KFSC Assess the Prevalence of Attacks On MOI Officers in Saudi Arabia Case Study

User Generated

s9_ny

Writing

King Fahd Security College

Description

Case Study: “Assess the prevalence of attacks on MOI officers in Saudi Arabia and develop a plan for the Ministry of Interior that

  • responds to this threat by covering prevention, mitigation and response,
  • • utilizes international best practices, and
  • • Is consistent with the ethical and legal responsibilities of security officers.”
  • Unformatted Attachment Preview

    UNDERSTANDING HOW TO RESPOND TO YOUR CAPSTONE CASE STUDY ESSAY PROMPT C APST ONE – S ES31 1 Introduction Students are expected to respond to the prompt by bringing together knowledge and skills from across the entire BSS program. Answers must be in English, contain properly analyzed data, display critical thinking, and incorporate knowledge and theories relating to ethics, the law and security sciences. The Prompt All prompts follow the same basic pattern. “Assess the likelihood of [specific security threat] to the [specific location] and develop a plan for the Ministry of Interior that • responds to the threat by covering prevention, mitigation and response, • utilizes international best practice, and • is consistent with the ethical and legal responsibilities of security officers.” 1 CAPSTONE – SES311 UNDERSTANDING HOW TO RESPOND TO YOUR CAPSTONE CASE STUDY ESSAY PROMPT Marking Your Answer There is no one correct way of writing a Capstone Extended Essay, in terms of either format or answer. Student responses will be marked according to the following five criteria drawn from the BSS Program Intended Learning Outcomes. Students should take care that their answer covers all aspects of the prompt. More information on the Program Intended Learning Outcomes can be found in the Student Handbook: SH03 Program Intended Learning Outcomes. All parts of the Student Handbook are available in English and Arabic. The Definition Criterion The Definition criterion (PILOs 2.1.1 and 2.2.1) is used to evaluate the student’s ability to “assess the likelihood” of the given threat. Based on standard intelligence practices, we are looking for an appreciation of the magnitude and likelihood/probability of the threat, but also acceptance that our ability to estimate the magnitude and likelihood is not perfect. Table 1: Definition Criterion Annotation Unsatisfactory Baseline Developing Good Exemplary Problem not identified. One aspect of the problem identified. Multiple aspects of the problem identified …and outlines associated constraints …and sets an overall framework for the investigation. The student does not assess the security threat The student describes the size/seriousness or likelihood of the threat (stated in qualitative or quantitative terms). The student describes the size/ seriousness and likelihood of the threat (stated in qualitative or quantitative terms). The student explains the limits, assumptions, or weaknesses of his threat assessment. The student places his threat assessment within a clearly explained method/model that is based on industry/ intelligence standards or international best practice. 2 CAPSTONE – SES311 UNDERSTANDING HOW TO RESPOND TO YOUR CAPSTONE CASE STUDY ESSAY PROMPT The Innovation Criterion The Innovation criterion (PILO 2.2.3) is used to evaluate the student’s ability to “develop a plan for the Ministry of Interior that responds to the threat by covering prevention, mitigation and response”. We are looking for a well specified, effective and realistic proposal that attempts to prevent the threat from occurring, can reduce/mitigate the severity of any consequences if it does occur, and can enable an adequate response if it does occur. Table 2: Innovation Criterion Annotation Unsatisfactory Baseline Developing Good Exemplary No approach recommended. Uni-dimensional approach recommended. Multidimensional approach recommended …with realistic design specifications …and that are appropriate for context (e.g. technology, policy, customs). The student does not provide a plan. The student describes how to prevent or mitigate or respond to the threat. The student describes two or more of how to prevent or mitigate or respond to the threat. The student’s descriptions contain enough detail that its feasibility and effectiveness are clear. The student’s detailed specifications clearly incorporate international best practice. The Application Criterion The Application criterion (PILO 2.3.3) is used to evaluate the student’s ability to develop a plan that “is consistent with the ethical and legal responsibilities of security officers” in Saudi Arabia. We are looking for the knowledge and critical thinking skills developed through the Law, Ethics and Responsibility cluster (for details, see your Student Handbook: SH04 Course Catalogue). Students must clearly explain how their plan takes account of Saudi Arabia’s special religious, social and cultural context, and how its requirements are consistent with ethical and legal norms. 3 CAPSTONE – SES311 UNDERSTANDING HOW TO RESPOND TO YOUR CAPSTONE CASE STUDY ESSAY PROMPT Table 3: Application Criterion Annotation Unsatisfactory Baseline Developing Good Exemplary No application attempted. Single finding applied to specific context within Saudi Arabia. Multiple findings applied to specific context within Saudi Arabia …and generalisations drawn about how to apply the concepts …and describe extrapolations to other security challenges. The student does not identify any ethical, legal, or cultural considerations relevant to his plan. The student describes one ethical, legal, or cultural consideration relevant to his plan. The student describes two or more ethical, legal, or cultural considerations relevant to his plan. The student details credible ways to address the identified ethical, legal and cultural considerations. The student describes how these considerations have been addressed in other referenced security operations. The Justification Criterion The Justification criterion (PILO 2.2.4) is used to evaluate the student’s ability to prepare contingency plans. We are looking for weaknesses and potential problems in the proposal to be identified, and for workarounds or alternative approaches that can still deliver the most important aspects of the original plan. Table 4: Justification Criterion Annotation Unsatisfactory Baseline Developing Good Exemplary No justification provided. One shortcoming of the solution/ method described. Multiple shortcomings of the solution/ method described …with an explanation of why shortcomings are not serious …and identifies areas for future research to improve outcomes. The student does not identify any weaknesses in his plan. The student describes one thing that could go wrong with the plan. The student describes multiple things that could go wrong with the plan. The student proposes credible alternatives that preserve outcomes should the identified parts of the plan go wrong. The student discusses other named cases, scenarios or international best practice that explain the effectiveness of his contingency plan. 4 CAPSTONE – SES311 UNDERSTANDING HOW TO RESPOND TO YOUR CAPSTONE CASE STUDY ESSAY PROMPT The Evidence Criterion The Evidence criterion (PILOs 2.1.2 and 2.2.2) is used to evaluate the student’s ability to support claims with clearly referenced facts, figures and data. We are looking for a range of quantitative and qualitative evidence. Student opinions or experiences are not acceptable as evidence; demonstrable or measurable facts and figures are acceptable, as are clearly referenced expert interpretations. Evidence must be unambiguously used to support claims made within the student’s response. This evidence can be drawn from any BSS course or from your own independent research. Table 5: Evidence Criterion Annotation Unsatisfactory Baseline Developing Good Exemplary No evidence gathered. One piece of evidence gathered. Multiple pieces of evidence gathered …that are of different types and sources …and with their quality explicitly assessed. The student does not provide any facts or figures to support any claims. The student provides one fact, figure, dataset or graphic in support of one claim. The student provides facts, figures, datasets or graphics in support of two or more different claims. The student presents evidence in multiple formats such as written sentences, data tables, graphs, statistical output or maps. The student discusses the reliability and credibility of any evidence presented in terms of data completeness, collection methods, accuracy of measurement or source authority etc. Clear referencing must be present to demonstrate multiple sources. 5 CAPSTONE – SES311 MODEL ANSWER C CAP S TO NE : CAS E S T UD Y ES S AY Assess the likelihood of an Iranian-backed cyber security threat to the water supply in Riyadh, and develop a plan for the Ministry of Interior that • responds to this threat by covering prevention, mitigation and response, • utilizes international best practices, and • is consistent with the ethical and legal responsibilities of security officers. Definition Open Source Intelligence shows that Riyadh is a large metropolitan city with over 7 million residents. (Macrotrends, 2019). The city is supplied with water through two main sources: 1. Treated underground water, and 2. Desalinated water that is pumped via pipelines from 2 main desalination plants located at the Arabian Gulf. Due to its large population and hot climate, Riyadh uses 3.15 million cubic metres of water a day (Argaam, 2018), with approximately one day’s worth kept in emergency storage tanks (Ratcliffe, 2019). So far there have not been any reported Iranian cyber-attacks on water-related infrastructure (Baezner, 2019; Paganini, 2020). A PWC report stated that businesses in the Middle East are more vulnerable to cyber-attacks than other places, with 85 percent of respondents to a survey claiming they were victims of an attack (Witt, 2020). Additionally, there have been at least eight attacks on Saudi Arabian assets by Iran since 2012. Even 1 CAPSTONE: CASE STUDY ESSAY MODEL ANSWER C though those attacks were not on water-related facilities, the fact that Iran used drones to target two Saudi oil refineries in 2019 (BBC, 2019) shows an escalation in hostilities and suggests a high probability of an imminent attack, thus warranting a review of threat assessments and security policies. After establishing the likelihood of a threat, we need to identify the most likely target. As previously described, the water supply of Riyadh consists of water treatment and storage plants (shown in Figure 1), the pipeline distribution network, and two desalination plants located on the Arabian Gulf. Of those the locations, the most vulnerable to cyber-attacks are the water treatment and storage plants located in Riyadh and the desalination plants located at the coast. An attack on the desalination plant at Jubail would be especially devastating as it would force Riyadh to evacuate “within a week,” as the plant provides over 90% of the city’s drinking water (Jones et al, 2019). The same report (by Jones et al, 2019) has noted that “every desalination plant built is a hostage to fortune; they are easily sabotaged”. Figure 1: Location of Water Treatment and Storage Plants in Riyadh (shown as blue dots) The threat assessment suggests that an attack on the water supply of Riyadh would have devastating consequence and is likely given Iran’s recent aggression. A limitation of our analysis of the threat is that it is based entirely on backward looking data; we have not 2 CAPSTONE: CASE STUDY ESSAY MODEL ANSWER C seen any forecasts or predictions of Iranian activity in the region that would let us know whether to expect higher or lower levels of intervention. In addition, there is no historical data on actual cyber-attacks on water-related facilities; the assessments of likelihood and magnitude cannot therefore be benchmarked against actual incidents. Widening research to include non-Saudi cases could help provide analogous benchmarks. As a consequence of the question, we assumed that the incoming threat is a cyberattack. This made us dismiss pipelines as a likely site of attack. If, on the other hand, Iran uses drones to target the water supply like they targeted the oil refineries in 2019, this would change our working parameters significantly. It is highly recommended that a separate investigation team is assigned to assess the likelihood of physical threats to the water supply of Riyadh. Innovation The plan proposal consists of three parts: Prevention, Mitigation and Response. Prevention The first part of any plan is to prevent the attack from happening. To do this, the first step should be to hire a cybersecurity consulting firm (such as Flashpoint, FireEye or IBM). The firm must carry out a full review of current cyber security practices at desalination plants as well as the as well as at water treatment and storage facilities. The consulting firm will be tasked with updating all cyber security software and firewalls with ones that meet industry standards wherever necessary. This will increase the security of the facilities against brute force hacks from the outside. Another common way for cyber-attack to start is with phishing attempts to steal passwords and other access methods to the relevant computer systems. To prevent this, the consulting firm will need to create and deliver a rigorous education and training program that would be mandatory for all relevant personal (people who have access to accounts that can compromise the security of the facility) at the desalination plants and water treatment and storage facilities. Such training should be done regularly in order to refresh and update knowledge with the most up to date best practice. Personnel should also be discouraged from using the work computers for personal use, and their 3 CAPSTONE: CASE STUDY ESSAY MODEL ANSWER C computers should be routinely checked by the IT department in order to ensure that no breaches have occurred. Mitigation The second part of the plan will discuss possible ways to reduce the severity of an attack if one were to happen. A big issue that Riyadh faces is its high-water consumption as well as low storage capacity. Currently there is only 2.87 million cubic meters of water stored for emergencies (Ratcliffe, V, 2019) within Riyadh’s storage facilities. At the current consumption rate of 3.15 million cubic metres of water per day (Argaam, 2018), this will only be enough to provide water to the city for one day. If a cyber-attack were to happen that cripples all or most incoming water in the city. the Ministry will have a hard time putting a response effort in such a short timeframe. In order to mitigate this, the Ministry should build more storage facilities that will increase the water storage capacity to at least a week. The extra storage will add additional redundancy in the system and will provide a bigger time buffer for the MOI to act in the event of sabotage of the incoming water. The extra facilities should also be dispersed throughout the city. That way they will be harder to target with physical attacks. Response The last part of the plan will discuss what steps the MOI should take if an attack was to succeed. In the event of a successful attack on Riyadh’s water supply the Ministry should institute immediate water rationing. The amount and period of rationing will depend on the severity of the attack and the amount of time required to restore normal function of the water supply network. All reserve water should be distributed via designated distribution centers within each neighborhood and should be overseen by police presence in order to reduce unrest from the citizens. This will need to be combined with an information campaign that would inform the citizens of the situation and stressing the importance of using the water only for essential needs such as cooking and drinking. In the case of a severe attack where water supply cannot be reestablished in short order, citizens should be evacuated from the city. This can be done by organizing car and bus 4 CAPSTONE: CASE STUDY ESSAY MODEL ANSWER C transportation for those that do not have access to them and setting up refugee camps near coastal cities who still have functioning water desalination plants. The refugee camps can be supplied with water via water trucks. The distribution of water should be overseen by police in order to reduce unrest from the citizens. Application This section will address the ethical and legal considerations that need to be taken into account for each portion of the proposed plan. Prevention Brining in external consulting companies can raise cultural challenges that can impede the effectiveness of any advisory or consulting services. Western IT firms may not be aware of Saudi specific cultural norms, such as the separation of men and women in training, or the need for female trainers to interact with female Saudi staff. Some venues in Riyadh may not even have female toilets on site. Proper site inspections and close coordination with the Western consultants are needed to ensure that the right consultants arrive properly prepared. When creating protocols for checking work computers against security breaches, consideration must be given to acceptable levels of employee privacy. Unless there is a formal ban on any personal use of any company computer, inspecting an employee’s internet browsing history or other personal files could raise ethical issues that could undermine trust between employees and management, negatively affecting adherence to IT security procedures. Mitigation There are numerous legal considerations around the development of additional water storage facilities. Where government-owned land in suitable areas is not available, the owners of appropriate “white land” may need to be identified and incentivized to support the development. This should be supported by the “Realty in Kind Registration Law”, issued by Royal Decree No. 6 on 9/21423H; however, much land may not be fully processed under the requirements of the decree, and additional search measures may be needed, such as identifying contracts and notary publics and reviewing Ministry of Justice registers. 5 CAPSTONE: CASE STUDY ESSAY MODEL ANSWER C Response Any response plan that involves evacuation or rationing raises ethical and legal issues. Numerous people may be reluctant to be evacuated from their homes. Forcible removals could foment civil unrest and should be avoided; equally, workers with expired iqamas or invalid visas will be reluctant to engage with authorities for fear or deportation. However, failure to evacuate populations in the event of water disruptions could lead to disease and fatalities, in turn creating a public health issue. For the benefit of limiting the consequences of an attack, water rations, medical support and evacuation and rehousing support should be made available regardless of immigration status. Justification This section will discuss contingencies for plan proposal. Prevention Training is not always 100% effective and workers can still compromise their credentials for several reasons such as growing lax, or simply not following the training. To reduce the risk of this access to crucial parts of the software systems should be restricted to higher level personal. All personal (and especially higher level personal) should have their work computers checked by IT on regular basis and should also change their log in passwords weekly. Mitigation A simultaneous cyber attack on multiple water treatment plants and storage facilities as well as the desalination plants would be truly devastating. If that were to happen having more water storage facilities within Riyadh would not necessarily be helpful if they all end up compromised. In order to reduce the risk of such an attack the security protocols in the different plants could be slightly altered. That way, if one place is compromised, the hackers will not be able to use the exact same method to hack the other locations. Response One weakness to this plan is that it may lead to unrest, maybe even looting, from the citizens if the duration of the rationing continues for too long. This can be mitigated by 6 CAPSTONE: CASE STUDY ESSAY MODEL ANSWER C keeping citizens informed and calm, as well as by increasing police presence throughout the city (or refugee centers for the evacuated citizens). Conclusion The overall plan is not perfect and does require the investment of money and resources, some of which will not produce a monetary return. But our duty as MOI officers is to ensure the safety and wellbeing of our citizens thus the investment in their security is well worth the money. The plan outlined in this report will increase the safety of our citizens by increasing our prevention methods against the identified threat and will also help the MOI mitigate and respond to the threat in the unlikely event that we are unable to prevent it. 7 CAPSTONE: CASE STUDY ESSAY MODEL ANSWER C References • Argaam Special (2018, August 26). Saudi Arabia consumed 3 bln cubic meters of drinking water in 2017. Argaam. https://www.argaam.com/en/article/articledetail/id/567200. • Baezner, M. (2019, May). Iranian Cyber-activities in the Context of Regional Rivalries and International Tensions. Center for Security Studies (CSS), ETH Zürich. https://css.ethz.ch/content/dam/ethz/special-interest/gess/cis/center-for-securitiesstudies/pdfs/20190507_MB_HS_IRN%20V1_rev.pdf. • BBC (2019, September 17). Saudi oil attacks: Drones and missiles launched from Iran – US. BBC. https://www.bbc.com/news/world-middle-east-49733558. • Jones, S., Harington, N. and Bermudez Jr., J. S. (2019, August 5). Iran’s Threat to Saudi Critical Infrastructure: The Implications of U.S.-Iranian Escalation. Center for Startegic and International Studies. www.csis.org/analysis/irans-threat-saudi-criticalinfrastructure-implications-us-iranian-escalation. • Macrotrends (2020). Riyadh, Saudi Arabia Metro Area Population 1950-2020. Macrotrends. https://www.macrotrends.net/cities/22432/riyadh/population#:~:text=The%20current% 20metro%20area%20population,a%203.57%25%20increase%20from%202017. • Paganini, P (2020, February 9). The number of cyber-attacks on Saudi Aramco is increasing. Security Affairs. https://securityaffairs.co/wordpress/97527/breakingnews/saudi-aramco-under-attack.html. • Ratcliffe, V. (2019, November 18). Attacks on Aramco Plants Expose Risks to Saudi Water Supply. Bloomberg. https://www.bloomberg.com/news/articles/2019-1118/attacks-on-aramco-plants-highlight-risk-to-saudi-water-supply. • Witt, R (2020). Countries in the Middle-east Highly Vulnerable to Cyber Attacks, says PWC Study. Naseba. https://naseba.com/content-hub/topic/cyber-securitytopic/companies-middle-east-highly-vulnerable-cyber-attacks-says-pwcstudy/#:~:text=There%20has%20recently%20been%20a,activity%20in%20the%20Middl e%20East.&text=The%20report%20also%20found%20that,global%20average%20of%20 nine%20percent. 8 CAPSTONE: CASE STUDY ESSAY
    Purchase answer to see full attachment
    User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

    Explanation & Answer

    Attached. Please let me know if you have any questions or need revisions.

    Running head: CASE STUDY

    1

    Attacks on MOI officers in Saudi Arabia

    Institution Affiliation

    Date

    CASE STUDY

    2

    Definition

    The Saudi Arabian Ministry of Interior (MOI) is the head of numerous agencies that
    ensure the country's security is maintained. It also ensures the internal affairs are well managed.
    The ministry of interior comprises regular police, domestic and international intelligence, border
    protection, drug enforcement, and infrastructure protection units. In recent years, the attacks on
    the ministry of interior officers have been widespread in Saudi Arabia. Attacks on the officers
    happen during raids on the countries essential facilities. For instance, attacks target the country's
    critical oil-processing refineries. Authorities are faced with heavy confrontation during their
    response to emergencies. Terrorist attacks have been common, including both internal and
    external attacks. Militants facilitate their violent activities by using heavy gun fires, IEDs, and
    other powerful weapons, leading to MOI officers' deaths and injuries. For instance, during an
    attack on a ministry of interior building in Al Zulfi, Riyadh province, militants detonated
    explosives, leading to severe Saudi Arabian Security officers' injuries.

    In 2016, the Saudi Arabian government reported there were 34 terrorist attacks carried
    out in that year. Attacks on officers can target them alone while other attacks are directed to the
    public, where they end up affecting the officers due to the responsibility they hold of protecting
    citizens. For instance, on July 4, there was a bombing of three cities across Saudi Arabia; one of
    the bombs targeted a security post operated by the ministry of interior officers. The country
    reported four deaths of security officers. The Saudi Arabian government is taking full
    responsibility in handling terrorism attacks that target both the public and officers by using
    counter terrorisms law to prosecute cases. Many attacks on MOI officers have been foiled in the

    CASE STUDY

    3

    past, including suicide bombers targeting crucial government buildings. The rise of terrorist
    groups in and out of Saudi Arabia has increased the rate of attacks on MOI officers.

    Innovation

    The plan to deal with the prevalence of attacks on the Ministry of Interior officers requires
    prevention plans, mitigation, and response plans. Protection plans are ideal for stopping attacks
    from happening; mitigation plans are suitable for reducing the implications in case of an attack,
    while response plans are essential for preventing an attack incidence when it occurs.

    Prevention

    Terrorists carry out most attacks on MOI officers, and therefore, putting up preventative
    measures against terrorism would be ideal in ensuring attacks do not happen. The Saudi Arabian
    government should prioritize law enforcement to discourage people from engaging in terrorist
    behaviors and violent activities (UNHCR, 2021). Counterterrorism laws should be enforced with
    strict provisions to set a clear view to the public and terrorists of the consequences of engaging in
    criminal activities targeting both the ministry of interior officers and the public. Saudi Arabia has
    previously strengthened its existing counterterrorism law, a move that was faced with a range of
    criticism since organizations emerged, claiming that innocents people were prosecuted. The
    government of Saudi Arabia should ensure the law provisions do not violate the innocent's rights
    but should primarily focus on criminals (UNHCR, 2021). The ministry of the interior should
    enhance border security to prevent terrorists from entering the country. Border patrols, camera
    surveillance, and se...


    Anonymous
    I was having a hard time with this subject, and this was a great help.

    Studypool
    4.7
    Trustpilot
    4.5
    Sitejabber
    4.4

    Related Tags