How Powerful Are the Remaining Royals?

BY JOHN P. RUEHL

 JULY 22, 2024
Facebook

TwitterRedditEmail

Photograph Source: Copyright House of Lords 2022 / Photography by Annabel Moeller – CC BY 2.0

Recently appointed British Prime Minister Keir Starmer pledged his loyalty to British King Charles III on July 6, 2024, continuing a tradition that dates back centuries. However, since the leadership role taken by Prime Minister David Lloyd George in World War I, the monarchy’s political influence has become progressively ceremonial and even more precarious since the death of the late Queen Elizabeth II in 2022.

This trend is not unique to the UK; in recent centuries, the role of royalty in politics has declined considerably worldwide. As political ideals began challenging royal authority in Europe, European colonial powers began to undermine their authority overseas. The strain of World War I helped cause several European monarchies to collapse, and World War II diminished their numbers further. After, the Soviet Union and the U.S. divided Europe along ideological lines and sought to impose their communist and liberal democratic ideals elsewhere, and the remaining monarchs faced accelerating marginalization.

Today, fewer than 30 royal families are politically active on a national scale. Some, like Japan’s and the UK’s, trace their lineages back more than a millennium, while Belgium’s is less than 200 years old. Several have adapted by reducing political power while maintaining cultural and financial relevance, while others have retained their strong political control. Their various methods and circumstances make it difficult to determine where royals may endure, collapse, or return.

Alongside the UK, the royals of Belgium, Spain, Sweden, Norway, Denmark, and the Netherlands have all seen their powers become largely ceremonial. Smaller European monarchical states like Andorra and the Vatican City are not hereditary, while Luxembourg, Monaco, and Liechtenstein are—though only the latter two still wield tangible power.

Attempts to exercise remaining royal political power have often highlighted its increasing redundancy. Belgian King Baudouin’s refusal to sign an abortion bill in 1990 saw him declared unfit to rule before being reinstated once it passed. Luxembourg’s Grand Duke Henri meanwhile lost his legislative role in 2008 after refusing to sign a euthanasia bill. Following increasing scrutiny of Queen Beatrix’s influence, the Dutch monarch’s role in forming coalition governments was transferred to parliament in 2012, and she also lost the ability to dissolve parliament.

The British monarch’s decline in political influence is also evident, but it can still prove useful. The royal family’s global popularity is used to project soft power, while royal visits can help seal important agreements, particularly in countries with other royal families. The leaders of 14 other countries also pledge allegiance to King Charles III as their head of state.

Additionally, the monarchy can be used to bypass certain democratic processes. In 1999 the British government advised Queen Elizabeth II to withhold Queen’s Consent, preventing parliamentary debate on the Military Action Against Iraq Bill, which would have restricted the ability to take military action without parliamentary approval.

Royal efforts to cultivate soft power and maintain a positive public image have also been crucial for their survival. Belgium’s royal family is seen as a necessary source of political stability and unity. In Spain, former King Juan Carlos played a leading role in the country’s transition to democracy in the 1970s. Modernizing their image as neutral political guardians with relatable attributes who engage in advocacy and humanitarian work often gives European royal families higher approval ratings than politicians.

Royal families have also downsized in recent years for discretion and to reduce costs. In 2019, Sweden’s king removed royal titles, duties, and some privileges from five of his grandchildren. The Danish queen implemented similar changes in 2022. Norway’s royal family now consists only of the King, Queen, Crown Prince, and Princess, while the British royal family has hinted at further reducing its current number of 10 “working royals.”

Despite these efforts, European royal families continue to face scandals and intense public and media scrutiny. In 2020, Spanish and Swiss authorities began investigating former Spanish King Juan Carlos for allegedly receiving $100 million from a deal with Saudi Arabia. In 2023, Belgium’s Prince Laurent was accused of fraud and extortion by Libya’s sovereign wealth fund. The UK royal family’s recent treatment of Megan Markle and the departure of Prince Harry and Prince Andrew’s association with Jeffrey Epstein have also rocked Britain. The British monarchy’s unprecedented challenges are reinforced by record-low support since the death of Queen Elizabeth II in 2022. The King’s and Princess Kate’s cancer diagnoses have also added to the sense of fragility.

Across Europe, cultural shifts, concern over royal expenses, and increasing political irrelevance have threatened its royal families. Movements like the Alliance of European Republican Movements, created in 2010 to abolish monarchies altogether, reflect the increasing disregard for royal power.

The opaque nature of royal finances, however, has granted some respite. Officially, Grand Duke Henri of Luxembourg’s $4 billion makes him Europe’s richest royal. However, suspicions abound regarding billions more in assets like trusts, jewelry, and art collections that point to larger degrees of wealth.

Extensive efforts go into hiding these fortunes. Liechtenstein’s royal family operates a bank criticized by the U.S. Senate for aiding clients in tax evasion, dodging creditors, and other misconduct. Queen Elizabeth II once used Queen’s Consent to change a draft law so that her wealth remained concealed, while the Panama Papers leaks revealed huge undisclosed European royal assets. Europe’s poorest royal family in Belgium saw King Phillippe declare the monarchy’s wealth at roughly £11 million in 2013, but the European Union Times estimated it at £684 million.

Estimates for King Charles’s worth range from $750 million to more than $2 billion, while the fortunes of the entire British royal family, also known as “the Firm,” can range from $28 billion to almost $90 billion. Britain’s monarchs also enjoy more institutionalized ties to national wealth than other European royals. Through the peerage system that upholds British nobility, a network of support from wealthy Dukes, Marquesses, Earls, Viscounts, and Barons helps the monarchy remain firmly entrenched in the UK’s wealth centers.

Royal families in the Asia-Pacific consist of Thailand, Malaysia, Cambodia, Brunei, Japan, and Tonga. Thailand’s King is the world’s richest, with a net worth of $43 billion, but faces his own controversies relating to personal scandals and the use of political powers that have led to an anti-monarchy movement. Malaysia has a rotational system of nine sultans that rule their own states and serve as head of state every five years. While formal authority is limited, the sultans command influence in cultural and religious matters, and despite their powers being curtailed by constitutional amendments, occasionally intervene in politics. In Cambodia, the monarchy is similarly politically and culturally influential.

Brunei’s absolute monarchy has granted its Sultan, Hassanal Bolkiah, supreme authority over his country for more than 50 years. His $288-billionfortune makes him the second-richest monarch in the world. However, as a microstate, Brunei’s influence in international affairs is limited. The reduced power of Japan’s monarchy since 1945 has meanwhile made it most like European monarchies, though its powers have remained steady since then. In sub-Saharan Africa, partnerships with British colonial authorities have allowed Lesotho’s monarchy to retain largely ceremonial influence, while Eswatini’s King Mswati III exerts strong control over the country.

Nonetheless, alongside Europe, most regions have seen general declines in royal power over decades. Bucking that trend is the Middle East, where monarchies previously had limited authority under the Ottoman Empire. Its collapse after World War I allowed them to increase their power considerably, even those under loose French and British protectorates.

By exploiting their increasingly valuable resource reserves, Gulf monarchies in particular managed to thrive. Today, absolute monarchies exist in Saudi Arabia, the United Arab Emirates (UAE), Bahrain, Oman, Qatar, and Kuwait with complete control over media, government branches, and law enforcement. No opposition is tolerated, and they are backed by religious lobbies that reinforce their status as custodians of cultural traditions. Despite the heavy-handed approach they largely enjoy strong support, even among the youth—the Saudi Crown Prince has long been popular among younger Saudis in particular.

As in Europe, Middle Eastern royal wealth is often hidden and difficult to discern. Estimates for the combined wealth of the Saudi royal family range from roughly $100 billion to $1.4 trillion. Other estimates put the UAE’s Al Nahyan family of Abu Dhabi as the richest royal family in the world, with more than $300 billion in wealth. The royal families of Kuwait and Qatar also have fortunes often measured in the hundreds of billions.

The other Middle Eastern royal families in Oman, Jordan, and Morocco, have less influence, but still more so than in Europe, and have also withstood democratization pressures by promoting stability. During the Arab Spring, as other Middle Eastern states faced revolutions and civil wars, the monarchies and their political systems survived in place.

However, the downfall of royal families in Egypt, Tunisia, Iraq, North Yemen, Libya, and Iran during the 20th century shows the risks of instability. Today, this often comes from within the royal families themselves. Saudi royal disputes regularly play out in public, including a mass purge in 2017. In 2023, Jordan’s crown prince was placed under house arrest for an attempted coup, only to emerge days later and pledge loyalty to the king. The 2017–21 Qatar-Saudi Crisis meanwhile saw Saudi Arabia, the UAE, Bahrain, and Egypt sever diplomatic relations and blockade Qatar following accusations of supporting terrorism and supporting Iran.

While some of their positions may be precarious, royal families maintain some solidarity among them. Marriages between European royals throughout history mean that the current ruling royals in Europe are all related, similar to some Middle Eastern monarchies. Following controversy over corruption allegations, Spain’s Juan Carlos meanwhile lived in exile in the UAE for two years.

Royals have also taken more active roles to support one another. The British royal family played a significant diplomatic role in supporting the Arab monarchs against the Ottoman Empire in World War I. And in 1962, the British monarchy, which had a close relationship with the Brunei monarchy, helped lobby to send British forces to the country and quash an armed rebellion, maintaining British influence in Southeast Asia.

Other royal families could still return to power. More than 20 royal families remain without a country to reign over, with Spain’s monarchy being restored in 1975 and Cambodia’s in 1993 the latest to be reintegrated into politics. In Romania in 1992, an estimated one million people took to the streets to welcome former King Michael, who abdicated in 1947. The daughter of former King Michael, Margareta of Romania, now lives in Elisabeta Palace in Bucharest, and other family members have taken a growing role in politics.

Bulgaria’s former Tsar, Simeon II, lived in Spain after being overthrown in 1946 and returned to Bulgaria after the communist government crumbled, serving as prime minister from 2001 to 2005. Albania’s Prince Leka, grandson of former King Zog I, attempted to reinstate the monarchy in a 1997 referendum but failed. In 2007, family members of former Italian King Umberto II sought damages for their exile and the return of assets, countered by Italy’s government suing for damages due to royal collusion with Mussolini.

The Italian royal family’s case shows how disputes among exiled royals can have geopolitical implications. Greece’s royal family now lives in London, frequently appearing at royal functions. Meanwhile, members of Iran’s former royal family, as well as descendants of Ethiopia’s and Russia’s, live in the U.S. Although there is no current method or desire to launch a political movement to put them back into power, leveraging diaspora communities’ support for royalty can still help host governments wield influence through them.

Having survived fascism and communism, monarchies have largely relinquished political power in the modern liberal world order. Yet, as symbols of state continuity, some monarchs have maintained their relevance by providing long-term stability. While incompatible with communism, royalty’s adaptability to democratic and fascist regimes highlights their resilience. Their ability to reinvent themselves and demonstrate their usefulness to contemporary politics may secure their survival—though their dwindling numbers suggest this will remain challenging.

Source: Independent Media Institute

John P. Ruehl is an Australian-American journalist living in Washington, D.C. He is a contributing editor to Strategic Policy and a contributor to several other foreign affairs publications. He is currently finishing a book on Russia to be published in 2022.

The UK has a new government — let the lobbying commence

British lobbyists have launched a schmooze offensive as they try to capture the attention of Labour’s greenhorn contingent.

Within days of taking up the role of business and trade secretary, Jonathan Reynolds hopped on a call with more than 170 business and trade body leaders in which he promised to be the most accessible ever business secretary. | Justin Tallis/AFP via Getty Images

JULY 22, 2024 
BY JOHN JOHNSTON

POLITICO UK

LONDON — Britain’s new government is less than three weeks old, but Westminster’s vast lobbying industry is already circling.

While hundreds of Labour’s new MPs are still without staff or even their own desk in parliament, their inboxes are rapidly filling up with welcome messages from lobbyists alongside invites to glitzy receptions.

It’s all part of a furious scramble among public affairs professionals desperate to rebuild their contact books and gather intelligence on potential parliamentary allies after a historic reshaping of the U.K.’s political landscape.

Speaking to POLITICO, one new Labour MP, granted anonymity to speak freely about their experience, said they started receiving WhatsApp and LinkedIn messages before they’d had a chance to sleep following their election victory announcement in the early hours of July 5.

They even faced complaints from two “shameless” lobbyists frustrated their attempts to email the new MP, who themselves worked in a public affairs role before being elected, had not been successful.

“I didn’t even have access to my emails at that point,” the MP said. “That’s definitely not best practice, and it did wind me up a bit.”

The schmooze offensive

The schmooze offensive is a clear sign of the importance with which Labour’s new generation is being viewed. The party’s 200 plus new MPs have become VIP guests for agencies and businesses hoping the annual warm wine circuit of summer receptions will provide a vital networking opportunity before legislators return to their constituencies during the summer recess.

The usual copy and paste invite list of recent years has been tossed out as trade groups, public affairs agencies and big businesses put a premium on Labour attendees. Google even offered up its swanky London HQ as a venue for Labour’s own post-election reception held for MPs and party staff after their first full day in parliament.

And veteran party figures are also in high demand, as lobbying agencies compete for high-profile hires to demonstrate to clients they have an inside track on Labour’s thinking.

In the first few days of the new government, public affairs agency Shearwater Global announced they’d hired former Labour Home Secretary Charles Clarke. Ex-Labour MP Holly Lynch was snapped up by Arden Strategies, the agency run by former Scottish Labour Leader Jim Murphy. Swathes of former political advisers and party comms staff have also found plum roles within the industry.

At other agencies, the revolving door has swung in the opposite direction, with a number of former lobbyists from agency and in-house teams now sitting on the green benches.

While hundreds of Labour’s new MPs are still without staff or even their own desk in parliament, their inboxes are rapidly filling up with welcome messages from lobbyists alongside invites to glitzy receptions. | Dan Kitwood/Getty Images

Among them is Chris Ward, a former adviser to now-Prime Minister Keir Starmer, who subsequently joined influential lobbying firm Hanbury in early 2022 to lead its “Labour Unit.”

Within days of Ward’s election victory, he was handed an influential role as Starmer’s parliamentary private secretary — acting as a key conduit between the prime minister and his backbench MPs.

Ready for battle

But while the wooing continues, an army of lobbyists is already gearing up for the first pitched battles of the new government over the glut of new legislation announced in last week’s king’s speech.

A revised football governance bill looks set to reignite hostilities — which had largely been on pause during the election campaign — between the Premier League, the Football Association and their respective lobbying agencies.

Big tech firms are steeling themselves for a fight over measures promised in new AI and online safety laws, while radical planning reforms lit a fire under house builders, infrastructure groups and environmental campaigners.

The big question among public affairs leaders is whether Labour is ready for the lobbying blitz.

Within days of taking up the role of business and trade secretary, Jonathan Reynolds hopped on a call with more than 170 business and trade body leaders in which he promised to be the most accessible ever business secretary, and announced plans for a “Tell Jonathan” email account for them to update him directly on problems they were encountering.

Industry leaders saw that as a positive — if slightly gimmicky — example of Labour’s broader commitment to keep lines of communication open in an effort to reverse the patchy engagement efforts seen under the previous Conservative government.

But with lobbyists already planning an unprecedented influencing blitz at Labour’s annual conference in September, and thoughts already turning to the contents of an Autumn budget, the industry is becoming increasingly vocal in its message to the new government’s top team.

The moment to move beyond “listening mode” is rapidly approaching.

Conspiracy theories take off after global IT crash

By

 AFP

From fearmongering about a looming “World War III” to false narratives linking a cabal of global elite to a cyberattack, a torrent of online conspiracy theories took off Friday after a major IT crash.

Airlines, banks, TV channels and financial institutions were engulfed in turmoil after the crash, one of the biggest in recent years that was the result of a faulty software update to an antivirus program operating on Microsoft Windows.

The proliferation of internet-breaking conspiracy theories on social media platforms — many of which have removed guardrails that once contained the spread of misinformation — illustrates the new normal of information chaos after a major world event.

The outage gave way to a swirl of evidence-free posts on X, the Elon Musk-owned site formerly known as Twitter, that peddled an apocalyptic narrative: The world was under attack by a nefarious force.

“I read somewhere once that ww3 (World War III) would be mostly a cyber war,” one user wrote on X.

The IT crash also stirred up an unfounded theory that the World Economic Forum — long a magnet for wild falsehoods — had plotted a global cyberattack.

To make that theory appear credible, many posts linked an old WEF video that warned about the possibility of a “cyberattack with Covid-like characteristics.”

The video, available on the WEF’s website, had cautioned that the only way to stop the exponential spread of the cyber threat would be to disconnect millions of vulnerable devices from each other and the internet.

– ‘Sad testament’ –

The WEF has long been a target for conspiracy theorists pushing the idea of a shadowy cabal of elites working for private gain under the garb of solving global issues.

Also gaining rapid traction online were conspiratorial posts using the hashtag “cyber polygon,” a reference to a global training event aimed at preparing for potential future attacks.

“The proliferation of conspiracy theories in the wake of major global events such as the outage is a sad testament to the volatile nature of the information ecosystem,” Rafi Mendelsohn, vice president at the disinformation security company Cyabra, told AFP.

“What is unique to events like these is how social media platforms, forums, and messaging apps facilitate the rapid dissemination of content, allowing theories to gain traction quickly and reach a global audience.”

The trend demonstrates the ability of falsehoods to mutate into viral narratives on tech platforms, which have scaled back content moderation and reinstated accounts that are known purveyors of misinformation.

During fast-developing news events, confusion now often reigns on major tech platforms, with users scrambling to obtain accurate information in what appears to be a sea of false or misleading posts that rapidly gain traction.

– ‘Nefarious motives’ –

“This poses the larger question of combatting mis- and disinformation,” Michael W. Mosser, executive director of the Global Disinformation Lab at the University of Texas at Austin, told AFP.

“The level of trust that is required to accept information from reputable sources has declined to such an extent that people are more willing to believe wild conspiracies that ‘must be true’ rather than the factual information relayed to them.”

The global outage, which brought myriad aspects of daily life to a standstill and sent US stocks falling, was linked to a bug in an update to an antivirus program for Windows systems from American cybersecurity group CrowdStrike.

Assurances by the Austin-based company’s chief executive, George Kurtz, that CrowdStrike had rolled out a fix and was “actively working” to resolve the crisis did little to stem the spread of online conspiracies.

“Combatting this misinformation with factual rebuttals is difficult, because the issue is so technical,” Mosser said.

“Explaining that the fault was in an improperly configured system file and that a fix is in process may be accurate, but it is not believed by those who are predisposed to see nefarious motives behind failures.”

by Anuj CHOPRA

A Day the Digital World Stood Still: Lessons from the Microsoft and CrowdStrike Crisis

In an era where our lives are increasingly intertwined with technology, the seamless functioning of our digital tools often goes unnoticed.

BYTUHU NUGRAHA
JULY 22, 2024

Multiple blue screens of death, caused by an update pushed by CrowdStrike, on airport luggage conveyer belts at LaGuardia Airport, New York City. Image source: Wikipedia

Authors: Tuhu Nugraha and Raditio Ghifiardi*

In an era where our lives are increasingly intertwined with technology, the seamless functioning of our digital tools often goes unnoticed. However, a single disruption can ripple across the globe, highlighting the fragility of our digital ecosystem. Such was the case in July 2024, when tech giants Microsoft and CrowdStrike faced an unprecedented challenge that served as a stark reminder of our digital dependency. Microsoft estimated that approximately 8.5 million computers worldwide were disabled by a major IT outage, triggered by a software update from CrowdStrike, a leading global cybersecurity firm.

The update caused system problems that grounded flights, forced broadcasters off the air, and left customers without access to essential services such as healthcare and banking. Microsoft stated that the error affected approximately one percent of Windows computers globally. This article recounts the events that unfolded and the lessons learned from this crisis.

Act 1: The Calm Before the Storm

The day began like any other. Businesses were bustling, airlines were gearing up for a busy day of travel, and financial markets were buzzing. Unbeknownst to many, a storm was brewing in cyberspace that would soon disrupt the status quo.

Act 2: The First Tremors

The crisis began with scattered reports of issues with Microsoft’s Azure platform. Users in the United States experienced trouble accessing critical applications. The situation escalated quickly, causing significant disruptions. Airlines felt the impact first, with major carriers grounding flights. The Federal Aviation Administration (FAA) confirmed the outage affected all airlines nationwide, causing chaos in airports. The disruption spread, halting trading at the London Stock Exchange and causing widespread issues for UK railway companies and the media sector.

Act 3: A Second Blow

While the world was grappling with Microsoft’s outage, CrowdStrike, a leader in cybersecurity, faced its crisis. A defect in a recent content update for Windows hosts caused widespread operational disruptions. Businesses relying on CrowdStrike’s Falcon platform found themselves vulnerable, scrambling to secure their networks and mitigate the impact.

Act 4: The Global Impact

The digital earthquake had far-reaching consequences. Air traffic ground to a halt at Berlin’s Brandenburg Airport, and financial institutions worldwide faced interruptions, causing ripples in global markets. No sector was left untouched due to the interconnectedness of our digital world. The stock market reacted swiftly, with Microsoft’s stock price plummeting nearly 10% and CrowdStrike’s shares also taking a significant hit.

Act 5: The Heroes Emerge

In the face of adversity, the response from Microsoft and CrowdStrike was nothing short of heroic. Engineers and IT professionals worked tirelessly to resolve the crises. Microsoft’s Azure team rerouted traffic to alternative systems, while CrowdStrike’s experts rolled out patches and updates to stabilize their clients’ environments. AI and machine learning played a crucial role in recovery. Microsoft’s AI-driven monitoring systems quickly identified anomalies, and CrowdStrike’s machine learning algorithms detected and isolated the defective update. Generative AI also contributed by generating real-time insights and predictive models, allowing teams to proactively address issues before they escalated.

Act 6: The Road to Recovery

As the dust settled, the world began to take stock of the events. The immediate crisis was over, but the journey to full recovery and rebuilding trust had just begun. Both Microsoft and CrowdStrike committed to enhancing their testing protocols, investing in more robust infrastructure, and implementing advanced monitoring systems to prevent future incidents.

However, as the affected organizations worked on recovery, cybercriminals sought to exploit the chaos. Reports emerged of hackers launching email scams and phishing attacks, preying on the fear and confusion caused by the crisis. These malicious actors sent fraudulent emails pretending to be from Microsoft or CrowdStrike, tricking users into revealing personal information or paying for fake services to fix non-existent issues. The influx of such attacks highlighted the need for heightened awareness and vigilance among users.

Act 7: A New Dawn

In the aftermath of the crisis, the tech industry undertook a critical reassessment of its practices. Companies globally began investing in more rigorous testing environments, embracing chaos engineering practices, and refining their incident response strategies. AI and generative AI technologies played pivotal roles in enhancing resilience and adaptability.

Both Microsoft and CrowdStrike reaffirmed their commitment to customers and the integrity of the digital infrastructure. They also are advised to explore safer programming languages like Rust, known for its memory safety features, to replace traditional languages like C++ that are more prone to vulnerabilities.

Visual Comparison:

The following chart illustrates the number of vulnerabilities found in C++ compared to Rust. As shown, Rust has significantly fewer vulnerabilities, underscoring its potential for building more secure software systems.

Expert Insight:

Bruce Schneier, An internationally renowned security technologist and author of numerous books on computer security and cryptography. His blog and books, such as “Data and Goliath” and “Liars and Outliers,” are highly regarded in the industry. He emphasizes the importance of adopting safer programming languages: “In today’s cybersecurity landscape, reducing the attack surface is crucial. Languages like Rust, with built-in memory safety, are a significant step forward in preventing vulnerabilities that are common in C++.”

Real-World Application:

For example, Microsoft has already begun integrating Rust into some of its critical systems, showcasing a proactive approach to enhancing software security. By transitioning from C++ to Rust, Microsoft aims to minimize vulnerabilities and improve the reliability of its software products. These changes mark a significant shift towards more secure and resilient digital infrastructures, demonstrating the industry’s dedication to preventing future crises.

Lessons Learned

The events of July 2024 serve as a stark reminder that even the most robust systems can fail, underscoring the necessity of having contingency plans to expect the unexpected. In times of crisis, collaboration across multiple disciplines is crucial. IT and cybersecurity teams must work together with AI and machine learning experts to utilize real-time monitoring, anomaly detection, and predictive analytics to identify and mitigate issues swiftly. Transparent communication is vital, and PR teams must ensure stakeholders are informed with regular updates and detailed explanations.

In addition, legal and compliance teams should be involved to anticipate and manage potential class action lawsuits from affected consumers. Risk management professionals must analyze incidents thoroughly to identify root causes and implement measures to prevent future occurrences. Continuous improvement should be a shared goal, using incidents as learning opportunities to strengthen systems and processes. This multi-faceted approach, involving IT, cybersecurity, PR, risk management, legal, and compliance teams, ensures a comprehensive and resilient response to digital crises.

Step-by-Step Guidance for Crisis Management

Managing a crisis requires comprehensive step-by-step guidance. First, during the Immediate Response phase, teams must promptly identify and assess the scope of the issue, communicate clearly with affected parties, and implement temporary fixes to contain the problem. Next, during the Stabilization phase, teams should work on permanent solutions, provide continuous updates to stakeholders, and offer support and compensation where necessary.

In the Recovery and Prevention phase, it is crucial to analyze the incident to understand its root cause, enhance testing protocols and infrastructure, and invest in advanced monitoring and response systems. Fostering a culture of continuous improvement and innovation is also essential. Incorporating AI and Generative AI becomes critical in this crisis. Using AI for predictive analytics and real-time monitoring and implementing Generative AI tools for simulations and stress tests, should be done continuously to adapt AI models to new threats and challenges.

From a cybersecurity perspective, collaboration between IT and cybersecurity teams is vital. However, the perspective of public relations and communication must also be considered. The PR team should ensure transparent and regular communication with stakeholders, including shareholders, providing detailed updates on the issues and steps being taken to resolve them. A good communication strategy will help restore reputation and public trust after the incident.

Restoring reputation and public trust requires a holistic approach. In addition to open communication, offering adequate customer support and compensation can help alleviate customer anxiety. Engaging stakeholders in the recovery process through open dialogue and transparency about future prevention measures is also crucial. This engagement should be carried out through multiple media channels to ensure comprehensive reach and impact:

1. Press Releases and Media Briefings: Regularly updated press releases and media briefings can provide the public and stakeholders with the latest information, ensuring transparency.
2. Social Media Platforms: Utilize platforms like Twitter, LinkedIn, and Facebook to share real-time updates and engage directly with the community. Social media allows for immediate dissemination of information and interactive communication.
3. Company Website and Blogs: Create a dedicated section on the company website for crisis updates. Regular blog posts can offer in-depth explanations of the steps being taken and future prevention plans.
4. Email Newsletters: Send detailed email newsletters to stakeholders, including shareholders, customers, and partners. This ensures that critical information reaches those directly impacted by the crisis.
5. Webinars and Virtual Town Halls: Host webinars and virtual town halls to engage stakeholders directly. These forums allow for real-time interaction, addressing concerns and questions from stakeholders.
6. Customer Service Channels: Enhance customer service support through hotlines, chatbots, and email support to address individual concerns and provide personalized assistance.
7. Industry Conferences and Public Forums: Participate in industry conferences and public forums to discuss the incident, share lessons learned, and demonstrate the company’s commitment to transparency and improvement.

By utilizing these various media channels, organizations can maintain an open dialogue with stakeholders, rebuild trust, and demonstrate their commitment to future resilience and improvement. This multi-faceted communication strategy ensures that all stakeholders are informed, involved, and reassured throughout the recovery process.

Conclusion and Future Outlook

The events of July 2024 serve as a powerful reminder of the vulnerabilities inherent in our digital world. Despite the significant advancements in technology and cybersecurity, even the most robust systems can fail, leading to widespread disruptions. The Microsoft and CrowdStrike crisis underscored the importance of having comprehensive contingency plans, robust infrastructure, and the ability to adapt swiftly to unforeseen challenges.

In the immediate aftermath, both Microsoft and CrowdStrike demonstrated exemplary crisis management by working tirelessly to resolve the issues and restore services. Their commitment to enhancing testing protocols, investing in advanced monitoring systems, and adopting safer programming practices like using Rust over C++ showcases a proactive approach to mitigating future risks.

However, the journey towards a more secure digital future extends beyond immediate recovery. The tech industry must embrace continuous improvement and innovation to build resilience against evolving threats. This involves not only enhancing technical measures but also fostering a culture of collaboration across disciplines. IT and cybersecurity teams must work together with AI experts, risk management professionals, and public relations teams to create a holistic approach to crisis management.

Looking ahead, several key areas demand attention to strengthen our digital ecosystem:

1. Enhanced Testing and Simulation:
2. Rigorous Testing: Companies should invest in more comprehensive testing environments that simulate real-world scenarios to identify potential vulnerabilities before they escalate.
3. Chaos Engineering: Embracing chaos engineering practices can help organizations understand how systems behave under stress, allowing them to build more resilient infrastructures.

• Advanced Monitoring and AI Integration:
• Real-time Monitoring: Implementing advanced monitoring systems that leverage AI and machine learning can help detect anomalies early and respond swiftly.
• Predictive Analytics: Utilizing AI for predictive analytics can provide insights into potential future threats, enabling proactive measures.

• Adoption of Safer Programming Languages:

Transition to Rust: Encouraging the adoption of safer programming languages like Rust, known for its memory safety features, can significantly reduce vulnerabilities in software systems.

• Holistic Crisis Management:
• Multi-Disciplinary Collaboration: Building a crisis management framework that involves IT, cybersecurity, PR, legal, and risk management teams ensures a comprehensive response to incidents.
• Transparent Communication: Maintaining open and transparent communication with stakeholders, including customers, partners, and the public, helps rebuild trust and mitigate reputational damage.

• Continuous Improvement and Innovation:
• Learning from Incidents: Treating every incident as a learning opportunity to strengthen systems and processes is crucial. Organizations should regularly review and update their crisis management strategies.
• Investing in Research: Ongoing investment in research and development to explore new technologies and methodologies for enhancing digital security is essential.

The July 2024 crisis was a wake-up call for the tech industry, highlighting the need for robust preparedness and continuous evolution. By learning from this incident and implementing the lessons learned, we can build a more resilient and secure digital future. As technology continues to advance, so must our strategies for safeguarding the digital world we rely on.

*Raditio Ghifiardi is an acclaimed IT and cybersecurity professional and future transformative leader in AI/ML strategy. Expert in IT security, speaker at global and international conferences, and driver of innovation and compliance in the telecom and banking sectors. Renowned for advancing industry standards and implementing cutting-edge security solutions and frameworks.

Tuhu Nugraha

Digital Business & Metaverse Expert Principal of Indonesia Applied Economy & Regulatory Network (IADERN)

CrowdStrike: Accidents and Designs

By Edward Lucas
July 21, 2024

Last week’s meltdown is an overdue reminder of our wider vulnerability to cyberattack.

Fragility is dangerous. That is the lesson of last week’s computer meltdowns. The culprit was a carelessly written update to CrowdStrike’s widely used Falcon Sentinel cybersecurity software. It crashed millions of Windows computers, causing caused chaos in air transport, financial services and health-care, at great financial and human cost.

But it could have been far worse. Few users realize that allowing automatic updates means their computers and other devices are, in effect, remote-controlled. In other—nefarious—contexts, we would call the mass hijacking of computers a botnet. These are at the heart of the cybercrime industry. In May the US Justice Department and the FBI arrested a Chinese national, YunHe Wang, who had illegally and secretly gained control of millions of computers around the world that ran Windows software. He then rented them out to cybercriminals, making nearly $100m, the DOJ says.

Organized crime should be seen as a national security threat. It corrodes public confidence in the integrity of state administration. The Kremlin increasingly outsources its assassination and sabotage campaigns to gangsters.

But far worse would be if China, Russia or Iran were able to turn legitimate software updates into a de facto botnet. By exploiting the trust we have in legitimate software companies, their spies and saboteurs could steal our data, scramble it, or make it inaccessible on computers and networks all over the world.

Western decision-makers and opinion-formers worry a lot about the phantom menace of Russia’s nuclear weapons. We all pay far too little attention to these much more pressing national security threats to the fragile but deeply interconnected computer systems that underpin our economies, public services, and societies.

Few noticed, for example, the most horrifying near-miss in the history of the internet, revealed earlier this year. The target was far less well-known than CrowdStrike or Microsoft. It was the xy compression utility. These open-source tools, written and maintained by volunteers, are the workhorses of the software world. Anyone can inspect them and suggest improvements. If you can gain the trust of other experts, your suggestions will be implemented—and become the building blocks of countless other programs.

We still know startlingly little about the perpetrator of this attack. He or she first emerged in November 2021 making expert contributions to other open-source projects under the username JiaT75. Nobody ever met this person face-to-face or checked their identity, but they gradually took over the job of updating xy, until they were able to issue an update that would have, in effect, made any computer that installed it open to manipulation: a master key, in effect, to hundreds of millions of machines.

By chance, a conscientious Microsoft engineer called Andres Freund noticed that a trial version of xy was using slightly more memory than it should, and was able to diagnose the flaw just before its general release. Few outside the cybersecurity world even noticed.

The sophistication and patience of the attack probably points to the SVR, Russia’s foreign intelligence service. But the clues left could be a clever double-bluff, designed to distract attention from the real culprits: China, Iran or North Korea.

The attacker’s near-success, and the difficulty of attributing it, stems from the same simple fact: the internet was not designed with security in mind. We have no easy way of checking the identity of the people we interact with. And we take most of what arrives on our computers on trust.

That carefree attitude has stoked amazing technological innovation and cut many costs to near-zero. But it comes with huge, hidden costs. We need to update not just our software, but our online security culture.

Edward Lucas is a Non-resident Senior Fellow and Senior Adviser at the Center for European Policy Analysis (CEPA).

Europe’s Edge is CEPA’s online journal covering critical topics on the foreign policy docket across Europe and North America. All opinions are those of the author and do not necessarily represent the position or views of the institutions they represent or the Center for European Policy Analysis.