the rise of IS may result in more ‘lone wolf’ style attacks. It states: ‘IS has crafted its image around intimate, explicit videos of attacks distributed by social media. Sophisticated production and searing imagery send a message that – for maximum impact – the style of an attack is as important, if not more important, than its scale. IS has learned from groups such as al-Qaida in the Arabian Peninsula (AQAP), and appeals specifically to Western sympathisers using targeted media outlets.’
Government intervention will be an important driver of the terrorism threat in 2015, the report says. Airstrikes and other military operations in Iraq, Syria, Yemen, Libya, Somalia and elsewhere will increase the intent of jihadists – not just – IS to target Western and allied interests.
Sponsorship of foreign militant groups is also likely to become a bigger concern in 2015. This is partly because powerful militias will remain the most influential political and security players in fragile states from Libya to Afghanistan. The report states: ‘In several contexts, mainly in the Middle East and South Asia, they are already the shock troops of national and sectarian competition. As the global power vacuum continues to expand geopolitical space to play, more states will seek to strengthen ties with – and pursue strategic objectives through – non-state armed groups.
State sponsorship – funding, training, supply, strategic guidance – will increase the capabilities of some groups to conduct attacks. Otherwise, the main terrorism trends affect intent, implying that in 2015 ambitions will continue to exceed capability, particularly in Western countries.’
Maritime Risk Outlook
Piracy is likely to remain the primary security concern for the maritime industry in 2015, though the outlook differs for two of the world’s hotspots – East and West Africa.
Tom Patterson, who authored this section of the report, explains how levels of pirate activity are likely to remain low off East Africa over the next year, reflecting a decline in hijacking-for-ransom by Somali pirate groups since mid-2011. The report explains: ‘The reduction in successful attacks – no large merchant vessel has been hijacked since May 2012 – can be attributed to three external factors that are by now well-known: a better educated maritime industry, a more robust naval strategy and a better protected merchant fleet.’
But despite this success, piracy in East Africa could re-emerge because Somalia’s pirate networks remain largely intact. What’s more, the security measures that have proven so effective in combating piracy are already showing signs of being dismantled: ‘Understandably, cost-squeezed operators are seeking to dispense with expensive guards, hardening measures and re-routing. Meanwhile, politicians ponder redeploying naval assets elsewhere,’ the report says. So could 2015 see the risk-reward ratio swing back in the favour of Somali pirate groups?
The report says that Nigeria is likely to remain the global hotspot for piracy in the year ahead, stating that the February 2015 general elections may influence longer-term trends. The report says: ‘The fate of the government amnesty programme for Niger delta militants after the polls will be perhaps more important to determining the trajectory of Nigerian piracy. The continuity of stipend payments to rank-and-file
members – and of business opportunities for influential former militant leaders – will be key.’
The report goes on to predict that ‘The absolute number of incidents registered off Nigeria will rise marginally in 2015, following a relative decline in 2014, with periodic small peaks in attacks largely driven by the activities of certain key pirate groups. Kidnapping is likely to remain concentrated off the southern Niger delta. However, as recent trends have shown, the increasing range of such groups threatens personnel operating across a wider area encompassing the waters off Cameroon, Gabon and Equatorial Guinea.’
The report also pinpoints South-East Asia as an are of concern for piracy, as the region continues to register high levels of activity. But in most cases the severity of incidents is low, as it will opportunistic theft in nature.
Another security issue identified by the report is the growing risk of cyber attack, claiming that it will continue to evolve rapidly in 2015.
John Nugent, senior analyst for cyber security, explains that the cyber threat can be broken down into three principal categories: cyber espionage, cybercrime and cyber activism (or ‘hacktivism’) – with each meaning different threats to business.
The report says that despite the contrasting goals of the attackers, one of this year’s main threats will be the continued spread of capability among different types of assailants. It states: ‘What happens, for example, if cyber jihadist factions start to use the relatively advanced hacking capabilities of cybercriminals? The technology is available for purchase online in criminal forums on the dark web (a subsection of the unindexed areas of the internet collectively known as the deep web). These outlets provide particularly fertile ground for the development and distribution of increasingly advanced malicious software (malware) and may also have facilitated the repurposing for criminal use of malware used initially in state‑sponsored espionage campaigns.’
The increasingly routine recruitment of skilled elements from cyber activist communities and ‘hackers-for-hire’ offering espionage as a service is a trend that will continue.
The role of geopolitics in shaping the cyber threat environment will be another core trend to monitor in the year ahead, the report reveals. During 2014, cyber espionage, cyber activist and seemingly cybercriminal campaigns were initiated in response to developments in Ukraine, Hong Kong, Israel and the Palestinian Territories, Iraq and Syria, and the South China Sea. In 2015, sustained geopolitical tension is expected to spur on further targeting of the industrial control systems at the heart of critical national infrastructure.
What’s more, the report predicts the emergence of new, seemingly independent, cyber activist groups created by nation states to further their foreign policy objectives.
This section of the report concludes with two final developments to watch out for: ‘First is the increased focus of attacks on multinational companies’ supply chains.
As companies’ security becomes more robust, complex supply chains can be a point of vulnerability, allowing attackers to ultimately seize data belonging to the company. Second is the creation of malware able to operate across a range of operating systems, taking advantage of consumers’ reliance on an expanding array of different devices.’
Kidnapping and extortion
Technology is changing the face of kidnapping and extortion, the report reveals. In this section, analyst Tom Newell explains how criminals are extorting ransoms from families without even kidnapping a victim. ‘A fast‑growing extortion technique known as ‘virtual kidnapping’ is one of the clearest examples of how the communications revolution has fostered innovation in criminal activity. Virtual kidnaps – most common in Latin America – typically involve criminals contacting a family by phone and claiming to have abducted a loved one. The criminals often purport to be members of an organised crime group, and threaten to harm or kill the victim if a ransom is not immediately paid by wire transfer. In reality, no abduction has occurred, and the ‘victim’ is usually going about their business safely in another location, temporarily out of reach in a place such as a cinema, airplane or hotel. Virtual ‘kidnappers’ are simple extortionists, hoping that the person on the other end of the line will fall for the scam without verifying that a kidnap has actually taken place.’
The report goes on to explain how kidnappers and extortionists have benefited from social networking websites, using them as a way of obtaining personal information that can be leveraged for financial gain.
But kidnappers can use social media for more than just research. They can also exploit it to make demands, intimidate families of their victims or propagate their ideology. For example, prominent Islamist militant groups in Africa and the Middle East have tweeted details of attacks in real time and uploaded footage of foreign victims on YouTube. These online media strategies have enabled militants to put pressure on foreign governments and attract new supporters on a global scale.
What’s more, according to the report, the ‘borderless’ nature of the internet gives criminals a vast amount of opportunities to extort individuals and businesses remotely. The report explains: ‘A burgeoning form of cyber extortion uses ransomware, a type of malware that blocks access to an infected computer system and demands a ransom for the restriction to be lifted. CryptoLocker was among the best known and most lucrative ransomware applications, generating millions of dollars in illicit funds before it was taken offline in June 2014. Expect newer versions to emerge in 2015 as increased competition between developers results in the production of new forms of malware that are harder to detect and disrupt.’
Changes in how groups involved in political violence operate and raise funds are complicating the risks for business, the report says. This section of the report, by Zachary Rothstein, explains that: ‘Over the last decade, the international clampdown on terrorist financing, coupled with a decrease in state sponsorship and private financing, has taught political violence groups an important lesson: crime pays. More and more, criminal activity has become the primary means of funding political violence.’
And the trend is sharply gaining momentum, even in areas where criminal financing of political violence is well established. The report explains: ‘For the Afghan Taliban, which arguably would not exist in its current form without the cash from its smuggling and drug trafficking networks, organised criminal activity has become even more widespread. Other organisations have gone the route of Somalia-based extremist group al-Shabab, which has consciously abandoned its ideological opposition to crime and instead embraced it as a practical means of solving its financial difficulties.’
The report goes on to say that the process also works in reverse, where criminal groups use terrorist‑style tactics. ‘Criminal groups in northern Kenya use grenade attacks on food storage facilities to deter humanitarian aid,’ says the report. ‘Bacrim (paramilitary successor) groups in Colombia deploy small explosive devices in retaliation for unanswered extortion demands. For businesses in regions marked by this brand of conflict, the overlap between political violence and organised crime means that examining tactics alone won’t help identify who is behind an individual attack.’
The RiskMap report suggests that the growing links between political violence and organised crime have altered the motives of terrorist organisations. Sometimes, crime and ideology fuse. ‘In Somalia, for example, warlords seeking economic and political power temporarily align themselves with terrorist groups when it is in their interest to do so.
Prolonged blending of ideology and crime, though, tends to transform the identity of a group and dilute its political motives. Myanmar’s United Wa State Army opposes central rule, but only because that stance protects its (legal and illegal) business interests, rather than because it genuinely believes in local government,’ the report states.
The risk to business
Introducing RiskMap 2015, Richard Fenning, ceo of Control Risks, commented: “2015 will be a difficult year for business as the lines between what have always been considered ‘safe’ and ‘risky’ opportunities blur. Opportunities will continue to abound for ambitious international companies. But uncertain economics and volatile politics will make 2015 more than usually challenging.”
“The US and Europe will exercise waning international influence and leaders will continue to focus on national issues and politics. Business culture and practices of multinational companies will meet resistance from the emerging powers and their powerful supply chains. National governments will find it more difficult to protect their companies from this.
“Increasing technological sophistication and weak state power will combine to render the threat from cyber-attack, kidnap and terrorism more severe. How one deals with the inevitable attack, as opposed to how one stops it, will become the key question.
“Global governance’s failure to deal with the above issues will continue in 2015, leaving business to navigate these pitfalls against a backdrop of continuing conflict and fragmentation of global political consensus.”
RiskMap’s assessment of political and security risk encompasses the potential negative impact on business operations through political instability and intervention; the influence of societal and structural factors; as well as actions that harm the financial, physical and human assets of a company.
Download the report at www.controlrisks.com